Overview

CCE Application Scenarios

CCE is a container service developed on Docker and Kubernetes. It offers a wide range of features that allow you to run containers in large clusters. CCE containers deliver high reliability and strong performance, while maintaining compatibility with open-source ecosystems. They are ideal for enterprises.

CCE provides a function list and typical application scenarios. For details about the function list, see Functions. For details about the application scenarios, see Application Scenarios.

Exception Scenarios

CCE provides tenants with dedicated clusters. However, because resources such as nodes and networks are not strictly isolated, significant security risks can arise when a cluster is accessed by multiple external, uncontrolled users, particularly if security measures are insufficient. For example, in a development pipeline scenario where multiple users share the same cluster, the service logic in their code cannot be fully controlled, creating potential attacks against the cluster and other services running within it.

Enabling HSS

Host Security Service (HSS) provides host management, risk prevention, intrusion detection, advanced defense, security operations, and web page anti-tamper functions. It can comprehensively identify and manage information assets on hosts, monitor risks on hosts in real time, and prevent unauthorized intrusions. You are advised to enable HSS to protect hosts in CCE clusters. For details about HSS and how to use it, see Purchasing and Enabling Container Security.