Help Center/ Cloud Container Engine/ FAQs/ Networking/ Network Configuration/ How Do I Increase the Maximum Number of Network Interfaces Supported by a CCE Turbo Cluster?
Updated on 2026-01-05 GMT+08:00

How Do I Increase the Maximum Number of Network Interfaces Supported by a CCE Turbo Cluster?

CCE Turbo clusters use the Cloud Native 2.0 networks. Pods use the network interfaces allocated from the VPC. Each network interface is associated with the network interface security group by default. By default, a single security group supports up to 50,000 network interfaces. If no additional configuration is applied and no container network interfaces are pre-bound, a CCE Turbo cluster can run a maximum of 50,000 pods under the container network.

You can use the methods listed in the table below to expand the maximum number of network interfaces supported by a single cluster.

Security Group Splitting Solution

Description

Constraints

How to Implement

Using multiple security groups for pods

Associate distinct security groups with different workloads. A security group can be associated with up to 50,000 pods.

  • The pre-bound container network interfaces cannot be associated with the target security group.
  • The security group rules must be properly planned to ensure necessary connectivity between different workloads.

Using multiple security groups for node pools

Associate distinct security groups with different node pools. All container network interfaces, including pre-bound ones, created within a given node pool are associated with the corresponding security group. The total number of container network interfaces per node pool must remain fewer than 50,000.

Formula

Maximum number of nodes in a node pool × Maximum number of supplementary network interfaces supported by the model < 50000

  • The pre-bound container network interfaces can be associated with the target security group.
  • The security group rules must be properly planned to ensure necessary connectivity between different workloads.

Using Node Pool Settings to Bind the Default Security Group to Pods in the Node Pool