Enterprise Edition Installation and Use Guide
Last updated: 2025-08-07 15:47:32
Preparations
It is advisable for the ops role to operate the installation. Note that the operation role must have permission to create infrastructure such as TKE, CLB, and MySQL.
Installation Notes
The security group selected for the VPC must allow access, otherwise the pipeline node usage will be affected, such as
8088/8087/2201/80/443/22.Security groups cannot be nested.
Plan the container network CIDR in advance, and the subnet size must ensure
/21.Recommend using standard build machines such as the SA Series, for example SA2.LARGE8.
Installing an Application
1. Click Cloud Native Build - CloudApp installation link to enter the product introduction interface.
2. Click Install Application to enter the installation page (if not logged in, navigate to Tencent Cloud Login).
3. Fill in relevant information. Details are shown in the table below.
Property Name | Attribute Description |
Application Name | Default is Cloud Native Build, used to identify deployed applications in application instances. |
Install network | Select which VPC to deploy the service on Tencent Cloud, and pay attention to network planning. For example, if you hope to connect with the cluster deployment or establish an intranet connection with the company, configure them based on this VPC's network policy. |
Bind a security group. | The application will use your choice of security group. If no suitable security group is planned, go to the security group page creation. The security group must allow access to these ports 8088/8087/2201/80/443/22, otherwise the pipeline node usage will be affected. |
Billing Mode | The billing mode for infrastructure resources such as COS, MySQL, and TKE clusters. Pay-As-You-Go is flexible and suitable for short-term use. You can uninstall after the trial. Monthly Subscription is more cost-effective and suitable for official use. |
Container network CIDR | The access IP assigned to the Cloud Native Build service within the VPC. It is advisable to customize the IP range to /20.Note that it cannot conflict with the allocated network in the VPC. |
Node models for TKE | POC trial SA2.LARGE8 4-core 8GB just. |
system disk type | TKE node system disk type, need confirmation the model supports it. It is recommended to use high-performance cloud block storage. If it is out of stock in the current region, choose other available SSD disks. |
data disk type | TKE node data disk type for storing repository code and file content, need confirmation the model supports it. It is recommended to use high-performance cloud block storage. If it is out of stock in the current region, choose other available SSD disks. |
Data Disk Size | CBS configuration is in GB. Git code will be stored on the data disk, and its size and performance can be based on the code repository scale. |
Image Selection | Select TencentOS Server 3.2 (Final) just. |
Cloud Native Build | For Cloud Native Build and remote development execution machines, recommend using SA2.LARGE8 with 8 cores and 16GB for POC. |
Build machine data disk type | Store repository code and file content, need confirmation the build machine model supports the data disk type. It is recommended to use high-performance cloud block storage. If it is out of stock in the current region, choose other available SSD disks. |
Domain name resolution | For parsing requests within the cluster and distributing traffic. Use private DNS resolution with no need to pay domain name fees. After the cluster is created, view the private domain name resolution to obtain the primary application entry IP and the admin backend entry IP. If there is an outer DNS, it can parse to the corresponding IP of the VPC. |
COS | Create a bucket in COS. The bucket is used for storage of artifacts, Git LFS objects, repository images, and attachments. |
API Keys | Cloud Native Build will access the COS bucket via this key. Ensure the key can read and write files in storage normally. The SecretID format is AKIDxxx. Create it in the console Cloud Access Management > Access Keys > API Token Management. |
Tag | Tags are used to categorize and manage resources from different dimensions. It is advisable to retain usage to reflect the purpose of resources and fees. |
Application Access
Configure Access Domain
After installation, the selected domain name can be accessed directly within the VPC (via Private DNS resolution). If not in the VPC, go to Private Domain Name Resolution to view the primary application IP and admin backend IP, then manually complete domain name resolution tasks.
If the office network can access this VPC directly, you can configure the following Hosts for domain name access (the primary site/admin backend IP is your actual IP, and the xxx in the domain name is adjustable by yourself).
Primary site IP cnb.xxx.comPrimary site IP 3rd.cnb.xxx.comPrimary site IP lfs.cnb.xxx.comPrimary site IP docker.cnb.xxx.comPrimary site IP helm.cnb.xxx.comPrimary site IP docs.cnb.xxx.comPrimary site IP cos.cnb.xxx.comPrimary site IP api.cnb.xxx.comManagement backend IP admin.cnb.xxx.com
Account Integration
During POC trial, a test account is available by default after deployment. Just access the address to start the experience with the test account.
For official use, OAuth integration with the business's own OA or other account system is required in the admin backend.
The OAuth configuration interface is as follows. For the integration guide, please see the enterprise edition help documentation (replace xxx with your own domain name): docs.cnb.xxx.com/zh/paas/oauth-config.html.
Other Help Documentation
After configuring the Hosts as described above, you can access the enterprise edition help documentation address (replace xxx in the domain name with your custom domain name): docs.cnb.xxx.com, to learn more about the method of use.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback