removing testing openapi spec

docs/asm/umn/asm_01_0020.html

@@ -7,9 +7,9 @@
 <div class="section" id="asm_01_0020__en-us_topic_0000001542706401_section1486314595204"><h4 class="sectiontitle">Constraints</h4><ul id="asm_01_0020__en-us_topic_0000001542706401_ul186475910202"><li id="asm_01_0020__en-us_topic_0000001542706401_li1786417596203">ASM depends on the domain name resolution of CoreDNS. Before creating a service mesh for a cluster, ensure that the cluster has required resources and CoreDNS is running normally.</li><li id="asm_01_0020__li133817361244">The components of Istio 1.13 and 1.15 cannot run on nodes running CentOS or EulerOS 2.5. When creating a service mesh, do not specify these types of nodes as master nodes.</li></ul>
 </div>
 <div class="section" id="asm_01_0020__en-us_topic_0000001542706401_section201371027102715"><h4 class="sectiontitle">Procedure</h4><ol id="asm_01_0020__en-us_topic_0000001542706401_ol1158918434276"><li id="asm_01_0020__en-us_topic_0000001542706401_li184614499427"><span>Log in to the ASM console.</span></li><li id="asm_01_0020__en-us_topic_0000001542706401_li125894431271"><span>Click <strong id="asm_01_0020__b205391310114513">Create Mesh</strong> in the upper right corner.</span></li><li id="asm_01_0020__en-us_topic_0000001542706401_li135891543162714"><span>Configure the following parameters.</span><p><ul id="asm_01_0020__en-us_topic_0000001542706401_ul75901043202711"><li id="asm_01_0020__en-us_topic_0000001542706401_li2092711501216"><strong id="asm_01_0020__en-us_topic_0000001542706401_b1094850142211">Mesh Edition</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p4479132261213">Only service meshes of the Basic edition are supported for commercial use.</p>
-</li><li id="asm_01_0020__en-us_topic_0000001542706401_li35901243162718"><strong id="asm_01_0020__b22496209">Mesh Name</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p19590743152711">Enter a service mesh name, which consists of 4 to 64 characters. It must start with a lowercase letter and cannot end with a hyphen (-). Only lowercase letters, digits, and hyphens (-) are allowed.</p>
+</li><li id="asm_01_0020__en-us_topic_0000001542706401_li35901243162718"><strong id="asm_01_0020__b1101751604">Mesh Name</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p19590743152711">Enter a service mesh name, which consists of 4 to 64 characters. It must start with a lowercase letter and cannot end with a hyphen (-). Only lowercase letters, digits, and hyphens (-) are allowed.</p>
 <p id="asm_01_0020__en-us_topic_0000001542706401_p11590144316275">Each name in the same account must be unique. After a service mesh is created, the name cannot be modified.</p>
-</li><li id="asm_01_0020__en-us_topic_0000001542706401_li3590184362716"><strong id="asm_01_0020__b1611790005">Istio Version</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p19590144310274">Select the Istio version supported by the service mesh.</p>
+</li><li id="asm_01_0020__en-us_topic_0000001542706401_li3590184362716"><strong id="asm_01_0020__b1115042375">Istio Version</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p19590144310274">Select the Istio version supported by the service mesh.</p>
 </li><li id="asm_01_0020__li20991123625914"><strong id="asm_01_0020__b54661518132116">Enable IPv6</strong><p id="asm_01_0020__p04381549215">Conditions for enabling IPv4/IPv6 dual stack for a service mesh</p>
 
 <div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="asm_01_0020__table11439754142117" frame="border" border="1" rules="all"><thead align="left"><tr id="asm_01_0020__row1743955417212"><th align="left" class="cellrowborder" valign="top" width="12.379999999999999%" id="mcps1.3.4.2.3.2.1.4.3.1.6.1.1"><p id="asm_01_0020__p1643985417218">Service Mesh Edition</p>
@@ -42,19 +42,19 @@
 <div class="note" id="asm_01_0020__note18440654152111"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="asm_01_0020__ul1744075432120"><li id="asm_01_0020__li1744055413210"><strong id="asm_01_0020__b11396256101815">Enable IPv6</strong> is only available in Basic service meshes based on Istio 1.18 or later.</li><li id="asm_01_0020__li194404548216">IPv4/IPv6 dual stack cannot be enabled for a service mesh whose Istio version is upgraded to 1.18 or later.</li></ul>
 <ul id="asm_01_0020__ul144085482119"><li id="asm_01_0020__li1344010549212">IPv4/IPv6 dual stack cannot be disabled once it is enabled for a service mesh. IPv4/IPv6 dual stack cannot be enabled for an existing service mesh.</li></ul>
 </div></div>
-</li><li id="asm_01_0020__en-us_topic_0000001542706401_li4590154315271"><strong id="asm_01_0020__b1825392822">Cluster</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p4590184313278">Select the cluster from the cluster list or enter the cluster name in the upper right corner of the list to search for the cluster. You can only select the clusters whose versions are supported by the current service mesh version.</p>
-</li><li id="asm_01_0020__en-us_topic_0000001542706401_li159044311277"><strong id="asm_01_0020__b553295356">Mesh Control Plane Node</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p125902437272">The control plane components of a Basic service mesh are installed in your cluster. You need to select a node for installing the control plane. If HA is required, you can select two or more nodes from different AZs.</p>
+</li><li id="asm_01_0020__en-us_topic_0000001542706401_li4590154315271"><strong id="asm_01_0020__b1657068806">Cluster</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p4590184313278">Select the cluster from the cluster list or enter the cluster name in the upper right corner of the list to search for the cluster. You can only select the clusters whose versions are supported by the current service mesh version.</p>
+</li><li id="asm_01_0020__en-us_topic_0000001542706401_li159044311277"><strong id="asm_01_0020__b871656394">Mesh Control Plane Node</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p125902437272">The control plane components of a Basic service mesh are installed in your cluster. You need to select a node for installing the control plane. If HA is required, you can select two or more nodes from different AZs.</p>
 <p id="asm_01_0020__en-us_topic_0000001542706401_p1959024392713">A selected node will be labeled with <strong id="asm_01_0020__b12113195612363">istio:master</strong>, and the components will be scheduled to that node.</p>
 </li><li id="asm_01_0020__li17225629125"><strong id="asm_01_0020__b182161818152520">Observability Configuration</strong><ul id="asm_01_0020__ul162251921123"><li id="asm_01_0020__li1522512214127"><strong id="asm_01_0020__b1443315218391">Tracing</strong><p id="asm_01_0020__p015131035712"><strong id="asm_01_0020__b1314122314192">Enable Call Chain</strong>: If this option is enabled, you can use distributed tracing to track requests in the service mesh.</p>
 <p id="asm_01_0020__p3225124129">- <strong id="asm_01_0020__b1649171110292">Sampling Rate</strong>: The number of requests generated by the tracing service/The total number of requests</p>
 <p id="asm_01_0020__p722519210123">- <strong id="asm_01_0020__b13853258294">Version</strong>: tracing service. If you select <strong id="asm_01_0020__b1028517591813">Third-party Jaeger/Zipkin service</strong>, you need to set <strong id="asm_01_0020__b613018597425">Service Address</strong> and <strong id="asm_01_0020__b665636154317">Service Port</strong>, which indicate the address and port number used by the third-party tracing service to receive requests.</p>
-<div class="note" id="asm_01_0020__note122518211219"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="asm_01_0020__ul1522613251216"><li id="asm_01_0020__li112261223127">Only Istio 1.15 and later versions support third-party tracing services.</li><li id="asm_01_0020__li142761222131512">If you want to use the third-party Jaeger or Zipkin service, install it first. Then, obtain the service address.</li><li id="asm_01_0020__li1622612111211">The default service ports of Jaeger and Zipkin are both 9411. If you create a custom service port during Jaeger or Zipkin installation, replace <strong id="asm_01_0020__b1161449123214">Service Port</strong> with the actual value.</li></ul>
+<div class="note" id="asm_01_0020__note122518211219"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="asm_01_0020__ul1522613251216"><li id="asm_01_0020__li112261223127">Only Istio 1.15 or later support the third-party tracing service.</li><li id="asm_01_0020__li142761222131512">If you want to use the third-party Jaeger or Zipkin service, install it first. Then, obtain the service address.</li><li id="asm_01_0020__li1622612111211">The default service ports of Jaeger and Zipkin are both 9411. If you create a custom service port during Jaeger or Zipkin installation, replace <strong id="asm_01_0020__b1161449123214">Service Port</strong> with the actual value.</li></ul>
 </div></div>
 </li></ul>
 </li></ul>
-</p></li><li id="asm_01_0020__en-us_topic_0000001542706401_li185901043112713"><span>(Optional) Specify advanced settings.</span><p><ul id="asm_01_0020__en-us_topic_0000001542706401_ul195914431277"><li id="asm_01_0020__en-us_topic_0000001542706401_li105911243172720"><strong id="asm_01_0020__b337428543">Namespace Injection Settings</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p0591154316270">Select a namespace and label it with <strong id="asm_01_0020__b0190101221818">istio-injection=enabled</strong>. After being restarted, all pods in the namespace will be automatically injected with istio-proxy sidecars.</p>
+</p></li><li id="asm_01_0020__en-us_topic_0000001542706401_li185901043112713"><span>(Optional) Specify advanced settings.</span><p><ul id="asm_01_0020__en-us_topic_0000001542706401_ul195914431277"><li id="asm_01_0020__en-us_topic_0000001542706401_li105911243172720"><strong id="asm_01_0020__b1108310788">Namespace Injection Settings</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p0591154316270">Select a namespace and label it with <strong id="asm_01_0020__b0190101221818">istio-injection=enabled</strong>. After being restarted, all pods in the namespace will be automatically injected with istio-proxy sidecars.</p>
 <p id="asm_01_0020__en-us_topic_0000001542706401_p1459184332714">If you do not configure namespace injection, you can inject a sidecar on the <strong id="asm_01_0020__b1960806132112">Sidecar Management</strong> tab (<strong id="asm_01_0020__b86087612111">Mesh Configuration</strong> &gt; <strong id="asm_01_0020__b196087611215">Sidecar Management</strong>) after the service mesh is created. For details, see <a href="asm_01_0041.html#asm_01_0041__section65931513505">Injecting a Sidecar</a>.</p>
-</li><li id="asm_01_0020__en-us_topic_0000001542706401_li1059184310276"><strong id="asm_01_0020__b1505440256">Restart Existing Services</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p12591144362715"><span><img id="asm_01_0020__image879324619490" src="en-us_image_0000001920032153.png"></span>: The pods of existing services in the namespace will be restarted, which will temporarily interrupt your services. The istio-proxy sidecars can be automatically injected to the pods of existing services only after the pods are restarted.</p>
+</li><li id="asm_01_0020__en-us_topic_0000001542706401_li1059184310276"><strong id="asm_01_0020__b109080228">Restart Existing Services</strong><p id="asm_01_0020__en-us_topic_0000001542706401_p12591144362715"><span><img id="asm_01_0020__image879324619490" src="en-us_image_0000001920032153.png"></span>: The pods of existing services in the namespace will be restarted, which will temporarily interrupt your services. The istio-proxy sidecars can be automatically injected to the pods of existing services only after the pods are restarted.</p>
 <p id="asm_01_0020__en-us_topic_0000001542706401_p195911343162718"><span><img id="asm_01_0020__en-us_topic_0000001542706401_image1736110311031" src="en-us_image_0000001494249996.png"></span>: The istio-proxy sidecars cannot be automatically injected into the pods of existing services. You need to manually restart the pods on the CCE console to inject the sidecars.</p>
 </li><li id="asm_01_0020__li103761117176"><strong id="asm_01_0020__b161488533415">Traffic Interception Settings</strong><div class="note" id="asm_01_0020__note9376117978"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="asm_01_0020__p2376181712720">By default, sidecars intercept all inbound and outbound traffic of pods. You can modify the default traffic rules in <strong id="asm_01_0020__b134331479345">Traffic Interception Settings</strong>.</p>
 </div></div>
@@ -67,9 +67,9 @@
 <p id="asm_01_0020__p11377181717712"><strong id="asm_01_0020__b20653518442">Outbound IP Ranges</strong>: IP address ranges separated by commas (,) in CIDR format. You can use this field to specify the IP ranges that will be included or excluded for outbound traffic redirection.</p>
 <ul id="asm_01_0020__ul1337716172078"><li id="asm_01_0020__li1377417579"><strong id="asm_01_0020__b39502030153411">Include only specified IP ranges</strong> means that the traffic from specified IP ranges will be redirected to the sidecar.</li></ul>
 <ul id="asm_01_0020__ul14377181711717"><li id="asm_01_0020__li3377171710719"><strong id="asm_01_0020__b393303213347">Exclude only specified IP ranges</strong> means that the traffic from IP ranges except the specified IP ranges will be redirected to the sidecar.</li></ul>
-</li><li id="asm_01_0020__li1611138125316"><strong id="asm_01_0020__b896573998">Resource Tags</strong><p id="asm_01_0020__p1711128135317">Enter the tag key and tag value. A maximum of 20 tags can be added.</p>
+</li><li id="asm_01_0020__li1611138125316"><strong id="asm_01_0020__b308289121">Resource Tags</strong><p id="asm_01_0020__p1711128135317">Enter the tag key and tag value. A maximum of 20 tags can be added.</p>
 </li></ul>
-</p></li><li id="asm_01_0020__en-us_topic_0000001542706401_li859154318271"><span>Review the service mesh configuration in <strong id="asm_01_0020__b1410335113">Configuration List</strong> on the right of the page and click <strong id="asm_01_0020__b250962436">Submit</strong>.</span><p><p id="asm_01_0020__en-us_topic_0000001542706401_p13591174382714">It takes about 1 to 3 minutes to create a service mesh. If the service mesh status changes from <strong id="asm_01_0020__b1250689906">Installing</strong> to <strong id="asm_01_0020__b1089094307">Running</strong>, the service mesh is successfully created.</p>
+</p></li><li id="asm_01_0020__en-us_topic_0000001542706401_li859154318271"><span>Review the service mesh configuration in <strong id="asm_01_0020__b298934016">Configuration List</strong> on the right of the page and click <strong id="asm_01_0020__b1869262857">Submit</strong>.</span><p><p id="asm_01_0020__en-us_topic_0000001542706401_p13591174382714">It takes about 1 to 3 minutes to create a service mesh. If the service mesh status changes from <strong id="asm_01_0020__b1089376003">Installing</strong> to <strong id="asm_01_0020__b341929893">Running</strong>, the service mesh is successfully created.</p>
 <div class="note" id="asm_01_0020__en-us_topic_0000001542706401_note14591184342712"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="asm_01_0020__en-us_topic_0000001542706401_p1459119432275">When the service mesh is enabled, the following operations are performed:</p>
 <ul id="asm_01_0020__en-us_topic_0000001542706401_ul859134311276"><li id="asm_01_0020__en-us_topic_0000001542706401_li195911043152719">Helm orchestrates the application into a Release as the resource of the service mesh control plane.</li></ul>
 </div></div>

docs/asm/umn/asm_01_0041.html

@@ -5,15 +5,12 @@
 <div class="section" id="asm_01_0041__section65931513505"><a name="asm_01_0041__section65931513505"></a><a name="section65931513505"></a><h4 class="sectiontitle">Injecting a Sidecar</h4><p id="asm_01_0041__p1820212632111">You can view the namespace and cluster that the injected sidecar belongs to. If no sidecar has been injected or you need to inject sidecars for more namespaces, perform the following operations:</p>
 <ol id="asm_01_0041__ol13641175216560"><li id="asm_01_0041__li683575385614"><span>Log in to the ASM console and click the name of the target service mesh to go to its details page.</span></li><li id="asm_01_0041__li987742619292"><span>In the navigation pane, choose <strong id="asm_01_0041__b23024965310246">Mesh Configuration</strong>. Then, click the <strong id="asm_01_0041__b79698741510246">Sidecar Management</strong> tab.</span></li><li id="asm_01_0041__li122863200343"><span>Click <strong id="asm_01_0041__b212025475310246">Sidecar Management</strong>, select a namespace, determine whether enable <strong id="asm_01_0041__b34328513417">Restart Existing Services</strong>, and click <strong id="asm_01_0041__b163426572510246">OK</strong>.</span><p><p id="asm_01_0041__p5867153384619">Parameter description:</p>
 <ul id="asm_01_0041__ul1213414267113"><li id="asm_01_0041__li151346264113"><strong id="asm_01_0041__b162639501293">Namespace</strong>: Select one or more namespaces. The system adds labels for namespaces based on Istio versions.<ul id="asm_01_0041__ul715833017173"><li id="asm_01_0041__li115810307178"><strong id="asm_01_0041__b93355351461">istio-injection=enabled</strong> can be used in Istio 1.13.9-r3 and earlier versions, as well as Istio 1.15.5-r2 and earlier versions.</li></ul>
-<ul id="asm_01_0041__ul196772518187"><li id="asm_01_0041__li6677853189"><strong id="asm_01_0041__b5658241104719">istio.io/rev=&lt;revision&gt;</strong> can be used in Istio later than 1.13.9-r3, Istio later than 1.15.5-r2, all Istio 1.18 versions, and all Istio 1.28 versions.</li></ul>
+<ul id="asm_01_0041__ul196772518187"><li id="asm_01_0041__li6677853189"><strong id="asm_01_0041__b5658241104719">istio.io/rev=&lt;revision&gt;</strong> can be used in Istio later than 1.13.9-r3, Istio later than 1.15.5-r2, and all Istio 1.18 versions.</li></ul>
 </li><li id="asm_01_0041__li1283731219"><strong id="asm_01_0041__b176898850910246">Restart Existing Services</strong><p id="asm_01_0041__p16974516217"><span><img id="asm_01_0041__image1251935012150" src="en-us_image_0000001930216052.png"></span>: Enabling <strong id="asm_01_0041__b178031814163717">Restart Existing Services</strong> will restart the pods of existing services and temporarily interrupt your services. New pods will have istio-proxy sidecars automatically injected.</p>
 <ul id="asm_01_0041__ul1893924912361"><li id="asm_01_0041__li149404492367">If you select a new namespace, an automatic injection label is added. After all pods running the Deployment in that namespace are restarted, the istio-proxy sidecars will be automatically injected into new pods.</li></ul>
 <ul id="asm_01_0041__ul330205410366"><li id="asm_01_0041__li5302135413618">If you deselect a namespace, the automatic injection label is deleted. After all pods running the Deployment in that namespace are restarted, new pods do not have istio-proxy sidecars.</li></ul>
 <ul id="asm_01_0041__ul157408585364"><li id="asm_01_0041__li074055833619">If there are pods that are not injected with sidecars in selected namespaces, all pods running the Deployment will be restarted to inject sidecars. If all pods have sidecars injected, the pods will not be restarted.</li></ul>
-<p id="asm_01_0041__p45731657222"><span><img id="asm_01_0041__image1736110311031" src="en-us_image_0000001256463368.png"></span>: The istio-proxy sidecars cannot be automatically injected into the pods of existing services. You need to manually restart the pods on the CCE console to inject the sidecars. This parameter affects only existing services. If the namespaces are labeled with <strong id="asm_01_0041__b1545117533412">istio-injection=enabled</strong> or <strong id="asm_01_0041__b95971230195613">istio.io/rev=&lt;revision&gt;</strong>, sidecars will be automatically injected into new pods.</p>
-<div class="caution" id="asm_01_0041__note1035861813226"><span class="cautiontitle"><img src="public_sys-resources/caution_3.0-en-us.png"> </span><div class="cautionbody"><p id="asm_01_0041__p191121442193617">This module does not provide the function of restarting services in a specific namespace. If a namespace is not selected, the automatic injection label will be removed from the namespace. After the workload in the namespace is restarted, the istio-proxy sidecar will not be automatically injected.</p>
-<p id="asm_01_0041__p735815185225">To inject a sidecar into a workload in a specified namespace, ensure that the namespace is selected and enabled. Then, go to the <strong id="asm_01_0041__b106411057172819">Workloads</strong> page of the CCE cluster console, select the workload, and choose <strong id="asm_01_0041__b173501542913">More</strong> &gt; <strong id="asm_01_0041__b156784815297">Redeploy</strong>. After the workload is restarted, the istio-proxy sidecar is automatically injected.</p>
-</div></div>
+<p id="asm_01_0041__p45731657222"><span><img id="asm_01_0041__image1736110311031" src="en-us_image_0000001256463368.png"></span>: When you do not enable <strong id="asm_01_0041__b198411563510">Restart Existing Services</strong>, the istio-proxy sidecars cannot be automatically injected into the pods of existing services. In this case, you need to manually restart the pods on the CCE console to inject the sidecars. This parameter affects only existing services. If the namespaces are labeled with <strong id="asm_01_0041__b1545117533412">istio-injection=enabled</strong>, sidecars will be automatically injected into new pods.</p>
 </li><li id="asm_01_0041__li975935132613"><strong id="asm_01_0041__b4935192843517">Traffic Interception Settings</strong><div class="note" id="asm_01_0041__note130182311537"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="asm_01_0041__p5301112325320">By default, sidecars intercept all inbound and outbound traffic of pods. You can modify the default traffic rules in <strong id="asm_01_0041__b15949143017359">Traffic Interception Settings</strong>.</p>
 </div></div>
 <p id="asm_01_0041__p10174123175619"><strong id="asm_01_0041__b97421432123511">Inbound Ports</strong>: Inbound ports separated by commas (,). You can use this field to specify the ports that will be included or excluded for inbound traffic redirection.</p>
@@ -26,8 +23,7 @@
 <ul id="asm_01_0041__ul13301528313"><li id="asm_01_0041__li5311221939"><strong id="asm_01_0041__b922854213514">Include only specified IP ranges</strong> means that the traffic from specified IP ranges will be redirected to the sidecar.</li></ul>
 <ul id="asm_01_0041__ul112121251130"><li id="asm_01_0041__li42121455318"><strong id="asm_01_0041__b19623164303511">Exclude only specified IP ranges</strong> means that the traffic from IP ranges except the specified IP ranges will be redirected to the sidecar.</li></ul>
 </li></ul>
-<div class="note" id="asm_01_0041__note1279618584133"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="asm_01_0041__ul3174175111130"><li id="asm_01_0041__li151741951141317">For details about why sidecar injection failed, see .</li></ul>
-<ul id="asm_01_0041__ul97451116162713"><li id="asm_01_0041__li1974521615271">If ASM displays a message indicating that modification of namespace injection is not enabled in the following clusters, you need to run the <strong id="asm_01_0041__b11447123395415">kubectl</strong> command to enable namespace injection. For details, see <a href="asm_faq_0036.html">How Do I Enable Namespace Injection for a Cluster?</a></li><li id="asm_01_0041__li12746181642719">After sidecar injection is enabled for a namespace of a cluster, sidecars are automatically injected for pods of all workloads in the namespace. If you do not want to inject sidecars for some workloads, see <a href="asm_faq_0037.html">How Do I Disable Sidecar Injection for Workloads?</a></li></ul>
+<div class="note" id="asm_01_0041__note1279618584133"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="asm_01_0041__ul97451116162713"><li id="asm_01_0041__li1974521615271">If the system displays a message indicating that modification of namespace injection is not enabled in the following clusters, you need to run the <strong id="asm_01_0041__b11447123395415">kubectl</strong> command to enable namespace injection. For details, see <a href="asm_faq_0036.html">How Do I Enable Namespace Injection for a Cluster?</a>.</li><li id="asm_01_0041__li12746181642719">After sidecar injection is enabled for a namespace of a cluster, sidecars are automatically injected for pods of all workloads in the namespace. If you do not want to inject sidecars for some workloads, see <a href="asm_faq_0037.html">How Do I Disable Sidecar Injection for Workloads?</a>.</li></ul>
 </div></div>
 </p></li></ol>
 </div>

docs/asm/umn/asm_01_0124.html

@@ -1,7 +1,7 @@
 <a name="asm_01_0124"></a><a name="asm_01_0124"></a>
 
 <h1 class="topictitle1">Features in v1.18</h1>
-<div id="body0000001737146797"><ul id="asm_01_0124__ul1742120185319"><li id="asm_01_0124__li1842160195316">Istio 1.18 is supported.</li><li id="asm_01_0124__li1036314425311">CCE Turbo clusters v1.25, v1.27, v1.28, v1.29, v1.30, and v1.31, as well as v1.32 and v1.33 are supported.</li><li id="asm_01_0124__li6393101715319">CCE clusters v1.25, v1.27, v1.28, v1.29, v1.30, and v1.31 , as well as v1.32 and v1.33 are supported.</li><li id="asm_01_0124__li1910522175320">Kubernetes Gateway API is supported.</li></ul>
+<div id="body0000001737146797"><ul id="asm_01_0124__ul1742120185319"><li id="asm_01_0124__li1842160195316">Istio 1.18 is supported.</li><li id="asm_01_0124__li1036314425311">CCE Turbo clusters v1.25, v1.27, v1.28, v1.29, and v1.30, as well as v1.31 are supported.</li><li id="asm_01_0124__li6393101715319">CCE clusters v1.25, v1.27, v1.28, v1.29, and v1.30, as well as v1.31 are supported.</li><li id="asm_01_0124__li1910522175320">Kubernetes Gateway API is supported.</li></ul>
 <p id="asm_01_0124__p58433415527">For details, visit <a href="https://istio.io/latest/news/releases/1.18.x/" target="_blank" rel="noopener noreferrer">https://istio.io/latest/news/releases/1.18.x/</a>.</p>
 </div>
 <div>

docs/asm/umn/asm_01_0141.html

@@ -1,17 +0,0 @@
-<a name="asm_01_0141"></a><a name="asm_01_0141"></a>
-
-<h1 class="topictitle1">Using IAM to Grant Access to ASM</h1>
-<div id="body0000002494975758"></div>
-<div>
-<ul class="ullinks">
-<li class="ulchildlink"><strong><a href="asm_01_0145.html">Using IAM Roles or Policies to Grant Access to ASM</a></strong><br>
-</li>
-<li class="ulchildlink"><strong><a href="asm_01_0146.html">Using IAM Identity Policies to Grant Access to ASM</a></strong><br>
-</li>
-</ul>
-
-<div class="familylinks">
-<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0000001627845328.html">User Guide</a></div>
-</div>
-</div>
-

docs/asm/umn/asm_01_0145.html

@@ -1,66 +0,0 @@
-<a name="asm_01_0145"></a><a name="asm_01_0145"></a>
-
-<h1 class="topictitle1">Using IAM Roles or Policies to Grant Access to ASM</h1>
-<div id="body0000002526896091"><p id="asm_01_0145__en-us_topic_0000001489537442_p198079372297">System-defined permissions in  provided by <a href="https://docs.otc.t-systems.com/en-us/usermanual/iam/iam_01_0026.html" target="_blank" rel="noopener noreferrer">Identity and Access Management (IAM)</a> let you control access to ASM. With IAM, you can:</p>
-<ul id="asm_01_0145__en-us_topic_0000001489537442_ul1848820457453"><li id="asm_01_0145__en-us_topic_0000001489537442_li348974516454">Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing ASM resources.</li><li id="asm_01_0145__en-us_topic_0000001489537442_li11681126173515">Grant users only the permissions required to perform a given task based on their job responsibilities.</li><li id="asm_01_0145__en-us_topic_0000001489537442_li12185165313915">Entrust an account or a cloud service to perform efficient O&amp;M on your ASM resources.</li></ul>
-<p id="asm_01_0145__en-us_topic_0000001489537442_p14662743155318">If your account meets your permissions requirements, you can skip this section.</p>
-<p id="asm_01_0145__en-us_topic_0000001489537442_p158501603165"><a href="#asm_01_0145__en-us_topic_0000001489537442_fig1351611812271">Figure 1</a> shows the process flow of role/policy-based authorization.</p>
-<div class="section" id="asm_01_0145__en-us_topic_0000001489537442_section17723185741610"><h4 class="sectiontitle">Prerequisites</h4><p id="asm_01_0145__en-us_topic_0000001489537442_p17286682272">Before granting permissions to user groups, learn about system-defined permissions in  for ASM. To grant permissions for other services, learn about all <a href="https://docs.otc.t-systems.com/permissions/index.html" target="_blank" rel="noopener noreferrer">permissions</a> supported by IAM.</p>
-</div>
-<div class="section" id="asm_01_0145__en-us_topic_0000001489537442_section1189416161520"><h4 class="sectiontitle">Process Flow</h4><div class="fignone" id="asm_01_0145__en-us_topic_0000001489537442_fig1351611812271"><a name="asm_01_0145__en-us_topic_0000001489537442_fig1351611812271"></a><a name="en-us_topic_0000001489537442_fig1351611812271"></a><span class="figcap"><b>Figure 1 </b>Process of granting ASM permissions using role/policy-based authorization</span><br><span><img id="asm_01_0145__en-us_topic_0000001489537442_image35161382273" src="en-us_image_0000002526896489.png"></span></div>
-<ol id="asm_01_0145__en-us_topic_0000001489537442_ol10176191312813"><li id="asm_01_0145__en-us_topic_0000001489537442_li10176121316284"><a name="asm_01_0145__en-us_topic_0000001489537442_li10176121316284"></a><a name="en-us_topic_0000001489537442_li10176121316284"></a>On the IAM console, <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0030.html" target="_blank" rel="noopener noreferrer">create a user group and assign permissions to it</a>.<p id="asm_01_0145__en-us_topic_0000001489537442_p41762137286">Create a user group on the IAM console, and assign the <strong id="asm_01_0145__b18180133023513">ASM ReadOnlyAccess</strong> permissions to the group.</p>
-</li><li id="asm_01_0145__en-us_topic_0000001489537442_li181761413162818"><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0031.html" target="_blank" rel="noopener noreferrer">Create an IAM user and add it to the user group</a>.<p id="asm_01_0145__en-us_topic_0000001489537442_p16177613182816">On the IAM console, create a user and add it to the user group created in <a href="#asm_01_0145__en-us_topic_0000001489537442_li10176121316284">1</a>.</p>
-</li><li id="asm_01_0145__en-us_topic_0000001489537442_li1177513202816"><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0032.html" target="_blank" rel="noopener noreferrer">Log in as the IAM user</a> and verify permissions.<p id="asm_01_0145__en-us_topic_0000001489537442_p1317741312289">In the authorized region, perform the following operations:</p>
-<ul id="asm_01_0145__en-us_topic_0000001489537442_ul1692751312242"><li id="asm_01_0145__en-us_topic_0000001489537442_li205729227246">Choose <strong id="asm_01_0145__b1623482611425">Service List</strong> &gt; <strong id="asm_01_0145__b11306103015437">Application Service Mesh</strong>. Click <strong id="asm_01_0145__b2155175674318">Buy Mesh</strong> on the ASM console. If a message appears indicating that you have insufficient permissions to perform the operation, the <strong id="asm_01_0145__b7209151616449">ASM ReadOnlyAccess</strong> policy is in effect.</li><li id="asm_01_0145__en-us_topic_0000001489537442_li1857212212418">Choose another service from <strong id="asm_01_0145__b1545117611422">Service List</strong>. If a message appears indicating that you have insufficient permissions to access the service, the <strong id="asm_01_0145__b104520624218">ASM ReadOnlyAccess</strong> policy is in effect.</li></ul>
-</li></ol>
-</div>
-<div class="section" id="asm_01_0145__en-us_topic_0000001489537442_section7529733164812"><h4 class="sectiontitle">Example Custom Policies</h4><p id="asm_01_0145__p576211773818">You can create custom policies to supplement the system-defined policies of ASM. For details about actions supported in custom policies, see .</p>
-<p id="asm_01_0145__en-us_topic_0000001489537442_p1391019913815">To create a custom policy, choose either visual editor or JSON.</p>
-<ul id="asm_01_0145__en-us_topic_0000001489537442_ul1146431393818"><li id="asm_01_0145__en-us_topic_0000001489537442_li5764181518386">Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy grammar.</li><li id="asm_01_0145__en-us_topic_0000001489537442_li546410135389">JSON: Create a JSON policy or edit an existing one.</li></ul>
-<p id="asm_01_0145__p2477135725615">For details, see .</p>
-<p id="asm_01_0145__p10716518386">The following lists examples of common ASM custom policies.</p>
-<ul id="asm_01_0145__en-us_topic_0000001489537442_ul2504185715494"><li id="asm_01_0145__en-us_topic_0000001489537442_li5504357164912">Example 1: Grant permissions to create service meshes.<pre class="screen" id="asm_01_0145__en-us_topic_0000001489537442_screen48273211535">{
-    "Version": "1.1",
-    "Statement": [
-        {
-            "Effect": "Allow",
-            "Action": [
-                "asm:mesh:create"
-            ]
-        }
-    ]
-}</pre>
-</li><li id="asm_01_0145__en-us_topic_0000001489537442_li3652938178">Example 2: Grant permissions to deny service mesh deletion.<p id="asm_01_0145__en-us_topic_0000001489537442_p1892813119464"><a name="asm_01_0145__en-us_topic_0000001489537442_li3652938178"></a><a name="en-us_topic_0000001489537442_li3652938178"></a>A policy with only "Deny" permissions must be used together with other policies. If the permissions granted to an IAM user contain both "Allow" and "Deny", the "Deny" permissions take precedence over the "Allow" permissions.</p>
-<pre class="screen" id="asm_01_0145__en-us_topic_0000001489537442_screen39281011144617">{
-    "Version": "1.1",
-    "Statement": [
-        {
-            "Effect": "Deny",
-            "Action": [
-                "asm:mesh:createGateway"
-            ]
-        }
-    ]
-}</pre>
-</li><li id="asm_01_0145__en-us_topic_0000001489537442_li8475316125413">Example 3: Create a custom policy containing multiple actions.<p id="asm_01_0145__en-us_topic_0000001489537442_p466319313484"><a name="asm_01_0145__en-us_topic_0000001489537442_li8475316125413"></a><a name="en-us_topic_0000001489537442_li8475316125413"></a>A custom policy can contain the actions of one or multiple services that are of the same type (global or project-level). Example policy containing actions of multiple services:</p>
-<pre class="screen" id="asm_01_0145__screen125841914164916">{
-    "Version": "1.1",
-    "Statement": [
-        {
-            "Effect": "Allow",
-            "Action": [
-                "cce:cluster:create"
-                "asm:mesh:create"
-            ]
-        }
-    ]
-}</pre>
-</li></ul>
-</div>
-</div>
-<div>
-<div class="familylinks">
-<div class="parentlink"><strong>Parent topic:</strong> <a href="asm_01_0141.html">Using IAM to Grant Access to ASM</a></div>
-</div>
-</div>
-

docs/asm/umn/asm_01_0146.html

@@ -1,70 +0,0 @@
-<a name="asm_01_0146"></a><a name="asm_01_0146"></a>
-
-<h1 class="topictitle1">Using IAM Identity Policies to Grant Access to ASM</h1>
-<div id="body0000002494976322"><p id="asm_01_0146__en-us_topic_0000001543558165_p198079372297">System-defined permissions in  provided by <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0026.html" target="_blank" rel="noopener noreferrer">Identity and Access Management (IAM)</a> let you control access to ASM. With IAM, you can:</p>
-<ul id="asm_01_0146__en-us_topic_0000001543558165_ul1848820457453"><li id="asm_01_0146__en-us_topic_0000001543558165_li348974516454">Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing ASM resources.</li><li id="asm_01_0146__en-us_topic_0000001543558165_li11681126173515">Grant users only the permissions required to perform a given task based on their job responsibilities.</li><li id="asm_01_0146__en-us_topic_0000001543558165_li12185165313915">Entrust an account or a cloud service to perform efficient O&amp;M on your ASM resources.</li></ul>
-<p id="asm_01_0146__en-us_topic_0000001543558165_p14662743155318">If your account meets your permissions requirements, you can skip this section.</p>
-<p id="asm_01_0146__en-us_topic_0000001543558165_p158501603165"><a href="#asm_01_0146__en-us_topic_0000001543558165_fig1351611812271">Figure 1</a> shows the process flow of identity policy-based authorization.</p>
-<div class="section" id="asm_01_0146__en-us_topic_0000001543558165_section17723185741610"><h4 class="sectiontitle">Prerequisites</h4><p id="asm_01_0146__en-us_topic_0000001543558165_p17286682272">Before granting permissions, learn about system-defined permissions in . To grant permissions for other services, learn about all <a href="https://docs.otc.t-systems.com/permissions/index.html" target="_blank" rel="noopener noreferrer">permissions</a> supported by IAM.</p>
-</div>
-<div class="section" id="asm_01_0146__en-us_topic_0000001543558165_section1189416161520"><h4 class="sectiontitle">Process Flow</h4><div class="fignone" id="asm_01_0146__en-us_topic_0000001543558165_fig1351611812271"><a name="asm_01_0146__en-us_topic_0000001543558165_fig1351611812271"></a><a name="en-us_topic_0000001543558165_fig1351611812271"></a><span class="figcap"><b>Figure 1 </b>Process of granting ASM permissions using identity policy-based authorization</span><br><span><img id="asm_01_0146__en-us_topic_0000001543558165_image35161382273" src="en-us_image_0000002526896571.png"></span></div>
-<ol id="asm_01_0146__en-us_topic_0000001543558165_ol10176191312813"><li id="asm_01_0146__en-us_topic_0000001543558165_li10176121316284">On the IAM console, .<p id="asm_01_0146__en-us_topic_0000001543558165_p41762137286"><a name="asm_01_0146__en-us_topic_0000001543558165_li10176121316284"></a><a name="en-us_topic_0000001543558165_li10176121316284"></a>Create a user or user group on the IAM console.</p>
-</li><li id="asm_01_0146__en-us_topic_0000001543558165_li16925112804614"> (<strong id="asm_01_0146__b15261138162215">ASMReadOnlyPolicy</strong> as an example) to the user or user group.</li><li id="asm_01_0146__en-us_topic_0000001543558165_li1177513202816"><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0032.html" target="_blank" rel="noopener noreferrer">Log in as the IAM user</a> and verify permissions.<p id="asm_01_0146__en-us_topic_0000001543558165_p1317741312289">In the authorized region, perform the following operations:</p>
-<ul id="asm_01_0146__en-us_topic_0000001543558165_ul1692751312242"><li id="asm_01_0146__en-us_topic_0000001543558165_li205729227246">Choose <strong id="asm_01_0146__b160142117265">Service List</strong> &gt; <strong id="asm_01_0146__b760112213264">Application Service Mesh</strong>. Click <strong id="asm_01_0146__b1660272114269">Buy Mesh</strong> on the ASM console. If a message appears indicating that you have insufficient permissions to perform the operation, <strong id="asm_01_0146__b160262182618">ASMReadOnlyPolicy</strong> is in effect.</li><li id="asm_01_0146__en-us_topic_0000001543558165_li1857212212418">Choose another service from <strong id="asm_01_0146__b113084327264">Service List</strong>. If a message appears indicating that you have insufficient permissions to access the service, <strong id="asm_01_0146__b030863242611">ASMReadOnlyPolicy</strong> is in effect.</li></ul>
-</li></ol>
-</div>
-<div class="section" id="asm_01_0146__en-us_topic_0000001543558165_section7529733164812"><h4 class="sectiontitle">Example Custom Identity Policies</h4><p id="asm_01_0146__p19154121744816">You can create custom identity policies to supplement the system-defined identity policies of ASM. For details about actions supported in custom identity policies, see .</p>
-<p id="asm_01_0146__en-us_topic_0000001543558165_p1391019913815">To create a custom identity policy, choose either visual editor or JSON.</p>
-<ul id="asm_01_0146__en-us_topic_0000001543558165_ul1146431393818"><li id="asm_01_0146__en-us_topic_0000001543558165_li5764181518386">Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy grammar.</li><li id="asm_01_0146__en-us_topic_0000001543558165_li546410135389">JSON: Create a JSON policy or edit an existing one.</li></ul>
-<p id="asm_01_0146__p160623765212">For details, see .</p>
-<p id="asm_01_0146__p17139055195519">When creating a custom identity policy, use the Resource element to specify the resources the identity policy applies to and use the Condition element (service-specific condition keys) to control when the identity policy is in effect. For details about the supported resource types and condition keys, see .</p>
-<p id="asm_01_0146__p310122114562">The following provides examples of custom ASM identity policies.</p>
-<ul id="asm_01_0146__en-us_topic_0000001543558165_ul2504185715494"><li id="asm_01_0146__en-us_topic_0000001543558165_li5504357164912">Example 1: Grant permissions to create service meshes.<pre class="screen" id="asm_01_0146__en-us_topic_0000001543558165_screen25351137165916">{
-    "Version": "5.0",
-    "Statement": [
-        {
-            "Effect": "Allow",
-            "Action": [
-                "asm:mesh:create",
-                "asm:mesh:createGateway"
-            ]
-        }
-    ]
-}</pre>
-</li><li id="asm_01_0146__en-us_topic_0000001543558165_li8475316125413">Example 2: Create a custom identity policy containing multiple actions.<p id="asm_01_0146__en-us_topic_0000001543558165_p164313514480"><a name="asm_01_0146__en-us_topic_0000001543558165_li8475316125413"></a><a name="en-us_topic_0000001543558165_li8475316125413"></a></p>
-<p id="asm_01_0146__en-us_topic_0000001543558165_p466319313484">A custom identity policy can contain the actions of one or more services. Example identity policy containing multiple actions:</p>
-<pre class="screen" id="asm_01_0146__en-us_topic_0000001543558165_screen46646311485">{
-    "Version": "5.0",
-    "Statement": [
-        {
-            "Effect": "Allow",
-            "Action": [
-                "asm:mesh:create",
-                "asm:mesh:createGateway"
-            ]
-        },
-        {
-            "Effect": "Allow",
-            "Action": [
-                "evs:volumes:create",
-                "evs:volumes:list"
-            ]
-        },
-        {
-            "Effect": "Allow",
-            "Action": [
-                "ecs:cloudServers:createServers",
-                "ecs:cloudServers:listServersDetails"
-            ]
-        }
-    ]
-}</pre>
-</li></ul>
-</div>
-</div>
-<div>
-<div class="familylinks">
-<div class="parentlink"><strong>Parent topic:</strong> <a href="asm_01_0141.html">Using IAM to Grant Access to ASM</a></div>
-</div>
-</div>
-

docs/asm/umn/asm_pd_0001.html

@@ -4,6 +4,8 @@
 <div id="body39451090"></div>
 <div>
 <ul class="ullinks">
+<li class="ulchildlink"><strong><a href="asm_productdesc_0017.html">Infographic for ASM</a></strong><br>
+</li>
 <li class="ulchildlink"><strong><a href="asm_productdesc_0001.html">Introduction</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="asm_productdesc_0002.html">Advantages</a></strong><br>
@@ -12,8 +14,6 @@
 </li>
 <li class="ulchildlink"><strong><a href="asm_productdesc_0004.html">Notes and Constraints</a></strong><br>
 </li>
-<li class="ulchildlink"><strong><a href="asm_productdesc_0019.html">Permissions</a></strong><br>
-</li>
 <li class="ulchildlink"><strong><a href="asm_productdesc_0005.html">Basic Concepts</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="asm_productdesc_0006.html">Recommended Node Specifications</a></strong><br>

docs/asm/umn/asm_productdesc_0004.html

@@ -16,7 +16,7 @@
 </tr>
 <tr id="asm_productdesc_0004__row2060314173555"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.1.3.2.3.1.1 "><p id="asm_productdesc_0004__p760391712553">1.18</p>
 </td>
-<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.1.3.2.3.1.2 "><p id="asm_productdesc_0004__p14822277556">v1.25, v1.27, v1.28, v1.29, v1.30, v1.31, v1.32, or v1.33</p>
+<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.1.3.2.3.1.2 "><p id="asm_productdesc_0004__p14822277556">v1.25, v1.27, v1.28, v1.29, v1.30, or v1.31</p>
 </td>
 </tr>
 </tbody>

docs/asm/umn/asm_productdesc_0017.html

@@ -0,0 +1,12 @@
+<a name="asm_productdesc_0017"></a><a name="asm_productdesc_0017"></a>
+
+<h1 class="topictitle1">Infographic for ASM</h1>
+<div id="body0000001209484931"><p id="asm_productdesc_0017__p1289416386116"></p>
+<p id="asm_productdesc_0017__p837613199456"><span><img id="asm_productdesc_0017__image73201388158" src="en-us_image_0000002043652974.png"></span></p>
+</div>
+<div>
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="asm_pd_0001.html">Service Overview</a></div>
+</div>
+</div>
+

docs/asm/umn/asm_qs_0002.html

@@ -1,6 +1,6 @@
 <a name="asm_qs_0002"></a><a name="asm_qs_0002"></a>
 
-<h1 class="topictitle1">Enabling Istio for a Cluster</h1>
+<h1 class="topictitle1">Enabling Istio for a Cluster </h1>
 <div id="body0000001168400759"></div>
 <div>
 <ul class="ullinks">

docs/asm/umn/en-us_topic_0000001627845328.html

@@ -10,8 +10,6 @@
 <ul class="ullinks">
 <li class="ulchildlink"><strong><a href="asm_01_0016.html">Application Service Mesh</a></strong><br>
 </li>
-<li class="ulchildlink"><strong><a href="asm_01_0141.html">Using IAM to Grant Access to ASM</a></strong><br>
-</li>
 <li class="ulchildlink"><strong><a href="asm_01_0017.html">Creating a Service Mesh</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="asm_01_0023.html">Mesh Management</a></strong><br>

docs/cce/api-ref/ALL_META.TXT.json

@@ -1867,13 +1867,13 @@
 		"product_code":"cce",
 		"code":"104",
 		"des":"This section describes how to allocate data disk space to nodes so that you can configure the data disk space accordingly.In clusters of a version earlier than v1.23.18-r",
-		"doc_type":"usermanual",
+		"doc_type":"api2",
 		"kw":"Data Disk Space Allocation,Container engine and container image space,container engine and container",
 		"search_title":"",
 		"metedata":[
 			{
 				"prodname":"cce",
-				"documenttype":"usermanual"
+				"documenttype":"api2"
 			}
 		],
 		"title":"Space Allocation of a Data Disk",

docs/cce/api-ref/cce_02_0238.html

@@ -154,40 +154,16 @@
 </td>
 <td class="cellrowborder" valign="top" width="20.93%" headers="mcps1.3.4.5.2.4.1.2 "><p id="cce_02_0238__p252511174227">String</p>
 </td>
-<td class="cellrowborder" valign="top" width="55.81%" headers="mcps1.3.4.5.2.4.1.3 "><p id="cce_02_0238__p7573017202218"><strong id="cce_02_0238__b457318173220">Details</strong>:</p>
-<p id="cce_02_0238__p20573111752219">Cluster version, which mirrors the baseline version of the Kubernetes community. The latest commercial version is recommended.</p>
-<p id="cce_02_0238__p12573101792220">You can create clusters of the latest three versions on the CCE console. To learn which cluster versions are available, log in to the CCE console, create a cluster, and check the supported cluster versions.</p>
-<p id="cce_02_0238__p857391712229">You can call APIs to create clusters of other versions. However, these cluster versions will be gradually terminated. For details about the support policy, see the CCE announcement.</p>
-<p id="cce_02_0238__p057318174226"><strong id="cce_02_0238__b115731217112217">Constraints</strong>:</p>
-<p id="cce_02_0238__p1757311713227">The value must be in the format of <strong id="cce_02_0238__b157391712222">vX.Y[.Z[-rN]]</strong>, for example, <strong id="cce_02_0238__b657371732218">v1.30</strong>, <strong id="cce_02_0238__b115739175225">v1.30.0</strong>, or <strong id="cce_02_0238__b165731217172211">v1.30.0-r0</strong>. Specifying either of these values will create a cluster of version 1.30.</p>
-<ul id="cce_02_0238__ul17573717182212"><li id="cce_02_0238__li205731317192216"><p id="cce_02_0238__p15573151792214"><a name="cce_02_0238__li205731317192216"></a><a name="li205731317192216"></a><strong id="cce_02_0238__b957391712229">X</strong>: major version in the Kubernetes community</p>
-</li><li id="cce_02_0238__li1357331702214"><p id="cce_02_0238__p12573181715227"><a name="cce_02_0238__li1357331702214"></a><a name="li1357331702214"></a><strong id="cce_02_0238__b11573121718224">Y</strong>: minor version in the Kubernetes community</p>
-</li><li id="cce_02_0238__li11573181792213"><p id="cce_02_0238__p157331782211"><a name="cce_02_0238__li11573181792213"></a><a name="li11573181792213"></a><strong id="cce_02_0238__b175731117102216">Z</strong>: patch version in the Kubernetes community</p>
-</li><li id="cce_02_0238__li1757341717221"><p id="cce_02_0238__p1957371717225"><a name="cce_02_0238__li1757341717221"></a><a name="li1757341717221"></a><strong id="cce_02_0238__b857371772218">N</strong>: CCE patch version.</p>
-</li></ul>
-<p id="cce_02_0238__p13573101732213"><strong id="cce_02_0238__b4573517122217">Options</strong>:</p>
-<p id="cce_02_0238__p10573181713224">N/A</p>
-<p id="cce_02_0238__p557301752218"><strong id="cce_02_0238__b1257319178223">Default value</strong>:</p>
-<ul id="cce_02_0238__ul357312171221"><li id="cce_02_0238__li15573101702210"><p id="cce_02_0238__p657313172224"><a name="cce_02_0238__li15573101702210"></a><a name="li15573101702210"></a>If this parameter is left empty, a cluster of the latest version is created by default.</p>
-</li><li id="cce_02_0238__li957312171223"><p id="cce_02_0238__p165731717122215"><a name="cce_02_0238__li957312171223"></a><a name="li957312171223"></a>If a baseline cluster version is specified but the R version is not specified, a cluster of the latest R version will be created by default. It is a good practice not to specify the R version.</p>
-</li></ul>
+<td class="cellrowborder" valign="top" width="55.81%" headers="mcps1.3.4.5.2.4.1.3 "><p id="cce_02_0238__p0929195015409">Cluster's baseline Kubernetes version. The latest version is recommended.</p>
 </td>
 </tr>
 <tr id="cce_02_0238__row1126035716393"><td class="cellrowborder" valign="top" width="23.26%" headers="mcps1.3.4.5.2.4.1.1 "><p id="cce_02_0238__p1884144893515">platformVersion</p>
 </td>
 <td class="cellrowborder" valign="top" width="20.93%" headers="mcps1.3.4.5.2.4.1.2 "><p id="cce_02_0238__p284124873520">String</p>
 </td>
-<td class="cellrowborder" valign="top" width="55.81%" headers="mcps1.3.4.5.2.4.1.3 "><p id="cce_02_0238__p857316175224"><strong id="cce_02_0238__b125737175223">Details</strong>:</p>
-<p id="cce_02_0238__p1057361782211">CCE cluster platform version, which is an internal version under the cluster version (<strong id="cce_02_0238__b175731517122218">version</strong>). Platform versions are used to trace iterations in a major cluster version. They are unique within a major cluster version and recounted when the major cluster version changes.</p>
-<p id="cce_02_0238__p1657311170220"><strong id="cce_02_0238__b20573141712222">Constraints</strong>:</p>
-<p id="cce_02_0238__p165735172225">This parameter cannot be customized, and when you create a cluster, the latest corresponding platform version is selected automatically.</p>
-<p id="cce_02_0238__p18573131718224"><strong id="cce_02_0238__b1257310170222">Options</strong>:</p>
-<p id="cce_02_0238__p18573131752216">The format of <strong id="cce_02_0238__b257411702211">platformVersion</strong> is <strong id="cce_02_0238__b20574517132216">cce.X.Y</strong>.</p>
-<ul id="cce_02_0238__ul357414179228"><li id="cce_02_0238__li1257416178223"><p id="cce_02_0238__p5574101713228"><a name="cce_02_0238__li1257416178223"></a><a name="li1257416178223"></a><strong id="cce_02_0238__b11574617102212">X</strong>: internal feature version, which indicates changes in features, patches, or OS support in the cluster version. The value starts from <strong id="cce_02_0238__b19574217192218">1</strong> and increases monotonically.</p>
-</li><li id="cce_02_0238__li6574131714225"><p id="cce_02_0238__p10574131752217"><a name="cce_02_0238__li6574131714225"></a><a name="li6574131714225"></a><strong id="cce_02_0238__b3574101710227">Y</strong>: patch version of an internal feature version. It is used only for software package update after the feature version is released. No other modification is involved. The value starts from <strong id="cce_02_0238__b15574817182211">0</strong> and increases monotonically.</p>
-</li></ul>
-<p id="cce_02_0238__p357413172228"><strong id="cce_02_0238__b1957431714221">Default value</strong>:</p>
-<p id="cce_02_0238__p1157413170228">N/A</p>
+<td class="cellrowborder" valign="top" width="55.81%" headers="mcps1.3.4.5.2.4.1.3 "><p id="cce_02_0238__p38411148113510">Version of the CCE cluster platform, which is for viewing only and cannot be specified during cluster creation. The latest platform version corresponding to the cluster version is automatically selected during cluster creation.</p>
+<div class="p" id="cce_02_0238__p10350184112363">Value format: <strong id="cce_02_0238__b9950204813384">cce.X.Y</strong><ul id="cce_02_0238__ul24765594314"><li id="cce_02_0238__li14761859431"><strong id="cce_02_0238__b146921148154814">X</strong> indicates the quarterly or regularly feature version number, starting from 1.</li><li id="cce_02_0238__li84766513437"><strong id="cce_02_0238__b8450650184815">Y</strong> indicates the patch version of the cluster, starting from 0 (feature version). Other values indicate later patch versions after the feature version is released.</li></ul>
+</div>
 </td>
 </tr>
 <tr id="cce_02_0238__row533805884917"><td class="cellrowborder" valign="top" width="23.26%" headers="mcps1.3.4.5.2.4.1.1 "><p id="cce_02_0238__p1633905884915">az</p>

docs/cce/api-ref/cce_02_0273.html

@@ -8,25 +8,7 @@
 </th>
 </tr>
 </thead>
-<tbody><tr id="cce_02_0273__row19701173581314"><td class="cellrowborder" valign="top" width="17.98%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_02_0273__p12197345161310">2026-03-25</p>
-</td>
-<td class="cellrowborder" valign="top" width="82.02000000000001%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_02_0273__p16701133501314"><span id="cce_02_0273__ph844125216138">Update:</span></p>
-<ul id="cce_02_0273__ul457513123141"><li id="cce_02_0273__li10575012171419">Updated <a href="cce_02_0236.html#cce_02_0236__table1873418287490">Creating a Cluster</a>.</li></ul>
-</td>
-</tr>
-<tr id="cce_02_0273__row71861848111012"><td class="cellrowborder" valign="top" width="17.98%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_02_0273__p375512419407">2026-03-11</p>
-</td>
-<td class="cellrowborder" valign="top" width="82.02000000000001%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_02_0273__p772953318402">Update:</p>
-<p id="cce_02_0273__p7953154018401">Updated the <strong id="cce_02_0273__b1075864441514">version </strong>and <strong id="cce_02_0273__b6670155712283">platformVersion </strong>parameter description in <a href="cce_02_0236.html#cce_02_0236__table1873418287490">Creating a Cluster</a>.</p>
-</td>
-</tr>
-<tr id="cce_02_0273__row1532514274613"><td class="cellrowborder" valign="top" width="17.98%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_02_0273__p13251042194613">2026-03-03</p>
-</td>
-<td class="cellrowborder" valign="top" width="82.02000000000001%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_02_0273__p18683122112478">Add:</p>
-<p id="cce_02_0273__p3206142711472">Added the <strong id="cce_02_0273__b472019529478">deletionProtection</strong><strong id="cce_02_0273__b127203529470"> </strong>parameter in <a href="cce_02_0236.html#cce_02_0236__table1873418287490">Creating a Cluster</a>.</p>
-</td>
-</tr>
-<tr id="cce_02_0273__row49801816133713"><td class="cellrowborder" valign="top" width="17.98%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_02_0273__p14980516203713">2025-12-30</p>
+<tbody><tr id="cce_02_0273__row49801816133713"><td class="cellrowborder" valign="top" width="17.98%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_02_0273__p14980516203713">2025-12-30</p>
 </td>
 <td class="cellrowborder" valign="top" width="82.02000000000001%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_02_0273__p9854163373718">Add:</p>
 <ul id="cce_02_0273__ul15346173063516"><li id="cce_02_0273__li183462302352">Added <a href="cce_02_0358.html">Synchronizing Node Pool Configurations to Existing Nodes</a>.</li></ul>

docs/cce/umn/cce_01_0300.html

@@ -8,25 +8,7 @@
 </th>
 </tr>
 </thead>
-<tbody><tr id="cce_01_0300__row047745519291"><td class="cellrowborder" valign="top" width="19.009999999999998%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_01_0300__p1747705515291"><span id="cce_01_0300__ph17657328307">2026-03-25</span></p>
-</td>
-<td class="cellrowborder" valign="top" width="80.99%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_01_0300__p854717933014">Add:</p>
-<ul id="cce_01_0300__ul13222613133018"><li id="cce_01_0300__li12224131301">Added <a href="cce_10_0055.html">Configuring APM</a></li><li id="cce_01_0300__li13945922153011">Added <a href="en-us_topic_0000002516078019.html">Configuring Alarms for Java Applications on APM</a></li></ul>
-</td>
-</tr>
-<tr id="cce_01_0300__row111071551569"><td class="cellrowborder" valign="top" width="19.009999999999998%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_01_0300__p410735185615">2026-03-11</p>
-</td>
-<td class="cellrowborder" valign="top" width="80.99%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_01_0300__p22962515610">Update:</p>
-<ul id="cce_01_0300__ul157941134115615"><li id="cce_01_0300__li1579416349568">Updated <a href="cce_10_0405.html">Patch Version Release Notes</a></li><li id="cce_01_0300__li45780361560">Updated <a href="cce_10_0617.html">SFS Overview</a></li><li id="cce_01_0300__li17417193505812">Updated <a href="cce_10_0734.html">Configuring an EIP for a Pod in a CCE Turbo Cluster</a></li></ul>
-</td>
-</tr>
-<tr id="cce_01_0300__row16364121616144"><td class="cellrowborder" valign="top" width="19.009999999999998%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_01_0300__p12364181615147">2026-01-28</p>
-</td>
-<td class="cellrowborder" valign="top" width="80.99%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_01_0300__p259124121517">Add:</p>
-<ul id="cce_01_0300__ul15337141716154"><li id="cce_01_0300__li1433761715151">Added <a href="cce_10_0858.html">Redirecting Traffic from an Nginx Ingress to a LoadBalancer Ingress</a></li><li id="cce_01_0300__li14888191745715">Added <a href="cce_10_0850.html">Comparison Between LoadBalancer Ingresses and Nginx Ingresses</a></li></ul>
-</td>
-</tr>
-<tr id="cce_01_0300__row69530118317"><td class="cellrowborder" valign="top" width="19.009999999999998%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_01_0300__p164617189313">2025-12-30</p>
+<tbody><tr id="cce_01_0300__row69530118317"><td class="cellrowborder" valign="top" width="19.009999999999998%" headers="mcps1.3.1.2.3.1.1 "><p id="cce_01_0300__p164617189313">2025-12-30</p>
 </td>
 <td class="cellrowborder" valign="top" width="80.99%" headers="mcps1.3.1.2.3.1.2 "><p id="cce_01_0300__p1159438173119">Add:</p>
 <ul id="cce_01_0300__ul25923810310"><li id="cce_01_0300__li185953819317">Added <a href="cce_bulletin_0105.html">Kubernetes 1.33 Release Notes</a>.</li><li id="cce_01_0300__li0892436153316">Added <a href="cce_10_1062.html">Obtaining Pod Network Interfaces in a CCE Turbo Cluster</a>, <a href="cce_10_1063.html">Deploying Hubble for DataPlane V2 Network Observability</a> and <a href="cce_10_1064.html">Enabling Observability for cilium-agent in a Cluster with DataPlane V2 Enabled</a>.</li><li id="cce_01_0300__li686113193414">Added <a href="cce_10_1088.html">Modifying the Node Scale-In Concurrency Settings</a>.</li><li id="cce_01_0300__li171425313415">Added <a href="cce_10_1027.html">Switching the AOM Instance Connected to Grafana</a>.</li><li id="cce_01_0300__li198713463417">Added <a href="cce_10_1060.html">Add-on Upgrade Checks</a>.</li><li id="cce_01_0300__li151091759347">Added <a href="cce_10_0556.html">System Agencies</a> and <a href="cce_10_1069.html">Custom Agencies</a>.</li></ul>

docs/cce/umn/cce_10_0006.html

@@ -23,7 +23,7 @@
 </li></ol>
 </div>
 <div class="section" id="cce_10_0006__section7846281504"><h4 class="sectiontitle">Overview of DaemonSet</h4><p id="cce_10_0006__en-us_topic_0249851114_p441104813815">A DaemonSet runs a pod on each node in a cluster and ensures that there is only one pod. This works well for certain system-level applications such as log collection and resource monitoring since they must run on each node. A good example is kube-proxy.</p>
-<p id="cce_10_0006__en-us_topic_0249851114_p5986375820">DaemonSets are closely related to nodes. If a node becomes faulty, the DaemonSet will not migrate the pod on that node to other nodes for re-creation.</p>
+<p id="cce_10_0006__en-us_topic_0249851114_p5986375820">DaemonSets are closely related to nodes. If a node becomes faulty, the DaemonSet will not create the same pods on other nodes.</p>
 <div class="fignone" id="cce_10_0006__en-us_topic_0249851114_fig27588261914"><span class="figcap"><b>Figure 4 </b>DaemonSet</span><br><span><img id="cce_10_0006__en-us_topic_0249851114_image13336133243518" src="en-us_image_0258871213.png"></span></div>
 </div>
 <div class="section" id="cce_10_0006__section153173319578"><h4 class="sectiontitle">Overview of Jobs and CronJobs</h4><p id="cce_10_0006__en-us_topic_0249851115_p10889736123218">Jobs and CronJobs are Kubernetes resources designed to manage short-lived, one-off tasks that run to completion.</p>

docs/cce/umn/cce_10_0009.html

@@ -69,7 +69,7 @@
 </td>
 <td class="cellrowborder" valign="top" width="24%" headers="mcps1.3.4.2.2.2.1.1.4.2.4.1.2 "><p id="cce_10_0009__en-us_topic_0000001708838110_p15173345163417">www.example.com</p>
 </td>
-<td class="cellrowborder" valign="top" width="54%" headers="mcps1.3.4.2.2.2.1.1.4.2.4.1.3 "><p id="cce_10_0009__en-us_topic_0000001708838110_p1117334583414">Enter the address of the third-party image repository.</p>
+<td class="cellrowborder" valign="top" width="54%" headers="mcps1.3.4.2.2.2.1.1.4.2.4.1.3 "><p id="cce_10_0009__en-us_topic_0000001708838110_p1117334583414">Enter the address of the third image repository.</p>
 </td>
 </tr>
 <tr id="cce_10_0009__en-us_topic_0000001708838110_row41733454343"><td class="cellrowborder" valign="top" width="22%" headers="mcps1.3.4.2.2.2.1.1.4.2.4.1.1 "><p id="cce_10_0009__en-us_topic_0000001708838110_p131731745203413">docker-username</p>

docs/cce/umn/cce_10_0010.html

@@ -19,7 +19,7 @@
 <ul id="cce_10_0010__ul953218444116"><li id="cce_10_0010__li87791418174620">ClusterIP: used to make the Service only reachable from within a cluster.</li><li id="cce_10_0010__li17876227144612">NodePort: used for access from outside a cluster. A NodePort Service is accessed through the port on the node.</li><li id="cce_10_0010__li94953274615">LoadBalancer: used for access from outside a cluster. It is an extension of NodePort, to which a load balancer routes, and external systems only need to access the load balancer.</li></ul>
 <p id="cce_10_0010__p1677717174140">For details about the Service, see <a href="cce_10_0249.html">Service Overview</a>.</p>
 </div>
-<div class="section" id="cce_10_0010__section1248852094313"><a name="cce_10_0010__section1248852094313"></a><a name="section1248852094313"></a><h4 class="sectiontitle">Ingress</h4><p id="cce_10_0010__p96672218193">Services forward requests using TCP and UDP at Layer 4. Ingresses forward requests using HTTP and HTTPS at Layer 7, and can achieve finer-grained traffic routing through domain names and paths.</p>
+<div class="section" id="cce_10_0010__section1248852094313"><a name="cce_10_0010__section1248852094313"></a><a name="section1248852094313"></a><h4 class="sectiontitle">Ingress</h4><p id="cce_10_0010__p96672218193">Services forward requests using TCP and UDP at Layer 4. Ingresses forward requests using HTTP and HTTPS at Layer 7. Domain names and paths can be used for access of finer granularities.</p>
 <div class="fignone" id="cce_10_0010__fig816719454212"><span class="figcap"><b>Figure 3 </b>An ingress and its associated Services</span><br><span><img id="cce_10_0010__en-us_topic_0249851122_image8371183511310" src="en-us_image_0258961458.png"></span></div>
 <p id="cce_10_0010__p174691141141410">For details about the ingress, see <a href="cce_10_0094.html">Ingress Overview</a>.</p>
 </div>

docs/cce/umn/cce_10_0026.html

@@ -2,10 +2,66 @@
 
 <h1 class="topictitle1">Viewing CTS Traces in the Trace List</h1>
 <div id="body1525226397666"><div class="section" id="cce_10_0026__en-us_topic_0179639644_section5470822195238"><h4 class="sectiontitle">Scenarios</h4><p id="cce_10_0026__en-us_topic_0179639644_p5235541767">Cloud Trace Service (CTS) records operations performed on cloud service resources. A record contains information such as the user who performed the operation, IP address, operation content, and returned response message. These records facilitate security auditing, issue tracking, and resource locating. They also help you plan and use resources, and identify high-risk or non-compliant operations.</p>
-<p id="cce_10_0026__en-us_topic_0179639644_p5961487316">This section describes how to query or export operation records of the last seven days on the CTS console.</p>
 </div>
 <div class="section" id="cce_10_0026__en-us_topic_0179639644_section036851413573"><h4 class="sectiontitle">What Is a Trace?</h4><p id="cce_10_0026__en-us_topic_0179639644_p7344192412579">A trace is an operation log for a cloud service resource, tracked and stored by CTS. Traces record operations such as adding, modifying, or deleting cloud service resources. You can view them to identify who performed operations and when for detailed tracking.</p>
 </div>
+<div class="section" id="cce_10_0026__en-us_topic_0179639644_section19271975203"><h4 class="sectiontitle">Viewing Traces in the Trace List</h4><ol id="cce_10_0026__en-us_topic_0179639644_ol143115612115"><li id="cce_10_0026__en-us_topic_0179639644_li1629194722218"><span>Log in to the management console, click <span><img id="cce_10_0026__en-us_topic_0179639644_image1229124714224" src="en-us_image_0000002359774578.png"></span> in the upper left corner, and choose <strong id="cce_10_0026__en-us_topic_0179639644_b0101171161313">Management &amp; Deployment</strong> &gt; <strong id="cce_10_0026__en-us_topic_0179639644_b17101511131310">Cloud Trace Service</strong>.</span></li><li id="cce_10_0026__en-us_topic_0179639644_li1443115692119"><span>In the navigation pane, choose <strong id="cce_10_0026__en-us_topic_0179639644_b5352121921314">Trace List</strong>.</span></li><li id="cce_10_0026__en-us_topic_0179639644_li1468123811239"><span>In the upper right corner of the page, set a desired query time range: <strong id="cce_10_0026__en-us_topic_0179639644_b192893416490">Last 1 hour</strong>, <strong id="cce_10_0026__en-us_topic_0179639644_b122899464911">Last 1 day</strong>, or <strong id="cce_10_0026__en-us_topic_0179639644_b19289147490">Last 1 week</strong>. You can also click <strong id="cce_10_0026__en-us_topic_0179639644_b328913414912">Customize</strong> to specify a custom time range within the last seven days.</span></li><li id="cce_10_0026__en-us_topic_0179639644_li243155612119"><span>Set filters to search for your desired traces, as shown in <a href="#cce_10_0026__en-us_topic_0179639644_fig139361441134311">Figure 1</a>.</span><p><div class="fignone" id="cce_10_0026__en-us_topic_0179639644_fig139361441134311"><a name="cce_10_0026__en-us_topic_0179639644_fig139361441134311"></a><a name="en-us_topic_0179639644_fig139361441134311"></a><span class="figcap"><b>Figure 1 </b>Filters</span><br><span><img id="cce_10_0026__en-us_topic_0179639644_image14936144112433" src="en-us_image_0000001744598325.png"></span></div>
+
+<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="cce_10_0026__en-us_topic_0179639644_table147746583014" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Trace filtering parameters</caption><thead align="left"><tr id="cce_10_0026__en-us_topic_0179639644_row1877510573019"><th align="left" class="cellrowborder" valign="top" width="18.95%" id="mcps1.3.3.2.4.2.2.2.3.1.1"><p id="cce_10_0026__en-us_topic_0179639644_p1877512593016">Parameter</p>
+</th>
+<th align="left" class="cellrowborder" valign="top" width="81.05%" id="mcps1.3.3.2.4.2.2.2.3.1.2"><p id="cce_10_0026__en-us_topic_0179639644_p57751859302">Description</p>
+</th>
+</tr>
+</thead>
+<tbody><tr id="cce_10_0026__en-us_topic_0179639644_row1285411013373"><td class="cellrowborder" valign="top" width="18.95%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="cce_10_0026__en-us_topic_0179639644_p28541510143716">Trace Type</p>
+</td>
+<td class="cellrowborder" valign="top" width="81.05%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><p id="cce_10_0026__en-us_topic_0179639644_p08541510193711">Select <strong id="cce_10_0026__en-us_topic_0179639644_b14902228784">Management</strong> or <strong id="cce_10_0026__en-us_topic_0179639644_b129020281815">Data</strong>.</p>
+<ul id="cce_10_0026__en-us_topic_0179639644_ul1060181493817"><li id="cce_10_0026__en-us_topic_0179639644_li156071412384">Management traces record operations performed by users on cloud service resources, including creation, modification, and deletion.</li><li id="cce_10_0026__en-us_topic_0179639644_li1385816156388">Data traces are reported by OBS and record operations performed on data in OBS buckets, including uploads and downloads.</li></ul>
+</td>
+</tr>
+<tr id="cce_10_0026__en-us_topic_0179639644_row113186562383"><td class="cellrowborder" valign="top" width="18.95%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="cce_10_0026__en-us_topic_0179639644_p157759523017">Trace Source</p>
+</td>
+<td class="cellrowborder" valign="top" width="81.05%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><p id="cce_10_0026__en-us_topic_0179639644_p177757543019">Select the name of the cloud service that triggers a trace from the drop-down list.</p>
+</td>
+</tr>
+<tr id="cce_10_0026__en-us_topic_0179639644_row531111429400"><td class="cellrowborder" valign="top" width="18.95%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="cce_10_0026__en-us_topic_0179639644_p167757553018">Resource type</p>
+</td>
+<td class="cellrowborder" valign="top" width="81.05%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><p id="cce_10_0026__en-us_topic_0179639644_p1677513515307">Select the type of the resource involved in a trace from the drop-down list.</p>
+<p id="cce_10_0026__en-us_topic_0179639644_p1077535173016">For details about the resource types of each cloud service, see section "Supported Services and Operations" in the <em id="cce_10_0026__en-us_topic_0179639644_i1090794613497">Cloud Trace Service User Guide</em>.</p>
+</td>
+</tr>
+<tr id="cce_10_0026__en-us_topic_0179639644_row17951953163817"><td class="cellrowborder" valign="top" width="18.95%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="cce_10_0026__en-us_topic_0179639644_p17951145393815">Search By</p>
+</td>
+<td class="cellrowborder" valign="top" width="81.05%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><p id="cce_10_0026__en-us_topic_0179639644_p1866016362423">Select one of the following options:</p>
+<ul id="cce_10_0026__en-us_topic_0179639644_ul8324201518432"><li id="cce_10_0026__en-us_topic_0179639644_li1332441519434"><strong id="cce_10_0026__en-us_topic_0179639644_b17755195192214">Resource ID</strong>: ID of the cloud resource involved in a trace.<p id="cce_10_0026__en-us_topic_0179639644_p927319140446">Leave this field empty if the resource has no resource ID or if resource creation failed.</p>
+</li><li id="cce_10_0026__en-us_topic_0179639644_li19324111594319"><strong id="cce_10_0026__en-us_topic_0179639644_b20740051162314">Trace name</strong>: name of a trace.<p id="cce_10_0026__en-us_topic_0179639644_p162131756164314">For details about the operations that can be audited for each cloud service, see section "Supported Services and Operations" in the <em id="cce_10_0026__en-us_topic_0179639644_i185782113507">Cloud Trace Service User Guide</em>.</p>
+</li><li id="cce_10_0026__en-us_topic_0179639644_li53251315144311"><strong id="cce_10_0026__en-us_topic_0179639644_b113836152512">Resource name</strong>: name of the cloud resource involved in a trace.<p id="cce_10_0026__en-us_topic_0179639644_p546964974419">If the cloud resource involved in the trace does not have a resource name or the corresponding API operation does not involve the resource name parameter, leave this field empty.</p>
+</li></ul>
+</td>
+</tr>
+<tr id="cce_10_0026__en-us_topic_0179639644_row10776105103014"><td class="cellrowborder" valign="top" width="18.95%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="cce_10_0026__en-us_topic_0179639644_p47761954309">Operator</p>
+</td>
+<td class="cellrowborder" valign="top" width="81.05%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><p id="cce_10_0026__en-us_topic_0179639644_p17761455309">User who triggers a trace.</p>
+<p id="cce_10_0026__en-us_topic_0179639644_p1577616513018">Select one or more operators from the drop-down list.</p>
+<p id="cce_10_0026__en-us_topic_0179639644_p47761952302">If the value of <strong id="cce_10_0026__en-us_topic_0179639644_b1470691118286">trace_type</strong> in a trace is <strong id="cce_10_0026__en-us_topic_0179639644_b18706191132818">SystemAction</strong>, the operation is triggered by the service and the trace's operator may be empty.</p>
+</td>
+</tr>
+<tr id="cce_10_0026__en-us_topic_0179639644_row1377615153014"><td class="cellrowborder" valign="top" width="18.95%" headers="mcps1.3.3.2.4.2.2.2.3.1.1 "><p id="cce_10_0026__en-us_topic_0179639644_p877615519306">Trace Status</p>
+</td>
+<td class="cellrowborder" valign="top" width="81.05%" headers="mcps1.3.3.2.4.2.2.2.3.1.2 "><p id="cce_10_0026__en-us_topic_0179639644_p10776115133014">Select one of the following options:</p>
+<ul id="cce_10_0026__en-us_topic_0179639644_ul177767517302"><li id="cce_10_0026__en-us_topic_0179639644_li177617583015"><strong id="cce_10_0026__en-us_topic_0179639644_b14380125823418">Normal</strong>: The operation succeeded.</li><li id="cce_10_0026__en-us_topic_0179639644_li1077665143015"><strong id="cce_10_0026__en-us_topic_0179639644_b128046471357">Warning</strong>: The operation failed.</li><li id="cce_10_0026__en-us_topic_0179639644_li19776135143018"><strong id="cce_10_0026__en-us_topic_0179639644_b134361033365">Incident</strong>: The operation caused a fault that is more serious than a normal failure, for example, causing other faults.</li></ul>
+</td>
+</tr>
+</tbody>
+</table>
+</div>
+</p></li><li class="subitemlist" id="cce_10_0026__en-us_topic_0179639644_li124311756172111"><span>Click <strong id="cce_10_0026__en-us_topic_0179639644_b158561654073256">Query</strong>.</span></li><li id="cce_10_0026__en-us_topic_0179639644_li7432056192112"><span>On the <strong id="cce_10_0026__en-us_topic_0179639644_b176911834143214">Trace List</strong> page, you can also export and refresh the trace list.</span><p><ul id="cce_10_0026__en-us_topic_0179639644_ul119414175448"><li id="cce_10_0026__en-us_topic_0179639644_li12946170445">Click <strong id="cce_10_0026__en-us_topic_0179639644_b8907168171714">Export</strong> to export all traces in the query result as a CSV file. The file can contain up to 5,000 records.</li><li id="cce_10_0026__en-us_topic_0179639644_li394151717445">Click <span><img id="cce_10_0026__en-us_topic_0179639644_image109421716440" src="en-us_image_0000001696678850.png"></span> to view the latest information about traces.</li></ul>
+</p></li><li id="cce_10_0026__en-us_topic_0179639644_li15432145622119"><span>Click <span><img id="cce_10_0026__en-us_topic_0179639644_image9947176447" src="en-us_image_0000001744678489.jpg"></span> on the left of a trace to expand its details.</span><p><p id="cce_10_0026__en-us_topic_0179639644_p1294101714446"></p>
+<p id="cce_10_0026__en-us_topic_0179639644_p1694171715446"><span><img id="cce_10_0026__en-us_topic_0179639644_image1767234653119" src="en-us_image_0000001942942816.png"></span></p>
+<p id="cce_10_0026__en-us_topic_0179639644_p145491156142711"></p>
+</p></li><li id="cce_10_0026__en-us_topic_0179639644_li143245616217"><span>Click <strong id="cce_10_0026__en-us_topic_0179639644_b139145611337">View Trace</strong> in the <strong id="cce_10_0026__en-us_topic_0179639644_b1591756103313">Operation</strong> column. The trace details are displayed.</span><p><p id="cce_10_0026__en-us_topic_0179639644_p1695161714447"><span><img id="cce_10_0026__en-us_topic_0179639644_image1990505483515" src="en-us_image_0000001758618249.png"></span></p>
+</p></li></ol>
+</div>
 <div class="section" id="cce_10_0026__en-us_topic_0179639644_section18501734161612"><h4 class="sectiontitle">Helpful Links</h4><ul id="cce_10_0026__en-us_topic_0179639644_ul19442019172"><li id="cce_10_0026__en-us_topic_0179639644_li547715311275">For details about the key fields in the trace structure, see <a href="https://docs.otc.t-systems.com/cloud-trace-service/umn/user_guide/trace_references/trace_structure.html#cts-03-0010" target="_blank" rel="noopener noreferrer">Trace Structure</a> and <a href="https://docs.otc.t-systems.com/cloud-trace-service/umn/user_guide/trace_references/example_traces.html" target="_blank" rel="noopener noreferrer">Example Traces</a>.</li></ul>
 </div>
 </div>

docs/cce/umn/cce_10_0028.html

@@ -176,7 +176,7 @@
 <tr id="cce_10_0028__row111621459112217"><td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.2.2.2.2.4.1.1 "><p id="cce_10_0028__p2162105911222"><span id="cce_10_0028__ph75033321522">Reserved Pod IP Per Node</span> (supported by clusters using the VPC networks)</p>
 </td>
 <td class="cellrowborder" valign="top" width="66%" headers="mcps1.3.5.2.2.2.2.2.4.1.2 "><p id="cce_10_0028__p1475043685516">The number of pod IP addresses that can be allocated in the container network (<strong id="cce_10_0028__b154119512711">alpha.cce/fixPoolMask</strong>). This parameter determines the maximum number of pods that can be created on each node. Pods that use the host networks do not occupy the reserved IP addresses.</p>
-<p id="cce_10_0028__p1750912498414">In <a href="cce_10_0348.html#cce_10_0348__li13739132619599">a container network</a>, each pod is assigned a unique IP address. If the number of pod IP addresses reserved for each node is insufficient, pods cannot be created. For details, see <a href="cce_10_0348.html#cce_10_0348__section10770192193714">Number of Reserved Pod IP Addresses Per Node</a>.</p>
+<p id="cce_10_0028__p1750912498414">In <a href="cce_10_0348.html#cce_10_0348__li13739132619599">a container network</a>, each pod is assigned a unique IP address. If the number of pod IP addresses reserved for each node is insufficient, pods cannot be created. For details, see <a href="cce_10_0348.html#cce_10_0348__section10770192193714">Number of Allocatable Pod IP Addresses on a Node</a>.</p>
 </td>
 <td class="cellrowborder" valign="top" width="16%" headers="mcps1.3.5.2.2.2.2.2.4.1.3 "><p id="cce_10_0028__p816218596227">No</p>
 </td>

docs/cce/umn/cce_10_0059.html

@@ -225,7 +225,7 @@ kind: NetworkPolicy
 metadata:
   name: access-ingress3
 spec:
-  podSelector:                  # The rule applies only to pods labeled with <strong id="cce_10_0059__b2045362474">role=db</strong>.
+  podSelector:                  # The rule applies only to pods labeled with <strong id="cce_10_0059__b10740734">role=db</strong>.
     matchLabels:
       role: db
   ingress:                      # This is an ingress rule.
@@ -302,7 +302,7 @@ spec:
     - podSelector:              # The rule takes effect for pods with the <strong id="cce_10_0059__b3721808819534">role=web</strong> label.
         matchLabels:
           role: web</pre>
-</li><li id="cce_10_0059__li8782184511358">Run the following command to create the network policy defined in the <strong id="cce_10_0059__b14485111255117">access-egress2.yaml</strong> file:<pre class="screen" id="cce_10_0059__screen1778294513513">kubectl apply -f access-egress2.yaml</pre>
+</li><li id="cce_10_0059__li8782184511358">Run the following command to create the network policy defined the <strong id="cce_10_0059__b14485111255117">access-egress2.yaml</strong> file:<pre class="screen" id="cce_10_0059__screen1778294513513">kubectl apply -f access-egress2.yaml</pre>
 <p id="cce_10_0059__p478264516352">Expected output:</p>
 <pre class="screen" id="cce_10_0059__screen878234533511">networkpolicy.networking.k8s.io/access-egress2 created</pre>
 </li></ol>

docs/cce/umn/cce_10_0130.html

@@ -20,8 +20,6 @@
 </li>
 <li class="ulchildlink"><strong><a href="cce_10_0113.html">Configuring Environment Variables</a></strong><br>
 </li>
-<li class="ulchildlink"><strong><a href="cce_10_0055.html">Configuring APM</a></strong><br>
-</li>
 <li class="ulchildlink"><strong><a href="cce_10_0397.html">Upgrading and Rolling Back a Workload</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="cce_10_0728.html">Configuring Tolerance Policies</a></strong><br>

docs/cce/umn/cce_10_0141.html

@@ -298,7 +298,7 @@
 <p id="cce_10_0141__en-us_topic_0000001559693890_p0532121144210">v1.29</p>
 <p id="cce_10_0141__en-us_topic_0000001559693890_p82341123174214">v1.30</p>
 </td>
-<td class="cellrowborder" valign="top" width="42.85428542854286%" headers="mcps1.3.16.2.2.4.1.3 "><ul id="cce_10_0141__en-us_topic_0000001559693890_ul16128144911429"><li id="cce_10_0141__en-us_topic_0000001559693890_li1212884911427">Supported xGPU configuration for node pools.</li><li id="cce_10_0141__en-us_topic_0000001559693890_li1712874904213">Supported GPU rendering.</li><li id="cce_10_0141__en-us_topic_0000001559693890_li18254145234218">Clusters v1.30 are supported.</li></ul>
+<td class="cellrowborder" valign="top" width="42.85428542854286%" headers="mcps1.3.16.2.2.4.1.3 "><ul id="cce_10_0141__en-us_topic_0000001559693890_ul16128144911429"><li id="cce_10_0141__en-us_topic_0000001559693890_li1212884911427">Supported xGPU configuration by node pool.</li><li id="cce_10_0141__en-us_topic_0000001559693890_li1712874904213">Supported GPU rendering.</li><li id="cce_10_0141__en-us_topic_0000001559693890_li18254145234218">Clusters v1.30 are supported.</li></ul>
 </td>
 </tr>
 <tr id="cce_10_0141__en-us_topic_0000001559693890_row129815138462"><td class="cellrowborder" valign="top" width="21.432143214321435%" headers="mcps1.3.16.2.2.4.1.1 "><p id="cce_10_0141__en-us_topic_0000001559693890_p86679446461">2.6.4</p>

docs/cce/umn/cce_10_0193.html

@@ -383,7 +383,7 @@ workload_balancer_third_party_types: ''</pre>
 <td class="cellrowborder" valign="top" width="28.442844284428443%" headers="mcps1.3.3.2.6.2.1.4.2.5.1.3 "><p id="cce_10_0193__p26241930191112">Used to enable cloud native hybrid deployment.</p>
 </td>
 <td class="cellrowborder" valign="top" width="40.764076407640765%" headers="mcps1.3.3.2.6.2.1.4.2.5.1.4 "><p id="cce_10_0193__p42083564244">This function is disabled by default. Options:</p>
-<ul id="cce_10_0193__ul10325105312018"><li id="cce_10_0193__li13325553122019"><strong id="cce_10_0193__b432842910">true</strong>: The function is enabled.</li><li id="cce_10_0193__li17325195312018"><strong id="cce_10_0193__b1651011720019">false</strong> or empty: The function is disabled.</li></ul>
+<ul id="cce_10_0193__ul10325105312018"><li id="cce_10_0193__li13325553122019"><strong id="cce_10_0193__b830851743">true</strong>: The function is enabled.</li><li id="cce_10_0193__li17325195312018"><strong id="cce_10_0193__b1651011720019">false</strong> or empty: The function is disabled.</li></ul>
 </td>
 </tr>
 <tr id="cce_10_0193__row89239282513"><td class="cellrowborder" valign="top" headers="mcps1.3.3.2.6.2.1.4.2.5.1.1 "><p id="cce_10_0193__p19231228754">oversubscription_method</p>
@@ -765,7 +765,7 @@ workload_balancer_third_party_types: ''</pre>
 <p id="cce_10_0193__p6646145622517">This section describes how to configure volcano-scheduler.</p>
 <div class="note" id="cce_10_0193__note13388133393710"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="cce_10_0193__p83326372378">Only Volcano of v1.7.1 and later support this function. </p>
 </div></div>
-<p id="cce_10_0193__p195053623613">Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose <strong id="cce_10_0193__b081319114263">Settings</strong> and click the <strong id="cce_10_0193__b081317162615">Scheduling</strong> tab. In the <strong id="cce_10_0193__b6813815264">Default Cluster Scheduler</strong> area, find the expert mode and click <strong id="cce_10_0193__b198133152611">Try Now</strong>.</p>
+<p id="cce_10_0193__p195053623613">Log in to the CCE console and click the cluster name to access the cluster console. In the navigation pane, choose <strong id="cce_10_0193__b149962525713">Settings</strong> and click the <strong id="cce_10_0193__b3996145185715">Scheduling</strong> tab. In the <strong id="cce_10_0193__b1399618512575">Select Cluster Scheduler</strong> area, find the expert mode and click <strong id="cce_10_0193__b1899716517572">Try Now</strong>.</p>
 <p id="cce_10_0193__p112531142104212"></p>
 <p id="cce_10_0193__p1566143416357"></p>
 <ul id="cce_10_0193__ul6676425408"><li id="cce_10_0193__li46762264018">Using <strong id="cce_10_0193__b073919506719">resource_exporter</strong>:<pre class="screen" id="cce_10_0193__screen7651947143817">...
@@ -1055,7 +1055,7 @@ workload_balancer_third_party_types: ''</pre>
 <p id="cce_10_0193__en-us_topic_0000001609894173_p13331655366">v1.30</p>
 <p id="cce_10_0193__en-us_topic_0000001609894173_p3332553616">v1.31</p>
 </td>
-<td class="cellrowborder" valign="top" width="51.42%" headers="mcps1.3.8.3.2.4.1.3 "><p id="cce_10_0193__en-us_topic_0000001609894173_p13973151703611">Supported even scheduling in virtual GPUs.</p>
+<td class="cellrowborder" valign="top" width="51.42%" headers="mcps1.3.8.3.2.4.1.3 "><p id="cce_10_0193__en-us_topic_0000001609894173_p13973151703611">Supported even scheduling on virtual GPUs.</p>
 </td>
 </tr>
 <tr id="cce_10_0193__en-us_topic_0000001609894173_row577110132033"><td class="cellrowborder" valign="top" width="15.21%" headers="mcps1.3.8.3.2.4.1.1 "><p id="cce_10_0193__en-us_topic_0000001609894173_p163891031533">1.15.6</p>

docs/cce/umn/cce_10_0248.html

@@ -6,14 +6,10 @@
 <ul class="ullinks">
 <li class="ulchildlink"><strong><a href="cce_10_0094.html">Ingress Overview</a></strong><br>
 </li>
-<li class="ulchildlink"><strong><a href="cce_10_0850.html">Comparison Between LoadBalancer Ingresses and Nginx Ingresses</a></strong><br>
-</li>
 <li class="ulchildlink"><strong><a href="cce_10_0686.html">LoadBalancer Ingresses</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="cce_10_0692.html">Nginx Ingresses</a></strong><br>
 </li>
-<li class="ulchildlink"><strong><a href="cce_10_0858.html">Redirecting Traffic from an Nginx Ingress to a LoadBalancer Ingress</a></strong><br>
-</li>
 </ul>
 
 <div class="familylinks">

docs/cce/umn/cce_10_0281.html

@@ -80,7 +80,7 @@
 <td class="cellrowborder" valign="top" width="26.082608260826078%" headers="mcps1.3.4.2.5.1.2 "><p id="cce_10_0281__p65344315812">The value of the kubelet configuration parameter <strong id="cce_10_0281__b1053563188">maxPods</strong> is used. For details, see <a href="cce_10_0348.html#cce_10_0348__section16296174054019">Maximum Number of Pods on a Node</a>.</p>
 </td>
 <td class="cellrowborder" valign="top" width="29.002900290029%" headers="mcps1.3.4.2.5.1.3 "><p id="cce_10_0281__p11535183284">The smaller value between the following two options is used:</p>
-<ul id="cce_10_0281__ul25351634816"><li id="cce_10_0281__li12535638810">The value of the kubelet configuration parameter <strong id="cce_10_0281__b453533989">maxPods</strong>. For details, see <a href="cce_10_0348.html#cce_10_0348__section16296174054019">Maximum Number of Pods on a Node</a>.</li><li id="cce_10_0281__li353513319819"><span id="cce_10_0281__ph7434193613110">Pod IP addresses reserved for each node</span>. For details, see <a href="cce_10_0348.html#cce_10_0348__section10770192193714">Number of Reserved Pod IP Addresses Per Node</a>.</li></ul>
+<ul id="cce_10_0281__ul25351634816"><li id="cce_10_0281__li12535638810">The value of the kubelet configuration parameter <strong id="cce_10_0281__b453533989">maxPods</strong>. For details, see <a href="cce_10_0348.html#cce_10_0348__section16296174054019">Maximum Number of Pods on a Node</a>.</li><li id="cce_10_0281__li353513319819">Pod IP addresses reserved for each node. For details, see <a href="cce_10_0348.html#cce_10_0348__section10770192193714">Number of Allocatable Pod IP Addresses on a Node</a>.</li></ul>
 </td>
 <td class="cellrowborder" valign="top" width="28.962896289628965%" headers="mcps1.3.4.2.5.1.4 "><p id="cce_10_0281__p153513586">The smaller value between the following two options is used:</p>
 <ul id="cce_10_0281__ul1853511310814"><li id="cce_10_0281__li1353553787">The value of the kubelet configuration parameter <strong id="cce_10_0281__b3416113711156">maxPods</strong>. For details, see <a href="cce_10_0348.html#cce_10_0348__section16296174054019">Maximum Number of Pods on a Node</a>.</li><li id="cce_10_0281__li1535431582">The number of network interfaces on a node. For details, see <a href="cce_10_0348.html#cce_10_0348__section15702175115573">Number of Node Network Interfaces (Available Only in CCE Turbo Clusters)</a>.</li></ul>

docs/cce/umn/cce_10_0336.html

@@ -4,20 +4,18 @@
 <div id="body0000001118652158"><p id="cce_10_0336__p195616516813"><a href="cce_10_0066.html">CCE Container Storage (Everest)</a> supports custom access keys. In this way, IAM users can use their own custom access keys to mount an OBS volume. </p>
 <div class="section" id="cce_10_0336__section1356645410223"><h4 class="sectiontitle">Prerequisites</h4><ul id="cce_10_0336__ul169942513238"><li id="cce_10_0336__li1799112511235">The <a href="cce_10_0066.html">CCE Container Storage (Everest)</a> version must be 1.2.8 or later.</li><li id="cce_10_0336__li599172552311">The cluster version must be 1.15.11 or later.</li></ul>
 </div>
-<div class="section" id="cce_10_0336__section19922155718332"><h4 class="sectiontitle">Notes and Constraints</h4><ul id="cce_10_0336__ul17628134021916"><li id="cce_10_0336__li71531542161916">When an OBS volume is mounted using custom access keys (AK/SK), the access key cannot be deleted or disabled. Otherwise, the service container cannot access the mounted OBS volume.</li><li id="cce_10_0336__li17628174017192">Custom access keys cannot be configured for secure containers.</li></ul>
+<div class="section" id="cce_10_0336__section19922155718332"><h4 class="sectiontitle">Constraints</h4><ul id="cce_10_0336__ul17628134021916"><li id="cce_10_0336__li71531542161916">When an OBS volume is mounted using a custom access key (AK/SK), the access key cannot be deleted or disabled. Otherwise, the service container cannot access the mounted OBS volume.</li><li id="cce_10_0336__li17628174017192">Custom access keys cannot be configured for secure containers.</li></ul>
 </div>
 <div class="section" id="cce_10_0336__section1045502219184"><h4 class="sectiontitle">Disabling a Global AK</h4><p id="cce_10_0336__p1419516122419">When creating an OBS volume on the console of an earlier version, you need to upload the AK/SK (global access key), which is then used by default for mounting the OBS volume. As a result, all IAM users within your account will use the same key to mount the OBS buckets, and they will have identical permissions on the buckets. However, this setting does not allow you to set different permissions for individual IAM users.</p>
-<p id="cce_10_0336__p3972105715910">If you have uploaded the AK/SK (specifically, if <strong id="cce_10_0336__b13454124614335">paas.longaksk</strong> exists in the <strong id="cce_10_0336__b1218135111339">kube-system</strong> namespace of the cluster), you should disable the global access secret to prevent IAM users from performing unauthorized operations. This ensures that the uploaded global access secret in the console will not be used when OBS volumes are used. <strong id="cce_10_0336__b20581192720255">If you have not uploaded any AK/SK, skip this section.</strong></p>
-<div class="note" id="cce_10_0336__note1108139105415"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="cce_10_0336__ul1910810965420"><li id="cce_10_0336__li111084911542">Before disabling the global access secret, ensure that there are no OBS volumes in the cluster. Workloads using OBS volumes may fail to remount after scaling or restart due to missing access keys.</li><li id="cce_10_0336__li21082096542">After the global access secret is disabled, you must specify the access keys when creating a PV and PVC. Otherwise, the OBS volume fails to be mounted.</li></ul>
+<p id="cce_10_0336__p3972105715910">If you have uploaded the AK/SK, disable the automatic mounting of global access keys by enabling the <strong id="cce_10_0336__b135023365217">DISABLE_AUTO_MOUNT_SECRET</strong> parameter in the CCE Container Storage (Everest) add-on to prevent IAM users from performing unauthorized operations. In this way, the global access keys uploaded on the console will not be used when you use OBS volumes.</p>
+<div class="note" id="cce_10_0336__note06431619183416"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="cce_10_0336__ul1215320963516"><li id="cce_10_0336__li115389133519">Before enabling <strong id="cce_10_0336__b1296478123519">DISABLE_AUTO_MOUNT_SECRET</strong>, ensure that there are no OBS volumes in the cluster. Workloads using OBS volumes may fail to remount after scaling or restart due to missing access keys, which are blocked by <strong id="cce_10_0336__b1090211415371">DISABLE_AUTO_MOUNT_SECRET</strong>.</li><li id="cce_10_0336__li16153139153517">If <strong id="cce_10_0336__b173114045014">DISABLE_AUTO_MOUNT_SECRET</strong> is set to <strong id="cce_10_0336__b1857414195018">true</strong>, an access key must be specified when a PV or PVC is created. Otherwise, mounting the OBS volume will fail.</li></ul>
 </div></div>
-<p id="cce_10_0336__p13592810115515">To disable the global access secret, do as follows:</p>
-<ul id="cce_10_0336__ul8428106143719"><li id="cce_10_0336__li1842910613376">Disable the automatic mounting of access secrets in the CCE Container Storage (Everest) add-on by setting <strong id="cce_10_0336__b14642205952716">disable_auto_mount_secret</strong> to <strong id="cce_10_0336__b4642165912719">true</strong>.<p id="cce_10_0336__p191634623720">The following steps apply to CCE Container Storage (Everest) 2.<em id="cce_10_0336__i282483118288">x</em> (2.1.42 or later):</p>
-<ol id="cce_10_0336__ol1416646193719"><li id="cce_10_0336__li111694613719">Log in to the <span id="cce_10_0336__en-us_topic_0000001199181148_ph18314322182">CCE console</span> and click the cluster name to access the cluster console.</li><li id="cce_10_0336__li2171046193715">In the navigation pane, choose <strong id="cce_10_0336__b31431635142812"><span id="cce_10_0336__text20143435152810">Add-ons</span></strong>. In the right pane, find the CCE Container Storage (Everest) add-on and click <strong id="cce_10_0336__b111438356285">Edit</strong>.</li><li id="cce_10_0336__li91712469378">Configure the add-on parameters. Set <strong id="cce_10_0336__b13649124719284">Prohibit Global Secret from Mounting Object Storage (disable_auto_mount_secret)</strong> to <strong id="cce_10_0336__b1364920472289">Yes</strong>.</li><li id="cce_10_0336__li91774623711">Click <strong id="cce_10_0336__b970224318403">OK</strong>.</li></ol>
-<p id="cce_10_0336__p517134617377">The following steps apply to CCE Container Storage (Everest) 1.<em id="cce_10_0336__i13539327298">x</em>. The modified settings cannot be retained during the add-on upgrades. You are advised to use the add-on of 2.<em id="cce_10_0336__i235319326299">x</em>.</p>
-<ol id="cce_10_0336__ol1017446103719"><li id="cce_10_0336__li917446163715">Use kubectl to access the cluster and run the following command to modify the add-on settings:<pre class="screen" id="cce_10_0336__screen191774633719">kubectl edit ds everest-csi-driver -nkube-system</pre>
-</li><li id="cce_10_0336__li11710463377">Search for <strong id="cce_10_0336__b4640456292">disable-auto-mount-secret</strong> and set it to <strong id="cce_10_0336__b19641245192916">true</strong>.<p id="cce_10_0336__p2017124619376"><span><img id="cce_10_0336__image71713466373" src="en-us_image_0000002518226090.png"></span></p>
-</li><li id="cce_10_0336__li5178464379">Run <strong id="cce_10_0336__b141214484293">:wq</strong> to save the settings and exit. Wait until the pod is restarted.</li></ol>
-</li><li id="cce_10_0336__li1242814619374">In the <a href="cce_10_0782.html#cce_10_0782__section138274223718">Settings &gt; Cluster Settings</a> area, disable the global access secret of the cluster. The global access secret (<strong id="cce_10_0336__b15227556132916">paas.longaksk</strong>) in the <strong id="cce_10_0336__b82273561299">kube-system</strong> namespace of the cluster will be deleted.</li></ul>
+<p id="cce_10_0336__p246512128812">The following steps apply to CCE Container Storage (Everest) 2.<em id="cce_10_0336__i2482110185713">x</em> (2.1.42 or later):</p>
+<ol id="cce_10_0336__ol1257699192518"><li id="cce_10_0336__li1557611942510">Log in to the <span id="cce_10_0336__cce_10_0004_ph18314322182">CCE console</span> and click the cluster name to access the cluster console.</li><li id="cce_10_0336__li35762910252">In the navigation pane, choose <strong id="cce_10_0336__b0255478351"><span id="cce_10_0336__text77103384818">Add-ons</span></strong>. In the right pane, find the CCE Container Storage (Everest) add-on and click <strong id="cce_10_0336__b102515475354">Edit</strong>.</li><li id="cce_10_0336__li11577392259">Configure the add-on parameters. Set <strong id="cce_10_0336__b370523719406">Prohibit Global Secret from Mounting Object Storage (disable_auto_mount_secret)</strong> to <strong id="cce_10_0336__b1949164284010">Yes</strong>.</li><li id="cce_10_0336__li357789192515">Click <strong id="cce_10_0336__b970224318403">OK</strong>.</li></ol>
+<p id="cce_10_0336__p26037501482">The following steps apply to CCE Container Storage (Everest) 1.<em id="cce_10_0336__i529435045612">x</em>. (The modified settings cannot be retained during the add-on upgrades. You are advised to use the add-on of 2.<em id="cce_10_0336__i21015311904">x</em>.)</p>
+<ol id="cce_10_0336__ol421992717247"><li id="cce_10_0336__li138183016247">Use kubectl to access the cluster and run the following command to modify the add-on settings:<pre class="screen" id="cce_10_0336__screen20987635112417">kubectl edit ds everest-csi-driver -nkube-system</pre>
+</li><li id="cce_10_0336__li9219152792419">Search for <strong id="cce_10_0336__b2682654535208">disable-auto-mount-secret</strong> and set it to <strong id="cce_10_0336__b2639071435208">true</strong>.<p id="cce_10_0336__p7308184242411"><span><img id="cce_10_0336__image24761413575" src="en-us_image_0000002484119690.png"></span></p>
+</li><li id="cce_10_0336__li5219162762419">Run <strong id="cce_10_0336__b5290111110577">:wq</strong> to save the settings and exit. Wait until the pod is restarted.</li></ol>
 </div>
 <div class="section" id="cce_10_0336__section4633162355911"><a name="cce_10_0336__section4633162355911"></a><a name="section4633162355911"></a><h4 class="sectiontitle">Obtaining an Access Key</h4><ol id="cce_10_0336__ol481110401303"><li id="cce_10_0336__li481114401906"><span>Access the <span id="cce_10_0336__ph56626221444"><strong id="cce_10_0336__en-us_topic_0000002359963906_b7366185612613"></strong><strong id="cce_10_0336__en-us_topic_0000002359963906_b1522414182271">My Credentials</strong> page</span>.</span></li><li id="cce_10_0336__li68111402005"><span>In the navigation pane, choose <strong id="cce_10_0336__b612017294126">Access Keys</strong>.</span></li><li id="cce_10_0336__li28119401016"><span>Click <strong id="cce_10_0336__b194083251210">Create Access Key</strong>. The <strong id="cce_10_0336__b14412324125">Create Access Key</strong> dialog box is displayed.</span></li><li id="cce_10_0336__li1381116402013"><span>Click <strong id="cce_10_0336__b12537122719392">OK</strong> to download the access key.</span></li></ol>
 </div>

docs/cce/umn/cce_10_0337.html

@@ -4,7 +4,7 @@
 <div id="body0000001543100005"><p id="cce_10_0337__p1149135965615">This section describes how to configure SFS mount options. You can configure mount options in a PV and bind the PV to a PVC. Alternatively, configure mount options in a StorageClass and use the StorageClass to create a PVC. In this way, PVs can be dynamically created and inherit mount options configured in the StorageClass by default.</p>
 <div class="section" id="cce_10_0337__section1940515714420"><h4 class="sectiontitle">Prerequisites</h4><p id="cce_10_0337__p123191440105710">The <a href="cce_10_0066.html">CCE Container Storage (Everest)</a> version must be <strong id="cce_10_0337__b551144215272">1.2.8 or later</strong>. This add-on identifies the mount options and transfers them to the underlying storage resources. The parameter settings take effect only if the underlying storage resources support the specified options.</p>
 </div>
-<div class="section" id="cce_10_0337__section6456132219344"><h4 class="sectiontitle">Notes and Constraints</h4><ul id="cce_10_0337__ul6907133813915"><li id="cce_10_0337__li7907173833915">Mount options cannot be configured for secure containers.</li><li id="cce_10_0337__li1190710383398">Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as <strong id="cce_10_0337__b18585135010446">timeo</strong>) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the <strong id="cce_10_0337__b1981781710497">nosharecache</strong> parameter.</li></ul>
+<div class="section" id="cce_10_0337__section6456132219344"><h4 class="sectiontitle">Constraints</h4><ul id="cce_10_0337__ul6907133813915"><li id="cce_10_0337__li7907173833915">Mount options cannot be configured for secure containers.</li><li id="cce_10_0337__li1190710383398">Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as <strong id="cce_10_0337__b18585135010446">timeo</strong>) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the <strong id="cce_10_0337__b1981781710497">nosharecache</strong> parameter.</li></ul>
 </div>
 <div class="section" id="cce_10_0337__section14888047833"><a name="cce_10_0337__section14888047833"></a><a name="section14888047833"></a><h4 class="sectiontitle">SFS Volume Mount Options</h4><p id="cce_10_0337__p1373413010222">The Everest add-on in CCE presets the options described in <a href="#cce_10_0337__table128754351546">Table 1</a> for mounting SFS volumes.</p>
 
@@ -67,7 +67,7 @@
 </tbody>
 </table>
 </div>
-<p id="cce_10_0337__p139823178911">You can configure other mount options if needed. For details, see <a href="https://docs.otc.t-systems.com/scalable-file-service/umn/getting_started/mount_a_file_system/mounting_an_nfs_file_system_to_ecss_linux.html" target="_blank" rel="noopener noreferrer">Mounting an NFS File System to ECSs (Linux)</a>.</p>
+<p id="cce_10_0337__p139823178911">You can configure other mount options if needed. For details, see <a href="https://docs.otc.t-systems.com/en-us/usermanual/sfs/sfs_01_1001.html" target="_blank" rel="noopener noreferrer">Mounting an NFS File System to ECSs (Linux)</a>.</p>
 </div>
 <div class="section" id="cce_10_0337__section846811715589"><h4 class="sectiontitle">Configuring Mount Options in a PV</h4><p id="cce_10_0337__p1070219443123">You can use the <strong id="cce_10_0337__b383935145311">mountOptions</strong> field to configure mount options in a PV. The options you can configure in <strong id="cce_10_0337__b1584025185319">mountOptions</strong> are listed in <a href="#cce_10_0337__section14888047833">SFS Volume Mount Options</a>.</p>
 <ol id="cce_10_0337__ol24468432310"><li id="cce_10_0337__li3446143636"><span>Use kubectl to access the cluster. For details, see <a href="cce_10_0107.html">Accessing a Cluster Using kubectl</a>.</span></li><li id="cce_10_0337__li887813482193"><span>Configure mount options in a PV. Example:</span><p><pre class="screen" id="cce_10_0337__screen6878748181916">apiVersion: v1
@@ -85,13 +85,12 @@ spec:
   csi:
     driver: nas.csi.everest.io    # Dependent storage driver for the mounting
     fsType: nfs
-    volumeHandle: <i><span class="varname" id="cce_10_0337__varname522920403105">&lt;your_volume_id&gt;</span></i>   # The ID of the SFS Capacity-Oriented volume or the file system name when a general purpose file system (SFS 3.0 Capacity-Oriented) is used
+    volumeHandle: <i><span class="varname" id="cce_10_0337__varname198781448171915">&lt;your_volume_id&gt;</span></i>   # The ID of the SFS Capacity-Oriented volume
     volumeAttributes:
       everest.io/share-export-location: <i><span class="varname" id="cce_10_0337__varname28789482191">&lt;your_location&gt;</span></i>  # Shared path of the SFS volume
       storage.kubernetes.io/csiProvisionerIdentity: everest-csi-provisioner
-      everest.io/sfs-version: sfs3.0       # A general purpose file system (SFS 3.0 Capacity-Oriented) is used.
   persistentVolumeReclaimPolicy: Retain    # Reclaim policy
-  storageClassName: <i><span class="varname" id="cce_10_0337__varname157391059121013">csi-nas</span></i>                # StorageClass name. <strong id="cce_10_0337__b14739105981013">csi-nas</strong> indicates that SFS Capacity-Oriented is used. <strong id="cce_10_0337__b1173945951014">csi-sfs</strong> indicates that a general purpose file system (SFS 3.0 Capacity-Oriented) is used.
+  storageClassName: <i><span class="varname" id="cce_10_0337__varname1110445125316">csi-nas</span></i>                # StorageClass name. 
   <strong id="cce_10_0337__b58781748161917">mountOptions:</strong>                            # Mount options
 <strong id="cce_10_0337__b5878134810190">  - <i><span class="varname" id="cce_10_0337__varname787804816194">vers=3</span></i></strong>
 <strong id="cce_10_0337__b13878948191910">  - <i><span class="varname" id="cce_10_0337__varname18878104818196">nolock</span></i></strong>
@@ -117,7 +116,6 @@ parameters:
   csi.storage.k8s.io/csi-driver-name: nas.csi.everest.io
   csi.storage.k8s.io/fstype: nfs
 everest.io/share-access-to: <i><span class="varname" id="cce_10_0337__varname1524719214412">&lt;your_vpc_id&gt;</span></i> # VPC ID of the cluster
-  everest.io/sfs-version: sfs3.0              # A general purpose file system (SFS 3.0 Capacity-Oriented) is used. This parameter is not required for SFS Capacity-Oriented.
 reclaimPolicy: Delete
 volumeBindingMode: Immediate
 <strong id="cce_10_0337__b183867368219">mountOptions:</strong>                            # Mount options

docs/cce/umn/cce_10_0348.html

@@ -20,9 +20,9 @@
 </tr>
 <tr id="cce_10_0348__row1551133515136"><td class="cellrowborder" valign="top" width="24.5024502450245%" headers="mcps1.3.1.3.1.4.1.1 "><p id="cce_10_0348__p125111735161316">VPC network</p>
 </td>
-<td class="cellrowborder" valign="top" width="38.56385638563856%" headers="mcps1.3.1.3.1.4.1.2 "><p id="cce_10_0348__p17511113561318">The smaller value between the <a href="#cce_10_0348__section16296174054019">Maximum Number of Pods on a Node</a> and <a href="#cce_10_0348__section10770192193714">Number of Reserved Pod IP Addresses Per Node</a></p>
+<td class="cellrowborder" valign="top" width="38.56385638563856%" headers="mcps1.3.1.3.1.4.1.2 "><p id="cce_10_0348__p17511113561318">The smaller value between the <a href="#cce_10_0348__section16296174054019">Maximum Number of Pods on a Node</a> and <a href="#cce_10_0348__section10770192193714">Number of Allocatable Pod IP Addresses on a Node</a></p>
 </td>
-<td class="cellrowborder" valign="top" width="36.933693369336936%" headers="mcps1.3.1.3.1.4.1.3 "><p id="cce_10_0348__p11914127105413">To ensure that new pods run smoothly on a node, verify that the maximum number of pods on the node does not exceed the number of allocatable pod IP addresses. If the node lacks sufficient pod IP addresses, new pods will not function properly.</p>
+<td class="cellrowborder" valign="top" width="36.933693369336936%" headers="mcps1.3.1.3.1.4.1.3 "><p id="cce_10_0348__p07681418131813">To ensure that new pods run smoothly on a node, verify that the maximum number of pods on the node does not exceed the number of allocatable pod IP addresses. If the node lacks sufficient pod IP addresses, new pods will not function properly.</p>
 </td>
 </tr>
 <tr id="cce_10_0348__row8486828141416"><td class="cellrowborder" valign="top" width="24.5024502450245%" headers="mcps1.3.1.3.1.4.1.1 "><p id="cce_10_0348__p748714286146">Cloud Native Network 2.0 (for CCE Turbo clusters)</p>
@@ -36,7 +36,7 @@
 </table>
 </div>
 </div>
-<div class="section" id="cce_10_0348__section10770192193714"><a name="cce_10_0348__section10770192193714"></a><a name="section10770192193714"></a><h4 class="sectiontitle"><span id="cce_10_0348__ph132411266225">Number of Reserved Pod IP Addresses Per Node</span></h4><p id="cce_10_0348__p8060118">When creating a cluster in the VPC network model, follow the  and specify the number of pod IP addresses that each node can allocate using <span class="keyword" id="cce_10_0348__keyword191154012419">alpha.cce/fixPoolMask</span>.</p>
+<div class="section" id="cce_10_0348__section10770192193714"><a name="cce_10_0348__section10770192193714"></a><a name="section10770192193714"></a><h4 class="sectiontitle">Number of Allocatable Pod IP Addresses on a Node</h4><p id="cce_10_0348__p8060118">The number of allocatable pod IP addresses on a node is the maximum number of IP addresses that can be allocated to pods on that node. When creating a cluster in the VPC network model, follow the  and specify the number of pod IP addresses that each node can allocate using <span class="keyword" id="cce_10_0348__keyword94055201118">alpha.cce/fixPoolMask</span>.</p>
 <p id="cce_10_0348__p36341919183012">The maximum number of pods that can be created on a node is determined by the number of pod IP addresses available for allocation. In a <a href="#cce_10_0348__li13739132619599">containerized environment</a>, each pod requires its own unique IP address. If the node runs out of reserved pod IP addresses, new pods cannot be created. If <strong id="cce_10_0348__b840019354526">hostNetwork: true</strong> is configured in the YAML file, pods will use the <a href="#cce_10_0348__li13752132911597">host network</a> instead of the reserved pod IP addresses. For details, see <a href="#cce_10_0348__section12428143711548">Pod IP Address Allocation Differences Between the Container Network and Host Network</a>.</p>
 <p id="cce_10_0348__p18181516161419">By default, each node in a cluster is assigned a CIDR block from which pod IP addresses are allocated. The usable number of IP addresses for pods within this block is typically the total number of addresses in the CIDR block minus three reserved addresses (including the network address, gateway address, and broadcast address). </p>
 </div>

docs/cce/umn/cce_10_0365.html

@@ -11,12 +11,12 @@
 <p id="cce_10_0365__p6401512172912">For example, the domain name <strong id="cce_10_0365__b14615191116342">www.***.com</strong> has only two dots (smaller than the value of <strong id="cce_10_0365__b3615181113340">ndots</strong>), and therefore the sequence of DNS queries is as follows: <strong id="cce_10_0365__b49831141553">www.***.com.default.svc.cluster.local</strong>, <strong id="cce_10_0365__b1972901117520">www.***.com.svc.cluster.local</strong>, <strong id="cce_10_0365__b1025517755">www.***.com.cluster.local</strong>, and <strong id="cce_10_0365__b1547213231517">www.***.com</strong>. This means that at least seven DNS queries will be initiated before the domain name is resolved into an IP address. It is clear that when many unnecessary DNS queries will be initiated to access an external domain name. There is room for improvement in workload's DNS configuration.</p>
 </li></ul>
 </div>
-<div class="note" id="cce_10_0365__note0509184610213"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="cce_10_0365__p17566125317216">For details about the configuration items in the Linux DNS resolver configuration file, see <a href="https://man7.org/linux/man-pages/man5/resolv.conf.5.html" target="_blank" rel="noopener noreferrer">https://man7.org/linux/man-pages/man5/resolv.conf.5.html</a>.</p>
+<div class="note" id="cce_10_0365__note0509184610213"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="cce_10_0365__p17566125317216">For more information about configuration options in the resolver configuration file used by Linux operating systems, visit <a href="http://man7.org/linux/man-pages/man5/resolv.conf.5.html" target="_blank" rel="noopener noreferrer">http://man7.org/linux/man-pages/man5/resolv.conf.5.html</a>.</p>
 </div></div>
 </div>
 <div class="section" id="cce_10_0365__section782913619427"><h4 class="sectiontitle">Configuring DNS for a Workload Through the Console</h4><p id="cce_10_0365__p195449555558">Kubernetes provides DNS-related configuration options for applications. The use of application's DNS configuration can effectively reduce unnecessary DNS queries in certain scenarios and improve service concurrency. The following procedure uses an Nginx application as an example to describe how to add DNS configurations for a workload on the console.</p>
 <ol id="cce_10_0365__ol1035961215558"><li id="cce_10_0365__li330462393220"><span>Log in to the <span id="cce_10_0365__cce_10_0004_ph18314322182">CCE console</span> and click the cluster name to access the cluster console.</span></li><li id="cce_10_0365__li6526123335515"><span>In the navigation pane, choose <span class="uicontrol" id="cce_10_0365__uicontrol598016521210"><b>Workloads</b></span>. In the upper right corner, click <span class="uicontrol" id="cce_10_0365__uicontrol119819521016"><b>Create Workload</b></span>.</span></li><li id="cce_10_0365__li57661910269"><span>Configure basic information about the workload. For details, see <a href="cce_10_0673.html">Creating a Workload</a>.</span></li><li id="cce_10_0365__li1329014101777"><span>In the <strong id="cce_10_0365__b930822594314">Advanced Settings</strong> area, click the <strong id="cce_10_0365__b1230911258434">DNS</strong> tab and set the following parameters as required:</span><p><ul id="cce_10_0365__ul949817369810"><li id="cce_10_0365__li1049833612819"><strong id="cce_10_0365__b101811532134319">DNS Policy</strong>: The DNS policies provided on the console correspond to the <strong id="cce_10_0365__b1418110328436">dnsPolicy</strong> field in the YAML file. For details, see <a href="#cce_10_0365__table144443315261">Table 1</a>.<ul id="cce_10_0365__ul129381410992"><li id="cce_10_0365__li189271105388"><strong id="cce_10_0365__b16366154317436">Supplement defaults</strong>: corresponds to <strong id="cce_10_0365__b13366154318433">dnsPolicy=ClusterFirst</strong>. Containers can resolve both the cluster-internal domain names registered by a Service and the external domain names exposed to public networks.</li><li id="cce_10_0365__li101722515381"><strong id="cce_10_0365__b3631346124314">Replace defaults</strong>: corresponds to <strong id="cce_10_0365__b206434616432">dnsPolicy=None</strong>. You must configure <strong id="cce_10_0365__b16411464437">IP Address</strong> and <strong id="cce_10_0365__b1564144618438">Search Domain</strong>. Containers only use the user-defined IP address and search domain configurations for domain name resolution.</li><li id="cce_10_0365__li5619793817"><strong id="cce_10_0365__b1737495124310">Inherit defaults</strong>: corresponds to <strong id="cce_10_0365__b1374851164315">dnsPolicy=Default</strong>. Containers use the domain name resolution configuration from the node that pods run on and cannot resolve the cluster-internal domain names.</li></ul>
-</li><li id="cce_10_0365__li153416472231"><strong id="cce_10_0365__b1938365414439">Optional Objects</strong>: The options parameters in the <a href="#cce_10_0365__table16581121652515">dnsConfig field</a>. Each object may have a name property (required) and a value property (optional). After setting the properties, click <span class="uicontrol" id="cce_10_0365__uicontrol79841856174310"><b>confirm to add</b></span>.<ul id="cce_10_0365__ul6501141918503"><li id="cce_10_0365__li59411218105019"><strong id="cce_10_0365__b1264095994315">timeout</strong>: Timeout interval, in seconds.</li><li id="cce_10_0365__li14291172365019"><strong id="cce_10_0365__b1986118614442">ndots</strong>: Number of dots (.) that must be present in a domain name. If a domain name has fewer dots than this value, the operating system will look up the name in the search domain. If not, the name is a fully qualified domain name (FQDN) and will be tried first as an absolute name.</li></ul>
+</li><li id="cce_10_0365__li153416472231"><strong id="cce_10_0365__b1938365414439">Optional Objects</strong>: The options parameters in the <a href="#cce_10_0365__table16581121652515">dnsConfig field</a>. Each object may have a name property (required) and a value property (optional). After setting the properties, click <span class="uicontrol" id="cce_10_0365__uicontrol79841856174310"><b>confirm to add</b></span>.<ul id="cce_10_0365__ul6501141918503"><li id="cce_10_0365__li59411218105019"><strong id="cce_10_0365__b1264095994315">timeout</strong>: Timeout interval, in seconds.</li><li id="cce_10_0365__li14291172365019"><strong id="cce_10_0365__b1986118614442">ndots</strong>: Number of dots (.) that must be present in a domain name. If a domain name has dots fewer than this value, the operating system will look up the name in the search domain. If not, the name is a fully qualified domain name (FQDN) and will be tried first as an absolute name.</li></ul>
 </li><li id="cce_10_0365__li634818276267"><strong id="cce_10_0365__b152585014167">IP Address of DNS Server</strong>: <strong id="cce_10_0365__b9258190181615">nameservers</strong> in <a href="#cce_10_0365__table16581121652515">dnsConfig</a>. You can configure a domain name server for a custom domain name. The value is one or a group of DNS IP addresses.</li><li id="cce_10_0365__li13630845287"><strong id="cce_10_0365__b1868784134518">Search Domain</strong>: <strong id="cce_10_0365__b968794174513">searches</strong> in the <a href="#cce_10_0365__table16581121652515">dnsConfig</a>. A list of DNS search domains for hostname lookup in the pod. This property is optional. When specified, the provided list will be merged into the search domain names generated from the chosen DNS policy in <strong id="cce_10_0365__b144961644104517">dnsPolicy</strong>. Duplicate domain names are removed.</li><li id="cce_10_0365__li11729122617199"><strong id="cce_10_0365__b10852531191913">Host Alias</strong>: Add the mapping between domain names and IP addresses to the local configuration file <strong id="cce_10_0365__b11157101313201">/etc/hosts</strong> of a pod for simplified local domain name resolution. For details, see <a href="https://kubernetes.io/docs/tasks/network/customize-hosts-file-for-pods/" target="_blank" rel="noopener noreferrer">Adding entries to Pod /etc/hosts with HostAliases</a>.</li></ul>
 </p></li><li id="cce_10_0365__li03217211358"><span>Click <span class="uicontrol" id="cce_10_0365__uicontrol162701548154515"><b>Create Workload</b></span>.</span></li></ol>
 </div>

docs/cce/umn/cce_10_0385.html

@@ -424,7 +424,7 @@ spec:
 <td class="cellrowborder" valign="top" width="10%" headers="mcps1.3.9.2.2.5.1.2 "><p id="cce_10_0385__p17474532410">String</p>
 </td>
 <td class="cellrowborder" valign="top" width="53%" headers="mcps1.3.9.2.2.5.1.3 "><p id="cce_10_0385__p17475535414">ID of an ELB certificate, which is used as the HTTPS server certificate.</p>
-<p id="cce_10_0385__p315916934311">How to obtain: Log in to the <span id="cce_10_0385__ph13532316978">ELB console</span> and choose <strong id="cce_10_0385__b125272088328">Certificates</strong>. In the certificate list, copy the ID under the target certificate name.</p>
+<p id="cce_10_0385__p315916934311">How to obtain: Log in to the <span id="cce_10_0385__ph13532316978">ELB console</span> and choose <strong id="cce_10_0385__b125272088328">Certificates</strong>. In the load balancer list, copy the ID under the target certificate name.</p>
 </td>
 <td class="cellrowborder" valign="top" width="19%" headers="mcps1.3.9.2.2.5.1.4 "><p id="cce_10_0385__p47471953945">v1.19.16 or later</p>
 </td>
@@ -450,7 +450,7 @@ spec:
 <td class="cellrowborder" valign="top" width="10.101010101010102%" headers="mcps1.3.10.2.2.5.1.2 "><p id="cce_10_0385__p13881637164220">String</p>
 </td>
 <td class="cellrowborder" valign="top" width="53.535353535353536%" headers="mcps1.3.10.2.2.5.1.3 "><p id="cce_10_0385__p178811937194219">In ELB, the IDs of SNI certificates that must contain a domain name are separated by commas (,).</p>
-<p id="cce_10_0385__p11881133710426">How to obtain: Log in to the <span id="cce_10_0385__ph1391418222320">ELB console</span> and choose <strong id="cce_10_0385__b14915152216320">Certificates</strong>. In the certificate list, copy the ID under the target certificate name.</p>
+<p id="cce_10_0385__p11881133710426">How to obtain: Log in to the <span id="cce_10_0385__ph1391418222320">ELB console</span> and choose <strong id="cce_10_0385__b14915152216320">Certificates</strong>. In the load balancer list, copy the ID under the target certificate name.</p>
 </td>
 <td class="cellrowborder" valign="top" width="18.181818181818183%" headers="mcps1.3.10.2.2.5.1.4 "><p id="cce_10_0385__p977642114211">v1.23.13-r0, v1.25.8-r0, v1.27.5-r0, v1.28.3-r0, or later</p>
 </td>
@@ -619,7 +619,7 @@ spec:
 </td>
 <td class="cellrowborder" valign="top" width="56.99999999999999%" headers="mcps1.3.14.2.2.5.1.3 "><p id="cce_10_0385__p18882328885">This annotation can be used by the Service only if the pod uses the host network. After this annotation is used, ELB forwards requests to the host network.</p>
 <p id="cce_10_0385__p128822282088">Options:</p>
-<ul id="cce_10_0385__ul6882202812817"><li id="cce_10_0385__li1888220285811"><strong id="cce_10_0385__b693798197">true</strong>: enabled</li><li id="cce_10_0385__li1988219284818"><strong id="cce_10_0385__b131375249434210">false</strong> (default): disabled</li></ul>
+<ul id="cce_10_0385__ul6882202812817"><li id="cce_10_0385__li1888220285811"><strong id="cce_10_0385__b1730800371">true</strong>: enabled</li><li id="cce_10_0385__li1988219284818"><strong id="cce_10_0385__b131375249434210">false</strong> (default): disabled</li></ul>
 </td>
 <td class="cellrowborder" valign="top" width="19%" headers="mcps1.3.14.2.2.5.1.4 "><p id="cce_10_0385__p1688232810812">v1.9 or later</p>
 </td>

docs/cce/umn/cce_10_0397.html

@@ -16,7 +16,7 @@
 <tbody><tr id="cce_10_0397__row88550371213"><td class="cellrowborder" valign="top" width="26.38%" headers="mcps1.3.3.2.3.2.2.2.4.1.1 "><p id="cce_10_0397__p28551317127">Max. Unavailable Pods (maxUnavailable)</p>
 </td>
 <td class="cellrowborder" valign="top" width="57.32000000000001%" headers="mcps1.3.3.2.3.2.2.2.4.1.2 "><p id="cce_10_0397__p862214317389">The maximum number or percentage of pods that can be unavailable during a rolling upgrade. This also sets the limit for how many running pods can be below the expected number. The default value is <strong id="cce_10_0397__b0236131902112">25%</strong>. During an upgrade, the percentage is converted into an absolute number and <strong id="cce_10_0397__b1986284252113">rounded down</strong>.</p>
-<p id="cce_10_0397__p117681230174412">For example, if <strong id="cce_10_0397__en-us_topic_0249851113_b653412212369">spec.replicas</strong> is set to <strong id="cce_10_0397__en-us_topic_0249851113_b9392523103613">2</strong>, no pods (2 × 0.25 = 0.5, rounded down to 0) can be unavailable. Therefore, during an upgrade, there will always be at least two pods running (2 desired – 0 unavailable). Each old pod is deleted only after a new one is created, ensuring that at least two pods are always running until all pods are updated.</p>
+<p id="cce_10_0397__p117681230174412">For example, if <strong id="cce_10_0397__en-us_topic_0249851113_b653412212369">spec.replicas</strong> is set to <strong id="cce_10_0397__en-us_topic_0249851113_b9392523103613">2</strong>, no pods (2 x 0.25 = 0.5, rounded down to 0) can be unavailable. Therefore, during an upgrade, there will always be at least two pods running (2 desired - 0 unavailable). Each old pod is deleted only after a new one is created, ensuring that at least two pods are always running until all pods are updated.</p>
 </td>
 <td class="cellrowborder" valign="top" width="16.3%" headers="mcps1.3.3.2.3.2.2.2.4.1.3 "><p id="cce_10_0397__p138558313122">This parameter is only available for Deployments and DaemonSets.</p>
 </td>
@@ -117,7 +117,7 @@ spec:
 <tbody><tr id="cce_10_0397__row7791110182411"><td class="cellrowborder" valign="top" width="26.38%" headers="mcps1.3.4.3.2.2.3.2.4.1.1 "><p id="cce_10_0397__p147918032412">maxUnavailable</p>
 </td>
 <td class="cellrowborder" valign="top" width="57.32000000000001%" headers="mcps1.3.4.3.2.2.3.2.4.1.2 "><p id="cce_10_0397__cce_10_0397_p862214317389">The maximum number or percentage of pods that can be unavailable during a rolling upgrade. This also sets the limit for how many running pods can be below the expected number. The default value is <strong id="cce_10_0397__cce_10_0397_b0236131902112">25%</strong>. During an upgrade, the percentage is converted into an absolute number and <strong id="cce_10_0397__cce_10_0397_b1986284252113">rounded down</strong>.</p>
-<p id="cce_10_0397__cce_10_0397_p117681230174412">For example, if <strong id="cce_10_0397__cce_10_0397_en-us_topic_0249851113_b653412212369">spec.replicas</strong> is set to <strong id="cce_10_0397__cce_10_0397_en-us_topic_0249851113_b9392523103613">2</strong>, no pods (2 × 0.25 = 0.5, rounded down to 0) can be unavailable. Therefore, during an upgrade, there will always be at least two pods running (2 desired – 0 unavailable). Each old pod is deleted only after a new one is created, ensuring that at least two pods are always running until all pods are updated.</p>
+<p id="cce_10_0397__cce_10_0397_p117681230174412">For example, if <strong id="cce_10_0397__cce_10_0397_en-us_topic_0249851113_b653412212369">spec.replicas</strong> is set to <strong id="cce_10_0397__cce_10_0397_en-us_topic_0249851113_b9392523103613">2</strong>, no pods (2 x 0.25 = 0.5, rounded down to 0) can be unavailable. Therefore, during an upgrade, there will always be at least two pods running (2 desired - 0 unavailable). Each old pod is deleted only after a new one is created, ensuring that at least two pods are always running until all pods are updated.</p>
 </td>
 <td class="cellrowborder" valign="top" width="16.3%" headers="mcps1.3.4.3.2.2.3.2.4.1.3 "><p id="cce_10_0397__p77913012415">This parameter is only available for rolling upgrades.</p>
 </td>

docs/cce/umn/cce_10_0406.html

@@ -17,7 +17,7 @@
 </div>
 <div class="section" id="cce_10_0406__section186134814119"><a name="cce_10_0406__section186134814119"></a><a name="section186134814119"></a><h4 class="sectiontitle">Installing the Add-on</h4><div class="note" id="cce_10_0406__note152084181520"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="cce_10_0406__p1752024116150">The Cloud Native Cluster Monitoring add-on automatically selects a deployment mode based on <strong id="cce_10_0406__b1389013472818"><a href="#cce_10_0406__li15556183414307">Data Storage Configuration</a></strong>. This is supported by Cloud Native Cluster Monitoring 3.7.1 or later.</p>
 <ul id="cce_10_0406__ul128792089306"><li id="cce_10_0406__li6656205432717">Original agent mode: Disable <strong id="cce_10_0406__b20127191055812">Local Data Storage</strong> and enable at least one of <strong id="cce_10_0406__b8127210135811">Report Monitoring Data to AOM</strong> and <strong id="cce_10_0406__b111271510125810">Report Monitoring Data to a Third-Party Platform</strong>.</li></ul>
-<ul id="cce_10_0406__ul565575402715"><li id="cce_10_0406__li5655175432710">Original server mode: Enable <strong id="cce_10_0406__b10938825102619">Local Data Storage</strong> and <strong id="cce_10_0406__b59381525132612">Report Monitoring Data to AOM</strong> or <strong id="cce_10_0406__b69384256265">Report Monitoring Data to a Third-Party Platform</strong>.</li></ul>
+<ul id="cce_10_0406__ul565575402715"><li id="cce_10_0406__li5655175432710">Original server mode: Enable <strong id="cce_10_0406__b62221736115820">Local data storage</strong> and <strong id="cce_10_0406__b9222536135817">Report Monitoring Data to AOM</strong> or <strong id="cce_10_0406__b19222183615810">Report Monitoring Data to a Third-Party Platform</strong>.</li></ul>
 </div></div>
 <ol id="cce_10_0406__ol9183433182510"><li id="cce_10_0406__li330462393220"><span>Log in to the <span id="cce_10_0406__cce_10_0004_ph18314322182">CCE console</span> and click the cluster name to access the cluster console.</span></li><li id="cce_10_0406__li13183153352515"><span>In the navigation pane, choose <strong id="cce_10_0406__b51842425265"><span id="cce_10_0406__text51842042102610">Add-ons</span></strong>. Locate <strong id="cce_10_0406__b0184194210265">Cloud Native Cluster Monitoring</strong> on the right and click <span class="uicontrol" id="cce_10_0406__uicontrol51841642172619"><b>Install</b></span>.</span></li><li id="cce_10_0406__li15556183414307"><a name="cce_10_0406__li15556183414307"></a><a name="li15556183414307"></a><span>On the <strong id="cce_10_0406__b1813011813218">Install Add-on</strong> page, enable at least one item in the <span class="uicontrol" id="cce_10_0406__uicontrol738210234336"><b>Data Storage Configuration</b></span> area.</span><p><ul id="cce_10_0406__ul14526143113393"><li id="cce_10_0406__li953119336397"><strong id="cce_10_0406__b143131455124117">Report Monitoring Data to AOM</strong>: Report Prometheus data to AOM. After this function is enabled, you can select the corresponding AOM instance. The collected basic metrics are free of charge. Custom metrics are charged by AOM. To interconnect with AOM, you must have certain permissions. Only <strong id="cce_10_0406__b75491191223">users in the </strong><strong id="cce_10_0406__b1254918920225">admin</strong><strong id="cce_10_0406__b954914912224"> user group</strong> can perform this operation.</li><li id="cce_10_0406__li2526203153919"><strong id="cce_10_0406__b5956191316337">Reporting Monitoring Data to a Third-Party Monitoring Platform</strong>: To report Prometheus data to a third-party monitoring system, you need to enter the address and token of the third-party monitoring system and determine whether to skip certificate authentication.</li><li id="cce_10_0406__li185331058123918"><strong id="cce_10_0406__b108317571412">Local Data Storage</strong>: Select the type and size of a disk for storing monitoring data to store Prometheus data in PVCs in the cluster. <strong id="cce_10_0406__b12961482422">Storage volumes are not deleted along with the add-on.</strong> If <strong id="cce_10_0406__b7247641124717">Local Data Storage</strong> is enabled, all components will be deployed. For details, see <a href="#cce_10_0406__section0377457163618">Components</a>.<div class="note" id="cce_10_0406__note59616874216"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="cce_10_0406__p1197168134212">An available PVC named <strong id="cce_10_0406__b1753452513212">pvc-prometheus-server-0</strong> exists in namespace <strong id="cce_10_0406__b12534925122110">monitoring</strong> and will be used as the storage source.</p>
 </div></div>

docs/cce/umn/cce_10_0601.html

@@ -4,16 +4,16 @@
 <div id="body0000001476735689"><p id="cce_10_0601__p1580045815497">As of Kubernetes v1.24, <a href="https://kubernetes.io/docs/tasks/administer-cluster/migrating-from-dockershim/" target="_blank" rel="noopener noreferrer">dockershim has been deprecated</a>. To maintain compatibility and ensure continued support for future Kubernetes releases, switch your node's container runtime from Docker to the officially endorsed containerd.</p>
 <div class="section" id="cce_10_0601__section744144018509"><h4 class="sectiontitle">Prerequisites</h4><ul id="cce_10_0601__ul14218115112506"><li id="cce_10_0601__li421913518504">At least one cluster that supports containerd nodes has been created. For details, see <a href="cce_10_0462.html#cce_10_0462__section159298451879">Mapping Between Node OSs and Container Engines</a>.</li><li id="cce_10_0601__li13219195116500">There is a Docker node or Docker node pool in your cluster.</li></ul>
 </div>
-<div class="section" id="cce_10_0601__section182271321165216"><h4 class="sectiontitle">Precautions</h4><ul id="cce_10_0601__ul71291829185213"><li id="cce_10_0601__li112942911527">Theoretically, container runtime migration will interrupt services for a short period of time. You should have deployed the services on multiple instances for high availability. In addition, you are advised to test the migration impact in the testing environment to minimize potential risks.</li><li id="cce_10_0601__li91291029205214">containerd cannot build images. Do not use the <strong id="cce_10_0601__b554202113210">docker build</strong> command to build images on containerd nodes. For other differences between Docker and containerd, see <a href="cce_10_0462.html">Container Engines</a>.</li></ul>
+<div class="section" id="cce_10_0601__section182271321165216"><h4 class="sectiontitle">Precautions</h4><ul id="cce_10_0601__ul71291829185213"><li id="cce_10_0601__li112942911527">Theoretically, container runtime migration will interrupt services for a short period of time. You should have deployed the services on multiple instances for high availability. In addition, you are advised to test the migration impact in the test environment to minimize potential risks.</li><li id="cce_10_0601__li91291029205214">containerd cannot build images. Do not use the <strong id="cce_10_0601__b554202113210">docker build</strong> command to build images on containerd nodes. For other differences between Docker and containerd, see <a href="cce_10_0462.html">Container Engines</a>.</li></ul>
 </div>
-<div class="section" id="cce_10_0601__section6271104155311"><h4 class="sectiontitle">Procedure for Migrating Nodes in the Default Node Pool</h4><ol id="cce_10_0601__ol1937611531532"><li id="cce_10_0601__li2438925125418"><span>Log in to the <span id="cce_10_0601__ph154351223121812">CCE console</span> and click the cluster name to access the cluster console.</span></li><li id="cce_10_0601__li159521745431"><span>In the navigation pane, choose <span class="uicontrol" id="cce_10_0601__uicontrol436301393103636"><b>Nodes</b></span>. On the displayed page, click the <strong id="cce_10_0601__b167122270103636">Nodes</strong> tab.</span></li><li id="cce_10_0601__li224719151931"><span>In the node list, select one or more nodes to be reset and choose <strong id="cce_10_0601__b3526340171811">More</strong> &gt; <strong id="cce_10_0601__b195261406188">Reset Node</strong> in the <strong id="cce_10_0601__b115269407182">Operation</strong> column.</span></li><li id="cce_10_0601__li17377353145312"><span>Set <strong id="cce_10_0601__b1877359102611">Container Engine</strong> to <strong id="cce_10_0601__b11527221277">containerd</strong>. You can adjust other parameters as required or retain them as set during creation.</span><p><p id="cce_10_0601__p16895735195712"></p>
-</p></li><li id="cce_10_0601__li13377453165320"><span>If the node status is <strong id="cce_10_0601__b234616127283">Installing</strong>, the node is being reset.</span><p><p id="cce_10_0601__p7674324155719">When the node status is <strong id="cce_10_0601__b113311535141819">Running</strong>, you can see that the node runtime is switched to containerd. You can log in to the node and run containerd commands such as <strong id="cce_10_0601__b1033116356188">crictl</strong> to view information about the containers running on the node.</p>
+<div class="section" id="cce_10_0601__section6271104155311"><h4 class="sectiontitle">Procedure for Migrating Nodes in the Default Node Pool</h4><ol id="cce_10_0601__ol1937611531532"><li id="cce_10_0601__li2438925125418"><span>Log in to the <span id="cce_10_0601__ph154351223121812">CCE console</span> and click the cluster name to access the cluster console.</span></li><li id="cce_10_0601__li159521745431"><span>In the navigation pane, choose <span class="uicontrol" id="cce_10_0601__uicontrol436301393103636"><b>Nodes</b></span>. On the displayed page, click the <strong id="cce_10_0601__b167122270103636">Nodes</strong> tab.</span></li><li id="cce_10_0601__li224719151931"><span>In the node list, select one or more nodes to be reset and choose <strong id="cce_10_0601__b15114124717463">More</strong> &gt; <strong id="cce_10_0601__b0114134711461">Reset Node</strong>.</span></li><li id="cce_10_0601__li17377353145312"><span>Set <strong id="cce_10_0601__b1877359102611">Container Engine</strong> to <strong id="cce_10_0601__b11527221277">containerd</strong>. You can adjust other parameters as required or retain them as set during creation.</span><p><p id="cce_10_0601__p16895735195712"></p>
+</p></li><li id="cce_10_0601__li13377453165320"><span>If the node status is <strong id="cce_10_0601__b234616127283">Installing</strong>, the node is being reset.</span><p><p id="cce_10_0601__p7674324155719">When the node status is <strong id="cce_10_0601__b1535743492916">Running</strong>, you can see that the node runtime is switched to containerd. You can log in to the node and run containerd commands such as <strong id="cce_10_0601__b18575736105914">crictl</strong> to view information about the containers running on the node.</p>
 </p></li></ol>
 </div>
 <div class="section" id="cce_10_0601__section15146182613537"><h4 class="sectiontitle">Procedure for Migrating Nodes in a Custom Node Pool</h4><p id="cce_10_0601__p1515610585119">You can <a href="cce_10_0655.html">copy a node pool</a>, set the container engine of the new node pool to containerd, and keep other configurations the same as those of the original Docker node pool.</p>
-<ol id="cce_10_0601__ol92793615584"><li id="cce_10_0601__li939813320315"><span>Log in to the <span id="cce_10_0601__ph377916274180">CCE console</span> and click the cluster name to access the cluster console.</span></li><li id="cce_10_0601__li1539818332033"><span>In the navigation pane, choose <strong id="cce_10_0601__b12894165911715">Nodes</strong>. On the <strong id="cce_10_0601__b1989465912178">Node Pools</strong> tab, locate the Docker node pool to be copied and choose <strong id="cce_10_0601__b17894159111718">More</strong> &gt; <strong id="cce_10_0601__b1689465911720">Copy</strong>.</span><p><p id="cce_10_0601__p651713391180"></p>
-</p></li><li id="cce_10_0601__li428117200516"><span>In the <strong id="cce_10_0601__b610531991818">Node </strong><strong id="cce_10_0601__b131055192189">Configuration</strong> area, set <strong id="cce_10_0601__b5105161911812">Container Engine</strong> to <strong id="cce_10_0601__b9105181981817">containerd</strong> and modify other parameter settings as needed to create the node pool.</span><p><p id="cce_10_0601__p16281132011514"></p>
-</p></li><li id="cce_10_0601__li207508511714"><span>Scale the created containerd node pool as large as the original Docker node pool and delete nodes from the Docker node pool one by one.</span><p><p id="cce_10_0601__p169781612225">Rolling migration is preferred. That is, add some containerd nodes and then delete some Docker nodes until the number of nodes in the new containerd node pool is the same as that in the original Docker node pool.</p>
+<ol id="cce_10_0601__ol92793615584"><li id="cce_10_0601__li939813320315"><span>Log in to the <span id="cce_10_0601__ph377916274180">CCE console</span> and click the cluster name to access the cluster console.</span></li><li id="cce_10_0601__li1539818332033"><span>In the navigation pane, choose <strong id="cce_10_0601__b72718163444">Nodes</strong>. On the <strong id="cce_10_0601__b198344315441">Node Pools</strong> tab, locate the Docker node pool to be copied and choose <strong id="cce_10_0601__b621817441447">More</strong> &gt; <strong id="cce_10_0601__b108081546164413">Copy</strong>.</span><p><p id="cce_10_0601__p651713391180"></p>
+</p></li><li id="cce_10_0601__li428117200516"><span>In the <strong id="cce_10_0601__b194212010360">Node </strong><strong id="cce_10_0601__b3732201974712">Configuration</strong> area, set <strong id="cce_10_0601__b18357421471">Container Engine</strong> to <strong id="cce_10_0601__b53921949104718">containerd</strong> and modify other parameter settings as needed to create the node pool.</span><p><p id="cce_10_0601__p16281132011514"></p>
+</p></li><li id="cce_10_0601__li207508511714"><span>Scale the number of created containerd node pool to the number of original Docker node pool and delete nodes from the Docker node pool one by one.</span><p><p id="cce_10_0601__p169781612225">Rolling migration is preferred. That is, add some containerd nodes and then delete some Docker nodes until the number of nodes in the new containerd node pool is the same as that in the original Docker node pool.</p>
 <div class="note" id="cce_10_0601__note6534616172212"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="cce_10_0601__p15824723142210">If you have configured node affinity for the workloads deployed on the original Docker nodes or node pool, configure affinity policies for the workloads to run on the new containerd nodes or node pool.</p>
 </div></div>
 </p></li><li id="cce_10_0601__li329715536613"><span>Delete the original Docker node pool.</span></li></ol>

docs/cce/umn/cce_10_0617.html

@@ -5,44 +5,32 @@
 <p id="cce_10_0617__p142061844581">Expandable to petabytes, SFS provides fully hosted shared file storage, highly available and stable to handle data- and bandwidth-intensive applications</p>
 <ul id="cce_10_0617__ul10598125623816"><li id="cce_10_0617__li3598556163813"><strong id="cce_10_0617__b537118393312">Standard file protocols</strong>: You can mount file systems as volumes to servers, the same as using local directories.</li><li id="cce_10_0617__li45981656153819"><strong id="cce_10_0617__b14788171632410">Data sharing</strong>: The same file system can be mounted to multiple servers, so that data can be shared.</li><li id="cce_10_0617__li1859895616386"><strong id="cce_10_0617__b494142517243">Private network</strong>: Users can access data only in private networks of data centers.</li><li id="cce_10_0617__li1359865617380"><strong id="cce_10_0617__b1895782612291">Capacity and performance</strong>: The capacity of a single file system is high (PB level) and the performance is excellent (ms-level I/O latency).</li><li id="cce_10_0617__li953501813619"><strong id="cce_10_0617__b86341030112914">Use cases</strong>: Deployments/StatefulSets in the ReadWriteMany mode and jobs created for high-performance computing (HPC), media processing, content management, web services, big data analysis, and workload process analysis</li></ul>
 </div>
-<div class="section" id="cce_10_0617__section834645511456"><h4 class="sectiontitle">Performance</h4><div class="p" id="cce_10_0617__p24575564399">CCE supports SFS Capacity-Oriented and general-purpose file systems (SFS 3.0 Capacity-Oriented). For more details, see <a href="https://docs.otc.t-systems.com/en-us/usermanual/sfs/sfs_01_0005.html" target="_blank" rel="noopener noreferrer">File System Types</a>.<div class="note" id="cce_10_0617__note24185259412"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="cce_10_0617__ul338418312448"><li id="cce_10_0617__li938414324413">If SFS Capacity-Oriented is used, you can still create PVs through <a href="cce_10_0619.html#cce_10_0619__section99931811195117">kubectl</a> even if the file system is sold out and cannot be created directly via the CCE console. No new SFS Capacity-Oriented file systems can be created via the console anymore.</li><li id="cce_10_0617__li13384143194411">General purpose file systems (SFS 3.0 Capacity-Oriented) are currently being rolled out across different regions. Their availability may vary depending on the region. If you encounter any issues, contact SFS customer support or wait for further updates. If the region where your application is located already has SFS 3.0 available, use it for new applications and migrate existing SFS Capacity-Oriented file systems to SFS 3.0 as soon as possible to prevent any service disruptions caused by insufficient capacity.</li></ul>
-</div></div>
-</div>
+<div class="section" id="cce_10_0617__section834645511456"><h4 class="sectiontitle">Performance</h4><p id="cce_10_0617__p24575564399">CCE supports SFS Capacity-Oriented. For more details, see <a href="https://docs.otc.t-systems.com/en-us/usermanual/sfs/sfs_01_0005.html" target="_blank" rel="noopener noreferrer">File System Types</a>.</p>
 
-<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="cce_10_0617__table96842242313" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Performance</caption><thead align="left"><tr id="cce_10_0617__row36859218231"><th align="left" class="cellrowborder" valign="top" width="33.33333333333333%" id="mcps1.3.2.3.2.4.1.1"><p id="cce_10_0617__p2685162112314">Parameter</p>
+<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="cce_10_0617__table96842242313" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Performance</caption><thead align="left"><tr id="cce_10_0617__row36859218231"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.2.3.2.3.1.1"><p id="cce_10_0617__p2685162112314">Parameter</p>
 </th>
-<th align="left" class="cellrowborder" valign="top" width="33.33333333333333%" id="mcps1.3.2.3.2.4.1.2"><p id="cce_10_0617__p1668518219236">SFS Capacity-Oriented</p>
-</th>
-<th align="left" class="cellrowborder" valign="top" width="33.33333333333333%" id="mcps1.3.2.3.2.4.1.3"><p id="cce_10_0617__p7861816205319">General Purpose File System (SFS 3.0 Capacity-Oriented)</p>
+<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.2.3.2.3.1.2"><p id="cce_10_0617__p1668518219236">SFS Capacity-Oriented</p>
 </th>
 </tr>
 </thead>
-<tbody><tr id="cce_10_0617__row1068511202310"><td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.1 "><p id="cce_10_0617__p868511272311">Maximum bandwidth</p>
+<tbody><tr id="cce_10_0617__row1068511202310"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.1 "><p id="cce_10_0617__p868511272311">Maximum bandwidth</p>
 </td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.2 "><p id="cce_10_0617__p1490415513546">2 GB/s</p>
-</td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.3 "><p id="cce_10_0617__p1996531820540">1.25 TB/s</p>
+<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.2 "><p id="cce_10_0617__p1490415513546">2 GB/s</p>
 </td>
 </tr>
-<tr id="cce_10_0617__row568552182317"><td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.1 "><p id="cce_10_0617__p10685162152318">Maximum IOPS</p>
+<tr id="cce_10_0617__row568552182317"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.1 "><p id="cce_10_0617__p10685162152318">Maximum IOPS</p>
 </td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.2 "><p id="cce_10_0617__p196506714327">2000</p>
-</td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.3 "><p id="cce_10_0617__p378361973219">Million</p>
+<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.2 "><p id="cce_10_0617__p196506714327">2000</p>
 </td>
 </tr>
-<tr id="cce_10_0617__row1685172152315"><td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.1 "><p id="cce_10_0617__p10685182122315">Latency</p>
+<tr id="cce_10_0617__row1685172152315"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.1 "><p id="cce_10_0617__p10685182122315">Latency</p>
 </td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.2 "><p id="cce_10_0617__p11934511163317">3–20 ms</p>
-</td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.3 "><p id="cce_10_0617__p59341911163313">10 ms</p>
+<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.2 "><p id="cce_10_0617__p11934511163317">3–20 ms</p>
 </td>
 </tr>
-<tr id="cce_10_0617__row19571517152720"><td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.1 "><p id="cce_10_0617__p10571417132715">Maximum capacity</p>
+<tr id="cce_10_0617__row19571517152720"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.1 "><p id="cce_10_0617__p10571417132715">Maximum capacity</p>
 </td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.2 "><p id="cce_10_0617__p2754882347">4 PB</p>
-</td>
-<td class="cellrowborder" valign="top" width="33.33333333333333%" headers="mcps1.3.2.3.2.4.1.3 "><p id="cce_10_0617__p860901812341">EB</p>
+<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.2.3.2.3.1.2 "><p id="cce_10_0617__p2754882347">4 PB</p>
 </td>
 </tr>
 </tbody>

docs/cce/umn/cce_10_0626.html

@@ -4,7 +4,7 @@
 <div id="body0000001542900045"><p id="cce_10_0626__p1149135965615">This section describes how to configure SFS Turbo mount options. For SFS Turbo, you can only set mount options in a PV and bind the PV by creating a PVC.</p>
 <div class="section" id="cce_10_0626__section1940515714420"><h4 class="sectiontitle">Prerequisites</h4><p id="cce_10_0626__p123191440105710">The <a href="cce_10_0066.html">CCE Container Storage (Everest)</a> version must be <strong id="cce_10_0626__b551144215272">1.2.8 or later</strong>. This add-on identifies the mount options and transfers them to the underlying storage resources. The parameter settings take effect only if the underlying storage resources support the specified options.</p>
 </div>
-<div class="section" id="cce_10_0626__section6456132219344"><h4 class="sectiontitle">Notes and Constraints</h4><ul id="cce_10_0626__cce_10_0337_ul6907133813915"><li id="cce_10_0626__cce_10_0337_li7907173833915">Mount options cannot be configured for secure containers.</li><li id="cce_10_0626__cce_10_0337_li1190710383398">Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as <strong id="cce_10_0626__cce_10_0337_b18585135010446">timeo</strong>) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the <strong id="cce_10_0626__cce_10_0337_b1981781710497">nosharecache</strong> parameter.</li></ul>
+<div class="section" id="cce_10_0626__section6456132219344"><h4 class="sectiontitle">Constraints</h4><ul id="cce_10_0626__cce_10_0337_ul6907133813915"><li id="cce_10_0626__cce_10_0337_li7907173833915">Mount options cannot be configured for secure containers.</li><li id="cce_10_0626__cce_10_0337_li1190710383398">Due to the restrictions of the NFS protocol, if an SFS volume is mounted to a node for multiple times, link-related mounting parameters (such as <strong id="cce_10_0626__cce_10_0337_b18585135010446">timeo</strong>) take effect only when the SFS volume is mounted for the first time by default. For example, if the same SFS file system is mounted to multiple pods running on a node, the mounting parameter set later does not overwrite the existing parameter value. If you want to configure different mounting parameters in the preceding scenario, additionally configure the <strong id="cce_10_0626__cce_10_0337_b1981781710497">nosharecache</strong> parameter.</li></ul>
 </div>
 <div class="section" id="cce_10_0626__section14888047833"><a name="cce_10_0626__section14888047833"></a><a name="section14888047833"></a><h4 class="sectiontitle">SFS Turbo Mount Options</h4><p id="cce_10_0626__p1373413010222">The Everest add-on in CCE presets the options described in <a href="#cce_10_0626__table128754351546">Table 1</a> for mounting SFS Turbo volumes.</p>