What Is CCE?

Cloud Container Engine (CCE) is a Kubernetes cluster hosting service for enterprises. It manages the entire lifecycle of containerized applications and delivers scalable, high-performance solutions for deploying and managing cloud native applications.

Why CCE?

CCE is a one-stop platform integrating compute (ECS and BMS), networking (VPC, EIP, and ELB), storage (EVS, SFS, and OBS), and many other services. It supports heterogeneous compute architectures such as GPUs, NPUs, and Arm. Multi-AZ, multi-region disaster recovery (DR) ensures high availability (HA) of Kubernetes clusters.

Huawei Cloud is one of world's first Kubernetes Certified Service Providers (KCSPs) and China's first participant in the Kubernetes community. It has long been contributing to open-source container communities and taking lead in the container ecosystems. Huawei Cloud is also a founder and platinum member of Cloud Native Computing Foundation (CNCF). CCE is one of the first Certified Kubernetes offerings in the world.

For more information, see CCE Advantages and Application Scenarios.

Video Tutorial

CCE Cluster Types

There are multiple types of CCE clusters.

Cluster Type	CCE Standard	CCE Turbo	CCE Autopilot
Positioning	Standard clusters that provide highly reliable and secure containers for commercial use	Next-generation clusters designed for Cloud Native 2.0, with accelerated compute, networking, and scheduling	Serverless clusters without user nodes and billed by actual CPU and memory usage In such clusters, no node deployment, management, or security maintenance is needed.
Application scenario	For users who expect to use container clusters to manage applications, obtain elastic compute resources, and enable simplified management on compute, network, and storage resources	For users who have higher requirements on performance, resource utilization, and full-scenario coverage	For users whose services suffer frequent traffic surges, such as users in the online education and e-commerce sectors
Network model	Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers Tunnel network Virtual Private Cloud (VPC) network	Cloud Native 2.0 networks: for scenarios where there are many containers and need high performance A maximum of 2000 nodes is supported.	Cloud Native 2.0 networks: for scenarios where there are many containers and need high performance
hostPort	Supported	Not supported	Not supported
Network performance	The container network is overlaid with the VPC network, causing certain performance loss.	The VPC network and container network are flattened into one for zero performance loss.	The VPC network and container network are flattened into one for zero performance loss.
Network isolation	Tunnel networks: network policies for communications within a cluster VPC networks: isolation not supported	Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside a cluster.	Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside a cluster.
Container resource isolation	cgroups are used to isolate common containers.	VM-level isolation is supported for secure containers that run only on physical machines. cgroups are used to isolate common containers.	VM-level isolation
Edge infrastructure management	Not supported	Management of CloudPond edge sites	Not supported

CCE Cluster Architecture

Figure 1 CCE architecture
Click to enlarge

Compute: VMs and BMSs can be deployed in the same CCE cluster. CCE adapts to various Huawei Cloud compute instances like Kunpeng instances and supports GPUs and Ascend compute. It provides GPU virtualization, shared scheduling, and resource-aware scheduling optimization.
Networking: CCE is integrated with high-performance, secure, reliable, multi-protocol dedicated load balancers as the service traffic ingress.
Storage: CCE is integrated with multiple storage services like EVS, SFS, and OBS and provides disk encryption, snapshot, and backup capabilities.
Cluster service: CCE helps you manage the entire lifecycle of your clusters, including cluster buying, access, upgrades, and management.
Container orchestration: CCE provides a console for managing Helm charts. You can easily deploy applications using charts and manage applications on the console.
Artifact repository: CCE works with SoftWare Repository for Container (SWR) that supports full lifecycle management of images. SWR is an easy-to-use, secure, reliable image management system. With SWR, you can quickly deploy containerized applications on CCE.
Auto scaling: CCE supports auto scaling of workloads and nodes, allowing you to adjust compute resources based on service requirements and policies in a cost-effective manner.
Service governance: CCE integrates with Application Service Mesh (ASM). Grayscale release, traffic management, and traffic monitoring can all be done in a non-intrusive manner.
Container O&M: CCE integrates with Container Intelligent Analysis (CIA) so that you can monitor applications and resources in real time. It allows you to collect, manage, and analyze logs, as well as collect metrics and events of your applications. You can enable container monitoring in just a few clicks.
Add-ons: There are multiple types of add-ons available on CCE. With these add-ons, you can extend the cluster functions as needed.