- What's new
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Introduction
- Permissions Management
- Basics of the Container Engine
-
Image Management
- Uploading an Image Through a Container Engine Client (Recommended)
- Obtaining a Long-Term Valid Login Command
- Uploading an Image Through SWR Console
- Pulling an Image
- Setting Image Attributes
- Sharing a Private Image
- Adding a Trigger
- Adding an Image Retention Policy
- Configuring Automatic Image Synchronization Between Regions
- Image Center
- Organization Management
- User Permissions
- Auditing
- Change History
- Best Practices
-
API Reference
- Before You Start
- Calling APIs
- API Overview
-
API
- Organization Management
- Managing Image Repositories
- Image Tag Management
- Shared Account Management
- API Version
- Organization Permission Management
- Image Permission Management
- Image Synchronization Management
- Trigger Management
- Image Retention Policy Management
- Temporary Login Command
- Quota Management
- Other
- Example Applications
- Appendixes
- SDK Reference
-
FAQs
- General FAQs
- Login Issues
- Synchronizing Images
- Pushing an Image
- Pulling an Image
-
Troubleshooting
- Why Does the Login Command Fail to Be Executed?
- Why Does an Image Fail to Be Pushed Through a Container Engine Client?
- Why Does an Image Fail to Be Uploaded Through SWR Console?
- Why Does the docker pull Command Fail to Be Executed?
- What Should I Do If Images Cannot Be Downloaded from Private Networks?
- What Do I Do If an Error Occurs When I Call an API?
-
Other FAQs
- Why Does a CCE Workload Cannot Pull an Image from SWR and a Message "Not Logged In" Is Displayed?
- How Many Tenants Can I Share an SWR Private Image With?
- Why Is an Image Pushed Using a Container Engine Client to SWR Different in Size From One Uploaded Through the SWR Console?
- Can I Pull Images on the SWR Console to a Local PC?
- Videos
- Glossary
-
More Documents
- User Guide
- API Reference
- User Guide (Paris Regions)
- API Reference (Paris Regions)
- User Guide (Kuala Lumpur Region)
- API Reference (Kuala Lumpur Region)
-
User Guide (Ankara Region)
- Service Overview
- Overview
- Permissions Management
- Basics of Docker
-
Image Management
- Pushing an Image Through a Container Engine Client
- Obtaining a Long-Term Valid Docker Login Command
- Obtaining a Long-Term Valid containerd Pull/Push Command
- Uploading an Image Through the SWR Console
- Pulling an Image
- Setting Image Attributes
- Sharing Private Images
- Adding a Trigger
- Adding an Image Retention Policy
- Organization Management
- User Permissions
- FAQs
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- Calling APIs
- API
- Appendixes
- Permissions and Supported Actions
- General Reference
Show all
Copied.
Concepts
- Account
An account is created upon successful signing up. The account has full access permissions for all of its cloud services and resources. It can be used to reset user passwords and grant user permissions. The account is a payment entity, which should not be used directly to perform routine management. For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management.
- User
An IAM user is created by an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
API authentication requires information such as the account name, username, and password.
- Region
Regions are divided based on geographical location and network latency. Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region. Regions are classified into universal regions and dedicated regions. A universal region provides universal cloud services for common tenants. A dedicated region provides specific services for specific tenants.
For details, see Region and AZ.
- AZ
An AZ comprises of one or more physical data centers equipped with independent ventilation, fire, water, and electricity facilities. Computing, network, storage, and other resources in an AZ are logically divided into multiple clusters. AZs within a region are interconnected using high-speed optical fibers to allow you to build cross-AZ high-availability systems.
- Project
A region corresponds to a project. Default projects are defined to group and physically isolate resources (including computing, storage, and network resources) across regions. You can grant users permissions in a default project to access all resources in the region associated with the project. If you need more refined access control, create subprojects under a default project and create resources in subprojects. Then you can assign users the permissions required to access only the resources in the specific subprojects.
Figure 1 Project isolation model - Enterprise project
Enterprise projects group and manage resources across regions. Resources in different enterprise projects are logically isolated. An enterprise project can contain resources of multiple regions, and resources can be added to or removed from enterprise projects.
For details about enterprise projects and about how to obtain enterprise project IDs, see Enterprise Management User Guide.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot