ZStack Cloud Documentation
All
All
ZStack Cloud 5.4.0>ZStack Cloud Product Manuals>ZStack Cloud Security Whitepaper>Product Security Analysis>Computational Security
Get PDF

Product Security Analysis


HTTPS-encrypted UI Login

The management interface supports HTTPS-encrypted login to enhance system security.
  • HTTPS is not enabled by default.
  • After HTTPS is enabled, the system uses port 5443 by default and supports specifying a custom port for login.
  • After HTTPS is enabled, if you use port 5000 for HTTP login, the system automatically redirects the login request to HTTPS. Currently, only automatic redirection from HTTP port 5000 to HTTPS is supported.
  • The system supports PKCS12 certificate by default. Currently, only PKCS12 and JKS certificate are supported. If you use other certificate formats, convert the formats by yourself.

VM Instance Console

The VM instance console provides quick access for monitoring and managing VM instances. You must have appropriate permissions to access the console. The console supports two authentication methods for login: SSH key authentication and username or password authentication.
  • SSH Key Authentication
    • SSH key-based login is supported for Linux VM instances.
    • A SSH key pair, generated by an encryption algorithm, consists of a public key and a private key. The public key is disclosed, while the private key is retained by the user.
    • After a public key is bound to a VM instance, you can use the corresponding private key to SSH into the VM instance from another VM instance without entering a password.
    • To bind a public key during VM instance creation, ensure that the VM image has cloud-init pre-installed. The recommended cloud-init versions are 0.7.9, 17.1, 19.4, and later versions.
    • To bind a public key after VM instance creation, ensure that the VM instance is running and has Qemu Guest Agent (QGA) installed and running. You can install QGA by using the performance optimization tool. If you install QGA by using other methods, install version 2.5 or later.
  • Username or Password Authentication
    • Username or password-based login is supported for VM instances.
    • The fixed username for Linux VM instances is root, and the fixed username for Windows VM instances is administrator.
    • After a password is injected into a VM instance, you can use the username or password to SSH into the VM instance from another VM instance.
    • Ensure that the VM image has cloud-init pre-installed. The recommended cloud-init versions are 0.7.9, 17.1, 19.4, and later versions.

High Availability (HA)

VM Instance High Availability

VM instances support the high availability (HA) mode. If a VM instance stops due to routine maintenance (planned) or unexpected exceptions (unplanned), the HA policy can trigger an automatic restart of the VM instance to improve VM instance availability.

NeverStop VM High Availability Mechanism:
  • The mechanism detects the VM instance status through polling and triggering. If the VM instance is confirmed stopped, the HA-enabled VM instance will restart automatically.
  • If the VM instance status cannot be confirmed through polling and triggering, the mechanism performs detection in the following steps:
    1. Based on the existing network configuration, select the most accurate method to detect the status of the host where the VM instance resides.
    2. If the status of the host is abnormal, the HA-enabled VM instance will attempt to restart automatically.

Load Balancing

Multiple VM instances can use the load balancing service to form a cluster, eliminating single points of failure and improving application availability.










Archives

Download Document Archives

Download

Already filled the basic info?Click here.

Enter at least 2 characters.
Cannot be empty.
Invalid mobile number.
Enter at least 4 characters.
Invalid email address.
Wrong code. Try again. Send Code Resend Code (60s)

An email with a verification code will be sent to you. Make sure the address you provided is valid and correct.

同意 不同意

I have read and concur with the Site TermsPrivacy PolicyRules and Conventions on User Management of ZStack Cloud

Download

Not filled the basic info yet? Click here.

Invalid email address or mobile number.
同意 不同意

I have read and concur with the Site TermsPrivacy PolicyRules and Conventions on User Management of ZStack Cloud

Email Us

contact@zstack.io
ZStack Training and Certification
Enter at least 2 characters.
Invalid mobile number.
Enter at least 4 characters.
Invalid email address.
Wrong code. Try again. Send Code Resend Code (60s)

同意 不同意

I have read and concur with the Site TermsPrivacy PolicyRules and Conventions on User Management of ZStack Cloud

Email Us

contact@zstack.io
Request Trial
Enter at least 2 characters.
Invalid mobile number.
Enter at least 4 characters.
Invalid email address.
Wrong code. Try again. Send Code Resend Code (60s)

同意 不同意

I have read and concur with the Site TermsPrivacy PolicyRules and Conventions on User Management of ZStack Cloud

Email Us

contact@zstack.io

The download link is sent to your email address.

If you don't see it, check your spam folder, subscription folder, or AD folder. After receiving the email, click the URL to download the documentation.

The download link is sent to your email address.

If you don't see it, check your spam folder, subscription folder, or AD folder.
Or click on the URL below. (For Internet Explorer, right-click the URL and save it.)

Thank you for using ZStack products and services.

Submit successfully.

We'll connect soon.

Thank you for using ZStack products and services.