Enabling Container Security Protection
You can enable the container security edition for your containers.
To enable protection for a container node, you need to allocate a quota to the node. If the protection is disabled or the node is deleted, the quota can be allocated to another node.
Check Frequency
HSS performs a full check in the early morning every day.
After you enable server protection, you can view scan results after the automatic scan at 04:10 in the next morning.
Prerequisite
- On the Container Nodes tab of the page, the Agent Status of a server is Online, and the Protection Status of the server is Unprotected.
- You have created a node on CCE.
Procedure
- Log in to the management console.
- Click
in the upper left corner of the page, select a region, and choose Security > Host Security Service. The HSS page is displayed. - In the navigation pane, choose . Click the Container Nodes tab.Note
If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.
- Enable protection for one or multiple servers.
- Enabling protection for a server
- In the Operation column of a server, click Enable Protection.
- In the dialog box that is displayed, confirm the information.Note
A container security quota protects one cluster node.
- Confirm the information and click OK. If the Protection Status in the container list changes to Protected, it indicates the protection has been enabled.
- Enabling protection in batches
- In the node list, select servers, and click Enable Protection above the list.
- In the dialog box that is displayed, confirm the information.Note
A container security quota protects one cluster node.
- Confirm the information and click OK. If the Protection Status in the container list changes to Protected, it indicates the protection has been enabled.
- Enabling protection for a server
Parent topic: Container Management
- Check Frequency
- Prerequisite
- Procedure