Restrictions on Using CBH
To improve the stability and security of the CBH system, there are some restrictions on the use of CBH instances and their mapped CBH systems.
Network Access Restrictions
- Cross-region resource management is not supported.
A CBH instance and resources (such as ECSs and cloud databases) managed in the mapped CBH system must be in the same region.
Although some services such as Virtual Private Network (VPN) can be used to establish VPCs in different regions, using CBH to manage resources across regions is still not recommended because the cross-region network is less stable.
- Cross-VPC resource management is not supported.
A CBH instance and resources (such as ECSs and cloud databases) managed in the mapped CBH system must be in the same VPC so that the CBH system can communicate the managed resources directly.
If they are in different VPCs, use a VPC peering connection to connect two VPCs.
- Communication between the CBH instance security group and managed resource security group must be allowed.
The managed resources must be accessible through the security group to which the CBH instance belongs, and the security group to which the resources belong must allow access from the private IP address of the CBH instance.
If a CBH instance and its managed resources belong to different security groups, no communication between them is established by default. To establish a connection, add an inbound rule to the CBH instance security group.
The default ports of the security group are ports 443 and 2222, which can be accessed through a web browser or SSH client by default. To use other access methods, manually add the destination port.
For details, see Table 1.
- A CBH system can be logged in only through IP address and port number.
Table 1 Inbound and outbound rule configuration reference Scenario Description
Direction
Protocol/Application
Port
Accessing CBH through a web browser (HTTP and HTTPS)
Inbound
TCP
80, 443, and 8080
Accessing a CBH system through Microsoft Terminal Services Client (MSTSC)
Inbound
TCP
53389
Accessing a CBH Instance Through an SSH Client
Inbound
TCP
2222
Accessing CBH instances through FTP clients
Inbound
TCP
20~21
Remotely accessing Linux ECSs of CBH instances over SSH clients
Outbound
TCP
22
Remotely accessing Windows ECSs of CBH instances over the RDP Protocol
Outbound
TCP
3389
Accessing Oracle databases through CBH instances
Inbound
TCP
1521
Accessing Oracle databases through CBH instances
Outbound
TCP
1521
Accessing MySQL databases through CBH instances
Inbound
TCP
33306
Accessing MySQL databases through CBH instances
Outbound
TCP
3306
Accessing SQL Server databases through CBH instances
Inbound
TCP
1433
Accessing SQL Server databases through CBH instances
Outbound
TCP
1433
Accessing DB databases through CBH instances
Inbound
TCP
50000
Accessing DB databases through CBH instances
Outbound
TCP
50000
Accessing GaussDB databases through CBH
Inbound
TCP
18000
Accessing GaussDB databases through CBH
Outbound
TCP
18000
License servers
Outbound
TCP
9443
Cloud services
Outbound
TCP
443
Accessing a CBH system through the SSH client in the same security group
Outbound
TCP
2222
SMS service
Outbound
TCP
10743 and 443
Domain name resolution service
Outbound
UDP
53
Accessing PGSQL databases through CBH
Inbound
TCP
15432
Accessing PGSQL databases through CBH
Outbound
TCP
5432
Supported Resources
You can use CBH to manage servers you purchased on other clouds and on-premises servers as long as they can communicate with CBH through protocols supported by CBH and these servers.
- Supported host types
CBH allows you to manage Linux or Windows hosts with the SSH, RDP, VNC, Telnet, FTP, SFTP, SCP, or Rlogin protocol configured.
- Supported database types
- Relational Database Service (RDS) DB instances
- Databases on Elastic Cloud Servers (ECSs)
- Supported database versions
Table 2 Supported database versions Database Engine
Engine Version
MySQL
MySQL 5.5, 5.6, 5.7, and 8.0
Microsoft SQL Server
2014, 2016, 2017, 2019, and 2022
Oracle
10g, 11g, 12c, 19c, and 21c
DB2
DB2 Express-C
PostgreSQL
11, 12, 13, 14, and 15
GaussDB
2 and 3
- Supported application server types and versions
Only applications on Windows servers and Linux servers can be managed. Table 3 lists the supported operating system versions.
Currently, application O&M is available only on the x86 CBH instances.
Supported Third-Party Clients
To perform secure O&M management through CBH, use a third-party client to log in to the CBH system.
Login Type |
Supported Client |
Version |
---|---|---|
Logging in to a CBH system from a web browser |
Edge |
Microsoft Edge 44 or later
NOTE:
When you use Microsoft Edge, the maximum size of a file that can be uploaded to a host is 4 GB. |
Google Chrome |
Google Chrome 52.0 or later |
|
Safari |
Safari 10 or later |
|
Mozilla Firefox |
Mozilla Firefox 50.0 or later |
|
Login using an SSH client |
SecureCRT |
SecureCRT 8.0 or later |
Xshell |
Xshell 5 or later |
|
Mac Terminal |
Mac Terminal 2.0 or later |
Operation Method |
Resource Protocol Type/Application Type |
Supported Client |
---|---|---|
Database operation (in the Host Operations module) |
MySQL |
Navicat 11, 12, 15, and 16 MySQL Administrator 1.2.17 MySQL CMD DBeaver 22 and 23 |
SQL Server |
Navicat 11, 12, 15, and 16 SSMS 17 |
|
Oracle |
Toad for Oracle 11.0, 12.1, 12.8, and 13.2 Navicat 11, 12, 15, and 16 PL/SQL Developer 11.0.5.1790 DBeaver 22 and 23 |
|
DB2 |
DB2 CMD command line 11.1.0 |
|
File Transfer |
SFTP |
Xftp, WinSCP, and FlashFXP |
FTP |
Xftp, WinSCP, FlashFXP, and FileZilla |
|
Application operation |
MySQL Tool |
MySQL Administrator |
Oracle Tool |
PL/SQL Developer |
|
SQL Server Tool |
SSMS |
|
dbisql |
dbisql |
|
Google Chrome |
Google Chrome |
|
Edge |
Edge |
|
Mozilla Firefox |
Mozilla Firefox |
|
VNC Client |
VNC Viewer |
|
SecBrowser |
SecBrowser |
|
vSphere Client |
vSphere Client |
|
Radmin |
Radmin |
Other Constraints
- The maximum number of resources that can be managed by CBH cannot exceed the number of assets allowed by the instance edition.
- The maximum number of resources that can be concurrently logged in to through CBH cannot exceed the number of concurrent requests allowed by the CBH instance edition.
The number of assets refers to the number of resources running on a cloud host managed by CBH. One cloud host may have multiple resources, including protocols and applications running on it.
The number of concurrent requests indicates the number of connections established between a managed hosts and the CBH system over all protocols at the same time.
For more details, see Basic Concepts.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot