How to Switch from CGS to HSS Console?
You can integrate CGS into the HSS console to centrally manage servers and use the new functions.
Functions of the New and Old CGS
Currently, CGS has been integrated into the HSS console for unified management. The existing functions have been optimized and some new functions have been added.
Function |
Old CGS |
New CGS (New HSS) |
---|---|---|
Container asset fingerprint management |
× |
√ |
Container node management |
√ |
√ |
Private image management |
√ |
√ |
Local image management |
√ |
√ |
Official image management |
√ |
× |
Shared image management |
× |
√ |
Image vulnerability detection |
√ |
√ |
Malicious image file detection |
√ |
√ |
Image baseline check |
√ |
√ |
Vulnerability escape detection |
√ |
√ |
File escape detection |
√ |
√ |
Abnormal container process detection |
√ |
√ |
Abnormal container configuration detection |
√ |
√ |
Abnormal container startup detection |
√ |
√ |
Malicious container program detection |
√ |
√ |
High-risk system call detection |
√ |
√ |
Sensitive file access detection |
√ |
√ |
Container software information check |
√ |
√ |
Container file information check |
√ |
√ |
Whitelist management |
√ |
√ |
Container policy management |
√ |
√ |
Switchover Process
To switch from CGS to HSS, disable CGS, apply for the HSS container edition, and enable protection.
Step 1: Disabling the Original CGS Protection.
- Log in to the management console.
- In the upper left corner of the page, select a region, click , and choose . The Container Guard Service console is displayed.
- Choose Clusters & Quotas under Container Guard Service to view the cluster protection list.
- Click Disable Protection in the Operation column of the target cluster.
For easy management, you are advised to disable protection for all clusters.
Step 2: Installing an Agent
CGS (old) and HSS (new) are independent of each other. To use the HSS container edition, install a new agent.
- Log in to the management console.
- Click in the upper left corner of the page, select a region, and choose Security > Host Security Service.
- In the navigation pane, choose Asset Management > Containers & Quota.
- Click Nodes to check whether the nodes whose protection has been disabled exist in the node list.
- If the nodes are displayed on the HSS console (new), you do not need to install the agent.
- If the nodes are not displayed on the HSS console (new), you need to .
Step 3: Enabling Protection
- Log in to the management console.
- Click in the upper left corner of the page, select a region, and choose Security > Host Security Service.
- In the navigation pane, choose Asset Management > Containers & Quota.
- In the Operation column of the node list, click Enable Protection.
- Click OK. If the Protection Status of the server changes to Protected, protection has been enabled.
A CGS quota protects one cluster node.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot