Cloud Container Engine
Cloud Container Engine

    All results for "" in this service

      All results for "" in this service

      • What's New
        • What's New
      • Function Overview
      • Product Bulletin
        • Latest Notices
        • Product Change Notices
          • EOM of CentOS
          • Reliability Hardening for Cluster Networks and Storage Functions
          • Support for Docker
          • Service Account Token Security Improvement
          • Upgrade of Helm v2 to Helm v3
          • Optimized Key Authentication of the everest Add-on
        • Cluster Version Release Notes
          • End of Maintenance for Clusters 1.27
          • End of Maintenance for Clusters 1.25
          • End of Maintenance for Clusters 1.23
          • End of Maintenance for Clusters 1.21
          • End of Maintenance for Clusters 1.19
        • Vulnerability Notices
          • Vulnerability Fixing Policies
          • Notice of Kubernetes Security Vulnerability (CVE-2025-7342)
          • Notice of the NVIDIA Container Toolkit Container Escape Vulnerabilities (CVE-2025-23266 and CVE-2025-23267)
          • Notice of the NGINX Ingress Controller Vulnerabilities (CVE-2025-1974, CVE-2025-1097, CVE-2025-1098, CVE-2025-24513, and CVE-2025-24514)
          • Notice of Kubernetes Security Vulnerability (CVE-2025-0426)
          • Notice of Kubernetes Security Vulnerability (CVE-2024-10220)
          • Notice of Kubernetes Security Vulnerabilities (CVE-2024-9486 and CVE-2024-9594)
          • Notice of Container Escape Vulnerability in NVIDIA Container Toolkit (CVE-2024-0132)
          • Notice of Linux Remote Code Execution Vulnerability in CUPS (CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, and CVE-2024-47177)
          • Notice of the NGINX Ingress Controller Vulnerability That Allows Attackers to Bypass Annotation Validation (CVE-2024-7646)
          • Notice of Docker Engine Vulnerability That Allows Attackers to Bypass AuthZ (CVE-2024-41110)
          • Notice of Linux Kernel Privilege Escalation Vulnerability (CVE-2024-1086)
          • Notice of OpenSSH Remote Code Execution Vulnerability (CVE-2024-6387)
          • Notice of runC systemd Attribute Injection Vulnerability (CVE-2024-3154)
          • Notice of the Impact of runC Vulnerability (CVE-2024-21626)
          • Notice of Kubernetes Security Vulnerability (CVE-2022-3172)
          • Notice of Privilege Escalation Vulnerability in Linux Kernel openvswitch Module (CVE-2022-2639)
          • Notice of nginx-ingress Add-on Security Vulnerability (CVE-2021-25748)
          • Notice of nginx-ingress Security Vulnerabilities (CVE-2021-25745 and CVE-2021-25746)
          • Notice of containerd Process Privilege Escalation Vulnerability (CVE-2022-24769)
          • Notice of CRI-O Container Runtime Engine Arbitrary Code Execution Vulnerability (CVE-2022-0811)
          • Notice of Container Escape Vulnerability Caused by the Linux Kernel (CVE-2022-0492)
          • Notice of Non-Security Handling Vulnerability of containerd Image Volumes (CVE-2022-23648)
          • Notice of Linux Kernel Integer Overflow Vulnerability (CVE-2022-0185)
          • Notice of Linux Polkit Privilege Escalation Vulnerability (CVE-2021-4034)
          • Notice of Vulnerability of Kubernetes subPath Symlink Exchange (CVE-2021-25741)
          • Notice of runC Vulnerability That Allows a Container Filesystem Breakout via Directory Traversal (CVE-2021-30465)
          • Notice of Docker Resource Management Vulnerability (CVE-2021-21285)
          • Notice of NVIDIA GPU Driver Vulnerability (CVE-2021-1056)
          • Notice of the Sudo Buffer Vulnerability (CVE-2021-3156)
          • Notice of the Kubernetes Security Vulnerability (CVE-2020-8554)
          • Notice of Apache containerd Security Vulnerability (CVE-2020-15257)
          • Notice of Docker Engine Input Verification Vulnerability (CVE-2020-13401)
          • Notice of Kubernetes kube-apiserver Input Verification Vulnerability (CVE-2020-8559)
          • Notice of Kubernetes kubelet Resource Management Vulnerability (CVE-2020-8557)
          • Notice of Kubernetes kubelet and kube-proxy Authorization Vulnerability (CVE-2020-8558)
          • Notice of Fixing the Kubernetes HTTP/2 Vulnerability
          • Notice of Fixing the Linux Kernel SACK Vulnerabilities
          • Notice of Fixing the Docker Command Injection Vulnerability (CVE-2019-5736)
          • Notice of Fixing the Kubernetes Permission and Access Control Vulnerability (CVE-2018-1002105)
          • Notice of Fixing the Kubernetes Dashboard Security Vulnerability (CVE-2018-18264)
        • Product Release Notes
          • Cluster Versions
            • Kubernetes Version Policy
            • Kubernetes Version Release Notes
              • Kubernetes 1.31 Release Notes
              • Kubernetes 1.30 Release Notes
              • Kubernetes 1.29 Release Notes
              • Kubernetes 1.28 Release Notes
              • Kubernetes 1.27 Release Notes
              • Kubernetes 1.25 (EOM) Release Notes
              • Kubernetes 1.23 (EOM) Release Notes
              • Kubernetes 1.21 (EOM) Release Notes
              • Kubernetes 1.19 (EOM) Release Notes
              • Kubernetes 1.17 (EOM) Release Notes
              • Kubernetes 1.15 (EOM) Release Notes
              • Kubernetes 1.13 (EOM) Release Notes
              • Kubernetes 1.11 (EOM) Release Notes
              • Kubernetes 1.9 (EOM) and Earlier Versions Release Notes
            • Patch Versions
          • OS Images
            • OS Version Support Mechanism
            • OS Image Tag Release Notes
          • Add-on Versions
            • CoreDNS Release History
            • CCE Container Storage (Everest) Release History
            • CCE Node Problem Detector Release History
            • Kubernetes Dashboard Release History
            • CCE Cluster Autoscaler Release History
            • NGINX Ingress Controller Release History
            • Kubernetes Metrics Server Release History
            • CCE Advanced HPA Release History
            • CCE AI Suite (NVIDIA GPU) Release History
            • CCE AI Suite (Ascend NPU) Release History
            • Volcano Scheduler Release History
            • CCE Secrets Manager for DEW Release History
            • CCE Network Metrics Exporter Release History
            • NodeLocal DNSCache Release History
            • Cloud Native Cluster Monitoring Release History
            • Cloud Native Log Collection Release History
            • OpenKruise Release History
            • Gatekeeper Release History
            • Vertical Pod Autoscaler Release History
            • Prometheus (End of Maintenance) Release History
      • Service Overview
        • CCE Infographic
        • What Is CCE?
        • Product Advantages
        • Application Scenarios
          • Containerized Application Management
          • Auto Scaling in Seconds
          • DevOps and CI/CD
          • Hybrid Cloud
        • Permissions
        • Notes and Constraints
        • Billing
        • Related Services
        • Regions and AZs
      • Billing
        • Billing Overview
        • Billed Items
        • Billing Modes
          • Overview
          • Yearly/Monthly Billing
          • Pay-per-Use Billing
        • Billing Examples
        • Modifying Resource Specifications
        • Billing Mode Changes
          • Overview
          • Pay-per-Use to Yearly/Monthly
          • Yearly/Monthly to Pay-per-Use
        • Renewing Subscriptions
          • Overview
          • Manually Renewing a CCE Resource
          • Automatically Renewing a CCE Resource
        • Bills
        • Arrears
        • Billing Termination
      • Kubernetes Basics
        • Overview
        • Basic Concepts
        • Containers and Kubernetes
          • Containers
          • Kubernetes
          • Using kubectl to Operate a Cluster
        • Pods, Liveness Probes, Labels, and Namespaces
          • Pods
          • Liveness Probes
          • Labels
          • Namespaces
        • Pod Orchestration and Scheduling
          • Deployments
          • StatefulSets
          • Jobs and CronJobs
          • DaemonSets
          • Affinity and Anti-Affinity
        • Configuration Management
          • ConfigMaps
          • Secrets
        • Kubernetes Networks
          • Container Networks
          • Services
          • Ingresses
          • Readiness Probes
          • Network Policies
        • Persistent Storage
          • Volumes
          • PVs, PVCs, and Storage Classes
        • Authentication and Authorization
          • Service Accounts
          • RBAC
        • Auto Scaling
      • Getting Started
        • Deploying an Nginx Deployment in a CCE Cluster
        • Deploying a WordPress StatefulSet in a CCE Cluster
        • Deploying an Application in a CCE Cluster Using a Helm Chart
      • User Guide
        • High-Risk Operations
        • Clusters
          • Cluster Overview
          • Cluster Version Release Notes
            • Kubernetes Version Release Notes
              • Kubernetes 1.30 Release Notes
              • Kubernetes 1.29 Release Notes
              • Kubernetes 1.28 Release Notes
              • Kubernetes 1.27 Release Notes
              • Kubernetes 1.25 Release Notes
              • Kubernetes 1.23 Release Notes
              • Kubernetes 1.21 (EOM) Release Notes
              • Kubernetes 1.19 (EOM) Release Notes
              • Kubernetes 1.17 (EOM) Release Notes
              • Kubernetes 1.15 (EOM) Release Notes
              • Kubernetes 1.13 (EOM) Release Notes
              • Kubernetes 1.11 (EOM) Release Notes
              • Release Notes for Kubernetes 1.9 (EOM) and Earlier Versions
            • Patch Version Release Notes
          • Buying a Cluster
            • Comparison Between Cluster Types
            • Buying a CCE Standard/Turbo Cluster
            • Comparing iptables and IPVS
          • Accessing a Cluster
            • Accessing a Cluster Using kubectl
            • Accessing a Cluster Using an X.509 Certificate
            • Accessing a Cluster Using a Custom Domain Name
            • Configuring a Cluster's API Server for Internet Access
            • Revoking a Cluster Access Credential
          • Managing Clusters
            • Modifying Cluster Configurations
            • Enabling Overload Control for a Cluster
            • Changing a Cluster Scale
            • Changing the Default Security Group of a Node
            • Deleting a Cluster
            • Preventing Cluster Deletion
            • Hibernating or Waking Up a Cluster
            • Renewing a Yearly/Monthly Cluster
            • Changing the Billing Mode of a Cluster from Pay-per-Use to Yearly/Monthly
          • Upgrading a Cluster
            • Cluster Upgrade Overview
            • Before You Start
            • Performing Post-Upgrade Verification
              • Cluster Status Check
              • Node Status Check
              • Node Skipping Check
              • Service Check
              • New Node Check
              • New Pod Check
            • Migrating Services Across Clusters of Different Versions
            • Troubleshooting for Pre-upgrade Check Exceptions
              • Pre-upgrade Check
              • Node Restrictions
              • Upgrade Management
              • Add-ons
              • Helm Charts
              • SSH Connectivity of Master Nodes
              • Node Pools
              • Security Groups
              • Arm Node Restrictions
              • Residual Nodes
              • Discarded Kubernetes Resources
              • Compatibility Risks
              • CCE Agent Versions
              • Node CPU Usage
              • CRDs
              • Node Disks
              • Node DNS
              • Node Key Directory File Permissions
              • kubelet
              • Node Memory
              • Node Clock Synchronization Server
              • Node OS
              • Node CPU Cores
              • Node Python Commands
              • ASM Version
              • Node Readiness
              • Node journald
              • containerd.sock
              • Internal Error
              • Node Mount Points
              • Kubernetes Node Taints
              • Everest Restrictions
              • cce-hpa-controller Limitations
              • Enhanced CPU Policies
              • Health of Worker Node Components
              • Health of Master Node Components
              • Memory Resource Limit of Kubernetes Components
              • Discarded Kubernetes APIs
              • IPv6 Support in CCE Turbo Clusters
              • NetworkManager
              • Node ID File
              • Node Configuration Consistency
              • Node Configuration File
              • CoreDNS Configuration Consistency
              • sudo
              • Key Node Commands
              • Mounting of a Sock File on a Node
              • HTTPS Load Balancer Certificate Consistency
              • Node Mounting
              • Login Permissions of User paas on a Node
              • Private IPv4 Addresses of Load Balancers
              • Historical Upgrade Records
              • CIDR Block of the Cluster Management Plane
              • CCE AI Suite (NVIDIA GPU) Exceptions
              • Nodes' System Parameters
              • Residual Package Version Data
              • Node Commands
              • Node Swap
              • NGINX Ingress Controller
              • Upgrade of Cloud Native Cluster Monitoring
              • containerd Pod Restart Risks
              • Key CCE AI Suite (NVIDIA GPU) Parameters
              • GPU or NPU Pod Rebuild Risks
              • ELB Listener Access Control
              • Master Node Flavor
              • Subnet Quota of Master Nodes
              • Node Runtime
              • Node Pool Runtime
              • Number of Node Images
              • OpenKruise Compatibility Check
              • Compatibility Check of Secret Encryption
              • Compatibility Between the Ubuntu Kernel and GPU Driver
              • Drainage Tasks
              • Image Layers on a Node
              • Cluster Rolling Upgrade
              • Rotation Certificates
              • Ingress and ELB Configuration Consistency
        • Nodes
          • Node Overview
          • Container Engines
          • Node OSs
          • Creating a Node
          • Accepting Nodes for Management
          • Logging In to a Node
          • Management Nodes
            • Managing Node Labels
            • Managing Node Taints
            • Resetting a Node
            • Removing a Node
            • Synchronizing the Data of Cloud Servers
            • Draining a Node
            • Deleting or Unsubscribing from a Node
            • Changing the Billing Mode of a Node to Yearly/Monthly
            • Modifying the Auto-Renewal Configuration of a Yearly/Monthly Node
            • Stopping a Node
            • Performing Rolling Upgrade for Nodes
          • Node O&M
            • Node Resource Reservation Rules
            • Space Allocation of a Data Disk
            • Maximum Number of Pods That Can Be Created on a Node
            • Differences in kubelet and Runtime Component Configurations Between CCE and the Native Community
            • Migrating Nodes from Docker to containerd
            • Optimizing Node System Parameters
              • Optimizable Node System Parameters
              • Changing the RuntimeMaxUse of the Memory Used by the Log Cache on a Node
              • Changing the Maximum Number of File Handles
              • Modifying Node Kernel Parameters
              • Changing Process ID Limits (kernel.pid_max)
            • Configuring Node Fault Detection Policies
        • Node Pools
          • Node Pool Overview
          • Upgrading to New Node Pools
          • Creating a Node Pool
          • Scaling a Node Pool
          • Managing Node Pools
            • Updating a Node Pool
            • Updating an AS Configuration
            • Modifying Node Pool Configurations
            • Accepting Nodes in a Node Pool
            • Copying a Node Pool
            • Synchronizing Node Pools
            • Upgrading an OS
            • Migrating a Node
            • Deleting a Node Pool
        • Workloads
          • Workload Overview
          • Creating a Workload
            • Creating a Deployment
            • Creating a StatefulSet
            • Creating a DaemonSet
            • Creating a Job
            • Creating a CronJob
          • Configuring a Workload
            • Secure Runtime and Common Runtime
            • Configuring Time Zone Synchronization
            • Configuring an Image Pull Policy
            • Using Third-Party Images
            • Configuring Container Specifications
            • Configuring Container Lifecycle Parameters
            • Configuring Container Health Check
            • Configuring Environment Variables
            • Configuring Workload Upgrade Policies
            • Configuring Tolerance Policies
            • Configuring Labels and Annotations
          • Scheduling a Workload
            • Overview
            • Configuring Specified Node Scheduling (nodeSelector)
            • Configuring Node Affinity Scheduling (nodeAffinity)
            • Configuring Workload Affinity or Anti-affinity Scheduling (podAffinity or podAntiAffinity)
          • Logging In to a Container
          • Managing Workloads
          • Managing Custom Resources
          • Pod Security
            • Configuring a Pod Security Policy
            • Configuring Pod Security Admission
        • Scheduling
          • Scheduling Overview
          • CPU Scheduling
            • CPU Policy
            • Enhanced CPU Policy
          • GPU Scheduling
            • GPU Driver Version
              • Selecting a GPU Driver Version for Nodes
              • Recommended GPU Driver Versions for CCE
              • Manually Upgrading the Driver Version of a GPU Node
              • Upgrading the Driver Version of a GPU Node Using a Node Pool
            • Default GPU Scheduling in Kubernetes
            • GPU Virtualization
              • Overview
              • Preparing Virtualized GPU Resources
              • Using GPU Virtualization
              • Supporting Kubernetes' Default GPU Scheduling
            • Monitoring GPU Metrics
            • Configuring Workload Scaling Based on GPU Monitoring Metrics
            • Configuring Auto Scaling for xGPU Nodes
            • GPU Fault Handling
            • GPU Metrics
          • NPU Scheduling
            • NPU Basic Scheduling
          • Volcano Scheduling
            • Volcano Scheduling Overview
            • Scheduling Workloads
            • Resource Usage-based Scheduling
              • Bin Packing
              • Descheduling
              • Node Pool Affinity
              • Load-aware Scheduling
              • Configuration Cases for Resource Usage-based Scheduling
            • Priority-based Scheduling
              • Priority-based Scheduling
            • AI Performance-based Scheduling
              • DRF
              • Gang
            • NUMA Affinity Scheduling
            • Application Scaling Priority Policies
          • Cloud Native Hybrid Deployment
            • Overview
            • Dynamic Resource Oversubscription
        • Networking
          • Networking Overview
          • Container Networks
            • Overview
            • Cloud Native Network 2.0 Settings
              • Cloud Native Network 2.0
              • Configuring a Default Container Subnet for a CCE Turbo Cluster
              • Binding a Security Group to a Pod Using an Annotation
              • Binding a Security Group to a Workload Using a Security Group Policy
              • Binding a Subnet and Security Group to a Namespace or Workload Using a Container Network Configuration
              • Configuring an EIP for a Pod
              • Configuring a Static EIP for a Pod
            • VPC Network Settings
              • VPC Network Model
              • Adding a Container CIDR Block for a Cluster
            • Tunnel Network Settings
              • Tunnel Network Model
            • Pod Network Settings
              • Configuring hostNetwork for Pods
              • Configuring QoS for a Pod
              • Configuring Network Policies to Restrict Pod Access
          • Services
            • Service Overview
            • ClusterIP
            • NodePort
            • LoadBalancer
              • Creating a LoadBalancer Service
              • Configuring Advanced Load Balancing Functions Using Annotations
              • Configuring HTTP/HTTPS for a LoadBalancer Service
              • Configuring SNI for a LoadBalancer Service
              • Configuring HTTP/2 for a LoadBalancer Service
              • Configuring Timeout for a LoadBalancer Service
              • Configuring Health Check on Multiple LoadBalancer Service Ports
              • Configuring Passthrough Networking for a LoadBalancer Service
              • Changing a Custom EIP for a LoadBalancer Service
              • Configuring a Range of Listening Ports for LoadBalancer Services
              • Setting the Pod Ready Status Through the ELB Health Check
              • Enabling ICMP Security Group Rules
            • DNAT
            • Headless Services
          • Ingresses
            • Ingress Overview
            • Comparison Between LoadBalancer Ingresses and Nginx Ingresses
            • LoadBalancer Ingresses
              • Creating a LoadBalancer Ingress on the Console
              • Creating a LoadBalancer Ingress Using kubectl
              • Configuring Advanced LoadBalancer Ingress Functions Using Annotations
              • Advanced Setting Examples of LoadBalancer Ingresses
                • Configuring an HTTPS Certificate for a LoadBalancer Ingress
                • Updating the HTTPS Certificate for a LoadBalancer Ingress
                • Configuring SNI for a LoadBalancer Ingress
                • Configuring Multiple Forwarding Policies for a LoadBalancer Ingress
                • Configuring HTTP/2 for a LoadBalancer Ingress
                • Configuring HTTPS Backend Services for a LoadBalancer Ingress
                • Configuring Timeout for a LoadBalancer Ingress
                • Configuring a Slow Start for a LoadBalancer Ingress
                • Configuring a Range of Listening Ports for a LoadBalancer Ingress
                • Configuring the Priorities of Forwarding Rules for LoadBalancer Ingresses
                • Configuring a Custom Header Forwarding Policy for a LoadBalancer Ingress
                • Configuring a Custom EIP for a LoadBalancer Ingress
                • Configuring Advanced Forwarding Rules for a LoadBalancer Ingress
              • Configuring Multiple Ingresses to Use the Same External ELB Port
            • Nginx Ingresses
              • Creating an Nginx Ingress on the Console
              • Creating an Nginx Ingress Using kubectl
              • Configuring Advanced Nginx Ingress Functions Using Annotations
              • Advanced Setting Examples of Nginx Ingresses
                • Configuring an HTTPS Certificate for an Nginx Ingress
                • Configuring Redirection Rules for an Nginx Ingress
                • Configuring URL Rewriting Rules for an Nginx Ingress
                • Configuring HTTPS Backend Services for an Nginx Ingress
                • Configuring gRPC Backend Services for an Nginx Ingress
                • Configuring Consistent Hashing for Load Balancing of an Nginx Ingress
                • Configuring Application Traffic Mirroring for an Nginx Ingress
                • Configuring Cross-Origin Access for Nginx Ingresses
                • Nginx Ingress Usage Suggestions
                • Optimizing NGINX Ingress Controller in High-Traffic Scenarios
              • NGINX Ingress Controller Upgrade Compatibility
            • Migrating Data from a Bring-Your-Own Nginx Ingress to a LoadBalancer Ingress
          • DNS
            • DNS Overview
            • DNS Configuration
            • Using CoreDNS for Custom Domain Name Resolution
            • Using NodeLocal DNSCache to Improve DNS Performance
          • Cluster Network Settings
            • Adding a Secondary VPC CIDR Block for a Cluster
          • Configuring Intra-VPC Access
          • Accessing the Internet from a Container
        • Storage
          • Storage Overview
          • Storage Basics
          • EVS
            • EVS Overview
            • Using an Existing EVS Disk Through a Static PV
            • Using an EVS Disk Through a Dynamic PV
            • Dynamically Mounting an EVS Disk to a StatefulSet
            • Encrypting EVS Disks
            • Expanding the Capacity of an EVS Disk
            • Snapshots and Backups
          • SFS Turbo
            • SFS Turbo Overview
            • Using an Existing SFS Turbo File System Through a Static PV
            • Configuring SFS Turbo Mount Options
            • (Recommended) Creating an SFS Turbo Subdirectory Using a Dynamic PV
            • Dynamically Creating an SFS Turbo Subdirectory Using StorageClass
          • OBS
            • OBS Overview
            • Using an Existing OBS Bucket Through a Static PV
            • Using an OBS Bucket Through a Dynamic PV
            • Configuring OBS Mount Options
            • Using a Custom Access Key (AK/SK) to Mount an OBS Volume
          • Local PVs
            • Local PV Overview
            • Importing a PV to a Storage Pool
            • Using a Local PV Through a Dynamic PV
            • Dynamically Mounting a Local PV to a StatefulSet
          • emptyDir
            • emptyDir Overview
            • Importing an EV to a Storage Pool
            • Local EV
            • Temporary Path
          • hostPath
          • StorageClasses
        • Auto Scaling
          • Auto Scaling Overview
          • Workload Scaling
            • Workload Scaling Rules
            • Creating an HPA Policy
            • Creating an HPA Policy with Custom Metrics
            • Creating a Scheduled CronHPA Policy
            • Creating a CustomedHPA Policy
            • Creating a VPA Policy
            • Creating an AHPA Policy
            • Managing Workload Scaling Policies
          • Node Scaling
            • Node Scaling Rules
            • Priorities for Scaling Node Pools
            • Creating a Node Scaling Policy
            • Managing Node Scaling Policies
          • Using HPA and CA for Auto Scaling of Workloads and Nodes
        • O&M
          • Overview
          • Agency Permissions
          • Health Center
            • Overview
            • Cluster Diagnosis
            • Workload Diagnosis
            • Diagnosis Items and Rectification Solutions
          • Monitoring Center
            • Overview
            • Enabling Monitoring Center
            • Managing Collection Tasks
            • Cluster Monitoring
            • Node Monitoring
            • Workload Monitoring
            • Pod Monitoring
            • Event Monitoring
            • Dashboard
              • Using Dashboard
              • Cluster View
              • API Server View
              • Pod View
              • Host View
              • Node View
              • Node Pool View
              • GPU View
              • xGPU View
              • CoreDNS View
              • PVC View
              • Kubelet View
              • Prometheus Server View
              • Prometheus Agent View
          • Logging
            • Overview
            • Collecting Container Logs
              • Collecting Container Logs Using the Cloud Native Log Collection Add-on
              • Collecting Container Logs Using ICAgent
            • Collecting Kubernetes Events
          • Alarm Center
            • Overview
            • Configuring Alarms in Alarm Center
            • Configuring Custom Alarms on CCE
            • CCE Events
          • Log Auditing
            • CCE Operations Supported by Cloud Trace Service
            • Viewing CTS Traces in the Trace List
          • O&M FAQ
            • Monitoring Center FAQ
            • Logging FAQ
            • Alarm Center FAQ
          • O&M Best Practices
            • Monitoring Custom Metrics Using Cloud Native Cluster Monitoring
            • Monitoring Custom Metrics on AOM
            • Monitoring Master Node Components Using Prometheus
        • Namespaces
          • Creating a Namespace
          • Managing Namespaces
          • Configuring Resource Quotas
        • ConfigMaps and Secrets
          • Creating a ConfigMap
          • Using a ConfigMap
          • Creating a Secret
          • Using a Secret
          • Cluster Secrets
        • Add-ons
          • Overview
          • Scheduling and Elasticity Add-ons
            • Volcano Scheduler
            • CCE Cluster Autoscaler
            • CCE Advanced HPA
            • Vertical Pod Autoscaler
          • Cloud Native Observability Add-ons
            • Cloud Native Cluster Monitoring
            • Cloud Native Log Collection
            • CCE Node Problem Detector
            • CCE Network Metrics Exporter
            • Kubernetes Metrics Server
            • Prometheus
          • Cloud Native AI Add-ons
            • CCE AI Suite (NVIDIA GPU)
            • CCE AI Suite (Ascend NPU)
          • Container Network Add-ons
            • CoreDNS
            • NGINX Ingress Controller
            • NodeLocal DNSCache
          • Container Storage Add-ons
            • CCE Container Storage (Everest)
          • Container Security Add-ons
            • CCE Secrets Manager for DEW
          • Other Add-ons
            • Kubernetes Dashboard
            • OpenKruise
            • Gatekeeper
        • Helm Charts
          • Chart Overview
          • Deploying an Application from a Chart
          • Differences Between Helm v2 and Helm v3 and Adaptation Solutions
          • Deploying an Application Through the Helm v2 Client
          • Deploying an Application Through the Helm v3 Client
          • Converting a Release from Helm v2 to v3
        • Permissions
          • Permissions Overview
          • Granting Cluster Permissions to an IAM User
          • Namespace Permissions (Kubernetes RBAC-based)
          • Example: Designing and Configuring Permissions for Users in a Department
          • Permission Dependency of the CCE Console
          • Service Account Token Security Improvement
          • System Agencies
        • Settings
          • Dashboard
          • Cluster Access
          • Network
          • Scheduling
          • Auto Scaling
          • Monitoring
          • Kubernetes
          • Heterogeneous Resources
      • Best Practices
        • Checklist for Deploying Containerized Applications in the Cloud
        • Containerization
          • Containerizing an Enterprise Application (ERP)
            • Solution Overview
            • Procedure
              • Containerizing an Entire Application
              • Containerization Process
              • Analyzing the Application
              • Preparing the Application Runtime
              • Compiling a Startup Script
              • Compiling the Dockerfile
              • Building and Uploading an Image
              • Creating a Container Workload
        • Migration
          • Migrating Kubernetes Clusters to CCE
            • Solution Overview
            • Resource Planning for the Target Cluster
            • Procedure
              • Migrating Resources Outside a Cluster
              • Installing the Migration Tool
              • Migrating Resources in a Cluster
              • Updating Resources Accordingly
              • Performing Additional Tasks
              • Troubleshooting
        • Disaster Recovery
          • Recommended Configurations for HA CCE Clusters
          • Implementing High Availability for Applications in CCE
          • Implementing High Availability for Add-ons in CCE
        • Security
          • Configuration Suggestions on CCE Cluster Security
          • Configuration Suggestions on CCE Node Security
          • Configuration Suggestions on CCE Container Runtime Security
          • Configuration Suggestions on CCE Container Security
          • Configuration Suggestions on CCE Container Image Security
          • Configuration Suggestions on CCE Secret Security
        • Auto Scaling
          • Using HPA and CA for Auto Scaling of Workloads and Nodes
        • Monitoring
          • Monitoring Multiple Clusters Using Prometheus
          • Reporting Prometheus Monitoring Data to a Third-Party Monitoring Platform
        • Cluster
          • Suggestions on CCE Cluster Selection
          • Creating a Custom CCE Node Image
          • Executing the Pre- or Post-installation Commands During Node Creation
          • Connecting to Multiple Clusters Using kubectl
          • Selecting a Data Disk for the Node
          • Protecting a CCE Cluster Against Overload
          • Managing Costs for a Cluster
        • Networking
          • Planning CIDR Blocks for a Cluster
          • Selecting a Network Model
          • Implementing Sticky Session Through Load Balancing
          • Obtaining the Client Source IP Address for a Container
          • Accessing an External Network from a Pod
            • Accessing the Internet from a Pod
            • Accessing Cloud Services from a Pod in the Same VPC
            • Accessing Cloud Services from a Pod in a Different VPC
          • CoreDNS Configuration Optimization
            • CoreDNS Optimization Overview
            • Client
              • Optimizing Domain Name Resolution Requests
              • Selecting a Proper Image
              • Avoiding Occasional DNS Resolution Timeout Caused by IPVS Defects
              • Using NodeLocal DNSCache
              • Upgrading the CoreDNS in the Cluster Timely
              • Adjusting the DNS Configuration of the VPC and VM
            • Server
              • Monitoring the coredns Add-on
              • Adjusting the CoreDNS Deployment Status
              • Configuring CoreDNS
          • Pre-Binding Container ENI for CCE Turbo Clusters
          • Accessing an IP Address Outside of a Cluster That Uses a VPC Network by Using Source Pod IP Addresses Within the Cluster
        • Storage
          • Expanding the Storage Space
          • Mounting Object Storage Across Accounts
          • Dynamically Creating an SFS Turbo Subdirectory Using StorageClass
          • Using Custom Storage Classes
          • Scheduling EVS Disks Across AZs Using csi-disk-topology
        • Container
          • Properly Allocating Container Computing Resources
          • Modifying Kernel Parameters Using a Privileged Container
          • Using Init Containers to Initialize an Application
          • Configuring the /etc/hosts File of a Pod Using hostAliases
          • Locating Container Faults Using the Core Dump File
        • Permission
          • Configuring kubeconfig for Fine-Grained Management on Cluster Resources
          • Configuring Namespace-level Permissions for an IAM User
        • Release
          • Overview
          • Using Services to Implement Simple Grayscale Release and Blue-Green Deployment
          • Using Nginx Ingress to Implement Grayscale Release and Blue-Green Deployment
      • API Reference
        • Before You Start
        • API Overview
        • Calling APIs
          • Making an API Request
          • Authentication
          • Response
        • APIs
          • API URL
          • Cluster Management
            • Creating a Cluster
            • Reading a Specified Cluster
            • Listing Clusters in a Specified Project
            • Updating a Specified Cluster
            • Deleting a Cluster
            • Hibernating a Cluster
            • Waking Up a Cluster
            • Obtaining a Cluster Certificate
            • Modifying Cluster Specifications
            • Querying a Job
            • Binding/Unbinding Public API Server Address
            • Obtaining Cluster Access Address
            • Obtaining a Cluster's Logging Configurations
            • Configuring Cluster Logs
            • Obtaining the Partition List
            • Creating a Partition
            • Obtaining Partition Details
            • Updating a Partition
          • Node Management
            • Creating a Node
            • Reading a Specified Node
            • Listing All Nodes in a Cluster
            • Updating a Specified Node
            • Deleting a Node
            • Enabling Scale-In Protection for a Node
            • Disabling Scale-In Protection for a Node
            • Synchronizing Nodes
            • Accepting a Node
            • Managing a Node in a Customized Node Pool
            • Resetting a Node
            • Removing a Node
            • Migrating a Node
          • Node Pool Management
            • Creating a Node Pool
            • Reading a Specified Node Pool
            • Listing All Node Pools in a Specified Cluster
            • Synchronizing Node Pool Configurations to Existing Nodes
            • Updating a Specified Node Pool
            • Deleting a Node Pool
            • Scaling a Node Pool
            • Synchronizing Node Pools
          • Storage Management
            • Creating a PVC (to be discarded)
            • Deleting a PVC (to be discarded)
          • Add-on Management
            • Installing an Add-on Instance
            • Listing Add-on Templates
            • Updating an Add-on Instance
            • Rolling Back an Add-on Instance
            • Deleting an Add-on Instance
            • Querying an Add-on Instance
            • Listing Add-on Instances
          • Cluster Upgrade
            • Upgrading a Cluster
            • Obtaining Cluster Upgrade Task Details
            • Retrying a Cluster Upgrade Task
            • Suspending a Cluster Upgrade Task (Deprecated)
            • Continuing to Execute a Cluster Upgrade Task (Deprecated)
            • Obtaining a List of Cluster Upgrade Task Details
            • Pre-upgrade Check
            • Obtaining Details About a Pre-upgrade Check Task of a Cluster
            • Obtaining a List of Pre-upgrade Check Tasks of a Cluster
            • Post-upgrade Check
            • Cluster Backup
            • Obtaining a List of Cluster Backup Task Details
            • Obtaining the Cluster Upgrade Information
            • Obtaining a Cluster Upgrade Path
            • Obtaining the Configuration of Cluster Upgrade Feature Gates
            • Enabling the Cluster Upgrade Process Booting Task
            • Obtaining a List of Upgrade Workflows
            • Obtaining Details About a Specified Cluster Upgrade Task
            • Updating the Status of a Specified Cluster Upgrade Booting Task
          • Quota Management
            • Querying Resource Quotas
          • API Versions
            • Obtaining API Versions
          • Tag Management
            • Adding Resource Tags to a Specified Cluster in Batches
            • Deleting Resource Tags of a Specified Cluster in Batches
          • Configuration Management
            • Obtaining the Parameters That Can Be Configured for a Node Pool
            • Obtaining the List of Parameters That Can Be Configured for a Cluster
            • Obtaining the Parameters That Can Be Configured for a Node Pool
            • Changing the Values of Configuration Parameters of a Node Pool
          • Chart Management
            • Uploading a Chart
            • Obtaining a Chart List
            • Obtaining a Release List
            • Updating a Chart
            • Creating a Release
            • Deleting a Chart
            • Updating a Release
            • Obtaining a Chart
            • Deleting a Release
            • Downloading a Chart
            • Obtaining a Release
            • Obtaining Chart Values
            • Obtaining Historical Records of a Release
            • Obtaining the Quota of a User Chart
          • Add-on Instance Parameters
            • CoreDNS
            • CCE Container Storage (Everest)
            • CCE Node Problem Detector
            • Kubernetes Dashboard
            • CCE Cluster Autoscaler
            • NGINX Ingress Controller
            • Kubernetes Metrics Server
            • CCE Advanced HPA
            • CCE AI Suite (NVIDIA GPU)
            • CCE AI Suite (Ascend NPU)
            • Volcano Scheduler
            • CCE Secrets Manager for DEW
            • CCE Network Metrics Exporter
            • NodeLocal DNSCache
            • Cloud Native Cluster Monitoring
            • Cloud Native Log Collection
        • Kubernetes APIs
        • Permissions and Supported Actions
        • Appendix
          • Status Code
          • Error Codes
          • Obtaining a Project ID
          • Obtaining an Account ID
          • Specifying Add-ons to Be Installed During Cluster Creation
          • How to Obtain Parameters in the API URI
          • Creating a VPC and Subnet
          • Creating a Key Pair
          • Node Flavor Description
          • Adding a Salt in the password Field When Creating a Node
          • Maximum Number of Pods That Can Be Created on a Node
          • Node OS
          • Space Allocation of a Data Disk
          • Attaching Disks to a Node
      • SDK Reference
        • SDK Overview
      • FAQs
        • Common FAQ
        • Billing
          1. How Is CCE Billed?
          2. How Do I Change the Billing Mode of a CCE Cluster from Pay-per-Use to Yearly/Monthly?
          3. Can I Change the Billing Mode of CCE Nodes from Pay-per-Use to Yearly/Monthly?
          4. Can I Delete a Yearly/Monthly-Billed CCE Cluster Directly When It Expires?
        • Cluster
          • Cluster Creation
            1. Why Cannot I Create a CCE Cluster?
            2. Is Management Scale of a Cluster Related to the Number of Master Nodes?
            3. How Do I Update the Root Certificate When Creating a CCE Cluster?
            4. Which Resource Quotas Should I Pay Attention To When Using CCE?
          • Cluster Running
            1. How Do I Locate the Fault When a Cluster Is Unavailable?
            2. How Do I Retrieve Data After a CCE Cluster Is Deleted?
          • Cluster Deletion
            1. What Can I Do If a Cluster Deletion Fails Due to Residual Resources in the Security Group?
            2. How Do I Clear Residual Resources After Deleting a Non-Running Cluster?
          • Cluster Upgrade
            1. What Do I Do If a Cluster Add-On Fails to be Upgraded During the CCE Cluster Upgrade?
        • Node
          • Node Creation
            1. How Do I Troubleshoot Problems Occurred When Adding Nodes to a CCE Cluster?
            2. How Do I Troubleshoot Problems Occurred When Accepting Nodes into a CCE Cluster?
            3. What Should I Do If a Node Cannot Be Managed and an Error Message Appears Saying That the Node Failed to Install?
          • Node Running
            1. What Should I Do If a Cluster Is Available But Some Nodes in It Are Unavailable?
            2. How Do I Log In to a Node Using a Password and Reset the Password?
            3. How Do I Collect Logs of Nodes in a CCE Cluster?
            4. What Should I Do If the vdb Disk of a Node Is Damaged and the Node Cannot Be Recovered After Reset?
            5. What Should I Do If I/O Suspension Occasionally Occurs When SCSI EVS Disks Are Used?
            6. How Do I Fix an Abnormal Container or Node Due to No Thin Pool Disk Space?
            7. How Do I Rectify Failures When the NVIDIA Driver Is Used to Start Containers on GPU Nodes?
          • Specification Change
            1. How Do I Change the Node Specifications in a CCE Cluster?
            2. What Are the Impacts of Changing the Flavor of a Node in a CCE Node Pool?
            3. What Should I Do If I Fail to Restart or Create Workloads on a Node After Modifying the Node Specifications?
          • OSs
            1. What Should I Do If There Is a Service Access Failure After a Backend Service Upgrade or a 1-Second Latency When a Service Accesses a CCE Cluster?
        • Node Pool
          1. What Should I Do If a Node Pool Is Abnormal?
          2. What Should I Do If No Node Creation Record Is Displayed When the Node Pool Is Being Expanding?
          3. What Should I Do If a Node Pool Scale-Out Fails?
          4. How Do I Modify ECS Configurations When an ECS Cannot Be Managed by a Node Pool?
        • Workload
          • Workload Exception Troubleshooting
            1. How Can I Locate the Root Cause If a Workload Is Abnormal?
            2. What Should I Do If the Scheduling of a Pod Fails?
            3. What Should I Do If a Pod Fails to Pull the Image?
            4. What Should I Do If Container Startup Fails?
            5. What Should I Do If a Pod Fails to Be Evicted?
            6. What Should I Do If a Storage Volume Cannot Be Mounted or the Mounting Times Out?
            7. What Should I Do If a Workload Remains in the Creating State?
            8. What Should I Do If a Pod Remains in the Terminating State?
            9. What Should I Do If a Workload Is Stopped Caused by Pod Deletion?
            10. What Should I Do If an Error Occurs When I Deploy a Service on a GPU Node?
            11. What Should I Do If a Workload Exception Occurs Due to a Storage Volume Mount Failure?
            12. What Should I Do If a Workload Appears to Be Normal But Is Not Functioning Properly?
            13. Why Is Pod Creation or Deletion Suspended on a Node Where File Storage Is Mounted?
            14. How Can I Locate Faults Using an Exit Code?
          • Container Configuration
            1. When Is Pre-stop Processing Used?
            2. When Would a Container Need to Be Rebuilt?
            3. How Do I Set an FQDN for Accessing a Specified Container in the Same Namespace?
            4. What Should I Do If Health Check Probes Occasionally Fail?
            5. How Do I Set the umask Value for a Container?
            6. What Is the Retry Mechanism When CCE Fails to Start a Pod?
          • Scheduling Policies
            1. How Do I Evenly Distribute Multiple Pods to Each Node?
            2. How Do I Prevent a Container on a Node from Being Evicted?
            3. Why Are Pods Not Evenly Distributed on Nodes?
            4. How Do I Evict All Pods on a Node?
            5. Why Cannot a Pod Be Scheduled to a Node?
            6. How Do I Troubleshoot a Pod Exit Caused by a Node Label Update?
          • Others
            1. What Should I Do If a Cron Job Cannot Be Restarted After Being Stopped for a Period of Time?
            2. What Is a Headless Service When I Create a StatefulSet?
            3. What Should I Do If Error Message "Auth is empty" Is Displayed When a Private Image Is Pulled?
            4. What Is the Image Pull Policy for Containers in a CCE Cluster?
            5. What Can I Do If a Layer Is Missing During Image Pull?
        • Networking
          • Network Exception Troubleshooting
            1. How Do I Locate a Workload Networking Fault?
            2. Why Does the Browser Return Error Code 404 When I Access a Deployed Application?
            3. What Should I Do If a Container Fails to Access the Internet?
            4. What Should I Do If a Node Fails to Connect to the Internet (Public Network)?
            5. What Should I Do If Nginx Ingress Access in the Cluster Is Abnormal After the NGINX Ingress Controller Add-on Is Upgraded?
            6. What Could Cause Access Exceptions After Configuring an HTTPS Certificate for a LoadBalancer Ingress?
          • Network Planning
            1. What Is the Relationship Between Clusters, VPCs, and Subnets?
            2. How Can I Configure a Security Group Rule for a Cluster?
          • Security Hardening
            1. How Do I Prevent Cluster Nodes from Being Exposed to Public Networks?
            2. How Do I Configure an Access Policy for a Cluster?
            3. How Do I Obtain a TLS Key Certificate?
            4. How Do I Change the Security Group of Nodes in a Cluster in Batches?
          • Network Configuration
            1. How Can Container IP Addresses Survive a Container Restart?
            2. How Can I Check Whether an ENI Is Used by a Cluster?
            3. How Can I Delete a Security Group Rule Associated with a Deleted Subnet?
            4. How Can I Synchronize Certificates When Multiple Ingresses in Different Namespaces Share a Listener?
            5. How Can I Determine Which Ingress the Listener Settings Have Been Applied To?
        • Storage
          1. How Do I Expand the Storage Capacity of a Container?
          2. What Are the Differences Among CCE Storage Classes in Terms of Persistent Storage and Multi-Node Mounting?
          3. Can I Create a CCE Node Without Adding a Data Disk to the Node?
          4. What Should I Do If the Host Cannot Be Found When Files Need to Be Uploaded to OBS During the Access to the CCE Service from a Public Network?
          5. How Can I Achieve Compatibility Between ExtendPathMode and Kubernetes client-go?
          6. Can CCE PVCs Detect Underlying Storage Faults?
          7. Why Cannot I Delete a PV or PVC Using the kubectl delete Command?
          8. What Should I Do If a Yearly/Monthly EVS Disk Cannot Be Automatically Created?
        • Namespace
          1. What Should I Do If a Namespace Fails to Be Deleted Due to an APIService Object Access Failure?
        • Chart and Add-on
          1. What Should I Do If Installation of an Add-on Fails and "The release name is already exist" Is Displayed?
          2. How Do I Configure the Add-on Resource Quotas Based on Cluster Scale?
          3. How Can I Clean Up Residual Resources After the NGINX Ingress Controller Add-on in the Unknown State Is Deleted?
          4. Why TLS v1.0 or v1.1 Cannot Be Used After the NGINX Ingress Controller Add-on Is Upgraded?
          5. What Can I Do If a Pod Cannot Be Started After the CCE AI Suite (Ascend NPU) Add-on Is Upgraded from 1.x.x to 2.x.x?
        • API & kubectl FAQs
          1. How Can I Access a Cluster API Server?
          2. Can the Resources Created Using APIs or kubectl Be Displayed on the CCE Console?
          3. How Do I Download kubeconfig for Connecting to a Cluster Using kubectl?
          4. How Do I Rectify the Error Reported When Running the kubectl top node Command?
          5. Why Is "Error from server (Forbidden)" Displayed When I Use kubectl?
        • DNS FAQs
          1. What Should I Do If Domain Name Resolution Fails in a CCE Cluster?
          2. Why Does a Container in a CCE Cluster Fail to Perform DNS Resolution?
          3. How Do I Optimize the Configuration If the External Domain Name Resolution Is Slow or Times Out?
          4. How Do I Configure a DNS Policy for a Container?
          5. How Can I Address the Issue of CoreDNS Using Deprecated APIs?
        • Image Repository FAQs
          1. How Do I Upload My Images to CCE?
        • Permissions
          1. Can I Configure Only Namespace Permissions Without Cluster Management Permissions?
          2. Can I Use CCE APIs If the Cluster Management Permissions Are Not Configured?
          3. Can I Use kubectl If the Cluster Management Permissions Are Not Configured?
      • Videos