Kubernetes One‑Click Cloud Deployment, CIS Architecture, and Tencent Hub DevOps Practices

This article reviews the technical content presented at the Cloud+ Community Tech Salon co‑hosted by Tencent Cloud and InfoQ on June 30, covering five major topics: one‑click Kubernetes deployment, large‑scale cloud computing platform construction, CIS (Container Instance Service) underlying technology, Tencent Hub architecture, and DevOps implementation.

Kubernetes One‑Click Deployment – Since the end of 2016, Tencent Cloud offers a fully managed Kubernetes service with four key capabilities: isolated, one‑click cluster provisioning with full lifecycle management; a visual console that abstracts away manual YAML configuration; integrated monitoring linked to Tencent Cloud Monitor; and auxiliary services such as Docker image registry, Tencent Hub, and CI/CD for end‑to‑end cloud solutions.

Kubernetes Component Overview – The master plane includes kube‑apiserver, kube‑controller‑manager, and kube‑scheduler. Nodes run kubelet and kube‑proxy. Tencent Cloud adds custom components such as hpa‑metrics‑server (supports CPU, memory, and bandwidth‑based autoscaling), cbs‑provisioner (CBS block storage), and ccs‑log‑collector (log aggregation).

Container Network – Kubernetes requires a flat, NAT‑free network that enables pod‑to‑pod, node‑to‑pod, and node‑to‑node communication. Tencent Cloud implements this using VPC global routing, Docker bridge networking, and CNI‑assigned pod IPs, allowing cross‑host pod communication.

Container Storage – The platform integrates Tencent Cloud CBS and CFS. Volume lifecycle is managed by kube‑controller‑manager (create, mount, detach, and delete) and supports three plugin models: in‑tree, FlexVolume, and the CSI‑based plugin.

Logging and Monitoring – Logging is handled by a Fluentd‑based controller with CRD support, collecting both container stdout and host file logs. Monitoring leverages the built‑in cAdvisor metrics in kubelet, tags pod metadata, and forwards data to Tencent Cloud Monitor. The hpa‑metrics‑server feeds bandwidth metrics into the HPA controller for dynamic scaling.

CIS (Container Instance Service) – CIS provides a fully managed, serverless‑style Kubernetes environment where users only manage container instances. It offers four characteristics: convenience (no underlying resources to purchase), security (Kata containers with VM‑level isolation), cost‑efficiency (per‑second billing), and flexibility (multiple containers per pod, mixed workloads). CIS instances are attached to user VPCs via elastic network cards, enabling access to other cloud resources.

Tencent Hub Architecture – Tencent Hub combines a Docker image registry (backed by COS) with a YAML‑driven workflow engine. It uses a plugin‑based component model executed on Kubernetes, supports image vulnerability scanning, and provides a unified API for push/pull authentication (OAuth2/Basic). The workflow engine models pipelines as DAGs of stages and jobs, supporting triggers from code commits, image pushes, or direct API calls, and includes pause/resume capabilities.

DevOps Workflow Design – Jobs are containerized components that receive input via environment variables and emit output through stdout logs (e.g., JOB_OUT key=value ). The scheduler runs jobs on TKE, leveraging Kubernetes’ reliability, auto‑scaling, and resource isolation. Logs are streamed via WebSocket to the UI, and artifacts/caches are stored in Tencent Hub’s object storage.

Large‑Scale Cloud HPC Platform – The article describes how partner JingTai Technology migrated its scientific‑computing workloads (molecular simulation, crystal‑structure prediction) from on‑premise supercomputers to a Kubernetes‑based cloud platform. It outlines three generations of the platform: PBS/NFS, Mesos/Docker, and finally Kubernetes/TKE with multi‑cloud elasticity. Key challenges such as image size optimization, parallel MPI execution, and network performance are discussed, along with TKE’s elastic scaling to thousands of nodes for tens of thousands of concurrent tasks.

Overall, the piece demonstrates how Kubernetes, CIS, and Tencent Hub together lower the operational barrier for containerized workloads, enable efficient DevOps pipelines, and support both AI/ML and high‑performance scientific computing in the cloud.