[ { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Service Overview", "uri":"cce_productdesc_0000.html", "doc_type":"usermanual2", "p_code":"", "code":"1" }, { "desc":"Cloud Container Engine (CCE) is a hosted Kubernetes cluster service for enterprises. It offers complete lifecycle management for containerized applications and delivers s", "product_code":"cce", "title":"What Is CCE?", "uri":"cce_productdesc_0001.html", "doc_type":"usermanual2", "p_code":"1", "code":"2" }, { "desc":"CCE is a container service developed on Docker and Kubernetes. It offers a wide range of features that allow you to run containers on a large scale. CCE containers are hi", "product_code":"cce", "title":"Product Advantages", "uri":"cce_productdesc_0003.html", "doc_type":"usermanual2", "p_code":"1", "code":"3" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Application Scenarios", "uri":"cce_productdesc_0004.html", "doc_type":"usermanual2", "p_code":"1", "code":"4" }, { "desc":"In CCE, you can run clusters with x86 and Arm nodes. Create and manage Kubernetes clusters. Deploy containerized applications in them. All done in CCE.Containerized web a", "product_code":"cce", "title":"Containerized Application Management", "uri":"cce_productdesc_0007.html", "doc_type":"usermanual2", "p_code":"4", "code":"5" }, { "desc":"Shopping apps and websites, especially during promotions and flash salesLive streaming, where service loads often fluctuateGames, where many players may go online in cert", "product_code":"cce", "title":"Auto Scaling in Seconds", "uri":"cce_productdesc_0021.html", "doc_type":"usermanual2", "p_code":"4", "code":"6" }, { "desc":"You may receive a lot feedback and requirements for your apps or services. You may want to boost user experience with new features. Continuous integration (CI) and delive", "product_code":"cce", "title":"DevOps and CI/CD", "uri":"cce_productdesc_0017.html", "doc_type":"usermanual2", "p_code":"4", "code":"7" }, { "desc":"Multi-cloud deployment and disaster recoveryRunning apps in containers on different clouds can ensure high availability. When a cloud is down, other clouds respond and se", "product_code":"cce", "title":"Hybrid Cloud", "uri":"cce_productdesc_0018.html", "doc_type":"usermanual2", "p_code":"4", "code":"8" }, { "desc":"This section describes the notes and constraints on using CCE.After a cluster is created, the following items cannot be changed:Number of master nodes: For example, a non", "product_code":"cce", "title":"Notes and Constraints", "uri":"cce_productdesc_0005.html", "doc_type":"usermanual2", "p_code":"1", "code":"9" }, { "desc":"CCE allows you to assign permissions to IAM users and user groups under your tenant accounts. CCE combines the advantages of IAM and RBAC to provide a variety of authoriz", "product_code":"cce", "title":"Permissions", "uri":"cce_productdesc_0002.html", "doc_type":"usermanual2", "p_code":"1", "code":"10" }, { "desc":"CCE works with the following cloud services and requires permissions to access them.", "product_code":"cce", "title":"Related Services", "uri":"cce_productdesc_0008.html", "doc_type":"usermanual2", "p_code":"1", "code":"11" }, { "desc":"A region and availability zone (AZ) identify the location of a data center. You can create resources in a specific region and AZ.Regions are divided based on geographical", "product_code":"cce", "title":"Regions and AZs", "uri":"cce_productdesc_0012.html", "doc_type":"usermanual2", "p_code":"1", "code":"12" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Product Bulletin", "uri":"cce_bulletin_0000.html", "doc_type":"usermanual2", "p_code":"", "code":"13" }, { "desc":"CCE provides highly scalable, high-performance, enterprise-class Kubernetes clusters. This section describes the Kubernetes version policy of CCE clusters.The CCE console", "product_code":"cce", "title":"Kubernetes Version Policy", "uri":"cce_bulletin_0033.html", "doc_type":"usermanual2", "p_code":"13", "code":"14" }, { "desc":"Released: Sep 3, 2023Dear users,We are pleased to announce that a brand-new CCE console is available. The new console is modern, visually appealing, and concise, providin", "product_code":"cce", "title":"CCE Console Upgrade", "uri":"cce_bulletin_0061.html", "doc_type":"usermanual2", "p_code":"13", "code":"15" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Security Vulnerability Responses", "uri":"cce_bulletin_0169.html", "doc_type":"usermanual2", "p_code":"13", "code":"16" }, { "desc":"High-risk vulnerabilities:CCE fixes vulnerabilities as soon as possible after the Kubernetes community detects them and releases fixing solutions. The fixing policies are", "product_code":"cce", "title":"Vulnerability Fixing Policies", "uri":"cce_bulletin_0011.html", "doc_type":"usermanual2", "p_code":"16", "code":"17" }, { "desc":"Recently, a security research team disclosed a privilege escalation vulnerability (CVE-2021-4034, also dubbed PwnKit) in PolKit's pkexec. Unprivileged users can gain full", "product_code":"cce", "title":"Linux Polkit Privilege Escalation Vulnerability (CVE-2021-4034)", "uri":"CVE-2021-4034.html", "doc_type":"usermanual2", "p_code":"16", "code":"18" }, { "desc":"The Linux Kernel SACK vulnerabilities have been fixed. This section describes the solution to these vulnerabilities.On June 18, 2019, Red Hat released a security notice, ", "product_code":"cce", "title":"Notice on Fixing Linux Kernel SACK Vulnerabilities", "uri":"cce_bulletin_0206.html", "doc_type":"usermanual2", "p_code":"16", "code":"19" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Getting Started", "uri":"cce_qs_0000.html", "doc_type":"usermanual2", "p_code":"", "code":"20" }, { "desc":"This section describes how to use Cloud Container Engine (CCE) and provides frequently asked questions (FAQs) to help you quickly get started with CCE.Complete the follow", "product_code":"cce", "title":"Introduction", "uri":"cce_qs_0001.html", "doc_type":"usermanual2", "p_code":"20", "code":"21" }, { "desc":"Before using CCE, make the following preparations:Creating an IAM userObtaining Resource Permissions(Optional) Creating a VPC(Optional) Creating a Key PairIf you want to ", "product_code":"cce", "title":"Preparations", "uri":"cce_qs_0006.html", "doc_type":"usermanual2", "p_code":"20", "code":"22" }, { "desc":"This section describes how to quickly create a CCE cluster. In this example, the default or simple configurations are in use.If you have no clusters, click Create CCE Sta", "product_code":"cce", "title":"Creating a Kubernetes Cluster", "uri":"cce_qs_0008.html", "doc_type":"usermanual2", "p_code":"20", "code":"23" }, { "desc":"You can use images to quickly create a single-pod workload that can be accessed from public networks. This section describes how to use CCE to quickly deploy an Nginx app", "product_code":"cce", "title":"Creating a Deployment (Nginx)", "uri":"cce_qs_0003.html", "doc_type":"usermanual2", "p_code":"20", "code":"24" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Deploying WordPress and MySQL That Depend on Each Other", "uri":"cce_qs_0007.html", "doc_type":"usermanual2", "p_code":"20", "code":"25" }, { "desc":"WordPress was originally a blog platform based on PHP and MySQL. It is gradually evolved into a content management system. You can set up your own blog website on any ser", "product_code":"cce", "title":"Overview", "uri":"cce_qs_0009.html", "doc_type":"usermanual2", "p_code":"25", "code":"26" }, { "desc":"WordPress must be used together with MySQL. WordPress runs the content management program while MySQL serves as a database to store data.You have created a CCE cluster th", "product_code":"cce", "title":"Creating a MySQL Workload", "uri":"cce_qs_0004.html", "doc_type":"usermanual2", "p_code":"25", "code":"27" }, { "desc":"WordPress was originally a blog platform based on PHP and MySQL. It is gradually evolved into a content management system. You can set up your own blog website on any ser", "product_code":"cce", "title":"Creating a WordPress Workload", "uri":"cce_qs_0005.html", "doc_type":"usermanual2", "p_code":"25", "code":"28" }, { "desc":"During service deployment or running, you may trigger high-risk operations at different levels, causing service faults or interruption. To help you better estimate and av", "product_code":"cce", "title":"High-Risk Operations", "uri":"cce_10_0054.html", "doc_type":"usermanual2", "p_code":"", "code":"29" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Clusters", "uri":"cce_10_0091.html", "doc_type":"usermanual2", "p_code":"", "code":"30" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Cluster Overview", "uri":"cce_10_0002.html", "doc_type":"usermanual2", "p_code":"30", "code":"31" }, { "desc":"Kubernetes is an open source container orchestration engine for automating deployment, scaling, and management of containerized applications.For developers, Kubernetes is", "product_code":"cce", "title":"Basic Cluster Information", "uri":"cce_10_0430.html", "doc_type":"usermanual2", "p_code":"31", "code":"32" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Kubernetes Version Release Notes", "uri":"cce_10_0068.html", "doc_type":"usermanual2", "p_code":"31", "code":"33" }, { "desc":"CCE allows you to create Kubernetes clusters 1.29. This section describes the changes made in Kubernetes 1.29.New and Enhanced FeaturesAPI Changes and RemovalsEnhanced Ku", "product_code":"cce", "title":"Kubernetes 1.29 Release Notes", "uri":"cce_bulletin_0089.html", "doc_type":"usermanual2", "p_code":"33", "code":"34" }, { "desc":"CCE allows you to create Kubernetes clusters 1.28. This section describes the changes made in Kubernetes 1.28.Important NotesNew and Enhanced FeaturesAPI Changes and Remo", "product_code":"cce", "title":"Kubernetes 1.28 Release Notes", "uri":"cce_bulletin_0068.html", "doc_type":"usermanual2", "p_code":"33", "code":"35" }, { "desc":"CCE allows you to create clusters of Kubernetes 1.27. This section describes the changes made in Kubernetes 1.27 compared with Kubernetes 1.25.New FeaturesDeprecations an", "product_code":"cce", "title":"Kubernetes 1.27 Release Notes", "uri":"cce_bulletin_0059.html", "doc_type":"usermanual2", "p_code":"33", "code":"36" }, { "desc":"This section describes the changes made in Kubernetes 1.25 compared with Kubernetes 1.23.New FeaturesDeprecations and RemovalsEnhanced Kubernetes 1.25 on CCEReferencesKub", "product_code":"cce", "title":"Kubernetes 1.25 Release Notes", "uri":"cce_bulletin_0058.html", "doc_type":"usermanual2", "p_code":"33", "code":"37" }, { "desc":"This section describes the updates in CCE Kubernetes 1.23.Kubernetes 1.23 Release NotesFlexVolume is deprecated. Use CSI.HorizontalPodAutoscaler v2 is promoted to GA, and", "product_code":"cce", "title":"Kubernetes 1.23 Release Notes", "uri":"cce_bulletin_0027.html", "doc_type":"usermanual2", "p_code":"33", "code":"38" }, { "desc":"This section describes the updates in CCE Kubernetes 1.21.Kubernetes 1.21 Release NotesCronJob is now in the stable state, and the version number changes to batch/v1.The ", "product_code":"cce", "title":"Kubernetes 1.21 (EOM) Release Notes", "uri":"cce_bulletin_0026.html", "doc_type":"usermanual2", "p_code":"33", "code":"39" }, { "desc":"This section describes the updates in CCE Kubernetes 1.19.Kubernetes v1.19 Release NotesvSphere in-tree volumes can be migrated to vSphere CSI drivers. The in-tree vSpher", "product_code":"cce", "title":"Kubernetes 1.19 (EOM) Release Notes", "uri":"cce_whsnew_0010.html", "doc_type":"usermanual2", "p_code":"33", "code":"40" }, { "desc":"This section describes the updates in CCE Kubernetes 1.17.All resources in the apps/v1beta1 and apps/v1beta2 API versions are no longer served. Migrate to use the apps/v1", "product_code":"cce", "title":"Kubernetes 1.17 (EOM) Release Notes", "uri":"cce_whsnew_0007.html", "doc_type":"usermanual2", "p_code":"33", "code":"41" }, { "desc":"dockershim has been removed since Kubernetes v1.24, and Docker is not supported in v1.24 and later versions by default. Use containerd.All nodes in the CCE clusters of ve", "product_code":"cce", "title":"Patch Version Release Notes", "uri":"cce_10_0405.html", "doc_type":"usermanual2", "p_code":"31", "code":"42" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Creating a Cluster", "uri":"cce_10_0298.html", "doc_type":"usermanual2", "p_code":"30", "code":"43" }, { "desc":"CCE provides different types of clusters for you to select. The following table lists the differences between them.", "product_code":"cce", "title":"Comparison Between Cluster Types", "uri":"cce_10_0342.html", "doc_type":"usermanual2", "p_code":"43", "code":"44" }, { "desc":"On the CCE console, you can easily create Kubernetes clusters. After a cluster is created, the master node is hosted by CCE. You only need to create worker nodes. In this", "product_code":"cce", "title":"Creating a CCE Standard/Turbo Cluster", "uri":"cce_10_0028.html", "doc_type":"usermanual2", "p_code":"43", "code":"45" }, { "desc":"kube-proxy is a key component of a Kubernetes cluster. It is used for load balancing and forwarding data between a Service and its backend pods.CCE supports the iptables ", "product_code":"cce", "title":"Comparing iptables and IPVS", "uri":"cce_10_0349.html", "doc_type":"usermanual2", "p_code":"43", "code":"46" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Connecting to a Cluster", "uri":"cce_10_0140.html", "doc_type":"usermanual2", "p_code":"30", "code":"47" }, { "desc":"This section uses a CCE standard cluster as an example to describe how to access a CCE cluster using kubectl.When you access a cluster using kubectl, CCE uses kubeconfig ", "product_code":"cce", "title":"Connecting to a Cluster Using kubectl", "uri":"cce_10_0107.html", "doc_type":"usermanual2", "p_code":"47", "code":"48" }, { "desc":"This section describes how to obtain the cluster certificate from the console and use it to access Kubernetes clusters.The downloaded certificate contains three files: cl", "product_code":"cce", "title":"Accessing a Cluster Using an X.509 Certificate", "uri":"cce_10_0175.html", "doc_type":"usermanual2", "p_code":"47", "code":"49" }, { "desc":"Subject Alternative Name (SAN) allows multiple values (including IP addresses, domain names, and so on) to be associated with certificates. A SAN is usually used by the c", "product_code":"cce", "title":"Accessing a Cluster Using a Custom Domain Name", "uri":"cce_10_0367.html", "doc_type":"usermanual2", "p_code":"47", "code":"50" }, { "desc":"You can bind an EIP to an API server of a Kubernetes cluster so that the API server can access the Internet.Binding an EIP to an API server for Internet access can pose a", "product_code":"cce", "title":"Configuring a Cluster's API Server for Internet Access", "uri":"cce_10_0864.html", "doc_type":"usermanual2", "p_code":"47", "code":"51" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Managing a Cluster", "uri":"cce_10_0031.html", "doc_type":"usermanual2", "p_code":"30", "code":"52" }, { "desc":"CCE allows you to manage cluster parameters, through which you can let core components work under your requirements.kube-apiserverkube-controller-managerkube-scheduler", "product_code":"cce", "title":"Modifying Cluster Configurations", "uri":"cce_10_0213.html", "doc_type":"usermanual2", "p_code":"52", "code":"53" }, { "desc":"After overload control is enabled, the number of simultaneous requests is dynamically regulated according to the resource pressure on the master nodes. This ensures that ", "product_code":"cce", "title":"Enabling Overload Control for a Cluster", "uri":"cce_10_0602.html", "doc_type":"usermanual2", "p_code":"52", "code":"54" }, { "desc":"CCE allows you to change the number of nodes managed in a cluster.A cluster that has only one master node supports fewer than 1000 worker nodes.The number of master nodes", "product_code":"cce", "title":"Changing Cluster Scale", "uri":"cce_10_0403.html", "doc_type":"usermanual2", "p_code":"52", "code":"55" }, { "desc":"When creating a cluster, you can customize a node security group to centrally manage network security policies. For a created cluster, you can change its default node sec", "product_code":"cce", "title":"Changing the Default Security Group of a Node", "uri":"cce_10_0426.html", "doc_type":"usermanual2", "p_code":"52", "code":"56" }, { "desc":"Deleting a cluster will delete the workloads and Services in the cluster, and the deleted data cannot be recovered. Before performing this operation, ensure that related ", "product_code":"cce", "title":"Deleting a Cluster", "uri":"cce_10_0212.html", "doc_type":"usermanual2", "p_code":"52", "code":"57" }, { "desc":"If a pay-per-use cluster is not needed temporarily, hibernate it to reduce costs.After a cluster is hibernated, resources such as workloads cannot be created or managed i", "product_code":"cce", "title":"Hibernating or Waking Up a Cluster", "uri":"cce_10_0214.html", "doc_type":"usermanual2", "p_code":"52", "code":"58" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Upgrading a Cluster", "uri":"cce_10_0215.html", "doc_type":"usermanual2", "p_code":"30", "code":"59" }, { "desc":"CCE strictly complies with community consistency authentication. It releases three Kubernetes versions each year and offers a maintenance period of at least 24 months aft", "product_code":"cce", "title":"Process and Method of Upgrading a Cluster", "uri":"cce_10_0197.html", "doc_type":"usermanual2", "p_code":"59", "code":"60" }, { "desc":"Before the upgrade, you can check whether your cluster can be upgraded and which versions are available on the CCE console. For details, see Process and Method of Upgradi", "product_code":"cce", "title":"Before You Start", "uri":"cce_10_0302.html", "doc_type":"usermanual2", "p_code":"59", "code":"61" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Performing Post-Upgrade Verification", "uri":"cce_10_0560.html", "doc_type":"usermanual2", "p_code":"59", "code":"62" }, { "desc":"After a cluster is upgraded, check whether the cluster is in the Running state.CCE automatically checks your cluster status. Go to the cluster list page and confirm the c", "product_code":"cce", "title":"Cluster Status Check", "uri":"cce_10_0568.html", "doc_type":"usermanual2", "p_code":"62", "code":"63" }, { "desc":"After a cluster is upgraded, check whether nodes in the cluster are in the Running state.CCE automatically checks your node statuses. Go to the node list page and confirm", "product_code":"cce", "title":"Node Status Check", "uri":"cce_10_0569.html", "doc_type":"usermanual2", "p_code":"62", "code":"64" }, { "desc":"After a cluster is upgraded, check whether there are any nodes that skip the upgrade in the cluster. These nodes may affect the proper running of the cluster.CCE automati", "product_code":"cce", "title":"Node Skipping Check", "uri":"cce_10_0567.html", "doc_type":"usermanual2", "p_code":"62", "code":"65" }, { "desc":"After a cluster is upgraded, check whether its services are running properly.Different services have different verification mode. Select a suitable one and verify the ser", "product_code":"cce", "title":"Service Check", "uri":"cce_10_0561.html", "doc_type":"usermanual2", "p_code":"62", "code":"66" }, { "desc":"Check whether nodes can be created in the cluster.If nodes cannot be created in your cluster after the cluster is upgraded, contact technical support.", "product_code":"cce", "title":"New Node Check", "uri":"cce_10_0565.html", "doc_type":"usermanual2", "p_code":"62", "code":"67" }, { "desc":"Check whether pods can be created on the existing nodes after the cluster is upgraded.Check whether pods can be created on new nodes after the cluster is upgraded.After c", "product_code":"cce", "title":"New Pod Check", "uri":"cce_10_0566.html", "doc_type":"usermanual2", "p_code":"62", "code":"68" }, { "desc":"This section describes how to migrate services from a cluster of an earlier version to a cluster of a later version in CCE.This operation is applicable when a cross-versi", "product_code":"cce", "title":"Migrating Services Across Clusters of Different Versions", "uri":"cce_10_0210.html", "doc_type":"usermanual2", "p_code":"59", "code":"69" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Troubleshooting for Pre-upgrade Check Exceptions", "uri":"cce_10_0550.html", "doc_type":"usermanual2", "p_code":"59", "code":"70" }, { "desc":"The system automatically checks a cluster before its upgrade. If the cluster does not meet the pre-upgrade check conditions, the upgrade cannot continue. To avoid risks, ", "product_code":"cce", "title":"Pre-upgrade Check", "uri":"cce_10_0549.html", "doc_type":"usermanual2", "p_code":"70", "code":"71" }, { "desc":"Check the following items:Check whether the node is available.Check whether the node OS supports the upgrade.Check whether the node is marked with unexpected node pool la", "product_code":"cce", "title":"Node Restrictions", "uri":"cce_10_0431.html", "doc_type":"usermanual2", "p_code":"70", "code":"72" }, { "desc":"Check whether the target cluster is under upgrade management.CCE may temporarily restrict the cluster upgrade due to the following reasons:The cluster is identified as th", "product_code":"cce", "title":"Upgrade Management", "uri":"cce_10_0432.html", "doc_type":"usermanual2", "p_code":"70", "code":"73" }, { "desc":"Check the following items:Check whether the add-on status is normal.Check whether the add-on support the target version.Scenario 1: The add-on malfunctions.Log in to the ", "product_code":"cce", "title":"Add-ons", "uri":"cce_10_0433.html", "doc_type":"usermanual2", "p_code":"70", "code":"74" }, { "desc":"Check whether the current HelmRelease record contains discarded Kubernetes APIs that are not supported by the target cluster version. If yes, the Helm chart may be unavai", "product_code":"cce", "title":"Helm Charts", "uri":"cce_10_0434.html", "doc_type":"usermanual2", "p_code":"70", "code":"75" }, { "desc":"Check whether your master nodes can be accessed using SSH.There is a low probability that the SSH connectivity check fails due to network fluctuations. Perform the pre-up", "product_code":"cce", "title":"SSH Connectivity of Master Nodes", "uri":"cce_10_0435.html", "doc_type":"usermanual2", "p_code":"70", "code":"76" }, { "desc":"Check the node pool status.Check whether the node pool OS or container runtime is supported after the upgrade.Scenario: The node pool malfunctions.Log in to the CCE conso", "product_code":"cce", "title":"Node Pools", "uri":"cce_10_0436.html", "doc_type":"usermanual2", "p_code":"70", "code":"77" }, { "desc":"Check whether the Protocol & Port of the worker node security groups is set to ICMP: All and whether the security group with the source IP address set to the master node ", "product_code":"cce", "title":"Security Groups", "uri":"cce_10_0437.html", "doc_type":"usermanual2", "p_code":"70", "code":"78" }, { "desc":"Check whether nodes need to be migrated.For the 1.15 cluster that is upgraded from 1.13 in rolling mode, migrate (reset or create and replace) all nodes before performing", "product_code":"cce", "title":"Residual Nodes", "uri":"cce_10_0439.html", "doc_type":"usermanual2", "p_code":"70", "code":"79" }, { "desc":"Check whether there are discarded resources in the clusters.Scenario: The Service in the clusters of v1.25 or later has discarded annotation: tolerate-unready-endpoints.E", "product_code":"cce", "title":"Discarded Kubernetes Resources", "uri":"cce_10_0440.html", "doc_type":"usermanual2", "p_code":"70", "code":"80" }, { "desc":"Read the version compatibility differences and ensure that they are not affected. The patch upgrade does not involve version compatibility differences.", "product_code":"cce", "title":"Compatibility Risks", "uri":"cce_10_0441.html", "doc_type":"usermanual2", "p_code":"70", "code":"81" }, { "desc":"Check whether cce-agent on the current node is of the latest version.Scenario 1: The error message \"you cce-agent no update, please restart it\" is displayed.cce-agent doe", "product_code":"cce", "title":"CCE Agent Versions", "uri":"cce_10_0442.html", "doc_type":"usermanual2", "p_code":"70", "code":"82" }, { "desc":"Check whether the CPU usage of the node exceeds 90%.Upgrade the cluster during off-peak hours.Check whether too many pods are deployed on the node. If yes, reschedule pod", "product_code":"cce", "title":"Node CPU Usage", "uri":"cce_10_0443.html", "doc_type":"usermanual2", "p_code":"70", "code":"83" }, { "desc":"Check the following items:Check whether the key CRD packageversions.version.cce.io of the cluster is deleted.Check whether the cluster key CRD network-attachment-definiti", "product_code":"cce", "title":"CRDs", "uri":"cce_10_0444.html", "doc_type":"usermanual2", "p_code":"70", "code":"84" }, { "desc":"Check the following items:Check whether the key data disks on the node meet the upgrade requirements.Check whether the /tmp directory has 500 MB available space.During th", "product_code":"cce", "title":"Node Disks", "uri":"cce_10_0445.html", "doc_type":"usermanual2", "p_code":"70", "code":"85" }, { "desc":"Check the following items:Check whether the DNS configuration of the current node can resolve the OBS address.Check whether the current node can access the OBS address of", "product_code":"cce", "title":"Node DNS", "uri":"cce_10_0446.html", "doc_type":"usermanual2", "p_code":"70", "code":"86" }, { "desc":"Check whether the owner and owner group of the files in the /var/paas directory used by the CCE are both paas.Scenario 1: The error message \"xx file permission has been c", "product_code":"cce", "title":"Node Key Directory File Permissions", "uri":"cce_10_0447.html", "doc_type":"usermanual2", "p_code":"70", "code":"87" }, { "desc":"Check whether the kubelet on the node is running properly.Scenario 1: The kubelet status is abnormal.If the kubelet malfunctions, the node is unavailable. Restore the nod", "product_code":"cce", "title":"kubelet", "uri":"cce_10_0448.html", "doc_type":"usermanual2", "p_code":"70", "code":"88" }, { "desc":"Check whether the memory usage of the node exceeds 90%.Upgrade the cluster during off-peak hours.Check whether too many pods are deployed on the node. If yes, reschedule ", "product_code":"cce", "title":"Node Memory", "uri":"cce_10_0449.html", "doc_type":"usermanual2", "p_code":"70", "code":"89" }, { "desc":"Check whether the clock synchronization server ntpd or chronyd of the node is running properly.Scenario 1: ntpd is running abnormally.Log in to the node and run the syste", "product_code":"cce", "title":"Node Clock Synchronization Server", "uri":"cce_10_0450.html", "doc_type":"usermanual2", "p_code":"70", "code":"90" }, { "desc":"Check whether the OS kernel version of the node is supported by CCE.Case 1: The node image is not a standard CCE image.CCE nodes run depending on the initial standard ker", "product_code":"cce", "title":"Node OS", "uri":"cce_10_0451.html", "doc_type":"usermanual2", "p_code":"70", "code":"91" }, { "desc":"Check and make sure that the master nodes in your cluster have more than 2 CPU cores.The number of CPU cores on the master nodes is 2, which may lead to a cluster upgrade", "product_code":"cce", "title":"Node CPU Cores", "uri":"cce_10_0452.html", "doc_type":"usermanual2", "p_code":"70", "code":"92" }, { "desc":"Check whether the Python commands are available on a node.If the command output is not 0, the check fails.Install Python before the upgrade.", "product_code":"cce", "title":"Node Python Commands", "uri":"cce_10_0453.html", "doc_type":"usermanual2", "p_code":"70", "code":"93" }, { "desc":"Check whether the nodes in the cluster are ready.Scenario 1: The nodes are in the unavailable status.Log in to the CCE console and click the cluster name to access the cl", "product_code":"cce", "title":"Node Readiness", "uri":"cce_10_0455.html", "doc_type":"usermanual2", "p_code":"70", "code":"94" }, { "desc":"Check whether journald of a node is normal.Log in to the node and run the systemctl is-active systemd-journald command to obtain the running status of journald. If the co", "product_code":"cce", "title":"Node journald", "uri":"cce_10_0456.html", "doc_type":"usermanual2", "p_code":"70", "code":"95" }, { "desc":"Check whether the containerd.sock file exists on the node. This file affects the startup of container runtime in the Euler OS.Scenario: The Docker used by the node is the", "product_code":"cce", "title":"containerd.sock", "uri":"cce_10_0457.html", "doc_type":"usermanual2", "p_code":"70", "code":"96" }, { "desc":"This check item is not typical and implies that an internal error was found during the pre-upgrade check.Perform the pre-upgrade check again.If it fails again, submit a s", "product_code":"cce", "title":"Internal Error", "uri":"cce_10_0458.html", "doc_type":"usermanual2", "p_code":"70", "code":"97" }, { "desc":"Check whether inaccessible mount points exist on the node.Scenario: There are inaccessible mount points on the node.If NFS (such as obsfs or SFS) is used by the node and ", "product_code":"cce", "title":"Node Mount Points", "uri":"cce_10_0459.html", "doc_type":"usermanual2", "p_code":"70", "code":"98" }, { "desc":"Check whether the taint needed for cluster upgrade exists on the node.Scenario 1: The node is skipped during the cluster upgrade.If the version of the node is different f", "product_code":"cce", "title":"Kubernetes Node Taints", "uri":"cce_10_0460.html", "doc_type":"usermanual2", "p_code":"70", "code":"99" }, { "desc":"Check whether there are any compatibility restrictions on the current Everest add-on.There are compatibility restrictions on the current Everest add-on and it cannot be u", "product_code":"cce", "title":"Everest Restrictions", "uri":"cce_10_0478.html", "doc_type":"usermanual2", "p_code":"70", "code":"100" }, { "desc":"Check whether there are compatibility limitations between the current and target cce-controller-hpa add-on versions.There are compatibility limitations between the curren", "product_code":"cce", "title":"cce-hpa-controller Limitations", "uri":"cce_10_0479.html", "doc_type":"usermanual2", "p_code":"70", "code":"101" }, { "desc":"Check whether the current cluster version and the target version support enhanced CPU policy.Scenario: Only the current cluster version supports the enhanced CPU policy f", "product_code":"cce", "title":"Enhanced CPU Policies", "uri":"cce_10_0480.html", "doc_type":"usermanual2", "p_code":"70", "code":"102" }, { "desc":"Check whether the container runtime and network components on the worker nodes are healthy.Issue 1: CNI Agent is not active.If your cluster version is earlier than v1.17.", "product_code":"cce", "title":"Health of Worker Node Components", "uri":"cce_10_0484.html", "doc_type":"usermanual2", "p_code":"70", "code":"103" }, { "desc":"Check whether cluster components such as the Kubernetes component, container runtime component, and network component are running properly before the upgrade.Perform the ", "product_code":"cce", "title":"Health of Master Node Components", "uri":"cce_10_0485.html", "doc_type":"usermanual2", "p_code":"70", "code":"104" }, { "desc":"Check whether the resources of Kubernetes components, such as etcd and kube-controller-manager, exceed the upper limit.Solution 1: Reduce Kubernetes resources that are ne", "product_code":"cce", "title":"Memory Resource Limit of Kubernetes Components", "uri":"cce_10_0486.html", "doc_type":"usermanual2", "p_code":"70", "code":"105" }, { "desc":"The system scans the audit logs of the past day to check whether the user calls the deprecated APIs of the target Kubernetes version.Due to the limited time range of audi", "product_code":"cce", "title":"Discarded Kubernetes APIs", "uri":"cce_10_0487.html", "doc_type":"usermanual2", "p_code":"70", "code":"106" }, { "desc":"If IPv6 is enabled for a CCE Turbo cluster, check whether the target cluster version supports IPv6.CCE Turbo clusters support IPv6 since v1.23. This feature is available ", "product_code":"cce", "title":"IPv6 Support in CCE Turbo Clusters", "uri":"cce_10_0488.html", "doc_type":"usermanual2", "p_code":"70", "code":"107" }, { "desc":"Check whether NetworkManager of a node is normal.Log in to the node and run the systemctl is-active NetworkManager command to obtain the running status of NetworkManager.", "product_code":"cce", "title":"NetworkManager", "uri":"cce_10_0489.html", "doc_type":"usermanual2", "p_code":"70", "code":"108" }, { "desc":"Check the ID file format.", "product_code":"cce", "title":"Node ID File", "uri":"cce_10_0490.html", "doc_type":"usermanual2", "p_code":"70", "code":"109" }, { "desc":"When you upgrade a cluster to v1.19 or later, the system checks whether the following configuration files have been modified on the backend:/opt/cloud/cce/kubernetes/kube", "product_code":"cce", "title":"Node Configuration Consistency", "uri":"cce_10_0491.html", "doc_type":"usermanual2", "p_code":"70", "code":"110" }, { "desc":"Check whether the configuration files of key components exist on the node.The following table lists the files to be checked.Contact technical support to restore the confi", "product_code":"cce", "title":"Node Configuration File", "uri":"cce_10_0492.html", "doc_type":"usermanual2", "p_code":"70", "code":"111" }, { "desc":"Check whether the current CoreDNS key configuration Corefile is different from the Helm release record. The difference may be overwritten during the add-on upgrade, affec", "product_code":"cce", "title":"CoreDNS Configuration Consistency", "uri":"cce_10_0493.html", "doc_type":"usermanual2", "p_code":"70", "code":"112" }, { "desc":"Check whether the sudo commands and sudo-related files of the node are working.Scenario 1: The sudo command fails to be executed.During the in-place cluster upgrade, the ", "product_code":"cce", "title":"sudo", "uri":"cce_10_0494.html", "doc_type":"usermanual2", "p_code":"70", "code":"113" }, { "desc":"Whether some key commands that the node upgrade depends on are workingScenario 1: Executing the package manager command failed.Executing the rpm or dpkg command failed. I", "product_code":"cce", "title":"Key Node Commands", "uri":"cce_10_0495.html", "doc_type":"usermanual2", "p_code":"70", "code":"114" }, { "desc":"Check whether the docker/containerd.sock file is directly mounted to the pods on a node. During an upgrade, Docker or containerd restarts and the sock file on the host ch", "product_code":"cce", "title":"Mounting of a Sock File on a Node", "uri":"cce_10_0496.html", "doc_type":"usermanual2", "p_code":"70", "code":"115" }, { "desc":"Check whether the certificate used by an HTTPS load balancer has been modified on ELB.The certificate referenced by an HTTPS ingress created on CCE is modified on the ELB", "product_code":"cce", "title":"HTTPS Load Balancer Certificate Consistency", "uri":"cce_10_0497.html", "doc_type":"usermanual2", "p_code":"70", "code":"116" }, { "desc":"Check whether the default mount directory and soft link on the node have been manually mounted or modified.Non-shared diskBy default, /var/lib/docker, containerd, or /mnt", "product_code":"cce", "title":"Node Mounting", "uri":"cce_10_0498.html", "doc_type":"usermanual2", "p_code":"70", "code":"117" }, { "desc":"Check whether user paas is allowed to log in to a node.Run the following command to check whether user paas is allowed to log in to a node:If the permissions assigned to ", "product_code":"cce", "title":"Login Permissions of User paas on a Node", "uri":"cce_10_0499.html", "doc_type":"usermanual2", "p_code":"70", "code":"118" }, { "desc":"Check whether the load balancer associated with a Service is allocated with a private IPv4 address.Solution 1: Delete the Service that is associated with a load balancer ", "product_code":"cce", "title":"Private IPv4 Addresses of Load Balancers", "uri":"cce_10_0500.html", "doc_type":"usermanual2", "p_code":"70", "code":"119" }, { "desc":"Check the historical upgrade records of the cluster and confirm that the current version of the cluster meets the requirements for upgrading to the target version.Upgradi", "product_code":"cce", "title":"Historical Upgrade Records", "uri":"cce_10_0501.html", "doc_type":"usermanual2", "p_code":"70", "code":"120" }, { "desc":"Check whether the CIDR block of the cluster management plane is the same as that configured on the backbone network.The CIDR block of the management plane has been modifi", "product_code":"cce", "title":"CIDR Block of the Cluster Management Plane", "uri":"cce_10_0502.html", "doc_type":"usermanual2", "p_code":"70", "code":"121" }, { "desc":"The GPU add-on is involved in the upgrade, which may affect the GPU driver installation during the creation of a GPU node.The GPU add-on driver needs to be configured by ", "product_code":"cce", "title":"GPU Add-on", "uri":"cce_10_0503.html", "doc_type":"usermanual2", "p_code":"70", "code":"122" }, { "desc":"Check whether the default system parameter settings on your nodes are modified.If the MTU value of the bond0 network on your BMS node is not the default value 1500, this ", "product_code":"cce", "title":"Nodes' System Parameters", "uri":"cce_10_0504.html", "doc_type":"usermanual2", "p_code":"70", "code":"123" }, { "desc":"Check whether there are residual package version data in the current cluster.A message is displayed indicating that there are residual 10.12.1.109 CRD resources in your c", "product_code":"cce", "title":"Residual Package Version Data", "uri":"cce_10_0505.html", "doc_type":"usermanual2", "p_code":"70", "code":"124" }, { "desc":"Check whether the commands required for the upgrade are available on the node.The cluster upgrade failure is typically caused by the lack of key node commands that are re", "product_code":"cce", "title":"Node Commands", "uri":"cce_10_0506.html", "doc_type":"usermanual2", "p_code":"70", "code":"125" }, { "desc":"Check whether swap has been enabled on CCE nodes.By default, swap is disabled on CCE nodes. Check the necessity of enabling swap manually and determine the impact of disa", "product_code":"cce", "title":"Node Swap", "uri":"cce_10_0507.html", "doc_type":"usermanual2", "p_code":"70", "code":"126" }, { "desc":"Check item 1: Check whether there is an Nginx Ingress route whose ingress type is not specified (kubernetes.io/ingress.class: nginx is not added to annotations) in the cl", "product_code":"cce", "title":"nginx-ingress Upgrade", "uri":"cce_10_0508.html", "doc_type":"usermanual2", "p_code":"70", "code":"127" }, { "desc":"Check whether the service pods running on a containerd node are restarted when containerd is upgraded.containerd on your node may need to be restarted. To minimize the im", "product_code":"cce", "title":"containerd Pod Restart Risks", "uri":"cce_10_0510.html", "doc_type":"usermanual2", "p_code":"70", "code":"128" }, { "desc":"Check whether the configuration of the CCE AI Suite add-on in a cluster has been intrusively modified. If so, upgrading the cluster may fail.", "product_code":"cce", "title":"Key GPU Add-on Parameters", "uri":"cce_10_0511.html", "doc_type":"usermanual2", "p_code":"70", "code":"129" }, { "desc":"Check whether GPU service pods are rebuilt in a cluster when kubelet is restarted during the upgrade of the cluster.Upgrade the cluster when the impact on services is con", "product_code":"cce", "title":"GPU Pod Rebuild Risks", "uri":"cce_10_0512.html", "doc_type":"usermanual2", "p_code":"70", "code":"130" }, { "desc":"Check whether ELB listener access control has been configured for the Services in the current cluster using annotations.If so, check whether their configurations are corr", "product_code":"cce", "title":"ELB Listener Access Control", "uri":"cce_10_0513.html", "doc_type":"usermanual2", "p_code":"70", "code":"131" }, { "desc":"Check whether the flavor of the master nodes in the cluster is the same as the actual flavor of these nodes.This issue is typically caused by modifications made to the ma", "product_code":"cce", "title":"Master Node Flavor", "uri":"cce_10_0514.html", "doc_type":"usermanual2", "p_code":"70", "code":"132" }, { "desc":"Check whether the number of available IP addresses in the cluster subnet supports rolling upgrade.Rolling upgrade is not supported if there are not enough IP addresses in", "product_code":"cce", "title":"Subnet Quota of Master Nodes", "uri":"cce_10_0515.html", "doc_type":"usermanual2", "p_code":"70", "code":"133" }, { "desc":"Check whether an alarm is generated when a cluster is upgraded to v1.27 or later. Do not use Docker in clusters of versions later than 1.27.If your node's runtime is not ", "product_code":"cce", "title":"Node Runtime", "uri":"cce_10_0516.html", "doc_type":"usermanual2", "p_code":"70", "code":"134" }, { "desc":"Check whether an alarm is generated when a cluster is upgraded to v1.27 or later. Do not use Docker in clusters of versions later than 1.27.If your node pool's runtime is", "product_code":"cce", "title":"Node Pool Runtime", "uri":"cce_10_0517.html", "doc_type":"usermanual2", "p_code":"70", "code":"135" }, { "desc":"Check the number of images on your node. If there are more than 1000 images, it takes a long time for Docker to start, affecting the standard Docker output and functions ", "product_code":"cce", "title":"Number of Node Images", "uri":"cce_10_0518.html", "doc_type":"usermanual2", "p_code":"70", "code":"136" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Nodes", "uri":"cce_10_0183.html", "doc_type":"usermanual2", "p_code":"", "code":"137" }, { "desc":"A container cluster consists of a set of worker machines, called nodes, that run containerized applications. A node can be a virtual machine (VM) or a physical machine (P", "product_code":"cce", "title":"Node Overview", "uri":"cce_10_0180.html", "doc_type":"usermanual2", "p_code":"137", "code":"138" }, { "desc":"Container engines, one of the most important components of Kubernetes, manage the lifecycle of images and containers. The kubelet interacts with a container runtime throu", "product_code":"cce", "title":"Container Engines", "uri":"cce_10_0462.html", "doc_type":"usermanual2", "p_code":"137", "code":"139" }, { "desc":"This section describes the mappings between released cluster versions and OS versions.", "product_code":"cce", "title":"Node OSs", "uri":"cce_10_0476.html", "doc_type":"usermanual2", "p_code":"137", "code":"140" }, { "desc":"At least one cluster has been created.A key pair has been created for identity authentication upon remote node login.The DNS configuration of a subnet where a node is loc", "product_code":"cce", "title":"Creating a Node", "uri":"cce_10_0363.html", "doc_type":"usermanual2", "p_code":"137", "code":"141" }, { "desc":"In CCE, you can create a node (Creating a Node) or add existing nodes (ECSs) to your cluster for management.When accepting an ECS, you can reset the ECS OS to a standard ", "product_code":"cce", "title":"Accepting Nodes for Management", "uri":"cce_10_0198.html", "doc_type":"usermanual2", "p_code":"137", "code":"142" }, { "desc":"If you use SSH to log in to a node (an ECS), ensure that the ECS already has an EIP (a public IP address).Only login to a running ECS is allowed.Only the user linux can l", "product_code":"cce", "title":"Logging In to a Node", "uri":"cce_10_0185.html", "doc_type":"usermanual2", "p_code":"137", "code":"143" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Management Nodes", "uri":"cce_10_0672.html", "doc_type":"usermanual2", "p_code":"137", "code":"144" }, { "desc":"You can add different labels to nodes and define different attributes for labels. By using these node labels, you can quickly understand the characteristics of each node.", "product_code":"cce", "title":"Managing Node Labels", "uri":"cce_10_0004.html", "doc_type":"usermanual2", "p_code":"144", "code":"145" }, { "desc":"Taints enable a node to repel specific pods to prevent these pods from being scheduled to the node.On the CCE console, you can also batch manage nodes' taints.Enter the k", "product_code":"cce", "title":"Managing Node Taints", "uri":"cce_10_0352.html", "doc_type":"usermanual2", "p_code":"144", "code":"146" }, { "desc":"You can reset a node to modify the node configuration, such as the node OS and login mode.Resetting a node will reinstall the node OS and the Kubernetes software on the n", "product_code":"cce", "title":"Resetting a Node", "uri":"cce_10_0003.html", "doc_type":"usermanual2", "p_code":"144", "code":"147" }, { "desc":"Removing a node from a cluster will re-install the node OS and clear CCE components on the node.Removing a node will not delete the server corresponding to the node. You ", "product_code":"cce", "title":"Removing a Node", "uri":"cce_10_0338.html", "doc_type":"usermanual2", "p_code":"144", "code":"148" }, { "desc":"Each node in a cluster is a cloud server or physical machine. After a cluster node is created, you can change the cloud server name or specifications as required. Modifyi", "product_code":"cce", "title":"Synchronizing the Data of Cloud Servers", "uri":"cce_10_0184.html", "doc_type":"usermanual2", "p_code":"144", "code":"149" }, { "desc":"After you enable nodal drainage on the console, CCE configures the node to be non-schedulable and securely evicts all pods that comply with Rules for Draining Nodes on th", "product_code":"cce", "title":"Draining a Node", "uri":"cce_10_0605.html", "doc_type":"usermanual2", "p_code":"144", "code":"150" }, { "desc":"You can delete a pay-per-use node that is not needed from the node list.Deleting or unsubscribing from a node in a CCE cluster will release the node and services running ", "product_code":"cce", "title":"Deleting a Node", "uri":"cce_10_0186.html", "doc_type":"usermanual2", "p_code":"144", "code":"151" }, { "desc":"When a node in the cluster is stopped, all services on that node will also be stopped, and the node will no longer be available for scheduling. Check if your services wil", "product_code":"cce", "title":"Stopping a Node", "uri":"cce_10_0036.html", "doc_type":"usermanual2", "p_code":"144", "code":"152" }, { "desc":"In a rolling upgrade, a new node is created, existing workloads are migrated to the new node, and then the old node is deleted. Figure 1 shows the migration process.The o", "product_code":"cce", "title":"Performing Rolling Upgrade for Nodes", "uri":"cce_10_0276.html", "doc_type":"usermanual2", "p_code":"144", "code":"153" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Node O&M", "uri":"cce_10_0704.html", "doc_type":"usermanual2", "p_code":"137", "code":"154" }, { "desc":"Some node resources are used to run mandatory Kubernetes system components and resources to make the node as part of your cluster. Therefore, the total number of node res", "product_code":"cce", "title":"Node Resource Reservation Policy", "uri":"cce_10_0178.html", "doc_type":"usermanual2", "p_code":"154", "code":"155" }, { "desc":"This section describes how to allocate data disk space to nodes so that you can configure the data disk space accordingly.When creating a node, configure data disks for t", "product_code":"cce", "title":"Data Disk Space Allocation", "uri":"cce_10_0341.html", "doc_type":"usermanual2", "p_code":"154", "code":"156" }, { "desc":"The maximum number of pods that can be created on a node is calculated based on the cluster type:When creating a cluster using a VPC network, you need to configure the nu", "product_code":"cce", "title":"Maximum Number of Pods That Can Be Created on a Node", "uri":"cce_10_0348.html", "doc_type":"usermanual2", "p_code":"154", "code":"157" }, { "desc":"To maintain the stability of nodes, CCE stores Kubernetes and container runtime components on separate data disks. Kubernetes uses the /mnt/paas/kubernetes directory, and", "product_code":"cce", "title":"Differences Between CCE Node mountPath Configurations and Community Native Configurations", "uri":"cce_10_0883.html", "doc_type":"usermanual2", "p_code":"154", "code":"158" }, { "desc":"Kubernetes has removed dockershim from v1.24 and does not support Docker by default. CCE is going to stop the support for Docker. Change the node container engine from Do", "product_code":"cce", "title":"Migrating Nodes from Docker to containerd", "uri":"cce_10_0601.html", "doc_type":"usermanual2", "p_code":"154", "code":"159" }, { "desc":"The node fault detection function depends on the NPD add-on. The add-on instances run on nodes and monitor nodes. This section describes how to enable node fault detectio", "product_code":"cce", "title":"Configuring Node Fault Detection Policies", "uri":"cce_10_0659.html", "doc_type":"usermanual2", "p_code":"154", "code":"160" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Node Pools", "uri":"cce_10_0035.html", "doc_type":"usermanual2", "p_code":"", "code":"161" }, { "desc":"CCE introduces node pools to help you better manage nodes in Kubernetes clusters. A node pool contains one node or a group of nodes with identical configuration in a clus", "product_code":"cce", "title":"Node Pool Overview", "uri":"cce_10_0081.html", "doc_type":"usermanual2", "p_code":"161", "code":"162" }, { "desc":"This section describes how to create a node pool and perform operations on the node pool. For details about how a node pool works, see Node Pool Overview.Basic SettingsCo", "product_code":"cce", "title":"Creating a Node Pool", "uri":"cce_10_0012.html", "doc_type":"usermanual2", "p_code":"161", "code":"163" }, { "desc":"You can specify a specification in a node pool for scaling.The default node pool does not support scaling. Use Creating a Node to add a node.Add or reduce nodes for scali", "product_code":"cce", "title":"Scaling a Node Pool", "uri":"cce_10_0658.html", "doc_type":"usermanual2", "p_code":"161", "code":"164" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Managing a Node Pool", "uri":"cce_10_0222.html", "doc_type":"usermanual2", "p_code":"161", "code":"165" }, { "desc":"Changes to the container engine, OS, or pre-/post-installation script in a node pool take effect only on new nodes. To synchronize the modification onto existing nodes, m", "product_code":"cce", "title":"Updating a Node Pool", "uri":"cce_10_0653.html", "doc_type":"usermanual2", "p_code":"165", "code":"166" }, { "desc":"Auto Scaling (AS) enables elastic scaling of nodes in a node pool based on scaling policies. Without this function, you have to manually adjust the number of nodes in a n", "product_code":"cce", "title":"Updating an AS Configuration", "uri":"cce_10_0727.html", "doc_type":"usermanual2", "p_code":"165", "code":"167" }, { "desc":"The default node pool does not support the following management operations.CCE allows you to highly customize Kubernetes parameter settings on core components in a cluste", "product_code":"cce", "title":"Modifying Node Pool Configurations", "uri":"cce_10_0652.html", "doc_type":"usermanual2", "p_code":"165", "code":"168" }, { "desc":"If you want to add a newly created ECS to a node pool in a cluster, or remove a node from a node pool and add it to the node pool again, accept the node.When an ECS is ac", "product_code":"cce", "title":"Accepting Nodes in a Node Pool", "uri":"cce_10_0886.html", "doc_type":"usermanual2", "p_code":"165", "code":"169" }, { "desc":"You can copy the configuration of an existing node pool on the CCE console to create new node pools.", "product_code":"cce", "title":"Copying a Node Pool", "uri":"cce_10_0655.html", "doc_type":"usermanual2", "p_code":"165", "code":"170" }, { "desc":"After the configuration of a node pool is updated, some configurations cannot be automatically synchronized for existing nodes. You can manually synchronize configuration", "product_code":"cce", "title":"Synchronizing Node Pools", "uri":"cce_10_0654.html", "doc_type":"usermanual2", "p_code":"165", "code":"171" }, { "desc":"After CCE releases a new OS image, if existing nodes cannot be automatically upgraded, you can manually upgrade them in batches.This section describes how to upgrade an O", "product_code":"cce", "title":"Upgrading an OS", "uri":"cce_10_0660.html", "doc_type":"usermanual2", "p_code":"165", "code":"172" }, { "desc":"Nodes in a node pool can be migrated to the default node pool. Nodes in the default node pool or a custom node pool cannot be migrated to other custom node pools.The migr", "product_code":"cce", "title":"Migrating a Node", "uri":"cce_10_0656.html", "doc_type":"usermanual2", "p_code":"165", "code":"173" }, { "desc":"Deleting a node pool will delete nodes in the pool. Pods on these nodes will be automatically migrated to available nodes in other node pools.Deleting a node pool will de", "product_code":"cce", "title":"Deleting a Node Pool", "uri":"cce_10_0657.html", "doc_type":"usermanual2", "p_code":"165", "code":"174" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Workloads", "uri":"cce_10_0046.html", "doc_type":"usermanual2", "p_code":"", "code":"175" }, { "desc":"A workload is an application running on Kubernetes. No matter how many components are there in your workload, you can run it in a group of Kubernetes pods. A workload is ", "product_code":"cce", "title":"Overview", "uri":"cce_10_0006.html", "doc_type":"usermanual2", "p_code":"175", "code":"176" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Creating a Workload", "uri":"cce_10_0673.html", "doc_type":"usermanual2", "p_code":"175", "code":"177" }, { "desc":"Deployments are workloads (for example, Nginx) that do not store any data or status. You can create Deployments on the CCE console or by running kubectl commands.Before c", "product_code":"cce", "title":"Creating a Deployment", "uri":"cce_10_0047.html", "doc_type":"usermanual2", "p_code":"177", "code":"178" }, { "desc":"StatefulSets are a type of workloads whose data or status is stored while they are running. For example, MySQL is a StatefulSet because it needs to store new data.A conta", "product_code":"cce", "title":"Creating a StatefulSet", "uri":"cce_10_0048.html", "doc_type":"usermanual2", "p_code":"177", "code":"179" }, { "desc":"CCE provides deployment and management capabilities for multiple types of containers and supports features of container workloads, including creation, configuration, moni", "product_code":"cce", "title":"Creating a DaemonSet", "uri":"cce_10_0216.html", "doc_type":"usermanual2", "p_code":"177", "code":"180" }, { "desc":"Jobs are short-lived and run for a certain time to completion. They can be executed immediately after being deployed. It is completed after it exits normally (exit 0).A j", "product_code":"cce", "title":"Creating a Job", "uri":"cce_10_0150.html", "doc_type":"usermanual2", "p_code":"177", "code":"181" }, { "desc":"A cron job runs on a repeating schedule. You can perform time synchronization for all active nodes at a fixed time point.A cron job runs periodically at the specified tim", "product_code":"cce", "title":"Creating a Cron Job", "uri":"cce_10_0151.html", "doc_type":"usermanual2", "p_code":"177", "code":"182" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Configuring a Workload", "uri":"cce_10_0130.html", "doc_type":"usermanual2", "p_code":"175", "code":"183" }, { "desc":"The most significant difference is that each Kata container (pod) runs on an independent micro-VM, has an independent OS kernel, and is securely isolated at the virtualiz", "product_code":"cce", "title":"Secure Runtime and Common Runtime", "uri":"cce_10_0463.html", "doc_type":"usermanual2", "p_code":"183", "code":"184" }, { "desc":"When creating a workload, you can configure containers to use the same time zone as the node. You can enable time zone synchronization when creating a workload.The time z", "product_code":"cce", "title":"Configuring Time Zone Synchronization", "uri":"cce_10_0354.html", "doc_type":"usermanual2", "p_code":"183", "code":"185" }, { "desc":"When a workload is created, the container image is pulled from the image repository to the node. The image is also pulled when the workload is restarted or upgraded.By de", "product_code":"cce", "title":"Configuring an Image Pull Policy", "uri":"cce_10_0353.html", "doc_type":"usermanual2", "p_code":"183", "code":"186" }, { "desc":"CCE allows you to create workloads using images pulled from third-party image repositories.Generally, a third-party image repository can be accessed only after authentica", "product_code":"cce", "title":"Using Third-Party Images", "uri":"cce_10_0009.html", "doc_type":"usermanual2", "p_code":"183", "code":"187" }, { "desc":"CCE allows you to set resource requirements and limits, such as CPU and RAM, for added containers during workload creation. Kubernetes also allows using YAML to set requi", "product_code":"cce", "title":"Configuring Container Specifications", "uri":"cce_10_0163.html", "doc_type":"usermanual2", "p_code":"183", "code":"188" }, { "desc":"CCE provides callback functions for the lifecycle management of containerized applications. For example, if you want a container to perform a certain operation before sto", "product_code":"cce", "title":"Configuring Container Lifecycle Parameters", "uri":"cce_10_0105.html", "doc_type":"usermanual2", "p_code":"183", "code":"189" }, { "desc":"Health check regularly checks the health status of containers during container running. If the health check function is not configured, a pod cannot detect application ex", "product_code":"cce", "title":"Configuring Container Health Check", "uri":"cce_10_0112.html", "doc_type":"usermanual2", "p_code":"183", "code":"190" }, { "desc":"An environment variable is a variable whose value can affect the way a running container will behave. You can modify environment variables even after workloads are deploy", "product_code":"cce", "title":"Configuring Environment Variables", "uri":"cce_10_0113.html", "doc_type":"usermanual2", "p_code":"183", "code":"191" }, { "desc":"In actual applications, upgrade is a common operation. A Deployment, StatefulSet, or DaemonSet can easily support application upgrade.You can set different upgrade polici", "product_code":"cce", "title":"Configuring Workload Upgrade Policies", "uri":"cce_10_0397.html", "doc_type":"usermanual2", "p_code":"183", "code":"192" }, { "desc":"Kubernetes supports node affinity and pod affinity/anti-affinity. You can configure custom rules to achieve affinity and anti-affinity scheduling. For example, you can de", "product_code":"cce", "title":"Scheduling Policies (Affinity/Anti-affinity)", "uri":"cce_10_0232.html", "doc_type":"usermanual2", "p_code":"183", "code":"193" }, { "desc":"Tolerations allow the scheduler to schedule pods to nodes with target taints. Tolerances work with node taints. Each node allows one or more taints. If no tolerance is co", "product_code":"cce", "title":"Configuring Tolerance Policies", "uri":"cce_10_0728.html", "doc_type":"usermanual2", "p_code":"183", "code":"194" }, { "desc":"CCE allows you to add annotations to a YAML file to realize some advanced pod functions. The following table describes the annotations you can add.When you create a workl", "product_code":"cce", "title":"Configuring Labels and Annotations", "uri":"cce_10_0386.html", "doc_type":"usermanual2", "p_code":"183", "code":"195" }, { "desc":"If you encounter unexpected problems when using a container, you can log in to the container to debug it.The example output is as follows:NAME ", "product_code":"cce", "title":"Logging In to a Container", "uri":"cce_10_00356.html", "doc_type":"usermanual2", "p_code":"175", "code":"196" }, { "desc":"After a workload is created, you can upgrade, monitor, roll back, or delete the workload, as well as edit its YAML file.Workload/Job managementOperationDescriptionMonitor", "product_code":"cce", "title":"Managing Workloads", "uri":"cce_10_0007.html", "doc_type":"usermanual2", "p_code":"175", "code":"197" }, { "desc":"Custom Resource Definition (CRD) is an extension of Kubernetes APIs. When default Kubernetes resources cannot meet service requirements, you can use CRDs to define new re", "product_code":"cce", "title":"Managing Custom Resources", "uri":"cce_10_0833.html", "doc_type":"usermanual2", "p_code":"175", "code":"198" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Pod Security", "uri":"cce_10_0465.html", "doc_type":"usermanual2", "p_code":"175", "code":"199" }, { "desc":"A pod security policy (PSP) is a cluster-level resource that controls sensitive security aspects of the pod specification. The PodSecurityPolicy object in Kubernetes defi", "product_code":"cce", "title":"Configuring a Pod Security Policy", "uri":"cce_10_0275.html", "doc_type":"usermanual2", "p_code":"199", "code":"200" }, { "desc":"Before using pod security admission, understand Kubernetes Pod Security Standards. These standards define different isolation levels for pods. They let you define how you", "product_code":"cce", "title":"Configuring Pod Security Admission", "uri":"cce_10_0466.html", "doc_type":"usermanual2", "p_code":"199", "code":"201" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Scheduling", "uri":"cce_10_0674.html", "doc_type":"usermanual2", "p_code":"", "code":"202" }, { "desc":"CCE supports different types of resource scheduling and task scheduling, improving application performance and overall cluster resource utilization. This section describe", "product_code":"cce", "title":"Overview", "uri":"cce_10_0702.html", "doc_type":"usermanual2", "p_code":"202", "code":"203" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"CPU Scheduling", "uri":"cce_10_0551.html", "doc_type":"usermanual2", "p_code":"202", "code":"204" }, { "desc":"By default, kubelet uses CFS quotas to enforce pod CPU limits. When a node runs many CPU-bound pods, the workload can move to different CPU cores depending on whether the", "product_code":"cce", "title":"CPU Policy", "uri":"cce_10_0351.html", "doc_type":"usermanual2", "p_code":"204", "code":"205" }, { "desc":"Kubernetes provides two CPU policies: none and static.none: The CPU policy is disabled by default, indicating the existing scheduling behavior.static: The static CPU core", "product_code":"cce", "title":"Enhanced CPU Policy", "uri":"cce_10_0552.html", "doc_type":"usermanual2", "p_code":"204", "code":"206" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"GPU Scheduling", "uri":"cce_10_0720.html", "doc_type":"usermanual2", "p_code":"202", "code":"207" }, { "desc":"You can use GPUs in CCE containers.A GPU node has been created. For details, see Creating a Node.The CCE AI Suite (NVIDIA GPU) add-on has been installed. During the insta", "product_code":"cce", "title":"Default GPU Scheduling in Kubernetes", "uri":"cce_10_0345.html", "doc_type":"usermanual2", "p_code":"207", "code":"208" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Volcano Scheduling", "uri":"cce_10_0423.html", "doc_type":"usermanual2", "p_code":"202", "code":"209" }, { "desc":"Volcano is a Kubernetes-based batch processing platform that supports machine learning, deep learning, bioinformatics, genomics, and other big data applications. It provi", "product_code":"cce", "title":"Overview", "uri":"cce_10_0721.html", "doc_type":"usermanual2", "p_code":"209", "code":"210" }, { "desc":"Volcano is a Kubernetes-based batch processing platform with high-performance general computing capabilities like task scheduling engine, heterogeneous chip management, a", "product_code":"cce", "title":"Scheduling Workloads", "uri":"cce_10_0722.html", "doc_type":"usermanual2", "p_code":"209", "code":"211" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Resource Usage-based Scheduling", "uri":"cce_10_0768.html", "doc_type":"usermanual2", "p_code":"209", "code":"212" }, { "desc":"Bin packing is an optimization algorithm that aims to properly allocate resources to each job and get the jobs done using the minimum amount of resources. After bin packi", "product_code":"cce", "title":"Bin Packing", "uri":"cce_10_0773.html", "doc_type":"usermanual2", "p_code":"212", "code":"213" }, { "desc":"Scheduling in a cluster is the process of binding pending pods to nodes, and is performed by a component called kube-scheduler or Volcano Scheduler. The scheduler uses a ", "product_code":"cce", "title":"Descheduling", "uri":"cce_10_0766.html", "doc_type":"usermanual2", "p_code":"212", "code":"214" }, { "desc":"In scenarios such as node pool replacement and rolling node upgrade, an old resource pool needs to be replaced with a new one. To prevent the node pool replacement from a", "product_code":"cce", "title":"Node Pool Affinity", "uri":"cce_10_0767.html", "doc_type":"usermanual2", "p_code":"212", "code":"215" }, { "desc":"Volcano Scheduler offers CPU and memory load-aware scheduling for pods and preferentially schedules pods to the node with the lightest load to balance node loads. This pr", "product_code":"cce", "title":"Load-aware Scheduling", "uri":"cce_10_0789.html", "doc_type":"usermanual2", "p_code":"212", "code":"216" }, { "desc":"Volcano scheduling involves node filtering and scoring, which is used to filter the nodes meeting scheduling conditions and score the filtered nodes to find the one with ", "product_code":"cce", "title":"Configuration Cases for Resource Usage-based Scheduling", "uri":"cce_10_0813.html", "doc_type":"usermanual2", "p_code":"212", "code":"217" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Priority-based Scheduling", "uri":"cce_10_0774.html", "doc_type":"usermanual2", "p_code":"209", "code":"218" }, { "desc":"A pod priority indicates the importance of a pod relative to other pods. Volcano supports pod PriorityClasses in Kubernetes. After PriorityClasses are configured, the sch", "product_code":"cce", "title":"Priority-based Scheduling", "uri":"cce_10_0775.html", "doc_type":"usermanual2", "p_code":"218", "code":"219" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"AI Performance-based Scheduling", "uri":"cce_10_0776.html", "doc_type":"usermanual2", "p_code":"209", "code":"220" }, { "desc":"Dominant Resource Fairness (DRF) is a scheduling algorithm based on the dominant resource of a container group. DRF scheduling can be used to enhance the service throughp", "product_code":"cce", "title":"DRF", "uri":"cce_10_0777.html", "doc_type":"usermanual2", "p_code":"220", "code":"221" }, { "desc":"Gang scheduling is a scheduling algorithm that schedules correlated processes or threads to run simultaneously on different processors. It meets the scheduling requiremen", "product_code":"cce", "title":"Gang", "uri":"cce_10_0778.html", "doc_type":"usermanual2", "p_code":"220", "code":"222" }, { "desc":"When a node runs many CPU-bound pods, the workload can move to different CPU cores depending on whether the pod is throttled and which CPU cores are available at scheduli", "product_code":"cce", "title":"NUMA Affinity Scheduling", "uri":"cce_10_0425.html", "doc_type":"usermanual2", "p_code":"209", "code":"223" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Cloud Native Hybrid Deployment", "uri":"cce_10_0709.html", "doc_type":"usermanual2", "p_code":"202", "code":"224" }, { "desc":"Many services see surges in traffic. To ensure performance and stability, resources are often requested at the maximum needed. However, the surges may ebb very shortly an", "product_code":"cce", "title":"Dynamic Resource Oversubscription", "uri":"cce_10_0384.html", "doc_type":"usermanual2", "p_code":"224", "code":"225" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Network", "uri":"cce_10_0020.html", "doc_type":"usermanual2", "p_code":"", "code":"226" }, { "desc":"You can learn about a cluster network from the following two aspects:What is a cluster network like? A cluster consists of multiple nodes, and pods (or containers) are ru", "product_code":"cce", "title":"Overview", "uri":"cce_10_0010.html", "doc_type":"usermanual2", "p_code":"226", "code":"227" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Container Network", "uri":"cce_10_0280.html", "doc_type":"usermanual2", "p_code":"226", "code":"228" }, { "desc":"The container network assigns IP addresses to pods in a cluster and provides networking services. In CCE, you can select the following network models for your cluster:Clo", "product_code":"cce", "title":"Overview", "uri":"cce_10_0281.html", "doc_type":"usermanual2", "p_code":"228", "code":"229" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Cloud Native Network 2.0 Settings", "uri":"cce_10_0678.html", "doc_type":"usermanual2", "p_code":"228", "code":"230" }, { "desc":"Cloud Native 2.0 network model is a proprietary, next-generation container network model that combines the elastic network interfaces (ENIs) and supplementary network int", "product_code":"cce", "title":"Cloud Native 2.0 Network Model", "uri":"cce_10_0284.html", "doc_type":"usermanual2", "p_code":"230", "code":"231" }, { "desc":"If the pod subnet configured during CCE Turbo cluster creation cannot meet service expansion requirements, you can add a pod subnet for the cluster.This function is avail", "product_code":"cce", "title":"Adding a Pod Subnet for a Cluster", "uri":"cce_10_0906.html", "doc_type":"usermanual2", "p_code":"230", "code":"232" }, { "desc":"In Cloud Native 2.0 network mode, pods use ENIs or sub-ENIs of the VPC. You can configure a security group for a pod using a pod's annotation.Configure a security group i", "product_code":"cce", "title":"Binding a Security Group to a Pod Using an Annotation", "uri":"cce_10_0897.html", "doc_type":"usermanual2", "p_code":"230", "code":"233" }, { "desc":"In Cloud Native Network 2.0, pods use VPC ENIs or sub-ENIs for networking. You can directly bind security groups and EIPs to pods. To bind CCE pods with security groups, ", "product_code":"cce", "title":"Binding a Security Group to a Workload Using a Security Group Policy", "uri":"cce_10_0288.html", "doc_type":"usermanual2", "p_code":"230", "code":"234" }, { "desc":"In a CCE Turbo cluster, you can configure subnets and security groups for containers by namespace or workload using NetworkAttachmentDefinition CRDs. If you want to confi", "product_code":"cce", "title":"Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration", "uri":"cce_10_0196.html", "doc_type":"usermanual2", "p_code":"230", "code":"235" }, { "desc":"In Cloud Native Network 2.0, each pod is associated with an ENI, providing a static IP address to the StatefulSet pods (container ENI). This is a common practice in acces", "product_code":"cce", "title":"Configuring a Static IP Address for a Pod", "uri":"cce_10_0603.html", "doc_type":"usermanual2", "p_code":"230", "code":"236" }, { "desc":"In Cloud Native Network 2.0, pods use VPC ENIs or sub-ENIs for networking. You can directly bind EIPs to pods.To associate an EIP with a pod, simply set the value of the ", "product_code":"cce", "title":"Configuring an EIP for a Pod", "uri":"cce_10_0734.html", "doc_type":"usermanual2", "p_code":"230", "code":"237" }, { "desc":"In Cloud Native Network 2.0, static public IP addresses (EIPs) can be assigned to StatefulSets or pods created directly.You can configure a static EIP for a pod only in C", "product_code":"cce", "title":"Configuring a Static EIP for a Pod", "uri":"cce_10_0651.html", "doc_type":"usermanual2", "p_code":"230", "code":"238" }, { "desc":"By default, pods with IPv6 dual-stack ENIs can access only the IPv6 private network. To access the public network, configure shared bandwidth for such pods.Only CCE Turbo", "product_code":"cce", "title":"Configuring Shared Bandwidth for a Pod with IPv6 Dual-Stack ENIs", "uri":"cce_10_0604.html", "doc_type":"usermanual2", "p_code":"230", "code":"239" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"VPC Network Settings", "uri":"cce_10_0904.html", "doc_type":"usermanual2", "p_code":"228", "code":"240" }, { "desc":"The VPC network model seamlessly combines VPC routing with the underlying network, making it ideal for high-performance scenarios. However, the maximum number of nodes al", "product_code":"cce", "title":"VPC Network Model", "uri":"cce_10_0283.html", "doc_type":"usermanual2", "p_code":"240", "code":"241" }, { "desc":"If the container CIDR block configured during CCE cluster creation cannot meet service expansion requirements, you can add a container CIDR block for the cluster.This fun", "product_code":"cce", "title":"Adding a Container CIDR Block for a Cluster", "uri":"cce_10_0680.html", "doc_type":"usermanual2", "p_code":"240", "code":"242" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Tunnel Network Settings", "uri":"cce_10_0677.html", "doc_type":"usermanual2", "p_code":"228", "code":"243" }, { "desc":"A container tunnel network creates a separate network plane for containers by using tunnel encapsulation on the host network plane. The container tunnel network of a CCE ", "product_code":"cce", "title":"Tunnel Network Model", "uri":"cce_10_0282.html", "doc_type":"usermanual2", "p_code":"243", "code":"244" }, { "desc":"Network policies are designed by Kubernetes to restrict pod access. It is equivalent to a firewall at the application layer to enhance network security. The capabilities ", "product_code":"cce", "title":"Configuring Network Policies to Restrict Pod Access", "uri":"cce_10_0059.html", "doc_type":"usermanual2", "p_code":"243", "code":"245" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Pod Network Settings", "uri":"cce_10_0675.html", "doc_type":"usermanual2", "p_code":"228", "code":"246" }, { "desc":"Kubernetes allows pods to directly use the host/node network. When a pod is configured with hostNetwork: true, applications running in the pod can directly view the netwo", "product_code":"cce", "title":"Configuring hostNetwork for Pods", "uri":"cce_10_0402.html", "doc_type":"usermanual2", "p_code":"246", "code":"247" }, { "desc":"Bandwidth preemption occurs between different containers deployed on the same node, which may cause service jitter. You can configure QoS rate limiting for inter-pod acce", "product_code":"cce", "title":"Configuring QoS for a Pod", "uri":"cce_10_0382.html", "doc_type":"usermanual2", "p_code":"246", "code":"248" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"cce", "title":"Service", "uri":"cce_10_0247.html", "doc_type":"usermanual2", "p_code":"226", "code":"249" }, { "desc":"After a pod is created, the following problems may occur if you directly access the pod:The pod can be deleted and recreated at any time by a controller such as a Deploym", "product_code":"cce", "title":"Overview", "uri":"cce_10_0249.html", "doc_type":"usermanual2", "p_code":"249", "code":"250" }, { "desc":"ClusterIP Services allow workloads in the same cluster to use their cluster-internal domain names to access each other.The cluster-internal domain name format is