Skip to main content

Concept Overview

Private Network/Cloud Hosting Service Network

Background Knowledge

For information about Virtual Private Cloud (VPC) and subnets, please refer to the Virtual Private Cloud documentation.

Cloud Hosting Service also resides in an isolated private network.

Usage Limitations

  • Cloud hosting services in the same environment reside in an isolated private network and can call each other via intranet domain names, incurring no public network traffic fees and having lower latency.
  • Services across different environments cannot communicate via intranet and can only access each other via public network addresses.
  • The private network where the Cloud Hosting service resides is isolated from the private network in the corresponding Tencent Cloud account. You need to configure private network settings to establish connectivity between the Cloud Hosting service's private network and the private network in your Tencent Cloud account.

Domain Name ICP Filing

Background Knowledge

For information about what Domain Name ICP Filing is and how to perform it, please refer to the ICP Filing documentation.

Usage Limitations

  • Custom domains to be bound to Cloud Development environments or Cloud Hosting services require ICP filing.
  • If the ICP filing was not completed on Tencent Cloud, you need to perform access filing on Tencent Cloud.

Image Registry

Background Knowledge

Cloud Hosting uses the Container Registry (TCR) Personal Edition, which is free of charge. You can quickly view all images in the image repository bound to the current service and their usage in the "Images" tab on the service details page. For more information about Tencent Cloud image registry, please refer to the Container Registry Service documentation.

Usage Limitations

  • Upon creation, the service is bound to a unique Tencent Cloud image registry to manage all related images for all versions under this service.
  • The same service does not support binding to multiple image repositories, which would cause images of different versions to be scattered across multiple distinct image repositories.
  • All image repositories created by CloudBase are stored under the same namespace prefixed with "tcb", named in the format of environment id_service name. You can view and manage this image repository created by CloudBase on the Container Registry Service Console.

Usage Recommendations

"Use default repository (Recommended)": CloudBase Cloud Hosting will use the Container Registry Personal Edition to automatically create a private repository with the same name as your service and bind it to your service upon service creation.

"Binding an existing Tencent Cloud image repository" applies to the following scenarios:

  1. Cross-Scenario Reuse

Outside the CloudBase scenario, if you have already used a Tencent Cloud image repository and wish to continue using its images for a CloudBase service, you can select "Bind an existing Tencent Cloud image repository" during service creation and specify any private image repository under your account. Please note that if you do so, the images generated through CloudBase (manually uploaded or automatically built and pushed) may also affect your use of images in other scenarios.

  1. Capacity Limits

The Personal Edition Container Registry Service has a limit on the number of repositories. When this limit is reached and cleanup in the Personal Edition is inconvenient, you can switch to using existing Enterprise Edition repositories. For Enterprise Edition repository limitations, please refer to the specific image registry documentation.

Service Domain

  • Public domain: Any source on the public network can make HTTPS calls to the service, which will incur corresponding public network traffic fees.
  • Intranet domain: Accessible only by other cloud hosting services within the same environment, incurring no public network traffic fees.
  • Allow public network access to the service via the service domain: After disabling, accessing the service through the default public domain/custom public domain will result in errors. When you want the service to be accessible only within the internal network, you can choose to disable this option. Regardless of whether this is enabled, access to the service via the intranet domain remains unaffected.
Tip
  • After disabling "Allow public network access to the service via the service domain", if the intranet domain is also not being accessed, no traffic will reach the current service from any source. This will cause all versions under the service to scale down to the minimum number of replicas.
  • Within the same environment, access speed via the intranet domain is higher than via the public domain.

HTTP Access Service Configuration

Outside of the service domain, you can choose to enable the HTTP access service.

Background Knowledge

For an introduction to CloudBase HTTP Access Service, please refer to the HTTP Access Service documentation.

Usage Limitations

  • Whether the HTTP Access Service is enabled or how it is configured does not affect the usage of the service domain.
  • Disabling the "Allow public network access to the service via the service domain" switch does not affect public network access to the service via addresses configured in the HTTP Access Service.
  • Public network accessing the service via addresses configured in the HTTP Access Service will incur corresponding public network traffic fees.

Resource Interconnection

Application Scenarios

You need to establish network connectivity with the resources within your account's vpc.

Usage Limitations

  • The environment dimension supports the same region.
  • Bandwidth limit 5Gbps
  • During authorization, if you encounter the error: Error: InvalidParameter, vpc cidr conflict with others, it indicates a CIDR conflict. You need to change the CIDR of your VPC and try again.