Functions of the New and Old CGS

Currently, CGS has been integrated into the HSS console for unified management. The existing functions have been optimized and some new functions have been added.

Switchover Process

To switch from CGS to HSS, unsubscribe from CGS, purchase the HSS container edition, and enable protection.

Figure 1 CGS switch procedure

Step 1: Unsubscribing from the Original CGS Quotas

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Container Guard Service. The Container Guard Service console is displayed.
3. Choose Clusters & Quotas under Container Guard Service to view the cluster protection list.
   Figure 2 Viewing the protection status of a container cluster
   

4. Click Disable Protection in the Operation column of the target cluster.
   

   For easy management, you are advised to disable protection for all clusters.

5. After disabling the protection for all clusters, click the Protection Quotas tab. In the Operation column of quotas, click Unsubscribe to unsubscribe from them one by one.
   Figure 3 Unsubscribing from container edition quotas
   
   

   If the original quota billing mode is pay-per-use, the billing stops when you disable the protection.

Step 2: Installing an Agent

CGS (old) and HSS (new) are independent of each other. To use the HSS container edition, install a new agent.

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
   Figure 4 Accessing HSS
   

3. In the displayed dialog box, click Try the new edition to switch to the HSS (New) console.
   

   • Currently, HSS is available in the following regions: CN South-Guangzhou, CN-Hong Kong, AP-Bangkok, and AP-Singapore.
   • On the HSS (New) console, you can click Back to Old Console in the upper left corner to switch to the HSS (Old) console.

4. In the navigation pane, choose Asset Management > Containers & Quota.
   Figure 5 Accessing the container node management page
   

5. Click Nodes to check whether the nodes whose protection has been disabled exist in the node list.
   

   • If the nodes are displayed on the HSS console (new), you do not need to install the agent.
   • If the nodes are not displayed on the HSS console (new), you need to install an agent.

Step 3: Purchasing Container Edition Quotas on the HSS Console

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
   Figure 6 Accessing HSS
   

3. In the navigation pane, choose Asset Management > Containers & Quota.
4. Click Buy CGS.
5. Configure CGS specifications.

   Table 2 Parameters for purchasing HSS

   Parameter	Description	Example Value
   Billing Mode	Only the Yearly/Monthly billing mode is supported.	Yearly/Monthly
   Region	To minimize connection issues, purchase quota in the region of your servers.	CN-Hong Kong
   Edition	Select Container. For details about how to enable the pay-per-use billing mode, see Enabling Container Node Protection.	Container
   Node Quantity	Number of purchased container edition quotas	10
   Required Duration	Select a duration as needed. You are advised to select Auto-renew to ensure your servers are always protected. If you select Auto-renew, the system will automatically renew your subscription as long as your account balance is sufficient. The renewal period is the same as the required duration. If you do not select Auto-renew, manually renew the service before it expires.	1 year
   Tags	You can put tags on cloud resources of the same type to help you quickly search for resources.	cgs-data

6. In the lower right corner of the page, click Next.

   For details about pricing, see Product Pricing Details.

7. After confirming that the order, select I have read and agree to the Host Security Service Disclaimer and click Pay Now.
8. Click Pay Now and complete the payment.

Step 4: Enabling Protection

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
   Figure 7 Accessing HSS
   

3. In the displayed dialog box, click Try the new edition to switch to the HSS (New) console.
   

   • Currently, HSS is available in the following regions: CN South-Guangzhou, CN-Hong Kong, AP-Bangkok, and AP-Singapore.
   • On the HSS (New) console, you can click Back to Old Console in the upper left corner to switch to the HSS (Old) console.

4. In the navigation pane, choose Asset Management > Containers & Quota.
   Figure 8 Accessing the container node management page
   

5. In the Operation column of the node list, click Enable Protection.
   Figure 9 Enabling container protection
   

6. You can buy quota in pay-per-use or yearly/monthly mode.
   • Yearly/Monthly
     In the displayed dialog box, select Yearly/Monthly, read the Container Guard Service Disclaimer, and select I have read and agreed to Container Guard Service Disclaimer.

     Figure 10 Enabling yearly/monthly protection
     
     The quota can be allocated in the following ways:

     • Select Select a quota randomly. to let the system allocate the quota with the longest remaining validity to the server.
     • Select a quota ID and allocate it to a server.
   • On-demand

     In the displayed dialog box, select On-demand, read the Container Guard Service Disclaimer, and select I have read and agreed to Container Guard Service Disclaimer.

     Figure 11 Enabling on-demand protection
     

7. Click OK. If the Protection Status of the server changes to Protected, protection has been enabled.
   

   • A CGS quota protects one cluster node.