Updated on 2025-07-04 GMT+08:00

What Is CCE?

Cloud Container Engine (CCE) is a Kubernetes cluster hosting service for enterprises. It manages the entire lifecycle of containerized applications and delivers scalable, high-performance solutions for deploying and managing cloud native applications.

Why CCE?

CCE is a one-stop platform integrating compute (ECS and BMS), networking (VPC, EIP, and ELB), storage (EVS, SFS, and OBS), and many other services. It supports heterogeneous compute architectures such as GPUs, NPUs, and Arm. Multi-AZ, multi-region disaster recovery (DR) ensures high availability (HA) of Kubernetes clusters.

Huawei Cloud is one of world's first Kubernetes Certified Service Providers (KCSPs) and China's first participant in the Kubernetes community. It has long been contributing to open-source container communities and taking lead in the container ecosystems. Huawei Cloud is also a founder and platinum member of Cloud Native Computing Foundation (CNCF). CCE is one of the first Certified Kubernetes offerings in the world.

For more information, see CCE Advantages and Application Scenarios.

Video Tutorial

CCE Cluster Types

There are multiple types of CCE clusters.

Cluster Type

CCE Standard

CCE Turbo

CCE Autopilot

Positioning

Standard clusters that provide highly reliable and secure containers for commercial use

Next-generation clusters designed for Cloud Native 2.0, with accelerated compute, networking, and scheduling

Serverless clusters without user nodes and billed by actual CPU and memory usage

In such clusters, no node deployment, management, or security maintenance is needed.

Application scenario

For users who expect to use container clusters to manage applications, obtain elastic compute resources, and enable simplified management on compute, network, and storage resources

For users who have higher requirements on performance, resource utilization, and full-scenario coverage

For users whose services suffer frequent traffic surges, such as users in the online education and e-commerce sectors

Network model

Cloud native 1.0 networks: for scenarios where requirements on performance are not high and there are not so many containers

  • Tunnel network
  • Virtual Private Cloud (VPC) network

Cloud Native 2.0 networks: for scenarios where there are many containers and need high performance

A maximum of 2000 nodes is supported.

Cloud Native 2.0 networks: for scenarios where there are many containers and need high performance

hostPort

Supported

Not supported

Not supported

Network performance

The container network is overlaid with the VPC network, causing certain performance loss.

The VPC network and container network are flattened into one for zero performance loss.

The VPC network and container network are flattened into one for zero performance loss.

Network isolation

  • Tunnel networks: network policies for communications within a cluster
  • VPC networks: isolation not supported

Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside a cluster.

Pods can be associated with security groups for isolation. This isolation policy, based on security groups, ensures consistent security isolation both within and outside a cluster.

Container resource isolation

cgroups are used to isolate common containers.

  • VM-level isolation is supported for secure containers that run only on physical machines.
  • cgroups are used to isolate common containers.

VM-level isolation

Edge infrastructure management

Not supported

Management of CloudPond edge sites

Not supported

CCE Cluster Architecture

Figure 1 CCE architecture
  • Compute: VMs and BMSs can be deployed in the same CCE cluster. CCE adapts to various Huawei Cloud compute instances like Kunpeng instances and supports GPUs and Ascend compute. It provides GPU virtualization, shared scheduling, and resource-aware scheduling optimization.
  • Networking: CCE is integrated with high-performance, secure, reliable, multi-protocol dedicated load balancers as the service traffic ingress.
  • Storage: CCE is integrated with multiple storage services like EVS, SFS, and OBS and provides disk encryption, snapshot, and backup capabilities.
  • Cluster service: CCE helps you manage the entire lifecycle of your clusters, including cluster buying, access, upgrades, and management.
  • Container orchestration: CCE provides a console for managing Helm charts. You can easily deploy applications using charts and manage applications on the console.
  • Artifact repository: CCE works with SoftWare Repository for Container (SWR) that supports full lifecycle management of images. SWR is an easy-to-use, secure, reliable image management system. With SWR, you can quickly deploy containerized applications on CCE.
  • Auto scaling: CCE supports auto scaling of workloads and nodes, allowing you to adjust compute resources based on service requirements and policies in a cost-effective manner.
  • Service governance: CCE integrates with Application Service Mesh (ASM). Grayscale release, traffic management, and traffic monitoring can all be done in a non-intrusive manner.
  • Container O&M: CCE integrates with Container Intelligent Analysis (CIA) so that you can monitor applications and resources in real time. It allows you to collect, manage, and analyze logs, as well as collect metrics and events of your applications. You can enable container monitoring in just a few clicks.
  • Add-ons: There are multiple types of add-ons available on CCE. With these add-ons, you can extend the cluster functions as needed.

CCE Learning Path

You can click here to learn about the fundamentals about CCE so that you can use CCE and perform O&M with ease.