Cluster Access Overview
Accessing a cluster involves establishing communication with it and executing cluster management tasks. A CCE cluster is a distributed system consisting of multiple nodes. Resources in a cluster such as pods, Services, and Deployments need to be centrally managed and operated via various tools and methodologies. The process of accessing a cluster involves interacting with the cluster using tools such as kubectl, CloudShell, and X.509 certificates to create, configure, monitor, and debug resources.
Cluster Access Modes
You can select a proper mode to access a CCE cluster. The following table lists cluster access modes.
Mode |
Pros |
Cons |
Application Scenario |
---|---|---|---|
|
|
This mode is intended for developers and O&M personnel for the daily management of clusters, including resource creation, status monitoring, and debugging. |
|
|
|
This mode is suitable for scenarios where temporary access to a cluster is necessary, as it eliminates the need for local tool installation and configuration |
|
|
|
This mode is ideal for scenarios requiring secure service communication, identity authentication, and encryption. |
|
|
|
This mode is designed for scenarios where a simple domain name instead of an IP address is used to access a cluster. |
|
|
|
This mode is ideal for managing clusters in cloud environments or across regions, particularly when access from multiple locations is required. |
Revoking a Cluster Credential
CCE clusters allow you to revoke credentials. In multi-tenant scenarios, CCE generates a unique credential (such as a kubeconfig file or an X.509 certificate) for each user to access their designated cluster. These credentials contain user identity and authorization details, enabling users to perform authorized operations while ensuring secure isolation and management. However, credentials typically have a fixed validity period. If an employee resigns or a credential is compromised, manual revocation is required to maintain cluster security. For details, see Revoking a Cluster Access Credential.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot