From abaede60ddc61fd9b10b833e2ab499e640536f74 Mon Sep 17 00:00:00 2001
From: Zexi Li <zexi.li@icloud.com>
Date: Wed, 1 Apr 2026 18:08:03 +0800
Subject: [PATCH] docs(i18n): sync English translations for aicloud, cmp, and
 changelogs

---
 .../current/contact                           |    1 +
 .../current/development                       |    1 +
 .../current/getting-started/ha-ce.mdx         |   38 +
 .../current/getting-started/host.md           |   74 +
 .../current/getting-started/images            |    1 +
 .../current/getting-started/quickstart.mdx    |  102 +-
 .../getting-started/setup-nvidia-cuda.mdx     |  110 +
 .../current/guides/index.mdx                  |   37 +
 .../current/guides/llm-app/comfyui.mdx        |   80 +
 .../current/guides/llm-app/dify.mdx           |  302 ++
 .../current/guides/llm-app/images             |    1 +
 .../current/guides/llm-app/index.mdx          |   25 +
 .../current/guides/llm-app/openclaw.mdx       |  184 ++
 .../current/guides/llm-app/template.mdx       |   23 +
 .../current/guides/llm-image.mdx              |   26 +
 .../current/guides/llm-inference/images       |    1 +
 .../current/guides/llm-inference/index.mdx    |   19 +
 .../guides/llm-inference/model-library.mdx    |  221 ++
 .../current/guides/llm-inference/ollama.mdx   |  226 ++
 .../current/guides/llm-inference/template.mdx |  158 +
 .../current/guides/llm-inference/vllm.mdx     |  408 +++
 .../current/introduction/index.mdx            |   42 +-
 .../current/operations/databases              |    1 +
 .../current/operations/fe                     |    1 +
 .../current/operations/ha                     |    1 +
 .../current/operations/index.mdx              |   13 +
 .../current/operations/k8s                    |    1 +
 .../current/operations/log                    |    1 +
 .../current/operations/platform-issues        |    1 +
 .../current/operations/recovery.md            |    1 +
 .../current/operations/uninstallation.md      |   59 +
 .../current/operations/upgrading              |    1 +
 .../current/release-notes                     |    1 +
 .../shared                                    |    1 +
 .../guides/cloudaccounts/cloudaccount.md      | 2603 +++++++++++++++++
 .../changelog/release-3_11/3-11-12.md         |  338 +++
 .../changelog/release-3_11/3-11-13.md         |  401 +++
 .../current/release-notes/v4_0_x.md           |    7 +
 i18n/en/docusaurus-theme-classic/navbar.json  |    4 +
 39 files changed, 5500 insertions(+), 15 deletions(-)
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/contact
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/development
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/ha-ce.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/host.md
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/images
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/setup-nvidia-cuda.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/index.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/comfyui.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/dify.mdx
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/images
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/index.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/openclaw.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/template.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-image.mdx
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/images
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/index.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/model-library.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/ollama.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/template.mdx
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/vllm.mdx
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/databases
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/fe
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/ha
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/index.mdx
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/k8s
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/log
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/platform-issues
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/recovery.md
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/uninstallation.md
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/upgrading
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/current/release-notes
 create mode 120000 i18n/en/docusaurus-plugin-content-docs-aicloud/shared
 create mode 100644 i18n/en/docusaurus-plugin-content-docs-cmp/current/guides/cloudaccounts/cloudaccount.md
 create mode 100644 i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-12.md
 create mode 100644 i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-13.md
 create mode 100644 i18n/en/docusaurus-plugin-content-docs/current/release-notes/v4_0_x.md

diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/contact b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/contact
new file mode 120000
index 00000000..1ffc2df3
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/contact
@@ -0,0 +1 @@
+../shared/contact
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/development b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/development
new file mode 120000
index 00000000..7a521500
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/development
@@ -0,0 +1 @@
+../shared/development
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/ha-ce.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/ha-ce.mdx
new file mode 100644
index 00000000..d1223fdf
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/ha-ce.mdx
@@ -0,0 +1,38 @@
+---
+sidebar_position: 3
+edition: ce
+---
+
+# High Availability Installation
+
+Use the [ocboot](https://github.com/yunionio/ocboot) deployment tool for high-availability installation of Cloudpods services, which is more suitable for production environment deployments.
+
+## Prerequisites
+
+import HAEnv from '../../shared/getting-started/_parts/_ha-env.mdx';
+
+<HAEnv />
+
+## Start Installation
+
+import OcbootReleaseDownload from '../../shared/getting-started/_parts/_quickstart-ocboot-release-download.mdx';
+
+<OcbootReleaseDownload />
+
+### Write Deployment Configuration
+
+import OcbootConfigHA from '@site/src/components/OcbootConfigHA';
+
+<OcbootConfigHA productVersion='AI' />
+
+### Start Deployment
+
+```bash
+$ ./ocboot.sh install ./config-ha.yml
+```
+
+After deployment completes, you can open https://10.127.190.10 (VIP) in a browser, enter the username `admin` and password `admin@123`, and access the web console.
+
+After deployment, you can add more nodes to the existing cluster. Refer to: [Adding Compute Nodes](./host).
+
+Note: When adding nodes, please use the actual IP of the first control node (do not use the VIP), because the VIP may drift. Typically only the first control node has SSH passwordless login permissions configured for other nodes; otherwise, SSH login may fail.
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/host.md b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/host.md
new file mode 100644
index 00000000..e59febbb
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/host.md
@@ -0,0 +1,74 @@
+---
+sidebar_position: 4
+edition: ce
+---
+
+# Adding Compute Nodes
+
+To run AI applications in AI Cloud, you need to first add the corresponding compute nodes (hosts) and ensure they have the necessary container and (if applicable) GPU environment. This section describes how to deploy the base components on compute nodes and add hosts to the cluster.
+
+Compute nodes are mainly responsible for container, network, storage, and GPU management.
+
+## Environment
+
+import OcbootEnv from '../../shared/getting-started/_parts/_quickstart-ocboot-k3s-env.mdx';
+
+<OcbootEnv />
+
+## Use ocboot to Add Corresponding Nodes
+
+The following operations are performed on the control node. Use the `ocboot.sh add-node` command on the control node to add the corresponding compute node to the cluster.
+
+Assuming you want to add compute node 10.168.222.140 to control node 10.168.26.216, you first need SSH root passwordless login to both the corresponding compute node and the control node itself.
+
+::::tip Note
+If it is a high-availability deployment environment, do not use the VIP for the control node IP when adding nodes. Only use the actual IP of the first control node, because the VIP may drift to other nodes, and usually only the first node has SSH passwordless login permissions configured for other nodes. Using other control nodes may cause SSH login to fail.
+::::
+
+```bash
+# Set the control node itself to passwordless login
+$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.168.26.216
+
+# Try passwordless login to the control node to verify
+$ ssh root@10.168.26.216 "hostname"
+
+# Copy the generated ~/.ssh/id_rsa.pub public key to the machine to be deployed
+$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.168.222.140
+
+# Try passwordless login to the machine to be deployed. You should be able to get the hostname without entering a password
+$ ssh root@10.168.222.140 "hostname"
+```
+
+### Add Nodes
+
+The following commands are all run on the previously deployed control node. The control node should have the [ocboot](https://github.com/yunionio/ocboot) deployment tool installed in advance.
+
+::::tip If you plan to run GPU-based AI applications
+If you plan to run GPU-dependent AI applications (such as Ollama) on the new compute node, please complete [Setting up NVIDIA and CUDA Environment](./setup-nvidia-cuda) on the target compute node before running `ocboot.sh add-node` to add the node.<!-- If you plan to run GPU-dependent AI applications (such as Ollama/vLLM) on the new compute node, please complete [Setting up NVIDIA and CUDA Environment](./setup-nvidia-cuda) on the target compute node before running `ocboot.sh add-node` to add the node. -->
+::::
+
+```bash
+# Use ocboot to add nodes
+$ ./ocboot.sh add-node --enable-ai-env 10.168.26.216 10.168.222.140
+```
+
+```bash
+# Other options, use '--help' for help
+$ ./ocboot.sh add-node --help
+```
+
+### Enable Compute Nodes (Hosts)
+
+After the compute nodes are added, you need to enable the newly reported compute nodes (hosts). Only enabled hosts can run virtual machines and related workloads.
+
+```bash
+# Use climc to view the registered host list
+$ climc host-list
+
+# Enable the specified host
+$ climc host-enable <host_name>
+```
+
+## Common Troubleshooting
+
+For common troubleshooting on compute nodes, please refer to: [Host Service Troubleshooting](../../onpremise/guides/host/troubleshooting).
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/images b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/images
new file mode 120000
index 00000000..b71155a7
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/images
@@ -0,0 +1 @@
+/Users/lzx/code/go/src/yunion.io/x/website/docs/aicloud/getting-started/images
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/quickstart.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/quickstart.mdx
index ae4df697..dc3e6f91 100644
--- a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/quickstart.mdx
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/quickstart.mdx
@@ -1,18 +1,106 @@
 ---
 sidebar_position: 1
 title: Quick Start
-description: AI Cloud quick start guide
+description: AI Cloud Quick Start Guide
+edition: ce
 ---
 
-# Quick Start
+# Ocboot Quick Installation of AI Cloud
 
-This page describes how to get started with Cloudpods AI Cloud.
+Use the [ocboot](https://github.com/yunionio/ocboot) deployment tool to quickly deploy a Cloudpods AI Cloud environment.
+
+:::tip Note
+This chapter walks you through quickly setting up an AI Cloud environment using the deployment tool. For deploying a high-availability cluster in production, please refer to: [High Availability Installation](./ha-ce).
+:::
 
 ## Prerequisites
 
-- Cloudpods platform is deployed (private cloud or K8s)
-- Sufficient compute and storage for AI workloads
+:::tip Notes:
+
+- About GPU
+  - If the target machine has an Nvidia GPU, you can choose to use the ocboot tool to automatically deploy the driver and CUDA. See details later in this document.
+  - If there is no Nvidia GPU, the deployed environment will not be able to run inference container instances like Ollama, but it can run application container instances like OpenClaw and Dify that do not depend on GPU.<!-- 如果没有 Nvidia GPU，部署后的环境就无法运行 ollama 和 vllm 这种推理容器实例，但可以运行 OpenClaw 和 dify 这种不依赖 GPU 的应用容器实例。 -->
+- The operating system must be a clean installation, because the deployment tool will build a k3s cluster of a specified version from scratch. Make sure the system does not have Kubernetes, Docker, or other container management tools installed, otherwise conflicts will cause installation failures.
+- Minimum requirements: 8 CPU cores, 8 GiB memory, 200 GiB storage.
+- Virtual machines and services store data under the **/opt** directory, so ideally it is recommended to set up a separate mount point for **/opt**.
+    - For example, create an ext4 partition on /dev/sdb1 and mount it to /opt via /etc/fstab.
+- On Debian-family operating systems (e.g., Debian and Ubuntu), during the first ocboot deployment, GRUB boot options will be detected and updated so that k3s can run properly. As a result, the operating system will reboot during deployment. After the reboot, simply re-run the ocboot deployment.
+:::
+
+Supported distributions vary by CPU architecture. Currently supported distributions are as follows:
+
+Note: 4.0 refers to Release/4.0.
+
+| OS and Architecture                      | 4.0  |
+| -------------------------------------- | ---- |
+| OpenEuler 22.03 LTS Sp3 x86_64+aarch64 | ✅   |
+
+## Install Cloudpods AI Cloud
+
+import OcbootReleaseDownload from '../../shared/getting-started/_parts/_quickstart-ocboot-release-download.mdx';
+
+<OcbootReleaseDownload />
+
+### Run the Deployment Tool
+
+Next, execute `ocboot.sh run.py` to deploy the services. The **host_ip** parameter is the IP address of the deployment node and is optional. If not specified, the NIC used by the default route will be selected for service deployment. If your node has multiple NICs, you can specify **host_ip** to choose the corresponding NIC for listening.
+
+import OcbootRun from '@site/src/components/OcbootK3sRun';
+
+<OcbootRun productVersion='ai' />
+
+The `./ocboot.sh run.py` script calls Ansible to deploy services. If the script exits due to issues during deployment, you can re-run the script to retry.
+
+### Configure NVIDIA Driver and CUDA (Optional)
+
+To install or configure NVIDIA drivers and CUDA on a node to run GPU-dependent AI container applications such as Ollama, please refer to: [Setting up NVIDIA and CUDA Environment](./setup-nvidia-cuda).<!-- 若需在节点上安装或配置 NVIDIA 驱动与 CUDA 以运行 Ollama、vLLM 等依赖 GPU 的 AI 容器应用，请参考：[配置 NVIDIA 与 CUDA 环境](./setup-nvidia-cuda)。 -->
+
+## Start Using Cloudpods AI Cloud
+
+```bash
+....
+# After deployment completes, the following output indicates success
+# Open https://10.168.26.216 in a browser, where the IP is the <host_ip> set earlier
+# Log in with admin/admin@123 to access the web interface
+Initialized successfully!
+Web page: https://10.168.26.216
+User: admin
+Password: admin@123
+```
+
+After deployment, open the Web address output by ocboot (e.g., `https://<host_ip>`) in a browser, and log in with the provided credentials to access the Cloudpods console.
+
+### Enable Hosts
+
+The newly created environment will be added to the platform as a host node, which is not enabled by default. Go to **Compute -> Infrastructure -> Hosts** to view the host list and enable the corresponding host.
+![](../../shared/getting-started/images/host.png)
+
+### Quickly Create AI Instances
+
+Go to the **"Artificial Intelligence"** menu to quickly create AI applications. Please refer to the corresponding documentation based on your needs.
+
+:::tip
+- Before creating applications that **depend on GPU**, please first complete: [Setting up NVIDIA and CUDA Environment](./setup-nvidia-cuda).
+:::
+
+| Application | Type | Description | GPU Required | Quick Start |
+|---|---|---|---|---|
+| OpenClaw | AI App | Open-source self-hosted personal agent assistant | No | [OpenClaw Quick Start](../guides/llm-app/openclaw#quickstart) |
+| Dify | AI App | LLM application development and workflow orchestration platform (can connect to inference services) | No | [Dify Quick Start](../guides/llm-app/dify#quickstart) |
+| ComfyUI | AI App | Image generation and node-based workflow application | Yes | [ComfyUI Quick Start](../guides/llm-app/comfyui#quickstart) |
+| Ollama | AI Inference | Lightweight local inference service | Yes | [Ollama Quick Start](../guides/llm-inference/ollama#quickstart) |
+<!-- | vLLM | AI推理 | 高吞吐、低延迟推理服务 | 需要 | [vLLM 快速开始](../guides/llm-inference/vllm#quickstart) | -->
+
+## FAQ
+
+### 1. How to add more AI nodes?
+
+To add new nodes (especially GPU nodes) to an existing cluster, if you need to run GPU-dependent AI applications, it is recommended to first configure NVIDIA/CUDA. Refer to: [Setting up NVIDIA and CUDA Environment](./setup-nvidia-cuda). Then complete the host addition and enablement. Refer to: [Adding Compute Nodes](./host).
+
+### 2. How to upgrade?
+
+Please refer to [Upgrading via ocboot](/docs/onpremise/operations/upgrading/ocboot-upgrade) (if AI Cloud shares the ocboot upgrade process with private cloud).
 
-## Next steps
+### 3. Other questions?
 
-Detailed installation and configuration will be updated with product releases. Stay tuned.
+Feel free to submit issues on Cloudpods GitHub Issues: [https://github.com/yunionio/cloudpods/issues](https://github.com/yunionio/cloudpods/issues). We will respond as soon as possible.
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/setup-nvidia-cuda.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/setup-nvidia-cuda.mdx
new file mode 100644
index 00000000..7809dd23
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/getting-started/setup-nvidia-cuda.mdx
@@ -0,0 +1,110 @@
+---
+sidebar_position: 2
+title: Setting up NVIDIA and CUDA Environment
+description: Install NVIDIA drivers and CUDA on AI Cloud nodes to run GPU-based AI applications such as Ollama
+# 原文保留：在 AI 云节点上安装 NVIDIA 驱动与 CUDA，以运行 Ollama、vLLM 等 GPU 类 AI 应用
+edition: ce
+---
+
+# Setting up NVIDIA and CUDA Environment
+
+This document describes how to use ocboot's `setup-ai-env` command to configure NVIDIA drivers, CUDA, containerd, and other AI runtime environments on an existing cluster or standalone machine, without deploying or modifying Cloudpods cloud management services. This is applicable for scenarios that require running GPU-dependent AI container applications such as Ollama.<!-- 适用于需要运行 Ollama、vLLM 等依赖 GPU 的 AI 容器应用的场景。 -->
+
+:::tip Notes
+- If the target environment does not have an Nvidia GPU, or you do not need to run GPU-dependent container AI applications like Ollama, you can skip this document.<!-- 如果待部署环境没有 Nvidia GPU，或不需要运行 Ollama 和 vLLM 这类需要 GPU 的容器 AI 应用，可以跳过本文。 -->
+- Without the Nvidia runtime environment configured, you can still run AI container applications that do not depend on GPU, such as OpenClaw and Dify.
+:::
+
+## Command Format
+
+Please first download and prepare the NVIDIA driver and CUDA installation packages (e.g., CUDA 12.8). Note that you should download the **.run** installation packages:
+- NVIDIA driver: Available from [NVIDIA Driver Downloads](https://www.nvidia.com/en-us/drivers/unix/).
+- CUDA installation package: Available from [NVIDIA CUDA Toolkit Downloads](https://developer.nvidia.com/cuda-downloads?target_os=Linux&target_arch=x86_64).
+
+After downloading, transfer the installation packages to the target machine or a path accessible from the machine running ocboot.
+
+```bash
+./ocboot.sh setup-ai-env <target_host1> [target_host2 ...] \
+  --nvidia-driver-installer-path <full_path_to_driver> \
+  --cuda-installer-path <full_path_to_cuda> \
+  [--gpu-device-virtual-number 2] [--user USER] [--key-file KEY] [--port PORT]
+```
+
+## Examples
+
+```bash
+# Basic usage
+./run.py setup-ai-env 10.127.222.247 \
+  --nvidia-driver-installer-path /root/nvidia/NVIDIA-Linux-x86_64-570.133.07.run \
+  --cuda-installer-path /root/nvidia/cuda_12.8.1_570.124.06_linux.run
+
+# Specify GPU virtual number and SSH options
+./run.py setup-ai-env 10.127.222.247 \
+  --nvidia-driver-installer-path /root/nvidia/NVIDIA-Linux-x86_64-570.133.07.run \
+  --cuda-installer-path /root/nvidia/cuda_12.8.1_570.124.06_linux.run \
+  --gpu-device-virtual-number 2 \
+  --user admin \
+  --port 2222
+```
+
+## Parameter Reference
+
+| Parameter | Required | Default | Description |
+|------|------|--------|------|
+| `--nvidia-driver-installer-path` | Yes | - | Full path to the NVIDIA driver installation package. |
+| `--cuda-installer-path` | Yes | - | Full path to the CUDA installation package. |
+| `--gpu-device-virtual-number` | No | 2 | Virtual number for NVIDIA GPU shared devices. |
+| `--user` / `-u` | No | root | SSH username. |
+| `--key-file` / `-k` | No | - | SSH private key file path. |
+| `--port` / `-p` | No | 22 | SSH port. |
+
+## Installation Steps and Workflow
+
+ocboot will perform the following steps (among others) on the target host:
+
+1. Check OS support and local installation files (if paths are specified)
+2. Install kernel headers and development packages
+3. Clean up vfio-related configurations (if present)
+4. Install NVIDIA driver (if `--nvidia-driver-installer-path` is provided)
+5. Install CUDA environment (if `--cuda-installer-path` is provided)
+6. Configure GRUB (add nvidia-drm.modeset=1)
+7. Install NVIDIA Container Toolkit
+8. Configure containerd runtime
+9. Configure host device mappings (auto-discover NVIDIA corresponding `/dev/dri/renderD*` and generate configuration)
+10. Verify the installation
+
+## Important Notes
+
+- During installation, the target host may **automatically reboot** after installing kernel packages or updating GRUB. Please be aware of this in advance.
+- Ensure the target host has sufficient disk space and network connectivity to download dependencies such as the NVIDIA Container Toolkit.
+- The installation packages must be prepared on the **machine running ocboot**, and ensure they have been **transferred to the target machine before running the playbook**. For transfer methods, refer to the Quick Start FAQ: [How to transfer installation packages to the target machine?](./quickstart#3-如何将安装包传输到目标机).
+- Ensure passwordless SSH login between the machine running ocboot and the target host (or use parameters such as `--key-file`).
+
+## FAQ
+
+### No GPU listed or GPU not detected in the host list after deployment?
+
+Confirm that the NVIDIA driver and CUDA are installed on the target machine, and that the driver version matches the CUDA version. If you used `run.py ai` without passing `--nvidia-driver-installer-path` / `--cuda-installer-path`, you need to manually install the driver and CUDA on the target machine beforehand. After installation, run `nvidia-smi` to verify.
+
+### Is it normal for the target host to automatically reboot during installation?
+
+Yes. After installing kernel-related packages or updating GRUB, ocboot may trigger a reboot to load new drivers or configurations. Do not interrupt the process. If the deployment is not complete after the reboot, re-run the original deployment command to continue.
+
+### How to transfer installation packages to the target machine?
+
+Before running `setup-ai-env` or `ai` with installation package parameters, you can first transfer the packages to the target machine, for example:
+
+```bash
+# Using rsync (recommended)
+rsync -avP /path/to/nvidia/NVIDIA-Linux-x86_64-570.133.07.run target_host:/root/nvidia/
+rsync -avP /path/to/cuda/cuda_12.8.1_570.124.06_linux.run target_host:/root/nvidia/
+
+# Using scp
+scp /path/to/nvidia/NVIDIA-Linux-x86_64-570.133.07.run target_host:/root/nvidia/
+scp /path/to/cuda/cuda_12.8.1_570.124.06_linux.run target_host:/root/nvidia/
+```
+
+### How to check if the platform has GPUs available?
+
+If the configuration is successful, go to **Compute -> Infrastructure -> Passthrough Devices** to see the detected and reported GPUs.
+![](./images/gpu-list.png)
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/index.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/index.mdx
new file mode 100644
index 00000000..da49bb74
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/index.mdx
@@ -0,0 +1,37 @@
+---
+sidebar_position: 2
+hide_table_of_contents: true
+edition: ce
+---
+
+# User Guide
+
+Concepts and usage instructions for AI applications, inference, templates, model libraries, and images.
+
+## Reading Guide
+
+- For deployment, see [Quick Start](../getting-started/quickstart).
+- For GPU deployment, see [NVIDIA/CUDA](../getting-started/setup-nvidia-cuda).
+- Read in this order: [AI Applications](./llm-app/) (including [Application Templates](./llm-app/template)) → [AI Inference](./llm-inference/) (including [Inference Templates](./llm-inference/template) / [AI Model Library](./llm-inference/model-library)) → [AI Images](./llm-image).
+
+## Console Menu and Feature Overview
+
+After entering **Artificial Intelligence**, the menu is divided into **Applications**, **Inference**, and **Images**:
+
+- **Applications**: Application instances (Dify/OpenClaw/ComfyUI), application templates.
+- **Inference**: Inference instances (Ollama), inference templates, inference model library.<!-- Inference instances (Ollama/vLLM), inference templates, inference model library. -->
+- **Images**: Managed under "Artificial Intelligence" → "Images"; selected when creating templates.
+
+## Terminology
+
+- **Template**: Resource configuration such as CPU/memory/GPU required to run an instance.
+- **Model Library**: Reusable model resources for use by inference applications.
+- **Image**: Container image for the instance runtime environment, determining functionality and version.
+
+## Typical Relationship
+
+Instance = Image + Spec + (optional) Model.
+
+import IndexDocCardList from '@site/src/components/IndexDocCardList';
+
+<IndexDocCardList />
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/comfyui.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/comfyui.mdx
new file mode 100644
index 00000000..94fe198e
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/comfyui.mdx
@@ -0,0 +1,80 @@
+---
+sidebar_position: 5
+edition: ce
+title: ComfyUI
+---
+
+# ComfyUI
+
+[ComfyUI](https://www.comfy.org/) is an image generation and visual workflow application that supports node-based workflow orchestration, suitable for image generation, workflow reuse, and visual debugging.
+
+## Quick Start {#quickstart}
+
+### 0. Prerequisites
+
+Image generation depends on a GPU environment. Please first complete [Configure NVIDIA and CUDA Environment](../../getting-started/setup-nvidia-cuda).
+
+### 1. Configure the Template
+
+After configuring the GPU environment, simply update the GPU model in the platform's default ComfyUI template `comfyui-8c16g`. The process is as follows:
+
+1. Go to the console **Artificial Intelligence → Applications → Application Templates**, find the default template `comfyui-8c16g`, and click Edit.
+![](./images/comfyui-sku-edit.png)
+2. In the template configuration, change the GPU model to the one you want to use.
+![](./images/comfyui-sku-gpu.png)
+
+### 2. Create an Instance
+
+After updating the default template's GPU model, go to **Artificial Intelligence → Applications → Application Instances**, create a new instance, and select the updated `comfyui-8c16g` template.
+![](./images/openclaw-app-instance-create.png)
+![](./images/comfyui-create-form.png)
+
+- Bandwidth: Rate-limits the container network; fill in based on actual needs.
+- Host (optional): You can specify a host to run the container instance on; if not selected, it will be automatically scheduled.
+- Network: You can choose automatic scheduling or specify an IP subnet.
+
+### 3. Access the ComfyUI Web Interface
+
+After creation is complete, go to the instance details page to get the login information. Open the corresponding address in a browser to access the ComfyUI web interface.
+
+![](./images/comfyui-login-url.png)
+![](./images/comfyui-webui.png)
+
+### 4. Download Models
+
+The ComfyUI container image comes with the [ComfyUI-Downloader](https://github.com/romandev-codex/ComfyUI-Downloader) plugin pre-installed, making it easy to download components directly from the UI.
+After selecting a template, click **Downloader**, which will automatically detect the models required by the template, then click Download.
+![](./images/comfyui-downloader.png)
+
+### 5. Generate Images
+
+After models are imported, click `Run` to start generating images. Once image generation is complete, you can download the results directly to your local machine via the browser.
+![](./images/comfyui-gen-image.png)
+
+
+## Models and Data
+
+### Persistent Paths
+
+The following directories inside the ComfyUI container are persistent and will not be lost after container restart. They are used to store models and other data state files:
+
+- `/root/ComfyUI/models`: Stores model files
+- `/root/ComfyUI/input`: Stores input data
+- `/root/ComfyUI/output`: Stores output data
+- `/root/ComfyUI/user/default/workflows`: Stores workflow state files
+- `/root`: Root user home directory
+- `/root/.cache/huggingface/hub`: Huggingface related persistent data
+- `/root/.cache/torch/hub`: Torch related persistent data
+
+## FAQ
+
+### How to enter the container? {#tty}
+
+You can enter the container directly through the "Terminal" on the details page:
+![](./images/comfyui-tty.png)
+![](./images/comfyui-tty-bash.png)
+
+### How to view service logs?
+
+Via the frontend interface: Click the corresponding application instance, go to the details page, then click Logs to view the service output logs, which is useful for troubleshooting.
+![](./images/comfyui-log.png)
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/dify.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/dify.mdx
new file mode 100644
index 00000000..6587dffa
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/dify.mdx
@@ -0,0 +1,302 @@
+---
+sidebar_position: 4
+edition: ce
+title: Dify
+---
+
+# Dify
+
+Dify is an LLM application development and orchestration platform that supports building conversational, Agent, and workflow applications. Dify itself does not require a GPU and can run on nodes without an NVIDIA environment configured. Only when downstream inference services require a GPU do the corresponding inference instances need to meet GPU requirements.
+
+## Quick Start {#quickstart}
+
+Creating a Dify application instance generally involves the following steps:
+
+1. **Create an application instance**: In the console, go to **Artificial Intelligence → Applications → Application Instances**, create a new instance and select the **Dify** template.
+   - The platform usually provides preset templates. If you need to customize the image, specs, or advanced environment variables, go to **Artificial Intelligence → Applications → Application Templates** to create or edit one.
+2. **Access and complete initialization**: Go to the instance details page, open "Connection Info" to get the access URL, open the Dify initialization page in a browser, and complete the administrator account and workspace initialization.
+3. **Install model plugins and configure model providers**: To connect to OpenAI, OpenAI-compatible services, or platform-internal inference services such as Ollama, first install the corresponding plugin in the Dify web backend under **Plugins → Marketplace**, then configure the model provider and downstream inference service.<!-- To connect to OpenAI, OpenAI-compatible services, or platform-internal inference services such as Ollama or vLLM, first install the corresponding plugin in the Dify web backend under **Plugins → Marketplace**, then configure the model provider and downstream inference service. -->
+4. **Verify the application pipeline**: Create a minimal conversational application or workflow in Dify, make a test call, and confirm that the application, model, and toolchain are all working properly.
+
+### 1. Create an Application Instance
+
+The console entry point is **Artificial Intelligence → Applications → Application Instances**.
+
+1. Click **Create**.
+2. Select the application template or application type for `Dify`.
+3. Fill in the instance name and select the project, region, network, and other general configurations as required.
+4. Confirm the template, image, specs, and advanced configuration, then submit.
+
+![](./images/openclaw-app-instance-create.png)
+![](./images/dify-instantce-create-form.png)
+
+If there is no available Dify template in the console yet, first go to **Artificial Intelligence → Applications → Application Templates** to create or edit a template, then return to the instance page to create one.
+
+The common fields on the page can be configured based on your actual scenario:
+
+- **Bandwidth**: Used to limit container network bandwidth; fill in based on business traffic volume.
+- **Host (optional)**: If you need to pin the instance to a specific node, you can manually specify one; otherwise, the platform will schedule automatically.
+- **Network**: You can use automatic allocation or specify an existing IP subnet.
+
+:::tip
+Dify is a multi-container application. In addition to the frontend and API, it also starts database, Redis, vector store, plugin daemon, and code execution sandbox components simultaneously. Although it does not require a GPU, you should still reserve sufficient CPU, memory, and data disk capacity.
+:::
+
+### 2. Access and Complete Initialization
+
+After the instance is created successfully, go to the instance details page and open **Connection Info** to get the Dify access URL. Per the current platform implementation, external access goes through the `nginx` container, which exposes port `80` by default.
+
+![](./images/dify-url-get.png)
+
+After opening the access URL in a browser, you will typically see the Dify first-time initialization wizard. You can follow the on-screen prompts to complete the following actions:
+
+1. Create an administrator account.
+2. Log in with the administrator account.
+
+![](./images/dify-init.png)
+![](./images/dify-login.png)
+
+The platform automatically generates the required internal keys for Dify's internal components, so you generally do not need to fill them in manually. For example, `SECRET_KEY`, internal API keys, Plugin Server Key, and Weaviate's internal authentication key are all prepared during the deployment phase.
+
+:::tip
+Dify's web pages, API, file access, and other paths share the same external entry URL by default. In addition to accessing the homepage via browser, subsequent Dify API calls typically also access `/api`, `/v1`, `/files`, and other paths under the same address.
+:::
+
+### 3. Install Model Plugins and Configure Model Providers
+
+Dify itself does not directly mount model directories or run model weights. It functions more like an application orchestration platform, with actual model inference handled by external model providers or other inference instances within the platform.
+
+After completing initialization, it is recommended to first confirm that downstream inference services are available. Whether you are connecting to external OpenAI, other OpenAI-compatible services, or platform-internal [Ollama](../llm-inference/ollama) instances, you typically need to first install the corresponding model plugin in the Dify web backend, then go to the model provider page to complete the integration.<!-- Whether you are connecting to external OpenAI, other OpenAI-compatible services, or platform-internal [Ollama](../llm-inference/ollama) / [vLLM](../llm-inference/vllm) instances, you typically need to first install the corresponding model plugin in the Dify web backend, then go to the model provider page to complete the integration. --> Common approaches include:
+
+- Using the `OpenAI` or `OpenAI-API-compatible` plugin to connect to external model services, such as OpenAI or other services compatible with the OpenAI API.
+- Connecting to platform-internal [Ollama](../llm-inference/ollama) inference instances.<!-- Connecting to platform-internal [Ollama](../llm-inference/ollama) or [vLLM](../llm-inference/vllm) inference instances. -->
+
+Recommended workflow:
+
+1. Log in to the Dify console.
+2. Go to **Plugins → Marketplace**.
+3. Search for and install the corresponding plugin in the Marketplace, such as `OpenAI`, `OpenAI-API-compatible`, or `Ollama`.<!-- Search for and install the corresponding plugin in the Marketplace, such as `OpenAI`, `OpenAI-API-compatible`, `Ollama`, or `vLLM`. -->
+4. After the plugin is installed, go to the model configuration page of the model provider.
+5. Select the provider type you want to integrate.
+6. Fill in the `Base URL`, model name, API Key, or other authentication fields as prompted.
+7. Run a connection test first, then save.
+
+![](./images/dify-marketplace.png)
+![](./images/dify-ollama-openai-plugin.png)
+![](./images/dify-into-model-provider.png)
+![](./images/dify-model-provider.png)
+![](./images/dify-openai-model.png)
+
+Here is how to understand the different provider types:
+
+<!-- - **Connecting to vLLM**: Typically, first install the `vLLM` plugin in **Plugins → Marketplace**; then select the corresponding type on the model provider page and fill in the vLLM service address. In most cases, the `Base URL` should point to the `/v1` root path of the service; refer to the field description on the current Dify page for specifics. -->
+- **Connecting to Ollama**: Typically, first install the `Ollama` plugin in **Plugins → Marketplace**; then select the corresponding Ollama provider type in Dify and fill in the Ollama service address.
+- **Connecting to OpenAI or OpenAI-compatible services**: Typically, first install the `OpenAI` or `OpenAI-API-compatible` plugin in **Plugins → Marketplace**; then select the corresponding type on the model provider page and fill in the official address or compatible service's `Base URL`, model name, and API Key as required.
+
+:::tip
+Model provider API Keys are typically configured and stored in the Dify web backend, rather than by directly mounting model files through application templates. For Dify, the key is that it can access the target inference service and the model provider configuration is correct.
+:::
+
+:::tip
+If the downstream is a GPU inference service, the node where the inference service runs still needs to have the GPU environment prepared according to [Configure NVIDIA and CUDA Environment](../../getting-started/setup-nvidia-cuda).
+:::
+
+### 4. Verify the Application Pipeline
+
+After completing the model provider configuration, it is recommended to create a minimal application for end-to-end verification. You can check as follows:
+
+1. Create a simple chat application in Dify, or create a workflow containing only a basic LLM node.
+2. Select the model you just configured.
+3. Enter a simple prompt, such as "Please introduce yourself in one sentence."
+4. Click Debug or Preview and observe whether the response is normal.
+
+![](./images/dify-new-app.png)
+![](./images/dify-create-app.png)
+![](./images/dify-debug.png)
+
+If the model returns results normally, it means the following pipelines are basically working:
+
+- Dify Web and API are functioning normally
+- Network connectivity from Dify to the downstream model provider is normal
+- Model provider configuration is correct
+- Dify's backend task pipeline and storage dependencies are working properly
+
+## Built-in Platform Components
+
+Per the current platform implementation, Dify is not a single-container application but a set of collaborating built-in components. Common components are as follows:
+
+| Component | Purpose | Primary Port or Entry | Persistent Path |
+| --- | --- | --- | --- |
+| `nginx` | Unified external entry point, proxying Web, API, file, and plugin callback paths | `80` | `/etc/nginx/conf.d` |
+| `web` | Dify frontend interface | Internal web service | No dedicated persistent directory |
+| `api` | Dify backend API and core business logic | Internal `5001` | `/app/api/storage` |
+| `worker` | Asynchronous task execution | Internal task queue | `/app/api/storage` |
+| `worker-beat` | Scheduled task scheduling | Internal task queue | No dedicated persistent directory |
+| `plugin` | Plugin daemon and plugin installation/execution | `5002` / `5003` | `/app/storage` |
+| `sandbox` | Code execution sandbox | `8194` | `/conf`, `/dependencies` |
+| `ssrf` | Proxy and isolated network access for sandbox and some external access paths | `3128` | No dedicated persistent directory |
+| `postgres` | Metadata and configuration storage | `5432` | `/var/lib/postgresql/data` |
+| `redis` | Cache and queue | `6379` | `/data` |
+| `weaviate` | Default vector storage | Internal `8080` | `/var/lib/weaviate` |
+
+These components are launched and started automatically by the platform together; there is no need to manually run a "start Dify" command. Externally, you typically only need to access a single entry URL, and the platform uses `nginx` to route `/`, `/api`, `/v1`, `/files`, and other paths to the corresponding internal services.
+
+## Storage and Persistence
+
+Dify's critical data is mainly distributed across the following types of directories:
+
+- **Postgres data directory**: `/var/lib/postgresql/data`
+- **Redis data directory**: `/data`
+- **Dify API storage directory**: `/app/api/storage`
+- **Plugin daemon storage directory**: `/app/storage`
+- **Weaviate data directory**: `/var/lib/weaviate`
+- **Sandbox configuration and dependencies directory**: `/conf`, `/dependencies`
+- **Nginx configuration directory**: `/etc/nginx/conf.d`
+
+It is recommended to focus on the persistence and backup of the following types of data:
+
+- Database metadata and workspace configuration
+- Knowledge bases, file uploads, and application runtime data
+- Plugin installation directory and plugin cache
+- Vector store data
+
+:::tip
+Many of Dify's critical states are not stored in the browser locally but in Postgres, the API storage directory, and the vector store. For production environments, it is strongly recommended to use persistent storage and establish backup and cleanup strategies.
+:::
+
+## Configuration
+
+### Templates, Images, and Specs
+
+- **Spec selection**: Refer to [Application Templates](./template), focusing on CPU, memory, and data disk rather than GPU.
+- **Multi-component characteristics**: A single Dify deployment launches multiple components. Insufficient specs typically do not just slow down a single process but constrain the database, queue, vector store, and backend tasks together.
+- **Image selection**: If the platform allows adjusting component images in the template, it is best to make unified changes at the template level. Dify is a multi-image application, and it is not recommended to temporarily change only the external entry while ignoring other dependent component versions.
+
+### Inference Integration and Keys
+
+- **Does not directly mount models**: Dify does not support directly mounting model directories to provide model capabilities like Ollama does.<!-- Dify does not support directly mounting model directories to provide model capabilities like Ollama or vLLM do. -->
+- **Model provider configuration location**: Model API Keys, model addresses, etc. are typically configured in the model provider configuration page in the Dify web backend.
+- **OpenAI / OpenAI-compatible services**: You typically also need to first install the `OpenAI` or `OpenAI-API-compatible` plugin in Dify's **Plugins → Marketplace**, then fill in the official or compatible service address.<!-- You typically also need to first install the `OpenAI` or `OpenAI-API-compatible` plugin in Dify's **Plugins → Marketplace**, then fill in the official or compatible service address; when connecting to vLLM via the OpenAI-compatible interface, the common format is `<service-url>/v1`. -->
+- **Ollama integration**: If connecting to platform-internal inference instances, it is recommended to first verify their availability, then install the corresponding plugin in Dify's **Plugins → Marketplace**, and finally return to the model provider page to complete the integration.<!-- **Ollama / vLLM integration**: If connecting to platform-internal inference instances, it is recommended to first verify their availability separately, then install the corresponding plugins in Dify's **Plugins → Marketplace**, and finally return to the model provider page to complete the integration. -->
+
+<!--
+### Advanced Configuration and `customized_envs`
+
+The platform supports overriding some default environment variables of Dify's built-in components through `customized_envs`. It is more suitable for adjusting Dify runtime parameters rather than replacing the model provider configuration in the Dify web backend.
+
+Key behaviors of `customized_envs`:
+
+- It is mainly used to override environment variables that the platform has already preset.
+- If you fill in a key that the platform has not preset, it typically will not be automatically injected into the corresponding container.
+- When the `value` is empty, it typically will not clear the default value; only non-empty values will override the default.
+- Template-level and instance-level `customized_envs` are not automatically merged by key; once instance-level values are filled in, they typically replace the template-level list entirely.
+
+:::warning
+If the template already has `customized_envs` configured and you fill in a new set of `customized_envs` at the instance level, you need to include the old items you want to keep; otherwise, the override items from the template will not automatically continue to take effect.
+:::
+
+Example variables suitable for adjustment through `customized_envs`:
+
+| Environment Variable | Purpose | Description |
+| --- | --- | --- |
+| `INIT_PASSWORD` | Preset initialization password | Suitable for first-time initialization |
+| `ALLOW_EMBED` | Whether to allow page embedding | Affects web embedding scenarios |
+| `TEXT_GENERATION_TIMEOUT_MS` | Frontend text generation wait timeout | Suitable for long responses or slow models |
+| `MAX_TOOLS_NUM` | Maximum number of tools available for Agent / workflow | Affects complex application orchestration |
+| `MAX_PARALLEL_LIMIT` | Parallel execution limit | Affects concurrent workflows |
+| `HTTP_REQUEST_NODE_SSL_VERIFY` | Whether HTTP request nodes verify certificates | Only adjust when explicitly needed |
+
+If the platform page allows filling in `customized_envs`, you can refer to the following structure:
+
+```json
+{
+  "customized_envs": [
+    { "key": "INIT_PASSWORD", "value": "ChangeMe123!" },
+    { "key": "ALLOW_EMBED", "value": "true" },
+    { "key": "TEXT_GENERATION_TIMEOUT_MS", "value": "120000" }
+  ]
+}
+```
+
+The following types of environment variables are generally not recommended for casual modification unless you clearly know you are replacing platform built-in dependencies:
+
+- `DB_HOST`
+- `REDIS_HOST`
+- `WEAVIATE_ENDPOINT`
+- `CODE_EXECUTION_ENDPOINT`
+- `PLUGIN_DAEMON_URL`
+- `SSRF_PROXY_HTTP_URL`
+- `SSRF_PROXY_HTTPS_URL`
+-->
+
+### Network and Operations
+
+- **Network connectivity**: Ensure network connectivity from Dify to downstream model services, the plugin marketplace, and any required external APIs.
+- **Plugins and code execution**: Plugin installation depends on the `plugin` component, and code execution depends on the `sandbox` and `ssrf` components. If these features are abnormal, it is usually not just a frontend configuration issue.
+- **Sandbox network**: Per the current platform default configuration, the code execution sandbox allows network access, but the access path goes through the `ssrf` proxy. If code nodes or plugins fail to access external resources, prioritize investigating `sandbox` and `ssrf`.
+- **Scaling**: When scaling up, it is recommended to evaluate the capacity of the API, Worker, database, vector store, and downstream model services together, rather than focusing only on frontend traffic volume.
+- **Upgrades and rollbacks**: Manage runtime versions through [AI Images](../llm-image). Before upgrading, it is recommended to back up critical data directories and databases.
+- **Observability**: Monitor request volume, error rates, downstream model call latency, and database and vector store storage capacity. Use logs to diagnose issues such as unavailable dependencies, timeouts, and initialization failures.
+
+## FAQ
+
+### Cannot open the initialization page, or 502 appears after opening
+
+- First check whether the instance status is Running.
+- Check the `nginx`, `web`, and `api` related logs to confirm whether the frontend and backend have finished starting.
+- For multi-container applications, the first startup typically requires waiting for Postgres, Redis, Weaviate, API, and Web to all become ready before the page becomes stable.
+
+### Downstream model call timeout or failure
+
+- Check whether the model provider address, model name, and API Key configured in Dify are correct.
+- If the downstream is a platform-internal Ollama, first verify that the corresponding inference instance itself is available.<!-- If the downstream is a platform-internal Ollama or vLLM, first verify that the corresponding inference instances themselves are available. -->
+- If the downstream is a GPU inference service, confirm that the GPU node environment is normal and check the inference service capacity and logs.
+
+### Plugin installation failed, or code execution is unavailable
+
+- Check whether the `plugin`, `sandbox`, and `ssrf` related containers are running normally.
+- Check network connectivity from the node to the plugin marketplace, package repositories, and target external services.
+- If the environment is an intranet or restricted network, plan the access strategy for the plugin marketplace and dependency downloads in advance.
+
+<!--
+### Changes to `customized_envs` do not take effect
+
+- Confirm that the modified environment variable is one that the platform has already preset, not an arbitrary new key.
+- Confirm that the filled `value` is not an empty string; empty values typically will not override default values.
+- If you filled in new `customized_envs` at the instance level, confirm whether you also included the original override items from the template level.
+- After modification, it is recommended to perform a complete instance restart or rebuild, then re-verify whether the page and functionality take effect.
+-->
+
+### How to view logs?
+
+Via the frontend interface: Click the corresponding application instance, go to the details page, then click **Logs** to view Dify's service output logs, which is useful for troubleshooting.
+
+![](./images/dify-log.png)
+
+Since Dify is a multi-container application, when troubleshooting issues, typically prioritize the logs of these components:
+
+- `api`
+- `worker`
+- `plugin`
+- `nginx`
+- `postgres`
+- `weaviate`
+
+### How to enter the container?
+
+You can enter the container directly through the **Terminal** on the instance details page, which is useful for viewing storage directories, environment variables, and runtime logs.
+
+![](./images/dify-enter-shell.png)
+![](./images/dify-shell.png)
+
+Per the current platform implementation, Dify's main container is typically the `api` container, so entering the terminal from the details page usually puts you in the backend service runtime environment.
+
+If you need to perform basic checks inside the container, you can first check:
+
+```bash
+env | grep -E 'DB_|REDIS_|WEAVIATE_|PLUGIN_|SANDBOX_'
+```
+
+```bash
+ls -lah /app/api/storage
+```
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/images b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/images
new file mode 120000
index 00000000..9894544f
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/images
@@ -0,0 +1 @@
+/Users/lzx/code/go/src/yunion.io/x/website/docs/aicloud/guides/llm-app/images
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/index.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/index.mdx
new file mode 100644
index 00000000..4fe6da0e
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/index.mdx
@@ -0,0 +1,25 @@
+---
+sidebar_position: 1
+hide_table_of_contents: true
+edition: ce
+title: AI Applications
+---
+
+# AI Applications
+
+## Application Types
+
+- **Application Orchestration**: LLM applications, Agents, and workflows (Dify, OpenClaw).
+- **Image Generation**: Image and node-based workflows (ComfyUI).
+
+For quick start steps of each application, jump directly to the corresponding page:
+
+- [OpenClaw Quick Start](./openclaw#quickstart)
+- [Dify Quick Start](./dify#quickstart)
+- [ComfyUI Quick Start](./comfyui#quickstart)
+- [Application Templates](./template)
+- [AI Inference (Ollama)](../llm-inference/)<!-- [AI Inference (Ollama / vLLM)](../llm-inference/) -->
+
+import IndexDocCardList from '@site/src/components/IndexDocCardList';
+
+<IndexDocCardList />
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/openclaw.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/openclaw.mdx
new file mode 100644
index 00000000..e4ebd15b
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/openclaw.mdx
@@ -0,0 +1,184 @@
+---
+sidebar_position: 1
+edition: ce
+title: OpenClaw
+---
+
+# OpenClaw
+
+[OpenClaw 🦞](https://docs.openclaw.ai/) is an open-source, self-hosted personal intelligent agent assistant that does not require a GPU. Once deployed, you can quickly create and use it from the console.
+
+## Quick Start {#quickstart}
+
+### 1. Create an Application Instance
+
+- In the console, go to **Artificial Intelligence → Applications → Application Instances**, click Create, and select **OpenClaw** as the type.
+- Application Template: The platform usually provides a preset OpenClaw application template. When creating an instance, simply select the corresponding default template.
+:::tip
+If you need to customize the image/resource configuration/parameters, go to **Artificial Intelligence → Applications → Application Templates** to create or edit one.
+:::
+
+![](./images/openclaw-app-instance-create.png)
+![](./images/openclaw-app-instance-create-form.png)
+
+- Bandwidth: Rate-limits the container network; fill in based on actual needs.
+- Host (optional): You can specify a host to run the OpenClaw container instance on; if not selected, it will be automatically scheduled.
+- Network: You can choose automatic scheduling or specify an IP subnet.
+
+### 2. Configure Model Providers
+
+When creating/editing an instance, configure an API Key for at least one provider. For how to configure and obtain API Keys for model providers, refer to: [Model Provider Configuration](#config-providers).
+
+Select the corresponding provider and fill in the relevant API Key. The following example uses Moonshot:
+
+![](./images/provider-moonshot-provider-form.png)
+
+### 3. Configure Chat Communication Channels
+
+Configure chat communication channels as needed (QQ, Feishu, Telegram, Discord, etc.), and fill in the corresponding authentication information for interacting with OpenClaw through chat. Each channel has different methods for obtaining authentication information. For configuration details, refer to: [Chat Communication Channel Configuration](#config-channel).
+
+Select the corresponding notification channel and fill in the relevant authentication information. The following example uses QQ Bot:
+
+![](./images/channel-qq-openclaw-config-fields.png)
+
+### 4. Access and Login {#openclaw-gui}
+
+Go to the instance details page, view the login information, obtain the access URL and user credentials, and open it in a browser.
+
+![](./images/openclaw-login-info.png)
+
+The username and password are HTTP auth credentials. When opening in a browser, you will be prompted to enter them:
+
+![](./images/openclaw-http-login.png)
+
+After entering the credentials, you will see the container desktop running OpenClaw, where you can perform debugging and additional operations:
+
+![](./images/openclaw-linux-gui.png)
+
+### 5. Chat Communication
+
+If the QQ Bot chat channel is correctly configured, you can send messages to the bot in QQ to use OpenClaw as an AI assistant. For example, asking it to summarize a PDF document:
+
+![](./images/openclaw-qq-pdf-sum.png)
+
+## Configuration
+
+### Model Providers {#config-providers}
+
+#### Moonshot {#config-moonshot}
+
+##### Log in to the Console
+
+Visit [https://platform.moonshot.cn/](https://platform.moonshot.cn/), register a user account, log in to the console, and then click User Center:
+
+![](./images/provider-moonshot-index.png)
+
+##### Create an API Key
+
+Create a new API key:
+
+![](./images/provider-moonshot-create-key.png)
+
+Copy the created key:
+
+![](./images/provider-moonshot-copy-key.png)
+
+#### Zhipu (ZHIPU) {#config-zhipu}
+
+Visit the Zhipu [API Keys Management Page](https://bigmodel.cn/usercenter/proj-mgmt/apikeys), register a user account and log in, then create an API Key and copy it for safekeeping.
+
+#### MiniMax {#config-minimax}
+
+Visit the MiniMax [API Key Management Page](https://platform.minimaxi.com/user-center/basic-information/interface-key), register a user account and log in, then create an API Key and copy it for safekeeping.
+
+### Chat Communication Channels {#config-channel}
+
+#### QQ Bot {#config-qqbot}
+
+##### Register on QQ Open Platform
+
+Go to the Tencent [QQ Open Platform](https://q.qq.com/qqbot/openclaw/login.html) official website and scan the QR code with your mobile QQ to register/log in.
+
+![](./images/channel-qq-open-platform.png)
+
+> Note: If you have not yet registered on the QQ Open Platform, the system will automatically complete the registration process after scanning the QR code and bind the QQ account used for scanning with the platform account.
+
+![](./images/channel-qq-open-platform-bind.png)
+
+After scanning with mobile QQ and selecting "Agree", registration is complete, and you will enter the QQ Bot configuration page.
+
+![](./images/channel-qq-open-platform-bot-config.png)
+
+##### Create a QQ Bot
+
+On the QQ Bot page of the QQ Open Platform, you can click "Create Bot" to directly create a new QQ bot.
+
+![](./images/channel-qq-open-platform-create-bot.png)
+
+After the bot is created, find the "AppID" and "AppSecret" parameters on the page, click the "Copy" button on the right side of each, and save them to your personal notepad or memo (please keep them safe and do not leak them; pay attention to data security). They will be needed in subsequent steps.
+
+![](./images/channel-qq-open-platform-appid-secret.png)
+
+##### Using AppID and AppSecret
+
+When creating an OpenClaw application and selecting QQ Bot as the notification channel, fill in the following information:
+
+- AppID: corresponds to QQBOT_APP_ID
+- AppSecret: corresponds to QQBOT_CLIENT_SECRET
+
+![](./images/channel-qq-openclaw-config-fields.png)
+
+#### Feishu {#config-feishu}
+
+##### Configure the Bot
+
+For Feishu configuration, refer to the OpenClaw official documentation: [https://docs.openclaw.ai/channels/feishu#step-1-create-a-feishu-app](https://docs.openclaw.ai/channels/feishu#step-1-create-a-feishu-app).
+
+##### Using AppID and AppSecret
+
+- AppID: corresponds to FEISHU_APP_ID
+- AppSecret: corresponds to FEISHU_APP_SECRET
+
+![](./images/channel-feishu-config-fields.png)
+
+#### Telegram {#config-telegram}
+
+##### Configure the Bot
+
+For Telegram bot configuration, refer to the OpenClaw official documentation: [https://docs.openclaw.ai/channels/telegram#quick-setup](https://docs.openclaw.ai/channels/telegram#quick-setup).
+
+##### Using BotToken
+
+- Copy the bot Token replied by BotFather and fill it in as TELEGRAM_BOT_TOKEN:
+
+![](./images/channel-telegram-config.png)
+
+#### Discord {#config-discord}
+
+##### Configure the Bot
+
+For Discord bot configuration, refer to the OpenClaw official documentation: [https://docs.openclaw.ai/channels/discord#quick-setup](https://docs.openclaw.ai/channels/discord#quick-setup).
+
+##### Using BotToken
+
+![](./images/channel-discord-config.png)
+
+## FAQ
+
+### How to view OpenClaw logs? {#openclaw-log}
+
+There are several ways to view OpenClaw service logs:
+- Via the frontend interface: Click the corresponding application instance, go to the details page, then click Logs to view the OpenClaw service output logs, which is useful for troubleshooting.
+![](./images/openclaw-log.png)
+
+- Via [accessing the container desktop](#openclaw-gui), open a terminal and run the `openclaw logs --follow` command to view logs.
+![](./images/openclaw-gui-log.png)
+
+### How to log in to the OpenClaw container?
+
+- In addition to [accessing the container desktop](#openclaw-gui), you can also enter through the "Terminal" on the details page.
+![](./images/openclaw-term.png)
+
+:::warning
+The terminal opened from the frontend defaults to the root user. Running commands carelessly may cause unexpected issues. Make sure you understand the potential side effects before executing any commands.
+:::
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/template.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/template.mdx
new file mode 100644
index 00000000..0f428878
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-app/template.mdx
@@ -0,0 +1,23 @@
+---
+sidebar_position: 6
+edition: ce
+title: Application Templates
+---
+
+# Application Templates
+
+Application templates are used to define the CPU/memory/GPU/storage configuration for AI application instances (such as OpenClaw, Dify, ComfyUI). When creating an instance, templates allow quick reuse of resource specs.
+
+## Core Concepts
+
+The console entry point is **Artificial Intelligence → Applications → Application Templates**. When creating an application instance, select a template to get the preset resource configuration. If resources are insufficient or constraints are not met, the instance will fail to schedule.
+
+Common configuration dimensions include:
+
+- **Type**: Corresponds to the type of AI application instance.
+- **Image**: Associates with the corresponding service's container image.
+- **CPU**: Affects request processing and concurrency capacity.
+- **Memory**: Affects application process and cache stability; insufficient memory can easily cause OOM or restarts.
+- **Data Disk**: Used for persistent data storage.
+- **GPU Model**: Image-related applications (such as ComfyUI) depend on GPU resources.
+- **Port Mapping**: Maps the container service ports from the host.
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-image.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-image.mdx
new file mode 100644
index 00000000..84f2cd41
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-image.mdx
@@ -0,0 +1,26 @@
+---
+sidebar_position: 11
+edition: ce
+title: AI Images
+---
+
+# AI Images
+
+Container images for running AI applications. Managed in the console under **Artificial Intelligence → Images**; selected when creating templates. The LLM type must match the template.
+
+## Image Sources
+
+- **Platform Preset**: Default images for quick deployment.
+- **Public Registry**: Pulled when internet access is available.
+- **Private Registry**: For production and compliance scenarios.
+
+## Compatibility
+
+- **GPU**: Images must be compatible with the node's NVIDIA driver/CUDA. See [NVIDIA/CUDA](../getting-started/setup-nvidia-cuda).
+- **Upgrades**: Evaluate runtime dependency compatibility (inference engine, Python/system libraries, etc.).
+
+## FAQ
+
+### Image pull failed
+
+Check network and DNS. For private registries, check authentication and permissions.
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/images b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/images
new file mode 120000
index 00000000..ce7f2621
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/images
@@ -0,0 +1 @@
+/Users/lzx/code/go/src/yunion.io/x/website/docs/aicloud/guides/llm-inference/images
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/index.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/index.mdx
new file mode 100644
index 00000000..2d65f381
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/index.mdx
@@ -0,0 +1,19 @@
+---
+sidebar_position: 3
+hide_table_of_contents: true
+edition: ce
+title: AI Inference
+---
+
+# AI Inference
+
+Documentation for LLM inference services, including deployment and usage instructions for Ollama.<!-- 提供 LLM 推理服务相关文档，包含 Ollama 与 vLLM 的部署与使用说明。 -->
+
+- [Ollama Quick Start](./ollama#quickstart)
+<!-- - [vLLM 快速开始](./vllm#quickstart) -->
+- [Inference Templates](./template)
+- [AI Model Library](./model-library)
+
+import IndexDocCardList from '@site/src/components/IndexDocCardList';
+
+<IndexDocCardList />
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/model-library.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/model-library.mdx
new file mode 100644
index 00000000..c3ec8d4d
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/model-library.mdx
@@ -0,0 +1,221 @@
+---
+sidebar_position: 5
+edition: ce
+title: Inference Model Library
+---
+
+# Inference Model Library
+
+The inference model library is used to consolidate model data needed by inference instances into reusable, mountable, and cacheable model entries within the platform. This document currently focuses on the `Ollama` scenario as the main thread. It is responsible for centrally managing model sources, versions, model data images, and mount relationships, but does not directly provide inference interfaces.
+
+If you want multiple inference templates or inference instances to reuse the same model, or need to prepare models in advance in intranet, offline, or controlled environments, using the inference model library is the more reliable approach. The console provides a default entry for the inference model library; whether you can directly select a model on the template or instance page depends on whether the model library already has an available model entry matching the current type.
+
+## Quick Start {#quickstart}
+
+Using the inference model library generally involves the following steps:
+
+1. Go to **AI > Inference > Inference Model Library** in the console.
+2. Create the target model entry via **Import Community Model** or **Save from Model Instance**.
+3. Wait for model data preparation to complete, and enable auto-caching as needed.
+4. Select the model to mount in the [Inference Template](./template) or [Ollama](./ollama) instance.
+5. After creating the instance, verify whether the model has been successfully loaded via `ollama list` or `/api/tags`.
+
+## When to Use the Model Library
+
+The following scenarios are well-suited for preparing models through the model library:
+
+- **Template Pre-mounting**: Prepare models before creating an [Inference Template](./template), so subsequent new instances can directly reuse them.
+- **Multi-instance Reuse**: The same model is repeatedly used by multiple `Ollama` instances, avoiding each instance downloading it separately.
+- **Version Governance**: Unify model sources, versions, and default usage scope to reduce troubleshooting costs from "same model name but different versions".
+- **Offline or Intranet Scenarios**: Package models into the platform first, then distribute them to nodes that need them.
+- **Reduce First Startup Wait**: Combined with auto-caching, sync commonly used models to nodes in advance.
+
+## Problems Solved by the Model Library
+
+The inference model library primarily addresses the following types of problems:
+
+- **Unified Source**: Consolidates community models, existing model data, or platform images into a single management entry point.
+- **Unified Versioning**: Model names, tags, images, and mount relationships are trackable, facilitating upgrades, rollbacks, and difference comparisons.
+- **Reuse and Caching**: After a model is imported once, it can be reused by multiple templates and instances, and combined with node caching to reduce startup wait times.
+- **Permissions and Compliance**: Model entries and their associated model data images are subject to platform project, sharing, and public scope constraints.
+
+## Two Import Methods
+
+The console currently supports two primary methods for preparing models.
+
+### Import from Community Models
+
+"Import Community Model" is suitable for the following situations:
+
+- The node can access community model sources, and you want the platform to automatically download and package them.
+- You want the platform to convert community models into reusable model library entries, rather than repeatedly pulling them online in each instance.
+- You later want to apply auto-caching, template pre-mounting, and version governance to these models.
+
+After import, the platform first downloads the community model to a temporary directory, then automatically packages it into a model data image and fills it back into the model library entry. Subsequent template or instance mounting no longer depends on real-time online downloading.
+
+![](./images/intance-model-library-create.png)
+![](./images/instance-model-import.png)
+
+:::tip
+For production environments, intranet environments, or frequently reused models, it is recommended to import through the model library rather than having each instance download online during its first startup.
+:::
+
+### Save from Model Instance
+
+"Save from Model Instance" is suitable for the following situations:
+
+- You have already pulled and verified a model in an `Ollama` instance via `ollama pull`.
+- You want to consolidate the currently available model in the instance as a reusable model entry within the platform.
+- You want to debug a model in a single instance first, then reuse it across other templates and instances.
+
+The recommended workflow is:
+
+1. Go to **AI > Inference > Inference Instances** and open the target `test-ollama` instance.
+2. On the instance details page, switch to **test-ollama > Models** and confirm the target model appears in the list.
+3. Click **Save to Model Library** on the right side of the target model, fill in the name, version, and other information as prompted, and save.
+
+![](./images/ollama-to-save-model.png)
+![](./images/ollama-save-instant-model.png)
+
+After saving, this model can be directly selected in other Ollama inference templates or inference instances, without needing to manually run `ollama pull` again.
+
+## Relationship with Ollama and Inference Templates
+
+The relationship between the inference model library and runtime can be understood as the relationship between the "model asset layer" and the "inference runtime layer":
+
+- **Inference Model Library**: Responsible for preparing, managing, and distributing model data.
+- **Inference Templates**: Responsible for combining images, specifications, and models into a standard runtime configuration.
+- **Inference Instances**: Responsible for actually starting the Ollama service and loading models into the runtime.
+
+Therefore:
+
+- The model library addresses "where models come from, how to reuse them, and how to cache them".
+- Ollama addresses "how models are loaded and served for inference".
+
+If you are more interested in runtime configuration itself, continue reading:
+
+- [Ollama](./ollama)
+- [Inference Templates](./template)
+
+## Operations Notes
+
+### Network and Offline Preparation
+
+- `Ollama` community model import depends on access to the corresponding model sources.
+- If outbound network access is restricted in your environment, it is recommended to first pull models in an `Ollama` instance that can access model sources, then consolidate them via "Save to Model Library" as reusable entries.
+
+### Cache and Disk Planning
+
+- Models in the model library ultimately correspond to a model data image.
+- After enabling auto-caching, node-side cache replicas will consume additional space.
+- If a template mounts multiple models, or a model is repeatedly scheduled across multiple nodes, disk planning should be more conservative than single-instance online downloading.
+
+### Type Consistency
+
+- The types of model, template, and image must all be consistent.
+- If you encounter issues like "the model has been imported but cannot be selected in the template", first check whether the types match.
+
+### Version Management
+
+- It is recommended to clearly manage model names and tags to avoid duplicate imports of the same model under similar names.
+- For Ollama, the model name used in requests should still be consistent with the version in the model library.
+
+### Deletion and Changes
+
+- Models already referenced by templates or instances should not be directly deleted.
+- If you need to replace a model version, it is usually better to add a new version entry and gradually switch the template or instance references.
+- For long-term reused models, it is recommended to manage them together with template and image versions, rather than frequently modifying the same entry.
+
+## FAQ
+
+### Community model import is slow or fails
+
+First check the following:
+
+- Whether the node has network connectivity to the model source.
+- Whether bandwidth is sufficient, and whether there are proxy or firewall restrictions.
+- Whether the target model itself is too large, causing long download and packaging times.
+- Whether data disk space is sufficient to accommodate temporary downloads, model images, and subsequent caches.
+
+If the environment does not support direct online import from the model library, it is recommended to first complete `ollama pull` in a network-connected `Ollama` instance, then consolidate it via "Save to Model Library" for reuse.
+
+### Why are there no selectable models on the template or instance page?
+
+Typically check the following:
+
+- There are no model entries in the current model library matching the template or instance type.
+- The model data image is not fully prepared yet, and the entry is temporarily unavailable.
+- The model type and template type are inconsistent.
+
+### Model has been imported successfully, but why can't it be used in the template?
+
+Typically check the following:
+
+- The model type and template type are inconsistent.
+- The model data image is not fully prepared yet.
+- The model has been replaced, disabled, or the reference relationship has not been refreshed.
+- You did not actually select a template containing that model when creating the instance.
+
+### After mounting from the model library, why is the model still not visible in the instance?
+
+First check whether the mount relationship has taken effect and whether the instance has completed startup and warmup.
+
+If the issue persists, enter the instance and run `ollama list`, and check the logs to confirm whether there are mount failures, insufficient VRAM, or startup anomalies.
+
+### Why is startup still slow after using the model library?
+
+Even if the model is already in the model library, the first startup may still be slow. Common reasons include:
+
+- The node does not yet have a local cache of this model data image.
+- The model is large, and the first mount and extraction take time.
+- Data disk or node storage performance is slow.
+- Instance startup also involves model probing, service initialization, and GPU warmup.
+
+If this is a frequently used model, it is recommended to use auto-caching and template pre-mounting together.
+
+### Why does disk usage keep growing?
+
+Disk growth usually comes not only from model files themselves, but also from:
+
+- Model data images
+- Node-side cache
+- The inference engine's own cache directory
+- New model versions accumulating while old versions are not cleaned up
+
+It is recommended to periodically review model versions that are no longer in use and check whether templates and instances are still referencing the corresponding entries.
+
+<!--
+以下为暂时注释保留的 vLLM 相关内容，后续需要恢复时可再整理启用。
+
+- 推理模型库用于把 `Ollama`、`vLLM` 等推理实例要用到的模型数据，沉淀为平台内可复用、可挂载、可缓存的模型条目。
+- 创建实例后，按 [Ollama](./ollama) 或 [vLLM](./vllm) 的方式验证模型是否已成功加载。
+- 同一模型会被多个 `Ollama` 或 `vLLM` 实例反复使用，避免每个实例各自下载一遍。
+
+### vLLM 模型
+
+按当前平台实现，`vLLM` 社区模型会按 Hugging Face 仓库目录下载，并落成一个完整模型目录，再挂载到实例内的 `/data/models/huggingface/<模型目录>`。
+
+这意味着：
+
+- `model_name` 通常对应 Hugging Face 仓库名，例如 `Qwen/Qwen2.5-7B-Instruct`。
+- `model_tag` 更适合理解为 revision、branch 或 tag。
+- 当同一个模板或实例挂载了多个 vLLM 模型目录时，建议在 [推理模板](./template) 或实例高级配置中显式设置 `preferred_model`，避免平台按目录扫描顺序加载到错误模型。
+
+vLLM 当前默认将 Hugging Face 访问地址指向 `https://hf-mirror.com`。如果社区模型导入失败，除了权限问题，也要优先检查节点到该模型源的网络连通性。
+
+- 选择正确的模型类型，例如 `vLLM`。
+- `vLLM` 模型只能挂到 `vLLM` 模板或实例。
+- 访问 `/v1/models`，确认接口里已经出现预期模型。
+- 推理实例负责真正启动 Ollama 或 vLLM 服务，并把模型加载进运行时。
+- Ollama / vLLM 解决的是"模型怎么被加载并对外提供推理服务"的问题。
+- [vLLM](./vllm)
+- `vLLM` 社区模型导入依赖访问 Hugging Face 或其镜像源。
+- 不要把 `Ollama` 模型挂到 `vLLM` 模板，也不要反过来使用。
+- 对 vLLM 来说，目录名、tag 和 `preferred_model` 最好一起规划，减少后续误加载。
+
+### vLLM 挂载了多个模型，为什么实例加载错了
+
+这通常和 `preferred_model` 没有显式设置有关。
+
+按当前平台实现，vLLM 在没有明确 `preferred_model` 时，通常会回退到模型目录中扫描到的第一个目录。多模型场景下，建议始终显式配置 `preferred_model`，并在实例启动后用 `/v1/models` 再核对一次结果。
+-->
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/ollama.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/ollama.mdx
new file mode 100644
index 00000000..f134c16d
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/ollama.mdx
@@ -0,0 +1,226 @@
+---
+sidebar_position: 2
+edition: ce
+title: Ollama
+---
+
+# Ollama
+
+Ollama is a lightweight local LLM inference service that **requires a GPU**, suitable for quick validation and small-scale inference scenarios.
+
+## Quick Start {#quickstart}
+
+Creating an Ollama inference instance generally involves the following steps:
+
+1. **Prepare GPU Environment**: Complete the [NVIDIA and CUDA Environment Setup](../../getting-started/setup-nvidia-cuda), and prepare sufficient persistent storage for model caching.
+2. **Assign GPU to Plan**: Go to [Inference Templates](./template) to configure GPU, CPU, memory, and data disk for the Ollama plan template; the platform usually provides default templates, but you can also create or edit them as needed.
+3. **Create Inference Instance**: In the console, go to **AI > Inference > Inference Instances**, click New, and select an **Ollama** inference template with GPU configured to create the instance.
+4. **Select Model (Optional)**: If the [Inference Model Library](./model-library) already has the target model, you can select it directly in the template or instance parameters; if no models are available yet, you can create the instance first and then manually pull models via `ollama pull`.
+5. **Get Service Address and Verify**: Go to the instance details page "Connection Info" to get the inference service address; check the running status and logs to confirm the model has loaded successfully and is ready to serve inference requests (refer to the connection info and image documentation for specific invocation methods).
+
+### 1. Prepare GPU Environment
+
+Ollama relies on GPU for inference. Please first complete the [NVIDIA and CUDA Environment Setup](../../getting-started/setup-nvidia-cuda), and confirm the following:
+
+1. The node can detect the GPU and the driver status is normal.
+2. The target GPU has enough VRAM to accommodate the model you plan to run.
+3. Data disk space is sufficient, as Ollama model files are cached in `/root/.ollama/models` inside the container, and the platform will mount this directory to persistent storage.
+4. If you plan to pull models online, verify network connectivity from the node to the model source in advance.
+
+You can run the following commands on the GPU node for a basic check:
+
+```bash
+nvidia-smi
+```
+
+```bash
+curl -I https://registry.ollama.ai
+```
+
+![](./images/ollama-gpu.png)
+
+:::tip
+If you plan to mount multiple models, it is recommended to plan the data disk capacity before creating the template. Ollama's model layer files, manifests, and subsequent caches will continuously consume disk space.
+:::
+
+### 2. Assign GPU to Plan
+
+Before creating an instance, it is recommended to go to **AI > Inference > Inference Templates** and configure the template specifications for the Ollama plan. The "plan" here can be understood as the resource specification to be selected when creating an instance: configure GPU, CPU, memory, and data disk first, then return to the instance page to create.
+
+1. Go to **AI > Inference > Inference Templates** in the console.
+2. Select an existing Ollama template and click **Edit**, or click **New** to create an `Ollama` inference template.
+3. In the specification configuration, select an appropriate GPU model for the plan, and confirm CPU, memory, and data disk size accordingly.
+4. Select the corresponding [AI Image](../llm-image) in the image field, and save the template.
+
+When assigning GPU to the plan, focus on:
+
+- **GPU VRAM**: This is the key metric for whether Ollama can successfully load a model; prioritize selection based on the target model size.
+- **CPU / Memory**: Affects request processing, queuing, and model running stability; even when VRAM is sufficient, insufficient CPU and memory can still cause startup failure or slow responses.
+- **Data Disk**: Model files are persisted to `/root/.ollama/models`; a disk that is too small will cause model download failures, upgrade difficulties, or cache overflow.
+- **Image Version**: Prefer Ollama images verified by the platform, and try to pin a specific version for easier upgrades and rollbacks.
+
+![](./images/ollama-sku-edit.png)
+![](./images/ollama-sku-gpu.png)
+
+:::tip
+If you want downloaded models to persist after instance restarts, make sure to use a template with a persistent data disk; the platform will mount Ollama's model directory to persistent storage rather than relying on the container's ephemeral layer.
+:::
+
+### 3. Select Model (Optional)
+
+If the model-related fields on the template or instance page already have the target model available, it is recommended to select it directly. This way, after instance creation, you can usually see the corresponding model in Ollama directly, reducing manual download steps.
+
+The recommended workflow is:
+
+1. Prepare the target model in the [Inference Model Library](./model-library) first.
+2. Return to the [Inference Template](./template) or instance creation page and select the model version to mount.
+3. After creation, run `ollama list` in the instance terminal to confirm the model has been loaded into the current instance.
+
+If there are no available models in the model library yet, it does not affect continued use of Ollama. You can create the instance first, and after it is running, enter the terminal and manually pull models via `ollama pull`. For example:
+
+```bash
+ollama pull qwen2.5:7b
+```
+
+After pulling is complete, run the following command to confirm the model has been downloaded locally:
+
+```bash
+ollama list
+```
+
+:::tip
+If you are just temporarily validating a model, using `ollama pull` directly is quicker; if you later want multiple Ollama instances to reuse the same model, it is recommended to save verified models to the [Inference Model Library](./model-library) for centralized management.
+:::
+
+### 4. Create Inference Instance
+
+The console entry is **AI > Inference > Inference Instances**.
+
+1. Click **New**.
+2. Select an `Ollama` inference template or instance type with GPU configured.
+3. Fill in the instance name and select project, region, network, and other general configurations as required by the page.
+4. In the model, mount model, or model version fields on the page, if there is a target model available, you can select it directly; if no models are currently available, you can leave it empty and submit to create.
+
+If there are no available Ollama templates in the console, you can first go to **AI > Inference > Inference Templates** to create or edit a template, then return to the instance page to create.
+
+![](./images/instantce-create.png)
+![](./images/ollama-create.png)
+
+The bandwidth, host, network, and other fields on the page can be configured based on your actual scenario:
+
+- **Bandwidth**: Used to limit container network bandwidth; fill in based on business traffic volume.
+- **Host (Optional)**: If you need to pin the instance to a specific GPU node, you can specify it manually; otherwise, let the platform schedule automatically.
+- **Network**: You can use automatic allocation or specify an existing IP subnet.
+
+### 5. Get Service Address and Verify
+
+After the instance is created successfully, go to the instance details page, open **Connection Info**, and you can get the Ollama service address. Based on the current platform implementation, the Ollama service listens on port `11434` by default, and is typically accessible via `http://<instance-IP>:11434`.
+
+![](./images/ollama-url.png)
+
+It is recommended to verify in the following order:
+
+1. First confirm that the instance status is "Running".
+2. Open the **Logs** on the details page to confirm there are no errors such as model loading failure, insufficient VRAM, or download failure.
+3. If needed, enter the container via the **Terminal** on the details page and run `ollama list` to check currently installed models.
+4. Perform a connectivity and inference verification using the HTTP API.
+
+First check if the service is accessible:
+
+```bash
+curl <service-url>/api/tags
+```
+
+If a model is already installed, run a chat request to verify:
+
+```bash
+curl <service-url>/api/chat \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "model": "<model>:<tag>",
+    "messages": [
+      {
+        "role": "user",
+        "content": "你好，请用一句话介绍你自己。"
+      }
+    ],
+    "stream": false
+  }'
+```
+
+If a model list or a normal JSON inference result is returned, the service is ready to serve.
+
+:::tip
+If `api/tags` is accessible but the model list is empty, it usually means the instance has started successfully but no model has been mounted yet, or `ollama pull` has not completed.
+:::
+
+## Configuration
+
+### Image and Specifications
+
+- **Specification Selection**: Refer to [Inference Templates](./template) and select CPU/memory/GPU based on model size and concurrency requirements (focus on GPU VRAM).
+- **Image Selection**: Refer to [AI Images](../llm-image) and use specific versions (tag/digest) for easier upgrades and rollbacks.
+
+### Model and Cache
+
+- **Model Library**: Inference applications can use the [Inference Model Library](./model-library) to centrally manage model sources, versions, and reuse strategies.
+- **Cache and Disk**: Model files typically consume significant disk space. It is recommended to prepare persistent storage for model caching and logs, and establish cleanup policies to avoid disk overflow.
+
+### Network
+
+- If you need to pull images or models externally, ensure the node has network connectivity and bandwidth to access the corresponding repositories.
+
+### Capacity and Changes
+
+- **Capacity**: Monitor GPU VRAM, model loading time, and concurrency queue; when capacity is insufficient, prioritize evaluating more GPU resources or larger VRAM.
+- **Upgrade and Rollback**: Perform changes through version management of [AI Images](../llm-image); it is recommended to operate during off-peak hours.
+- **Observability**: Focus on GPU/CPU utilization, VRAM usage, request latency, and error rates; use logs to diagnose issues such as model loading failures and insufficient VRAM.
+
+## FAQ
+
+### How to view service logs?
+
+Via the frontend interface: Click the corresponding inference instance, go to the details page, then click **Logs** to view Ollama's service output logs, which is useful for error troubleshooting.
+
+When troubleshooting, typically focus on:
+
+- Whether model pulling, verification, or extraction failed.
+- Whether insufficient VRAM, insufficient memory, or process exit occurred during model loading.
+- Whether the service has successfully started listening on port `11434` and is ready to serve inference requests.
+
+If the instance was just created, it is recommended to check the logs along with the instance status, focusing on whether the model has been downloaded and whether the service has completed initialization.
+
+![](./images/ollama-log.png)
+
+### How to access the terminal?
+
+The **Terminal** on the instance details page allows you to directly enter the container, which is useful for checking current models, model cache directories, and disk usage.
+
+For basic checks inside the container, you can run:
+
+```bash
+ollama list
+ollama ps
+```
+
+```bash
+du -sh /root/.ollama/models
+ls -lah /root/.ollama/models
+```
+
+![](./images/ollama-shell.png)
+![](./images/ollama-shell-content.png)
+
+### Node cannot see GPU / Abnormal inference performance
+
+- Check whether the [NVIDIA and CUDA Environment Setup](../../getting-started/setup-nvidia-cuda) has been completed.
+- Run `nvidia-smi` on the node to verify the driver and GPU status.
+
+### Model download is slow or consumes too much disk space
+
+- Check the network quality and bandwidth from the node to the model source/image repository.
+- Plan the model cache directory and cleanup strategy to avoid disk overflow from long-term accumulation.
+
+### Startup failure or frequent OOM
+
+- This is usually related to insufficient VRAM, excessive concurrency, or an oversized model; adjust the specifications (GPU/memory) or reduce concurrency, and monitor VRAM and memory peak usage.
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/template.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/template.mdx
new file mode 100644
index 00000000..4aa50f0a
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/template.mdx
@@ -0,0 +1,158 @@
+---
+sidebar_position: 4
+edition: ce
+title: Inference Templates
+---
+
+# Inference Templates
+
+Inference templates are used to preset a set of reusable runtime configurations for AI inference instances. When creating an instance, selecting a template applies the type, image, CPU, memory, GPU, data disk, mounted models, and port mapping settings all at once.
+
+It can be understood as the "standard specification for inference instances". The clearer the template configuration, the more stable batch creation, scaling, rollback, and troubleshooting will be. This document uses `Ollama` templates as an example to illustrate how to use inference templates; other inference engines will be covered later.
+
+## Quick Start {#quickstart}
+
+Creating an inference template generally involves the following steps:
+
+1. **Prepare Image, Model, and GPU Environment**: Confirm the target type, [AI Image](../llm-image), and GPU environment are ready; this document uses `Ollama` templates as an example. If you want the template to pre-mount models, prepare the target models in the [Inference Model Library](./model-library) in advance.
+2. **Create or Edit Template**: In the console, go to **AI > Inference > Inference Templates**, create a new template or modify the platform's preset template.
+3. **Fill in Template Configuration**: Set the type, image, CPU, memory, data disk, GPU, port mapping, and mounted models as needed.
+4. **Use Template to Create Instance**: Go to **AI > Inference > Inference Instances**, select the template to create an instance and complete verification.
+
+### 1. Prerequisites
+
+Before creating a template, it is recommended to confirm the following:
+
+1. You have identified the type of template to create; this document uses `Ollama` templates as an example.
+2. An [AI Image](../llm-image) matching the template type has been prepared.
+3. If you want the template to pre-mount models, the target models have been prepared in the [Inference Model Library](./model-library).
+4. The target node has sufficient GPU, CPU, memory, and data disk capacity.
+5. If the template needs to pull models or images online, the node has network connectivity to access the target repositories.
+
+:::tip
+Templates only define default specifications and do not "automatically create resources" for you. If the node lacks GPU, VRAM, memory, or storage, even if the template can be saved, subsequent instance creation may still fail during scheduling or startup.
+:::
+
+### 2. Create or Edit Template
+
+The console entry is **AI > Inference > Inference Templates**.
+
+1. Click **New**, or select an existing template and click **Edit**.
+2. Select the template type; this document uses `Ollama` as an example.
+3. Fill in the template name and complete the image, specifications, model, and port configurations.
+4. Save the template.
+
+The platform generally provides preset default templates, and you can also modify them directly, such as updating the GPU model, data disk size, or mounted models.
+
+![](./images/sku-list.png)
+![](./images/sku-create.png)
+![](./images/sku-update.png)
+
+### 3. Use Template to Create Instance
+
+After saving the template, go to **AI > Inference > Inference Instances** to create an instance. Selecting the corresponding template will reuse the main configurations from the template. Using `Ollama` as the current example, refer directly to [Ollama](./ollama) for instance creation and verification.
+
+## Core Configuration Items
+
+Common configuration items for inference templates are as follows:
+
+| Configuration Item | Purpose | Usage Recommendations |
+| --- | --- | --- |
+| Type | Specifies the inference engine for the template | Must be consistent with the image and mounted model types; this document uses `Ollama` as an example |
+| AI Image | Specifies the container image used at instance runtime | Select an image matching the template type with a specific version |
+| CPU / Memory | Determines the base resources for the inference service | Even when VRAM is sufficient, CPU and memory still affect loading speed, concurrency, and stability |
+| Data Disk | Provides persistent storage for models, cache, and runtime data | Inference templates must plan for data disks; a disk that is too small will cause model download or mount failures |
+| GPU | Determines whether the model can be loaded and the throughput ceiling | Focus on GPU model, VRAM, and quantity |
+| Mounted Models | Pre-associates models from the inference model library | Mounted model types must match the template type |
+| Port Mapping | Exposes container ports for external access | Different engines use different ports; for `Ollama`, the common port is `11434` |
+| Bandwidth | Limits container network throughput | Consider this when downloading models/images online or providing external APIs |
+
+### Type and Image
+
+The template type determines the instance runtime behavior and the scope of selectable images and models. This document uses `Ollama` templates as an example, highlighting the following validation relationships:
+
+- An `Ollama` template should select an `Ollama` type image.
+- Models mounted to the template should also match the `Ollama` template type.
+
+If the image or mounted model type does not match, the template cannot be saved.
+
+### CPU, Memory, GPU, and Data Disk
+
+These fields determine whether the template can support stable operation of the target model:
+
+- **CPU**: Affects model loading, request queuing, and some preprocessing tasks.
+- **Memory**: Affects the inference process, caching, and runtime stability; insufficient memory may cause OOM or frequent restarts.
+- **GPU**: Determines whether the large model can fit into VRAM, and also affects concurrency capacity and latency performance.
+- **Data Disk**: Used to store model files, cache, and runtime data; this is a critical item in inference templates.
+
+For inference templates, the data disk is not an optional "add-on". Using the `Ollama` template in this document as an example, the platform needs to persist the model directory:
+
+- Ollama's model directory is located at `/root/.ollama/models`
+- This directory relies on persistent storage to retain models and cache
+
+:::tip
+If you plan to mount multiple models, or want to continue reusing cache after instance restarts, it is recommended to increase the data disk size rather than relying on the container's ephemeral layer.
+:::
+
+### Mounted Models
+
+Templates support pre-mounting models from the [Inference Model Library](./model-library). This way, when creating an instance from the template, models are carried over with the template, reducing the need for manual selection or online downloading each time.
+
+The console links to the inference model library by default; if there are no suitable models in the model library yet, the template can be saved without mounting models and supplemented later.
+
+Note:
+
+- The mounted model type must match the template type; in this example, an `Ollama` template should mount `Ollama` models.
+- A template can mount multiple models.
+- After instance creation, it inherits the mounted model list from the template.
+- Models pre-mounted by the template typically cannot be directly deleted or disabled in the model library without first removing the template reference.
+
+If models in the model library have auto-caching enabled, the platform will perform node-side caching based on the model's associated image, which usually helps reduce the wait time during first startup.
+
+![](./images/sku-instant-model.png)
+![](./images/sku-show-instant-model.png)
+
+### Port Mapping and Network
+
+The port mapping in the template determines how the instance service is exposed externally. Different inference engines may have different default ports; this document uses `Ollama` as an example, which typically exposes `11434`.
+
+Additionally:
+
+- **Bandwidth**: Affects API throughput and online model download speed.
+- **Host**: If you need to pin the instance to a specific GPU node, you can specify it during instance creation.
+- **Network**: You can choose automatic scheduling or specify an existing subnet; the final configuration is determined at the instance level.
+
+## Relationship Between Templates and Instances
+
+Inference templates provide "default values", while inference instances carry the "actual runtime state". Understanding this relationship helps avoid many operational misunderstandings:
+
+- **When creating a new instance**: The instance inherits the resource specifications, image, mounted models, port mapping, and other main configurations from the template.
+- **After modifying a template**: Changes typically only affect subsequently created instances; already running instances will not automatically sync to the new template configuration.
+- **During upgrades or rollbacks**: It is recommended to modify the template first and recreate the instance, or perform explicit specification/image change operations on the instance side.
+
+:::tip
+If you plan to maintain a set of standardized inference environments long-term, it is recommended to plan multiple templates by model size, GPU tier, or purpose, such as "7B test template", "32B production template", or "Ollama validation template".
+:::
+
+## FAQ
+
+### Template save fails with image or model type mismatch error
+
+- Check whether the template type matches the [AI Image](../llm-image) type.
+- Check whether the mounted model comes from a [Inference Model Library](./model-library) entry of the same type.
+- In this example, do not mount non-`Ollama` type images or models to an `Ollama` template.
+
+### Template was created successfully, but instance still fails to schedule
+
+- A template being saveable does not mean the running node has sufficient resources.
+- Focus on checking whether GPU model, VRAM, CPU, memory, and data disk meet the requirements.
+- If a host was specified, also confirm that the node actually has allocatable GPU and storage resources.
+
+### Why do existing instances not change after modifying the template?
+
+Templates are primarily used for subsequent creation. Already running instances typically do not automatically follow template changes; you need to perform the rebuild process on the instance side separately.
+
+### How to estimate data disk size?
+
+- **Ollama**: Focus on estimating the model volume in `/root/.ollama/models` and future cache growth.
+- If multiple models will be mounted, it is recommended to reserve space based on "total model files + cache + future growth", rather than estimating based on a single model size alone.
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/vllm.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/vllm.mdx
new file mode 100644
index 00000000..906a251e
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/guides/llm-inference/vllm.mdx
@@ -0,0 +1,408 @@
+---
+sidebar_position: 3
+edition: ce
+title: vLLM
+draft: true
+---
+
+# vLLM
+
+vLLM is a high-throughput, low-latency LLM inference service that **requires a GPU**, suitable for online inference scenarios that demand high concurrency, throughput, and OpenAI-compatible interfaces.
+
+## Quick Start {#quickstart}
+
+Creating a vLLM inference instance generally involves the following steps:
+
+1. **Prepare GPU Environment**: Complete the [NVIDIA and CUDA Environment Setup](../../getting-started/setup-nvidia-cuda), and plan GPU VRAM, memory, and persistent storage space in advance.
+2. **Configure Template Specifications and Image**: Go to [Inference Templates](./template) to configure GPU, CPU, memory, data disk, and [AI Image](../llm-image) for the vLLM template; the platform usually provides default templates, but you can also create or edit them as needed.
+3. **Select Model and Version (Optional)**: If the [Inference Model Library](./model-library) already has the target model, you can select it directly in the template or instance parameters; if no models are available yet, you can prepare the model directory first.
+4. **Create Inference Instance**: In the console, go to **AI > Inference > Inference Instances**, click New, and select a **vLLM** inference template with specifications configured to create the instance.
+5. **Get Service Address and Verify**: Go to the instance details page "Connection Info" to get the inference service address; use the running status, logs, and API calls to confirm the model has been successfully loaded and is ready to serve inference requests.
+
+### 1. Prepare GPU Environment
+
+vLLM relies on GPU for inference. Please first complete the [NVIDIA and CUDA Environment Setup](../../getting-started/setup-nvidia-cuda), and confirm the following:
+
+1. The node can detect the GPU and the driver status is normal.
+2. The target GPU has enough VRAM to accommodate the model to be loaded.
+3. CPU and memory meet the requirements for model loading and concurrent request processing.
+4. Data disk space is sufficient, as the model directory `/data/models/huggingface` and cache directory `/root/.cache/huggingface` will both be stored on persistent storage.
+5. If you need to download models online, verify network connectivity from the node to the model source in advance; the platform defaults the Hugging Face access URL to `https://hf-mirror.com`.
+
+You can run the following commands on the GPU node for a basic check:
+
+```bash
+nvidia-smi
+```
+
+```bash
+curl -I https://hf-mirror.com
+```
+
+![](./images/ollama-gpu.png)
+
+:::tip
+If you plan to run large models or multiple models, it is recommended to plan GPU VRAM, memory, and data disk capacity together before creating the template. In addition to loading model weights, vLLM also consumes extra memory for caching and swap space.
+:::
+
+### 2. Configure Template Specifications and Image
+
+Before creating an instance, it is recommended to go to **AI > Inference > Inference Templates** and configure the specifications and image for the vLLM template. Think of it as "first configure the GPU, CPU, memory, data disk, and image the instance will use, then return to the instance page to create"; if the platform already has a suitable vLLM template preset, you can also reuse it directly.
+
+1. Go to **AI > Inference > Inference Templates** in the console.
+2. Select an existing vLLM template and click **Edit**, or click **New** to create a `vLLM` inference template.
+3. In the specification configuration, select appropriate CPU, memory, GPU model, GPU quantity, and data disk size.
+4. Select the corresponding [AI Image](../llm-image) in the image field, and save the template.
+
+When configuring template specifications and image, focus on:
+
+- **GPU Quantity and VRAM**: Directly determines whether the model can be loaded and the default value of `tensor-parallel-size`. The platform will automatically set the parallelism based on the number of GPUs allocated.
+- **CPU / Memory**: Affects request processing, queuing, and model runtime stability; even when VRAM is sufficient, insufficient CPU and memory can still cause startup failure or slow responses.
+- **Data Disk**: The model directory `/data/models` and cache directory `/root/.cache` both rely on persistent storage; a disk that is too small will cause model mounting, download, or upgrade failures.
+- **Image Version**: Prefer vLLM images verified by the platform, and try to pin a specific version for easier upgrades and rollbacks.
+
+![](./images/vllm-sku-update.png)
+![](./images/vllm-gpu.png)
+
+:::tip
+If you want model files and Hugging Face cache to persist after instance restarts, make sure to use a template with a persistent data disk; the platform will mount `/data/models` and `/root/.cache` to persistent storage rather than relying on the container's ephemeral layer.
+:::
+
+### 3. Select Model and Version (Optional)
+
+If the model-related fields on the template or instance page already have the target model available, it is recommended to select it directly. This way, after instance creation, the corresponding model can usually be mounted directly to vLLM's model directory, reducing redundant downloads and version drift.
+
+The recommended workflow is:
+
+1. Go to **AI > Inference > Inference Model Library**.
+2. Prepare the target model via "Import Community Model".
+3. Return to the **Inference Template** or **Inference Instance** page and select the model version to mount in the model-related configuration items.
+4. After instance creation, wait for model mounting or warmup to complete.
+
+![](./images/vllm-sku-instant-model.png)
+
+If there are no vLLM models available in the model library yet, it does not affect creating the instance first. You can prepare the model directory and ensure it is located under `/data/models/huggingface/<model-relative-path>`. A common approach is to use `huggingface-cli download` to pull the model directly to the target directory:
+
+```bash
+huggingface-cli download <model> \
+  --local-dir /data/models/huggingface/<model-relative-path>
+```
+
+For example:
+
+```bash
+huggingface-cli download Qwen/Qwen2.5-7B-Instruct \
+  --local-dir /data/models/huggingface/Qwen2.5-7B-Instruct
+```
+
+After download, the target directory typically contains `config.json`, `tokenizer.json`, `tokenizer_config.json`, `*.safetensors`, and other files that can be directly loaded by vLLM.
+
+When there are multiple models in the directory, it is recommended to explicitly configure `preferred_model`; otherwise, the platform will attempt to use the first model directory it finds.
+
+:::tip
+It is recommended to prioritize using the model library to centrally manage model sources and versions. This allows the same model to be reused by multiple instances and makes it easier to troubleshoot differences caused by "same model name but different versions".
+:::
+
+### 4. Create Inference Instance
+
+The console entry is **AI > Inference > Inference Instances**.
+
+1. Click **New**.
+2. Select a `vLLM` inference template or instance type with specifications and image configured.
+3. Fill in the instance name and select project, region, network, and other general configurations as required by the page.
+4. Confirm the template, image, specifications, and advanced configuration, then submit to create; if the model-related configuration items already have a target model available, you can also select it here; if no models are currently available, you can leave it empty and create first.
+
+If there are no available vLLM templates in the console, you can first go to **AI > Inference > Inference Templates** to create or edit a template, then return to the instance page to create.
+
+![](./images/instantce-create.png)
+>
+> Screenshot placeholder: New vLLM inference instance form
+
+The general fields on the page can be configured based on your actual scenario:
+
+- **Bandwidth**: Used to limit container network bandwidth; fill in based on business traffic volume.
+- **Host (Optional)**: If you need to pin the instance to a specific GPU node, you can specify it manually; otherwise, the platform will schedule automatically.
+- **Network**: You can use automatic allocation or specify an existing IP subnet.
+
+### 5. Get Service Address and Verify
+
+After the instance is created successfully, go to the instance details page, open **Connection Info**, and you can get the vLLM service address. Based on the current platform implementation, the vLLM container listens on port `8000` by default internally, but the external access address should follow the connection info displayed in the console.
+
+> Screenshot placeholder: Instance details page connection info
+
+It is recommended to verify in the following order:
+
+1. First confirm that the instance status is "Running".
+2. Open the **Logs** on the details page to confirm there are no errors such as model loading failure, insufficient VRAM, parameter errors, or download failure.
+3. If needed, enter the container via the **Terminal** on the details page to check the model directory and runtime logs.
+4. Perform a health check and model enumeration verification using the HTTP API.
+
+First check if the service is accessible:
+
+```bash
+curl <service-url>/health
+```
+
+Then check the model list currently exposed by vLLM:
+
+```bash
+curl <service-url>/v1/models
+```
+
+If a `200 OK` is returned and you can see a model `id` in `/v1/models`, the service is basically ready. You can then make OpenAI-compatible requests following the examples later in this document.
+
+:::tip
+The `model` field in `/v1/chat/completions` and `/v1/completions` requests should directly use the `id` returned by `/v1/models`; do not guess manually.
+:::
+
+## Model and Persistence
+
+### Persistence Paths
+
+The following directories and paths in the vLLM container are most noteworthy:
+
+- `/data/models`: The model data root directory mounted by the platform for vLLM.
+- `/data/models/huggingface`: The default model directory scanned by vLLM.
+- `/root/.cache/huggingface`: The Hugging Face cache directory; the platform will persist `/root/.cache`.
+- `/tmp/vllm.log`: The vLLM startup log file, useful for troubleshooting startup timeouts or parameter errors; this path is more for runtime debugging and is not recommended as a long-term persistent log directory.
+
+### Model Selection Rules
+
+When starting vLLM, the platform first resolves the model directory to load under `/data/models/huggingface`, following these rules:
+
+1. If `preferred_model` is configured and the corresponding directory exists, that directory is loaded first.
+2. If `preferred_model` is not configured, or the configured directory does not exist, it falls back to the first directory found in the model directory.
+3. After the service starts, the platform passes the basename of the final loaded directory to vLLM as `served-model-name`.
+
+This means:
+
+- If you place the model at `/data/models/huggingface/Qwen2.5-7B-Instruct`, the model name in the API will typically be `Qwen2.5-7B-Instruct`.
+- If your directory structure is `/data/models/huggingface/Qwen/Qwen2.5-7B-Instruct`, the actually exposed model name will typically still be based on the leaf directory name.
+- When there are multiple models in the directory, it is strongly recommended to explicitly set `preferred_model` to avoid loading the wrong model due to directory scan order.
+
+## vLLM-Specific Configuration
+
+### `preferred_model`
+
+`preferred_model` specifies the model directory that vLLM should prioritize when starting. It takes the relative directory name under `/data/models/huggingface`, not the model display name in the API.
+
+For example:
+
+- When the directory is `/data/models/huggingface/Qwen2.5-7B-Instruct`, fill in `Qwen2.5-7B-Instruct`
+- When the directory is `/data/models/huggingface/Qwen/Qwen2.5-7B-Instruct`, fill in `Qwen/Qwen2.5-7B-Instruct`
+
+If you modify `preferred_model`, it is recommended to rebuild the instance after the change, or at least perform a complete restart, and verify the actual loaded result again with `/v1/models`.
+
+### `customized_args`
+
+`customized_args` is used to supplement vLLM startup parameters. The platform appends these configurations on top of the default startup parameters with a layer of safety restrictions.
+
+Filling rules:
+
+- `key` should not include the leading `--`; for example, fill in `max-model-len`, not `--max-model-len`
+- `key` only allows letters, numbers, `-`, and `_`
+- Parameters with the same name are merged in an "instance-level overrides template-level" manner
+- When `value` is empty, the platform treats it as a flag parameter without a value, such as `trust-remote-code`
+- The empty value approach only applies to boolean flag parameters; if a vLLM parameter requires a value, you still need to fill in the corresponding `value`
+
+The following parameters are managed by the platform and cannot be overridden via `customized_args`:
+
+- `model`
+- `served-model-name`
+- `port`
+- `tensor-parallel-size`
+
+Among these:
+
+- `tensor-parallel-size` is automatically set based on the actual number of GPUs allocated to the instance
+- `swap-space` is automatically calculated by the platform based on the template memory, typically about half the memory (in GiB, minimum `1`), but you can explicitly override it
+
+A common configuration example:
+
+| Startup Parameter | `key` | `value` | Description |
+| --- | --- | --- | --- |
+| `--max-model-len 32768` | `max-model-len` | `32768` | Controls context length |
+| `--gpu-memory-utilization 0.9` | `gpu-memory-utilization` | `0.9` | Controls VRAM utilization upper limit |
+| `--swap-space 8` | `swap-space` | `8` | Overrides the platform default swap space |
+| `--trust-remote-code` | `trust-remote-code` | Leave empty | Boolean flag parameter |
+
+### Key Parameters Appended by the Platform
+
+When starting vLLM, the platform's core command is equivalent to:
+
+```bash
+python3 -m vllm.entrypoints.openai.api_server \
+  --model <resolved-model-path> \
+  --served-model-name <basename-of-model-dir> \
+  --port 8000 \
+  --tensor-parallel-size <gpu-count> \
+  --swap-space <computed-swap-space>
+```
+
+When troubleshooting, you can focus on the following:
+
+- Whether the model directory exists and is complete
+- Whether the model name returned by `/v1/models` matches the `model` used in your request
+- Whether the GPU count and `tensor-parallel-size` match
+- Whether `customized_args` includes parameters not supported by the current image version
+
+## API Call Examples
+
+vLLM runs in OpenAI-compatible mode on the current platform, so you can directly use OpenAI-style HTTP interfaces. The following uses `curl` as an example to illustrate the most common verification methods.
+
+:::note
+If your connection info goes through a gateway, load balancer, or authentication proxy, add the `Authorization` and other required headers as appropriate; if authentication is not enabled in the current environment, you can omit this header.
+:::
+
+### 1. Health Check
+
+```bash
+curl <service-url>/health
+```
+
+Under normal circumstances, this should return `200 OK`.
+
+### 2. View Model List
+
+```bash
+curl <service-url>/v1/models
+```
+
+The returned result typically looks like:
+
+```json
+{
+  "object": "list",
+  "data": [
+    {
+      "id": "<model-name>",
+      "object": "model"
+    }
+  ]
+}
+```
+
+The `model` field in subsequent requests should directly use the `<model-name>` returned here.
+
+### 3. OpenAI-Compatible Chat Interface
+
+```bash
+curl <service-url>/v1/chat/completions \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "model": "<model-name>",
+    "messages": [
+      {
+        "role": "system",
+        "content": "你是一个简洁的中文助手。"
+      },
+      {
+        "role": "user",
+        "content": "请用一句话介绍你自己。"
+      }
+    ],
+    "temperature": 0.7,
+    "top_p": 0.9,
+    "max_tokens": 256,
+    "stream": false
+  }'
+```
+
+To enable streaming output, change `stream` to `true`, and the client reads incremental results via Server-Sent Events.
+
+### 4. OpenAI-Compatible Completion Interface
+
+```bash
+curl <service-url>/v1/completions \
+  -H 'Content-Type: application/json' \
+  -d '{
+    "model": "<model-name>",
+    "prompt": "请用三句话介绍 vLLM 的主要用途。",
+    "temperature": 0.7,
+    "top_p": 0.9,
+    "max_tokens": 256,
+    "stream": false
+  }'
+```
+
+For pure text completion scenarios, use `/v1/completions`; for instruction following, conversation, and Agent scenarios, `/v1/chat/completions` is usually recommended.
+
+### Common Parameter Reference
+
+- `model`: Must match the model name returned by `/v1/models`.
+- `messages`: Input message array for the chat interface, organized by `role` + `content`.
+- `prompt`: Input text for the completion interface.
+- `stream`: Whether to enable streaming output; `true` means generating and returning incrementally.
+- `temperature`: Sampling temperature; higher values increase randomness.
+- `top_p`: Nucleus sampling threshold, commonly used together with `temperature`.
+- `max_tokens`: Maximum number of output tokens for this generation.
+
+## Configuration Recommendations
+
+### Image and Specifications
+
+- **Specification Selection**: Refer to [Inference Templates](./template), focusing on the match between GPU VRAM, GPU quantity, CPU/memory, and concurrency scale.
+- **Image Selection**: Refer to [AI Images](../llm-image), use specific versions (tag/digest) for easier upgrades and rollbacks, and note CUDA, driver, and vLLM version compatibility.
+
+### Model and Version
+
+- **Model Library**: Use the [Inference Model Library](./model-library) to centrally manage model sources, versions, and reuse strategies.
+- **Directory Planning**: It is recommended to use clear and stable directory names for each model, making it easy for `preferred_model` to precisely point to the target directory.
+- **Cache and Disk**: Model files typically consume significant disk space. It is recommended to prepare sufficient persistent storage for the model directory and Hugging Face cache, and establish cleanup strategies.
+
+### Concurrency, Throughput, and Latency
+
+- **Capacity Planning**: Throughput and latency are typically affected by GPU VRAM, concurrency, and batching strategies; when capacity is insufficient, scale horizontally by adding instances or upgrade GPU specifications.
+- **Network**: Inference APIs are sensitive to network latency. It is recommended to maintain a stable, low-latency link between the business side and the inference service, avoiding cross-region and high-jitter links.
+- **Parameter Tuning**: When higher throughput or longer context is needed, prioritize evaluating advanced parameters such as `gpu-memory-utilization`, `max-model-len`, and `swap-space`.
+
+### Changes and Observability
+
+- **Upgrade and Rollback**: Control the runtime version through [AI Images](../llm-image); evaluate CUDA, driver, image, and model version compatibility before making changes.
+- **Observability Metrics**: Focus on GPU utilization, VRAM usage, QPS, P95/P99 latency, and error rates.
+- **Log Troubleshooting**: When model loading fails, VRAM is insufficient, or advanced parameter errors occur, check the console logs first as well as `/tmp/vllm.log` inside the container.
+
+## FAQ
+
+### How to enter the container?
+
+The **Terminal** on the instance details page allows you to directly enter the container, useful for checking the model directory, cache directory, or runtime logs.
+
+> Screenshot placeholder: vLLM instance terminal entry
+>
+> Screenshot placeholder: vLLM container terminal interface
+
+### How to view service logs?
+
+Via the frontend interface: Click the corresponding inference instance, go to the details page, then click **Logs** to view vLLM's service output logs, which is useful for error troubleshooting.
+
+> Screenshot placeholder: vLLM instance log page
+
+If you need to further diagnose startup issues, you can also enter the container and check:
+
+```bash
+tail -n 50 /tmp/vllm.log
+```
+
+### Cannot load model after startup
+
+- Check whether the model directory is under `/data/models/huggingface` and whether its contents are complete.
+- Check whether `preferred_model` is spelled correctly and whether the corresponding directory actually exists.
+- Check whether the specifications meet the VRAM and memory peak requirements for model loading.
+- Check whether advanced parameters include options not supported by the current image version.
+
+### `/v1/models` returns results, but calls report model not found
+
+- The `model` field in requests should exactly match the `id` returned by `/v1/models`.
+- Do not directly use repository names, parent directory paths, or self-guessed names; the platform uses the leaf directory name of the final loaded model directory as `served-model-name`.
+
+### Low throughput or high latency
+
+- Check whether GPU utilization and VRAM usage are too low or too high, and check for CPU, memory, or network bottlenecks.
+- Adjust specifications and concurrency strategies, and scale horizontally with multiple instances to distribute traffic if necessary.
+- Evaluate whether parameter tuning for `gpu-memory-utilization`, context length, or load distribution strategies is needed based on business request volume.
+
+### GPU unavailable or driver mismatch
+
+- Check the driver, CUDA version, and node status according to [NVIDIA and CUDA Environment Setup](../../getting-started/setup-nvidia-cuda).
+- Run `nvidia-smi` on the node to verify the driver and GPU status.
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/introduction/index.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/introduction/index.mdx
index 3910e082..5a39207b 100644
--- a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/introduction/index.mdx
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/introduction/index.mdx
@@ -6,16 +6,42 @@ title: Product Introduction
 
 # Product Introduction
 
-Cloudpods AI Cloud provides unified management and operations for large language models (LLMs) and other AI container applications, helping enterprises deploy, scale, and monitor AI workloads on a single platform.
+Cloudpods AI Cloud is a unified management platform for large language model (LLM) inference and AI container applications, helping enterprises deploy, schedule, and operate AI workloads on a single platform, seamlessly integrated with the Cloudpods private cloud / multi-cloud resource ecosystem.
 
-## Overview
+## Core Capabilities
 
-**Manage LLM and other AI container applications**: Manage and operate LLMs, vector databases, inference services, and other containerized AI applications—including deployment, scheduling, and lifecycle management. AI Cloud works with Cloudpods private cloud and multi-cloud management to deliver integrated operations from infrastructure to AI applications.
+- **AI Inference Services**: Deploy and manage LLM inference instances with GPU scheduling, model mounting, and inference service address allocation.
+- **AI Application Management**: One-stop deployment of LLM application orchestration, agent assistants, image generation, and other AI container applications.
+- **Model Library**: Unified management of model sources, versions, and caches, supporting multi-instance reuse, offline distribution, and avoiding redundant downloads.
+- **Templates and Images**: Define resource specifications such as CPU/memory/GPU through templates, and manage container runtime environments through images for standardized delivery.
+- **GPU Operations**: Automatic GPU device detection and registration, with unified configuration and management of NVIDIA/CUDA environments.
 
-## Features
+## Console Features
 
-- Deploy and orchestrate AI container applications
-- Resource scheduling and monitoring for LLM and related services
-- Integration with existing Cloudpods resource and permission model
+After entering the **Artificial Intelligence** section of the console, there are three main modules:
 
-More capabilities and guides will be added in future releases.
+- **Applications**: Manage AI application instances and application templates.
+- **Inference**: Manage inference instances, inference templates, and inference model libraries.
+- **Images**: Manage container images used by AI applications and inference services.
+
+Instance = Image + Template Spec + (optional) Model.
+
+## Supported Applications
+
+### AI Inference
+
+- **Ollama**: A lightweight local LLM inference service that requires GPU, suitable for quick validation and small-scale inference scenarios.
+<!-- - **vLLM**：高吞吐、低延迟推理服务。 -->
+
+### AI Applications
+
+- **Dify**: An LLM application development and orchestration platform that supports building conversational, RAG, Agent, and workflow applications. Does not require GPU.
+- **OpenClaw**: An open-source self-hosted personal agent assistant. Does not require GPU.
+- **ComfyUI**: An image generation and visual workflow application with node-based workflow orchestration. Requires GPU.
+
+## Getting Started
+
+- Deploy the platform: [Quick Start](../getting-started/quickstart)
+- Configure GPU environment: [NVIDIA/CUDA](../getting-started/setup-nvidia-cuda)
+- User guide: [User Guide](../guides)
+- Platform operations: [Operations Guide](../operations)
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/databases b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/databases
new file mode 120000
index 00000000..86376cce
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/databases
@@ -0,0 +1 @@
+../../shared/operations/databases
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/fe b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/fe
new file mode 120000
index 00000000..ffcf90fd
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/fe
@@ -0,0 +1 @@
+../../shared/operations/fe
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/ha b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/ha
new file mode 120000
index 00000000..c1521536
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/ha
@@ -0,0 +1 @@
+../../shared/operations/ha
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/index.mdx b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/index.mdx
new file mode 100644
index 00000000..6fa1e262
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/index.mdx
@@ -0,0 +1,13 @@
+---
+sidebar_position: 3
+hide_table_of_contents: true
+edition: ce
+---
+
+# Operations Guide
+
+Covers AI Cloud platform operations and management, including upgrading, GPU operations, AI instance operations, service component operations, and more.
+
+import IndexDocCardList from '@site/src/components/IndexDocCardList';
+
+<IndexDocCardList />
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/k8s b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/k8s
new file mode 120000
index 00000000..9299d666
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/k8s
@@ -0,0 +1 @@
+../../shared/operations/k8s
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/log b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/log
new file mode 120000
index 00000000..fedd5ec0
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/log
@@ -0,0 +1 @@
+../../shared/operations/log
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/platform-issues b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/platform-issues
new file mode 120000
index 00000000..7d93bf5d
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/platform-issues
@@ -0,0 +1 @@
+../../shared/operations/platform-issues
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/recovery.md b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/recovery.md
new file mode 120000
index 00000000..5434e62d
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/recovery.md
@@ -0,0 +1 @@
+../../shared/operations/recovery.md
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/uninstallation.md b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/uninstallation.md
new file mode 100644
index 00000000..70b73b92
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/uninstallation.md
@@ -0,0 +1,59 @@
+---
+sidebar_position: 25
+edition: ce
+---
+
+# Uninstallation
+
+Depending on the installation method, the uninstallation methods vary as follows.
+
+## Ocboot Installation {#ocboot}
+
+Ocboot quick installation refers to installing a K3s or Kubernetes cluster on a server in an All in One manner, and then deploying the AI Cloud platform in the cluster.
+
+Therefore, uninstalling AI Cloud only requires uninstalling the installed K3s or Kubernetes cluster and the related packages installed on the server.
+
+import OcbootUninstall from '@site/src/components/OcbootUninstall'
+
+<OcbootUninstall />
+
+Uninstall GPU drivers (optional):
+
+```bash
+# Check installed NVIDIA packages
+$ rpm -qa | grep nvidia
+# or
+$ dpkg -l | grep nvidia
+
+# Uninstall NVIDIA drivers (CentOS/OpenEuler example)
+$ yum -y remove nvidia-driver* cuda*
+```
+
+Uninstall database (CentOS/OpenEuler example):
+
+```bash
+$ yum -y remove mariadb*
+$ rm -rf /var/lib/mysql  # To keep original data, run: mv -f /var/lib/mysql /var/lib/mysql.$(date +"%Y%m%d-%H%M").bak
+$ rm -rf /etc/my.conf
+```
+
+Clean up model data (optional):
+
+```bash
+# If you no longer need the downloaded model files
+$ rm -rf /opt/cloud/workspace/llm_models
+```
+
+Reboot the machine to restore the previous network:
+
+```bash
+$ reboot
+```
+
+Uninstall openvswitch (reboot first, then uninstall openvswitch to avoid potential network disconnection):
+
+```bash
+$ systemctl disable --now openvswitch
+$ yum -y remove openvswitch-*
+$ rm -rf /etc/openvswitch
+```
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/upgrading b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/upgrading
new file mode 120000
index 00000000..71814198
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/operations/upgrading
@@ -0,0 +1 @@
+../../shared/operations/upgrading
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/current/release-notes b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/release-notes
new file mode 120000
index 00000000..d76f24d8
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/current/release-notes
@@ -0,0 +1 @@
+../shared/release-notes
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-aicloud/shared b/i18n/en/docusaurus-plugin-content-docs-aicloud/shared
new file mode 120000
index 00000000..8b0a16db
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-aicloud/shared
@@ -0,0 +1 @@
+../docusaurus-plugin-content-docs/current
\ No newline at end of file
diff --git a/i18n/en/docusaurus-plugin-content-docs-cmp/current/guides/cloudaccounts/cloudaccount.md b/i18n/en/docusaurus-plugin-content-docs-cmp/current/guides/cloudaccounts/cloudaccount.md
new file mode 100644
index 00000000..6fd62441
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs-cmp/current/guides/cloudaccounts/cloudaccount.md
@@ -0,0 +1,2603 @@
+---
+sidebar_position: 0.1
+---
+
+# Cloud Account
+
+Cloud accounts are used to establish connections with private cloud and public cloud platforms, synchronize related resources, and perform management operations.
+
+The Cloud Management Platform establishes connections with different platforms through cloud accounts and synchronizes platform resources to the Cloud Management Platform for management. Resources of a cloud account belong to a specific domain. Resources in different domains are isolated, and the sharing feature can be used to allow other domains to use cloud account resources. When three-level permissions are not enabled in the system, all cloud resources belong to the default domain by default.
+
+Currently, the platform supports managing the following platforms:
+
+- Public Cloud: Alibaba Cloud (Public Cloud and Finance Cloud), Azure, Tencent Cloud, AWS, Huawei Cloud, UCloud, Google Cloud, China Telecom Cloud, etc. More cloud platforms will be supported in the future to meet user needs.
+- Private Cloud: VMware, ZStack, DStack, OpenStack, Alibaba Apsara Stack, HCSO, etc.
+
+Public cloud platform billing collection rules:
+
+- Only Alibaba Cloud, AWS, Azure, Huawei Cloud, and Google support configuring billing file access information for billing collection. Tencent Cloud can collect billing information via API.
+- When users configure or modify billing file information, the current month's bills will be collected. For example: if billing file access information is configured on the 3rd, bills from the 1st to 2nd will be collected; if configured on the 30th, bills from the 1st to 29th will be collected. If configured on the 1st, bills from the 1st to 31st of the previous month will be collected.
+- When billing triggers multiple collections, the last collection result prevails.
+
+**Entry**: In the Cloud Management Platform, click the navigation menu in the upper left corner, and in the pop-up left menu bar, click the **_"Multi-Cloud Management/Cloud Accounts/Cloud Accounts"_** menu item to enter the Cloud Accounts page.
+
+![](./images/account1.png)
+
+## Create Cloud Account
+
+:::tip
+- To manage public cloud platforms on the platform, the cloud account must have at least management permissions for the operated resources. It is recommended to grant the cloud account management permissions for all platform features.
+- The domain of an added cloud account cannot be changed. If a user needs to synchronize cloud account resources to another domain, they can delete the cloud account on the platform and re-add the cloud account to the specified domain. Deleting a cloud account on the platform only removes the management of cloud account resources and will not affect the resources on the cloud account.
+:::
+
+### Create Alibaba Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Alibaba Cloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Alibaba Cloud account.
+   - Account Type: Currently supports connecting to Alibaba Cloud accounts for Public Cloud and Finance Cloud.
+   - Key ID/Secret: Connect to the Alibaba Cloud platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [Alibaba Cloud Parameter Retrieval Methods](#alibaba-cloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+
+:::warning
+If the added Alibaba Cloud account is a new account, please first enable OSS service on the Alibaba Cloud platform.
+:::
+   - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+   - Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Billing Bucket URL?](#how-to-get-the-billing-bucket-url).
+   - File Prefix: When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket. The billing file prefix for Alibaba Cloud is the account ID, which can be viewed in Account Management - Security Settings.
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Currently only supports accounts managed by this platform.
+       - Accounts Managed by This Platform: Collects billing information for the primary account and sub-accounts associated with the primary account. If the primary account only serves as a payment account for other accounts, billing files collected from other accounts will be discarded.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the Alibaba Cloud account.
+
+
+#### Alibaba Cloud Parameter Retrieval Methods
+
+##### Primary Account AccessKey Retrieval
+
+1. Log in to the Alibaba Cloud console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"accesskeys"_** menu item to enter the Security Information Management page.
+   ![](./images/aliyun-accesskeys.png)
+
+2. On the Security Information Management page, you can view existing AccessKey information, or click the **_"Create AccessKey"_** button to create a new user AccessKey. When creating a new AccessKey, Alibaba Cloud will send a verification code to the account contact's phone, and the AccessKey can only be created after verification.
+   ![](./images/aliyun-get_acceesskey_list.png)
+
+3. The Access Key Secret is hidden by default. Click the "**Show**" link, and Alibaba Cloud will send a verification code to the account owner's contact phone. The Access Key Secret will only be displayed after verification.
+   ![](./images/aliyun-get_access_key_secret.png)
+
+##### How RAM Sub-Account Gets Access Key
+
+1. Log in to the Alibaba Cloud console using the sub-account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click "**accesskey...**" to enter the Security Information Management page.
+   ![](./images/aliyun_ram_get_access_key.png)
+
+2. On the Security Information Management page, click the **_"Create AccessKey"_** button to create an AccessKey.
+   ![](./images/aliyun_get_ram_access_key_create.png)
+
+3. After successful creation, the AccessKeySecret information will only be displayed once. Please save it promptly.
+   ![](./images/aliyun_ram_access_key_get.png)
+
+:::warning
+- The AccessKeySecret of an already created AccessKey cannot be viewed again.
+- To synchronize Alibaba Cloud resource directory information, you need to additionally add AliyunSTSAssumeRoleAccess (permission to call the STS service AssumeRole API) and AliyunResourceDirectoryReadOnlyAccess (resource directory service read-only) permissions.
+
+:::
+
+##### What Permissions Does the Cloud Account Need to Manage Alibaba Cloud Resources Through the Platform
+
+To manage Alibaba Cloud resources using the platform, the connected cloud account needs sufficient permissions. Below are the permission policies used for managing cloud resources. If error messages occur due to the connected account not being authorized, please authorize the connected account according to the following instructions:
+
+| Permission Notes                               | Read-Only Permission                                          | Read-Write Permission                                 |
+| :----------                        | :--------                                         | :----------                                  |
+| Permission to manage all Alibaba Cloud resources                       | ReadOnlyAccess                                    | AdministratorAccess                          |
+| Permission to manage Elastic Compute Service (ECS)   | AliyunECSReadOnlyAccess                           | AliyunECSFullAccess                          |
+| Permission to manage Virtual Private Cloud (VPC)           | AliyunVPCReadOnlyAccess                           | AliyunVPCFullAccess                          |
+| Permission to manage Elastic IP Address (EIP)                                | AliyunEIPReadOnlyAccess                           | AliyunEIPFullAccess                          |
+| Permission to manage ECS Elastic Network Interfaces                           | AliyunVPCNetworkIntelligenceReadOnlyAccess        | AliyunECSNetworkInterfaceManagementAccess    |
+| Permission to manage Object Storage Service (OSS)                           | AliyunOSSReadOnlyAccess                           | AliyunOSSFullAccess                          |
+| Permission to manage NAT Gateway                                | AliyunNATGatewayReadOnlyAccess                    | AliyunNATGatewayFullAccess                   |
+| Permission to manage Application Load Balancer (ALB)                                | AliyunALBReadOnlyAccess                    | AliyunALBFullAccess                   |
+| Permission to manage Server Load Balancer (SLB)                           | AliyunSLBReadOnlyAccess    | AliyunSLBFullAccess   |
+| Permission to manage ApsaraDB (RDS)                                | AliyunRDSReadOnlyAccess                           | AliyunRDSFullAccess                          |
+| Permission to manage ApsaraDB for Redis (Kvstore)                           | AliyunKvstoreReadOnlyAccess                       | AliyunKvstoreFullAccess                      |
+| Permission to manage ActionTrail                           | AliyunActionTrailFullAccess                       | AliyunActionTrailFullAccess                  |
+| Permission to manage File Storage Service (NAS)                                | AliyunNASReadOnlyAccess                           | AliyunNASFullAccess                          |
+| Permission to manage Web Application Firewall (WAF)                                | AliyunYundunWAFReadOnlyAccess                     | AliyunYundunWAFFullAccess                    |
+| Permission to manage Resource Access Management (RAM), i.e., manage users and authorization                                | AliyunRAMReadOnlyAccess                           | AliyunRAMFullAccess                          |
+| Permission to manage Public DNS (PubDNS)                                | AliyunPubDNSReadOnlyAccess | AliyunPubDNSFullAccess|
+| Permission to manage DNS Resolution                                | AliyunDNSReadOnlyAccess | AliyunDNSFullAccess|
+| Permission to manage Enterprise Finance Console (EFC)                     | AliyunFinanceConsoleReadOnlyAccess                | AliyunFinanceConsoleFullAccess               |
+| Permission to manage CloudMonitor                               | AliyunCloudMonitorReadOnlyAccess                  | AliyunCloudMonitorFullAccess                 |
+| Permission to manage Resource Directory                               | AliyunCloudMonitorReadOnlyAccess                  | AliyunResourceDirectoryReadOnlyAccess                 |
+
+##### How to Authorize a Sub-Account
+
+1. Log in to the Alibaba Cloud console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"Access Control"_** menu item to enter the Access Control page.
+   ![](./images/aliyun_access_control.png)
+
+2. Click the **_"User Management"_** menu item in the left menu bar to enter the User Management page.
+   ![](./images/aliyun_access_control_all.png)
+
+3. On the User Management page, click the **_"Authorize"_** button in the operation column of the specified user to perform authorization. For the permissions that the account must have to manage Alibaba Cloud resources through the platform, please see [What Permissions Does the Cloud Account Need to Manage Alibaba Cloud Resources Through the Platform](#what-permissions-does-the-cloud-account-need-to-manage-alibaba-cloud-resources-through-the-platform).
+   ![](./images/aliyun_ram_user_access_control.png)
+
+##### How to Get the Billing Bucket URL?
+
+:::tip
+Alibaba Cloud international accounts do not have billing bucket configuration. You need to contact Alibaba Cloud customer service for assistance with pushing.
+:::
+
+1. Taking an Alibaba Cloud primary account as an example, log in to the Alibaba Cloud console with the primary account, click the dropdown menu **_"User Center"_** under the top [Expenses] menu to enter the Expenses User Center page.
+   ![](./images/aliyunusercenter.png)
+
+2. Click the **_"Set Bill Data Storage"_** button to enter the Bill Data Storage page.
+   ![](./images/aliyunusercenterhome.png)
+
+3. View and record the bucket names for BillingItemDetail and SplitItemDetailDaily. If not set, you need to subscribe these two bills to the same bucket on this page. After setup, daily incremental billing data will be synchronized to the corresponding OSS. It is recommended that the bucket only stores billing files.
+   ![](./images/aliyunossbucket1.png)
+
+:::tip
+Since tags for Alibaba Cloud OSS and similar resource types are not available in the billing item consumption details, they only appear in the split bill. Therefore, if you need to use tags on expenses to analyze costs, please configure SplitItemDetailDaily to the storage bucket.
+:::
+
+4. On the Object Storage page of the Alibaba Cloud console, view the overview information of the corresponding bucket. The bucket domain name is the bucket URL.
+   ![](./images/aliyunbucketurl.png)
+
+
+### Create AWS Account
+
+1. On the Public Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as AWS, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the AWS account.
+   - Account Type: Currently supports connecting to AWS cloud accounts in the Global region and China region.
+   - Key ID/Secret: The Key ID and Secret information for connecting to the AWS platform. For details, please refer to [AWS Parameter Retrieval Methods](#aws-parameter-retrieval-methods). To manage AWS organization accounts, please refer to [How to Manage AWS Organizations Accounts](#how-to-manage-aws-organizations-accounts). AWS Organization-associated organization accounts will be displayed as cloud subscriptions.
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+   - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+   - Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Bucket URL?](#how-to-get-the-billing-bucket-url-1).
+   - File Prefix: When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket. The file prefix for AWS is the account ID.
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Includes accounts managed by this platform and all accounts.
+       - Accounts Managed by This Platform: Collects billing information for the primary account and organization accounts associated with the primary account. If the AWS account only serves as a payment account for other AWS accounts, billing files collected from other AWS accounts will be discarded.
+       - All Bills: Collects all bills of the primary account. For billing entries where no corresponding cloud account can be found on the platform, the cloud subscription will be displayed as "this cloud account name - the numeric ID of the cloud account associated with that billing entry".
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the AWS account.
+
+
+#### AWS Parameter Retrieval Methods
+
+##### Getting AWS Access Keys
+
+1. Log in to the AWS Management Console using the AWS primary account (or a sub-account with Administrator Access management permissions), and click the **_"IAM"_** menu item to enter the IAM Dashboard page.
+   ![](./images/faq_account_aws_1.png)
+
+2. Click the **_"Users"_** menu item in the left menu bar to enter the user management list. Click the username to enter the specified user details page. Note that you need to select a user with sufficient management permissions.
+   ![](./images/faq_account_aws_2.png)
+
+3. Click the "**Security credentials**" tab.
+   ![](./images/faq_account_aws_3.png)
+
+4. Click the **_"Create access key"_** button. In the pop-up Create Access Key dialog, you can see the key information, i.e., Key ID (Access Key ID) and Secret (Access Key Secret).
+   ![](./images/faq_account_aws_4.png)
+
+:::warning
+The private access key is only visible at creation time. Please copy and save it. If accidentally lost, simply create a new one.
+:::
+
+##### What Permissions Does the Cloud Account Need to Manage AWS Resources Through the Platform?
+
+| Permission Notes                              | Read-Only Permission                              | Read-Write Permission                          |
+| :----------                           | :--------                             | :----------                       |
+| Permission to manage all AWS resources                 | ReadOnlyAccess                        | AdministratorAccess               |
+| Permission to manage Amazon EC2    | AmazonEC2ReadOnlyAccess               | AmazonEC2FullAccess               |
+| Permission to manage Amazon VPC        | AmazonVPCReadOnlyAccess               | AmazonVPCFullAccess               |
+| Permission to manage Amazon S3         | AmazonS3ReadOnlyAccess                | AmazonS3FullAccess                |
+| Permission to manage Elastic Load Balancing (ELB)           | ElasticLoadBalancingReadOnly          | ElasticLoadBalancingFullAccess    |
+| Permission to manage Amazon RDS    | AmazonRDSReadOnlyAccess               | AmazonRDSFullAccess               |
+| Permission to manage Amazon ElastiCache  | AmazonElastiCacheReadOnlyAccess       | AmazonElastiCacheFullAccess       |
+| Permission to manage AWS CloudTrail    | AWSCloudTrailReadOnlyAccess           | AWSCloudTrail_FullAccess          |
+| Permission to manage Amazon EFS    | AmazonElasticFileSystemReadOnlyAccess | AmazonElasticFileSystemFullAccess |
+| Permission to manage Web Application Firewall (WAF)             | AWSWAFReadOnlyAccess                  | AWSWAFFullAccess                  |
+| Permission to manage Identity and Access Management (IAM)         | IAMReadOnlyAccess                     | IAMFullAccess                     |
+| Permission to manage Amazon Route 53 | AmazonRoute53ReadOnlyAccess           | AmazonRoute53FullAccess           |
+| Permission to manage billing and costs                  | AWSBillingReadOnlyAccess              | Billing                           |
+| Permission to manage Amazon CloudWatch   | CloudWatchReadOnlyAccess              | CloudWatchFullAccess              |
+
+##### How to Get the Billing Bucket URL?
+
+
+**New Version**
+
+AWS accounts created after 2019/08/07 must use this method to configure and obtain the bucket URL and file prefix.
+
+1. Log in to the AWS Management Console using the AWS primary account, click the dropdown menu **_"My Billing Dashboard"_** under the [username] in the upper right corner to enter the Billing and Cost Management Dashboard page.
+
+    ![](./images/awsbilling.png)
+
+2. Click the **_"Cost & Usage Reports"_** menu item in the left menu, and on the AWS Cost and Usage Reports page, click the **_"Create report"_** button to enter the Create Report page.
+
+    ![](./images/awscostreport.png)
+
+3. Configure the report name, check "Include resource IDs", and click the **_"Next"_** button to enter the Delivery Options page.
+
+    ![](./images/awscreatecostreport.png)
+
+4. Configure the S3 bucket, which supports selecting an existing bucket or creating a new one.
+
+    ![](./images/awscosts3.png)
+    ![](./images/awscosts3policy.png)
+
+5. Configure the report path prefix, set the time granularity to "Hourly", set the report versioning to "Create new report version", set the compression type to "ZIP", and click the **_"Next"_** button to enter the Review page.
+
+    ![](./images/awscostreportconfig.png)
+
+6. After confirming the configuration is correct, record the S3 bucket and report path prefix shown in the red box, and click the **_"Review and Complete"_** button to complete the configuration and create the report.
+
+    ![](./images/awscostreportfinish.png)
+
+7. On the S3 Storage Management page of the AWS console, view the overview information of any billing file in the corresponding bucket and record the object URL. The bucket URL is the URL with the file name removed, as shown in the red box.
+
+    ![](./images/awscosts3bucketurl.png)
+
+8. The file prefix is the report path prefix from step 6, shown in the red box.
+
+**Legacy Version**
+
+1. Log in to the AWS Management Console using the AWS primary account, click the dropdown menu **_"My Billing Dashboard"_** under the [username] in the upper right corner to enter the Billing and Cost Management Dashboard page.
+
+    ![](./images/awsbilling.png)
+
+2. Click the **_"Billing Preferences"_** in the left menu. On the Preferences page, in the "Cost Management Preferences" section, view and record the S3 bucket for "Receive Billing Reports". If not configured, you need to check "Receive Billing Reports" and configure and verify the S3 bucket. After setup, incremental billing data will be synchronized to the corresponding OSS according to the configured granularity. It is recommended that the bucket only stores billing files.
+
+    ![](./images/awsbillingbucket.png)
+
+3. On the S3 Storage Management page of the AWS console, view the overview information of any billing file in the corresponding bucket and record the object URL. The bucket URL is the URL with the file name removed, as shown in the red box.
+
+    ![](./images/awsbillingbucketurl.png)
+
+4. The file prefix for AWS is the AWS account ID.
+
+:::tip
+When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket.
+:::
+
+
+#### How to Manage AWS Organizations Accounts?
+
+1. Configure AWS Organizations: Use an AWS organization account to associate AWS accounts. Supports creating new AWS accounts and inviting existing AWS accounts. The invited AWS account must have the "OrganizationAccountAccessRole" role.
+2. Get Access Keys: Create access keys for the IAM user of the management account in the AWS organization account. It is recommended to use a user with AdministratorAccess permissions.
+
+##### Configure AWS Organizations
+
+1. Log in to the AWS Management Console using the AWS primary account (or a sub-account with AdministratorAccess management permissions), click the dropdown menu **_"My Billing Dashboard"_** under the [username] in the upper right corner to enter the Billing and Cost Management Dashboard page.
+
+    ![](./images/awsbilling.png)
+
+2. Click the **_"Consolidated Billing"_** menu item on the right to enter the AWS Organizations page.
+
+    ![](./images/awsorgmenu.png)
+
+3. On the AWS Organizations - AWS Accounts page, add AWS accounts. There are currently two ways to add AWS accounts to an Organization.
+    - Create AWS Account: Set the AWS account name, account owner email address, and IAM role name (OrganizationAccountAccessRole), and click the **_"Create AWS Account"_** button to create the AWS account.
+
+        ![](./images/awscreateorgaccount.png)
+    - Invite Existing AWS Account: Set the email address or account ID of the AWS account to invite, and click the **_"Send Invitation"_** button. Wait for the account owner to accept the request and join the Organization. Additionally, the existing AWS account must have the OrganizationAccountAccessRole role. If it does not exist, please refer to [How to Add the OrganizationAccountAccessRole Role to an AWS Account?](#how-to-add-the-organizationaccountaccessrole-role-to-an-aws-account).
+
+        ![](./images/awsorginviteaccount.png)
+
+##### Get Access Keys
+
+1. Get access keys from the management account of AWS Organizations. It is recommended to use an IAM user with AdministratorAccess permissions to create access keys.
+2. For the specific steps to get access keys, please refer to [Getting AWS Access Keys](#getting-aws-access-keys).
+
+##### How to Add the OrganizationAccountAccessRole Role to an AWS Account?
+
+1. Log in to the AWS Management Console using the AWS primary account (or a sub-account with AdministratorAccess management permissions), and click the **_"IAM"_** menu item to enter the IAM Dashboard page.
+2. Click the **_"Roles"_** menu item on the right. On the Roles page, click the **_"Create role"_** button to enter the Create Role page.
+
+    ![](./images/awscreaterole.png)
+
+3. Select the trusted entity type as "Another AWS account" and enter the account ID of the AWS organization management account, then click the **_"Next: Permissions"_** button.
+
+    ![](./images/awsroleconfig.png)
+
+4. Attach the "AdministratorAccess" permission policy, and click the **_"Next: Tags"_** button.
+
+    ![](./images/awsroleconfigpolicy.png)
+
+5. Please configure tags according to your needs. After configuration, click the **_"Next: Review"_** button.
+6. Set the role name to "OrganizationAccountAccessRole" and click the **_"Create role"_** button.
+
+    ![](./images/awsroleconfigconfirm.png)
+
+
+### Create Azure Account
+
+1. On the Public Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Azure, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Azure account.
+   - Account Type: Currently supports connecting to Azure cloud accounts in the Global, China, US Government, and Germany regions.
+   - Tenant ID/Client ID/Client Secret: Please refer to [Azure Parameter Retrieval Methods](#azure-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+   - Enable SSO Login: After enabling this, the system becomes the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform. Currently, only Azure Global supports the SSO login feature, which requires selecting the Global region as the account type to display this option. Additionally, some necessary configurations need to be done on the Azure platform. For details, please refer to [Configure Azure External Identities](#configure-azure-external-identities) and [Configure Chrome Browser](#configure-chrome-browser).
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to manage billing data on the Cloud Management Platform, you can click the **_"Skip"_** button. If you need to view billing information on the Cloud Management Platform, please configure the relevant parameters.
+
+:::tip
+Azure previously synchronized bills through EA. Currently, Azure International no longer supports this method. Azure China currently supports it, but it is expected to expire this year. In the future, bills will be unified through bucket configuration.
+:::
+
+Billing Bucket
+- Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the Cloud Management Platform, and select the primary account when using the associated account.
+   - Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Azure Billing Bucket?](#how-to-get-the-azure-billing-bucket).
+   - File Prefix: When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket. The file prefix for AWS is the account ID.
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Includes accounts managed by this platform and all accounts.
+       - Accounts Managed by This Platform: Collects billing information for the primary account and organization accounts associated with the primary account. If the AWS account only serves as a payment account for other AWS accounts, billing files collected from other AWS accounts will be discarded.
+       - All Bills: Collects all bills of the primary account. For billing entries where no corresponding cloud account can be found on the platform, the cloud subscription will be displayed as "this cloud account name - the numeric ID of the cloud account associated with that billing entry".
+   - Collect Bills Immediately: The Cloud Management Platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+
+EA Account
+- EA (Enterprise Agreement) account expenditure obtains billing information through enrollment number and key. Please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+   - Enrollment Number: A unique identifier associated with the online advanced service agreement, a number starting with V570.
+   - Key: API access key. For details, please refer to [How to Get the Azure Enrollment Number and Key](#how-to-get-the-azure-enrollment-number-and-key).
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Includes accounts managed by this platform and all accounts.
+       - Accounts Managed by This Platform: Collects billing information for the primary account and organization accounts associated with the primary account. If the Azure account only serves as a payment account for other Azure accounts, billing files collected from other Azure accounts will be discarded.
+       - All Bills: Collects all bills of the primary account. For billing entries where no corresponding cloud account can be found on the platform, the cloud subscription will be displayed as "this cloud account name - the numeric ID of the cloud account associated with that billing entry".
+   - Collect Bills Immediately: The Cloud Management Platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+8. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the Azure account.
+
+
+#### Azure Parameter Retrieval Methods
+
+##### Getting Azure Tenant ID and Client Information
+
+1. Log in to the Azure console, click the **_"Azure Active Directory/App registrations"_** menu item in the left navigation bar to enter the App Registrations page. It is recommended to create a dedicated application for the Cloud Management Platform to call Azure APIs.
+   ![](./images/azureregisterapp.png)
+
+2. Click the **_"New registration"_** button. On the Register an Application page, set the name to any value, set the supported account types to "Accounts in this organizational directory only", set the redirect URI to web, and enter a URL address starting with "https://" or "[http://localhost](http://localhost)", then click the **_"Register"_** button.
+   ![](./images/azureregisteredapp.png)
+
+3. After successful creation, the system automatically displays the details page of the newly created application. The Application (client) ID on this page is the required Client ID, and the Directory (tenant) ID is the required Tenant ID.
+   ![](./images/azureclientid.png)
+
+4. On the application details page, click the **_"Certificates & secrets"_** menu item to enter the Certificates & Secrets page. Click the **_"New client secret"_** button.
+   ![](./images/azureclientsecretlist.png)
+
+5. In the pop-up Add Client Secret dialog, enter a description and set the expiration to "Never", then click the **_"Add"_** button to create the client secret.
+   ![](./images/azurecreatesecret.png)
+
+6. After saving successfully, the Value of the secret on the page is the required client secret information.
+   ![](./images/azureclientsecret.png)
+
+##### How to Authorize Subscription Permissions to an Application
+
+1. Log in to the Azure console, click the **_"All services"_** menu item in the left navigation bar, and select and click **_"Subscriptions"_** in the all services list to enter the Subscriptions list.
+   ![](./images/azuresub.png)
+
+2. Click the subscription to be authorized to enter the subscription details page.
+   ![](./images/azuresublist.png)
+
+3. Click [Access control (IAM)], and on the Access Control page, click the **_"Add role assignment"_** button to enter the Add Role Assignment page.
+   ![](./images/azuresubrole.png)
+
+4. Set the role to "Owner", click the **_"Next"_** button, set the access assignment to "User, group, or service principal", click the **_"Select members"_** button, search for the name of the application created in the previous step in the search box, select the application, click the **_"Next"_** button, then click the **_"Review + assign"_** button.
+
+   ![](./images/azure1.png)
+   ![](./images/azure2.png)
+   ![](./images/azure3.png)
+   ![](./images/azure4.png)
+5. On the Role Assignments page, verify that the subscription permissions have been authorized to the application.
+
+   ![](./images/azure5.png)
+
+##### Application API Permission Settings
+
+Please ensure the application has the following permissions under the Azure Active Directory API.
+
+ | Region        | API Permissions                                                                                                                                                                    |
+ | ---------   | ----------                                                                                                                                                                 |
+ | Azure China   | Directory: Directory.Read.All, Directory.ReadWrite.All<br/> Domain: Domain.Read.All                                                                                        |
+ | Azure Global | Directory: Directory.Read.All, Directory.ReadWrite.All<br/> Domain: Domain.Read.All, Domain.ReadWrite.All; <br/>Member:  Member.Read.Hidden; <br/>Policy: Policy.Read.All; |
+
+**View and Setup Steps**
+
+Taking Azure China as an example.
+
+1. In the Azure console, click the **_"Azure Active Directory/App registrations"_** menu item in the left navigation bar to enter the App Registrations page.
+2. On the details page of the newly registered application, click the **_"API permissions"_** menu item to enter the API Permissions page and view the API permissions.
+
+    ![](./images/azureapilist.png)
+
+3. Check whether the application's API permissions meet the above requirements. If not, click the **_"Add a permission"_** button to open the Request API Permissions dialog.
+
+    ![](./images/azurerequestapi1.png)
+
+4. Select "Azure Active Directory", select "Application permissions" for the application, check all permissions under Directory and Domain, and click the **_"Add permissions"_** button to complete the configuration.
+
+    ![](./images/azurecreateapi1.png)
+
+##### What Permissions Does the Cloud Account Need to Manage Azure Cloud Resources?
+
+| Permission Notes                 | Read-Only Permission                                  | Read-Write Permission                                                            |
+| :----------              | :--------                                 | :----------                                                         |
+| Permission to manage all resources       | Reader                                    | Owner                                                               |
+| Permission to manage virtual machine resources     | -                                         | Virtual Machine Contributor<br/>Classic Virtual Machine Contributor |
+| Permission to manage network resources       | -                                         | Network Contributor,<br/>Classic Network Contributor                |
+| Permission to manage object storage       | Storage Blob Data Reader                  | Storage Blob Data Owner                                             |
+| Permission to manage cloud databases       | Cloud SQL Viewer                          | Cloud SQL Admin                                                     |
+| Permission to manage Redis          | Redis Enterprise Cloud Viewer             | Redis Enterprise Cloud Admin                                        |
+| Permission to manage file storage       | Storage File Data SMB Share Reader        | Storage File Data SMB Share Contributor                             |
+| Permission to manage resource policies and roles | -                                         | Graph Owner<br/>Resource Policy Contributor                         |
+| Permission to manage DNS            | -                                         | DNS Zone Contributor<br/>Private DNS Zone Contributor               |
+| Permission to manage billing costs       | Billing Reader<br/>Cost Management Reader | Cost Management Contributor                                         |
+| Permission to manage monitoring           | Monitoring Reader                         | Monitoring Contributor                                              |
+
+##### How to Get the Azure Billing Bucket
+1. Log in to the Azure console, search for "Cost Management", and click to enter the interface:
+   ![](./images/azure_bucket-1.png)
+
+2. Click the "Export" menu, select the scope. Note that the scope should be set to a group (root directory requires administrator permissions), so that all subscription bills within the group can be merged into one file. If you only want to view bills for a specific subscription, just select the corresponding subscription.
+   ![](./images/azure_bucket-2.png)
+
+3. After selecting the corresponding group as scope, click the "Create" button. Select "Month-to-date costs with daily export" as the export type, and fill in other information as prompted.
+   ![](./images/azure_bucket-3.png)
+
+4. After successful creation, you can manually trigger the billing task to ensure there are billing files in the billing bucket for subsequent testing.
+   ![](./images/azure_bucket-4.png)
+
+
+6. Find the storage account filled in the previous step (you can directly click the storage account in the task list), find the corresponding billing bucket URL, and fill the information into the Cloud Management Platform.
+   ![](./images/azure_bucket-5.png)
+7. Click Container, select the container filled in the billing task, and click the name to enter details.
+
+   ![](./images/azure_bucket-6.png)
+
+8. Click Properties to view the corresponding URL information, and fill this information into the Cloud Management Platform.
+   ![](./images/azure_bucket-7.png)
+
+
+##### How to Get the Azure Enrollment Number and Key
+
+1. Log in to [Azure China EA Portal](https://ea.azure.cn/) or [Azure EA Portal](https://ea.azure.com/). After logging in, the number in the upper left corner is the enrollment number.
+   ![](./images/azure_number.png)
+
+2. Click the **_"Reports"_** menu item in the left navigation bar, select the "Download Usage > API Access Key" tab. The Primary Key on this page is the key.
+   ![](./images/azure_apikey.png)
+
+### Create Huawei Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Huawei Cloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Huawei Cloud account.
+   - Key ID/Secret: The Key ID and Secret information for connecting to the Huawei Cloud platform. For details, please refer to [Huawei Cloud Parameter Retrieval Methods](#huawei-cloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+   - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+   - Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Billing Bucket URL?](#how-to-get-the-billing-bucket-url-2).
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Currently only supports accounts managed by this platform.
+       - Accounts Managed by This Platform: Collects billing information for the primary account and sub-accounts associated with the primary account. If the primary account only serves as a payment account for other accounts, billing files collected from other accounts will be discarded.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the Huawei Cloud account.
+
+#### Huawei Cloud Parameter Retrieval Methods
+
+##### How to Get the Huawei Cloud API Key
+
+**New Version**
+
+1. Log in to the Huawei Cloud console, hover over the username in the upper right corner, and select the **_"My Credentials"_** menu item from the dropdown menu to enter the My Credentials page.
+
+    ![](./images/huaweinewaccount.png)
+2. Click the [Access Keys] menu on the left, and on the Access Keys page, click the **_"Create Access Key"_** button.
+
+    ![](./images/huaweinewak.png)
+
+3. After verification, an Excel file named "credentials" will be downloaded. Open the file to get the Key ID (Access Key ID) and Secret (Secret Access Key).
+    ![](./images/faq_account_huawei_3.png)
+
+**Legacy Version**
+
+1. Log in to the Huawei Cloud console, hover over the username in the upper right corner, and select the **_"My Credentials"_** menu item from the dropdown menu to enter the My Credentials page.
+     ![](./images/faq_account_huawei_1.png)
+2. Click the "**Manage Access Keys**" tab, and on the Manage Access Keys page, click the **_"Create Access Key"_** button.
+     ![](./images/faq_account_huawei_2.png)
+3. After verification, an Excel file named "credentials" will be downloaded. Open the file to get the Key ID (Access Key ID) and Secret (Secret Access Key).
+     ![](./images/faq_account_huawei_3.png)
+
+##### What Permissions Does the Cloud Account Need to Manage Huawei Cloud Resources Through the Platform?
+
+| Permission Notes                                                   | Read-Only Permission                                        | Read-Write Permission                               |
+| :----------                                                | :--------                                       | :----------                            |
+| Permission to manage all Huawei Cloud resources (except IAM)                        | Tenant Guest                                    | Tenant Administrator                   |
+| Permission to manage Elastic Cloud Servers                                     | ECS ReadOnlyAccess                              | ECS FullAccess                         |
+| Permission to manage Elastic Volume Service                                           | EVS ReadOnlyAccess                              | EVS FullAccess                         |
+| Permission to manage Enterprise Project Management Service                                 | EPS ReadOnlyAccess                              | EPS FullAccess                         |
+| Permission to manage Image Management Service                                         | IMS ReadOnlyAccess                              | IMS FullAccess                         |
+| Permission to manage Virtual Private Cloud                                       | VPC ReadOnlyAccess                              | VPC FullAccess                         |
+| Permission to manage NAT Gateway Service                                      | NAT ReadOnlyAccess                              | NAT FullAccess                         |
+| Permission to manage Object Storage Service                                     | OBS ReadOnlyAccess                              | OBS Administrator                      |
+| Permission to manage Elastic Load Balance Service                                 | ELB ReadOnlyAccess                              | ELB FullAccess                         |
+| Permission to manage Relational Database Service                                 | RDS ReadOnlyAccess                              | RDS FullAccess                         |
+| Permission to manage Distributed Cache Service                                   | DCS ReadOnlyAccess                              | DCS FullAccess                         |
+| Permission to manage Cloud Trace Service                                       | CTS ReadOnlyAccess                              | CTS FullAccess                         |
+| Permission to manage Scalable File Service<br/>Permission to manage SFS Turbo | SFS ReadOnlyAccess<br/>SFS Turbo ReadOnlyAccess | SFS FullAccess<br/>SFS Turbo FullAccess |
+| Permission to manage Web Application Firewall Service                                | WAF ReadOnlyAccess                              | WAF FullAccess                         |
+| Permission to manage Identity and Access Management Service                                 | IAM ReadOnlyAccess                              | Security Administrator                 |
+| Permission to manage DNS Service                                       | DNS ReadOnlyAccess                              | DNS FullAccess                         |
+| Permission to manage Billing Center (BSS)                                    | BSS Operator                                    | BSS Administrator                      |
+| Permission to manage Cloud Eye Service                                       | CES ReadOnlyAccess                              | CES FullAccess                         |
+
+##### How to Get the Billing Bucket URL?
+
+**New Version**
+
+1. Log in to the Huawei Cloud platform, click the **_"Billing Center - Bills"_** menu item at the top to enter the Billing Center page.
+    ![](./images/huaweinewconsum.png)
+
+2. Click the [Overview] menu on the left. In the "Bill Data Storage" section on the right side of the Overview page, view and record the object storage name. If not configured, you need to enable bill data storage on this page, configure the OBS bucket for storage, and perform authorization verification. After setup, daily incremental billing data will be synchronized to the corresponding OBS. It is recommended that the bucket only stores billing files.
+
+    ![](./images/huaweinewbillingbucket.png)
+
+3. On the Object Storage Service (OBS) page of the Huawei Cloud console, view the overview information of the corresponding bucket and get the access domain name, which is the bucket URL.
+
+    ![](./images/huaweibillingbucketurl.png)
+
+**Legacy Version**
+
+1. Log in to the Huawei Cloud platform, click the dropdown menu **_"Billing - Consumption Overview"_** under the top [More] menu to enter the Billing Center page.
+   ![](./images/huaweiconsum.png)
+
+2. Click the [Consumption Data Storage] menu on the left. In the Consumption Data Storage page, view and record the object storage bucket name. If not configured, you need to set up the storage bucket and perform authorization verification on this page. After setup, daily incremental billing data will be synchronized to the corresponding OSS. It is recommended that the bucket only stores billing files.
+   ![](./images/huaweibillingbucket.png)
+
+3. On the Object Storage Service (OBS) page of the Huawei Cloud console, view the overview information of the corresponding bucket and get the access domain name, which is the bucket URL.
+   ![](./images/huaweibillingbucketurl.png)
+
+### Create Tencent Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Tencent Cloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Tencent Cloud platform.
+   - APP ID/Key ID/Secret: The Tencent Cloud account's APP ID has a unique correspondence with the account ID. The APP ID/Key ID/Secret for connecting to the Tencent Cloud platform. For details, please refer to [Tencent Cloud Parameter Retrieval Methods](#tencent-cloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+
+:::warning
+If the added Tencent Cloud account is a new account, please first enable COS service on the Tencent Cloud platform.
+:::
+   - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+   - Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Tencent Cloud Billing Bucket URL?](#how-to-get-the-tencent-cloud-billing-bucket-url).
+   - File Prefix: When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket.
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Currently only supports accounts managed by this platform.
+   - Accounts Managed by This Platform: Collects billing information for the primary account and sub-accounts associated with the primary account. If the primary account only serves as a payment account for other accounts, billing files collected from other accounts will be discarded.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the Tencent Cloud account.
+
+
+
+#### Tencent Cloud Parameter Retrieval Methods
+
+##### How to Get the Tencent Cloud API Key
+
+1. Log in to the Tencent Cloud console, click **_"Cloud Products"_** in the upper right corner, search for **_"Cloud API Key"_** in the expanded menu, and click to enter the API Key Management page.
+   ![](./images/faq_account_qcloud_1.png)
+
+2. On the API Key Management page, get the values corresponding to APP ID, Key ID (SecretId), and Secret (SecretKey).
+   ![](./images/faq_account_qcloud_2.png)
+
+##### What Permissions Does the Cloud Account Need to Manage Tencent Cloud Resources Through the Platform?
+
+| Permission Notes                                                                                                              | Read-Only Permission                                                                                                                     | Read-Write Permission                                                                                                     |
+| :----------                                                                                                           | :--------                                                                                                                    | :----------                                                                                                  |
+| Permission to manage all Tencent Cloud resources                                                                                              | ReadOnlyAccess                                                                                                               | AdministratorAccess                                                                                          |
+| Permission to manage Cloud Virtual Machines (CVM)                                                                                               | QcloudCVMReadOnlyAccess                                                                                                      | QcloudCVMFullAccess                                                                                          |
+| Permission to manage Virtual Private Cloud (VPC)                                                                                               | QcloudVPCReadOnlyAccess                                                                                                      | QcloudVPCFullAccess                                                                                          |
+| Permission to manage Elastic IP (EIP)                                                                                                 | -                                                                                                                            | QcloudEIPFullAccess                                                                                          |
+| Permission to manage Cloud Object Storage (COS)                                                                                               | QcloudCOSReadOnlyAccess                                                                                                      | QcloudCOSFullAccess                                                                                          |
+| Permission to manage Cloud Load Balancer (CLB)                                                                                               | QcloudCLBReadOnlyAccess                                                                                                      | QcloudCLBFullAccess                                                                                          |
+| Permission to manage TencentDB for MariaDB<br/>Permission to manage TencentDB for MySQL (CDB)<br/>Permission to manage TencentDB for SQL Server<br/>Permission to manage TencentDB for PostgreSQL | QcloudMariaDBReadOnlyAccess<br/>QcloudCDBReadOnlyAccess<br/>QcloudSQLServerReadOnlyAccess<br/>QcloudPostgreSQLReadOnlyAccess | QcloudMariaDBFullAccess<br/>QcloudCDBFullAccess<br/>QcloudSQLServerFullAccess<br/>QcloudPostgreSQLFullAccess |
+| Permission to manage TencentDB for Redis                                                                                               | QcloudRedisReadOnlyAccess                                                                                                    | QcloudRedisFullAccess                                                                                        |
+| Permission to manage CloudAudit                                                                                          | QcloudAuditReadOnlyAccess                                                                                                    | QcloudAuditFullAccess                                                                                        |
+| Permission to manage Cloud File Storage (CFS)                                                                                               | QcloudCFSReadOnlyAccess                                                                                                      | QcloudCFSFullAccess                                                                                          |
+| Permission to manage Web Application Firewall and get SSL certificate list                                                                            | QcloudWAFReadOnlyAccess                                                                                                      | QcloudWAFFullAccess                                                                                          |
+| Permission to manage Cloud Access Management (CAM)                                                                                             | QcloudCamReadOnlyAccess                                                                                                      | QcloudCamFullAccess                                                                                          |
+| Permission to manage Private DNS<br/>Permission to manage DNSPod                                                                | QcloudDNSPodReadOnlyAccess<br/>QcloudPrivateDNSReadOnlyAccess                                                                | QcloudPrivateDNSFullAccess<br/>QcloudDNSPodFullAccess                                                        |
+| Permission to manage account finance-related content                                                                                          | -                                                                                                                            | QCloudFinanceFullAccess                                                                                      |
+| Permission to manage Cloud Monitor                                                                                             | QcloudMonitorReadOnlyAccess                                                                                                  | QcloudMonitorFullAccess                                                                                      |
+
+##### How to Get the Tencent Cloud Billing Bucket URL
+
+
+1. Log in to the Tencent Cloud console, click the dropdown menu **_"Billing"_** under the top [Expenses] menu to enter the Expenses User Center page.
+   ![](./images/qcloudusercenter.png)
+
+2. Click the **_"Bill Storage"_** button to enter the Bill Data Storage page.
+   ![](./images/qcloudusercenterhome.png)
+
+3. View and record the billing item detail bill bucket name. If not set, you need to subscribe to a bucket on this page. After setup, daily incremental billing data will be synchronized to the corresponding COS. It is recommended that the bucket only stores billing files.
+   ![](./images/qcloudossbucket1.png)
+
+
+4. On the Object Storage page of the Tencent Cloud console, view the overview information of the corresponding bucket. The bucket domain name is the bucket URL.
+   ![](./images/qcloudbucketurl.png)
+
+### Create Volcengine Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Volcengine, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Volcengine account.
+   - Key ID/Secret: Connect to the Volcengine platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [Volcengine Parameter Retrieval Methods](#volcengine-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on sync policy, cloud project, or cloud subscription.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+
+:::warning
+If the added Volcengine account is a new account, please first enable TOS service on the Volcengine platform.
+:::
+   - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+   - Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Volcengine Billing Bucket URL?](#how-to-get-the-volcengine-billing-bucket-url).
+   - File Prefix: When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket.
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Currently only supports accounts managed by this platform.
+       - Accounts Managed by This Platform: Collects billing information for the primary account and sub-accounts associated with the primary account. If the primary account only serves as a payment account for other accounts, billing files collected from other accounts will be discarded.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the Volcengine account.
+
+
+#### Volcengine Parameter Retrieval Methods
+
+
+1. Log in to the Volcengine console using your account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"API Access Key"_** menu item to enter the Security Information Management page.
+   ![](./images/VolcEngine-accesskeys.png)
+
+2. On the Key List Management page, you can view existing AccessKey information, or click the **_"Create Key"_** button to create a new user AccessKey. When creating a new key, Volcengine will send a verification code to the account contact. The AccessKey can only be created after verification.
+   ![](./images/VolcEngine-get_acceesskey_list.png)
+
+3. The Access Key Secret is hidden by default. Click the "**Show**" button, and Volcengine will send a verification code to the account owner's contact. The Access Key Secret will only be displayed after verification.
+   ![](./images/VolcEngine-get_access_key_secret.png)
+
+
+##### What Permissions Does the Cloud Account Need to Manage Volcengine Resources Through the Platform?
+
+To manage Volcengine resources using the platform, the connected cloud account needs sufficient permissions. Below are the common permission policies used for managing cloud resources:
+
+| Permission Notes                               | Read-Only Permission                                          | Read-Write Permission                                 |
+| :----------                        | :--------                                         | :----------                                  |
+| Permission to manage all Volcengine resources                       | ReadOnlyAccess                                    | AdministratorAccess                          |
+
+
+##### How to Authorize a Sub-Account
+
+1. Log in to the Volcengine console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"Access Control"_** menu item to enter the Access Control page.
+   ![](./images/VolcEngine_access_control.png)
+
+2. Click the **_"Users"_** menu item in the left menu bar to enter the User Management page.
+   ![](./images/VolcEngine_access_control_all.png)
+
+3. On the User Management page, click the **_"Manage"_** button in the operation column of the specified user to perform authorization.
+   ![](./images/VolcEngine_ram_user_access_control.png)
+
+##### How to Get the Volcengine Billing Bucket URL
+
+
+1. Log in to the Volcengine console, click the dropdown menu **_"Account Overview"_** under the top [Expenses] menu to enter the Expenses User Center page.
+   ![](./images/VolcEngineusercenter.png)
+
+2. Click the **_"Set Auto Storage"_** button to enter the Bill Data Storage page.
+   ![](./images/VolcEngineusercenterhome.png)
+
+3. View and record the ChargeItemDetail bucket name. If not set, you need to subscribe to a bucket on this page. After setup, daily incremental billing data will be synchronized to the corresponding TOS. It is recommended that the bucket only stores billing files.
+   ![](./images/VolcEngineossbucket1.png)
+
+
+4. On the Object Storage page of the Volcengine console, view the overview information of the corresponding bucket. The bucket domain name is the bucket URL.
+   ![](./images/VolcEnginebucketurl.png)
+
+
+### Create UCloud Account
+
+1. On the Public Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as UCloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the UCloud platform.
+   - Public Key/Private Key: For retrieval methods, please refer to [UCloud Parameter Retrieval Methods](#ucloud-parameter-retrieval-methods).
+   - project_id: Required when using a UCloud sub-account. Not required when using a primary account.
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+6. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the UCloud account.
+
+#### UCloud Parameter Retrieval Methods
+
+##### How to Get the UCloud API Key
+
+1. Log in to the UCloud console, click **_"All Products"_** at the top, search for or select the **_"Open API UAPI"_** menu item to enter the API product page.
+
+    ![](./images/ucloudapi.png)
+
+2. Click the "API Key" tab to enter the API Key page. Click the **_"Show"_** button and perform phone SMS secondary verification.
+
+    ![](./images/ucloudapikeyshow.png)
+
+3. After phone verification, obtain the public key and private key values.
+
+    ![](./images/ucloudapikeypair.png)
+
+4. If using a sub-account, in addition to obtaining the public key or private key, you also need to obtain the project_id. Get the project_id from "Access Control - User Management - Sub-Account Details" as the project ID of the application project in personal permissions.
+
+    ![](./images/ucloudprojectid.png)
+
+
+##### What Permissions Does the Cloud Account Need to Manage UCloud Resources?
+
+| Permission Policy            | Policy Description                        |
+| :------------------ | :---------------------- |
+| AdministratorAccess | Super administrator permission |
+
+### Create Google Account
+
+:::warning
+- Please ensure network connectivity between the platform and Google Cloud.
+- If the platform cannot connect to Google Cloud, you can access Google Cloud through proxy configuration.
+:::
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as "Google", click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Google Cloud account.
+   - project_id, private_key_id, private_key, client_email and other parameters can be found in [Google Parameter Retrieval Methods](#google-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+   - Billing Data Source: Select the storage path for Google billing, including Bigquery and bucket. Currently, Google billing no longer supports bucket.
+   - When the billing data source is "Bigquery", configure the following parameters:
+       - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+       - Bigquery Table ID: The table ID of the dataset storing Google billing. For details, please refer to [How to Configure and Get Bigquery Configuration Information on the Google Cloud Platform?](#how-to-configure-and-get-bigquery-configuration-information-on-the-google-cloud-platform).
+       - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Currently only supports accounts managed by this platform.
+           - Accounts Managed by This Platform: Collects billing information for the primary account and sub-accounts associated with the primary account. If the primary account only serves as a payment account for other accounts, billing files collected from other accounts will be discarded.
+   - When the billing data source is "Bucket", configure the following parameters:
+       - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+       - Billing File/Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Billing File Bucket URL and File Prefix?](#how-to-get-the-billing-file-bucket-url-and-file-prefix).
+       - Billing File/File Prefix: The report prefix information from the file export. When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket.
+       - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Currently only supports accounts managed by this platform.
+           - Accounts Managed by This Platform: Collects billing information for the primary account and sub-accounts associated with the primary account. If the primary account only serves as a payment account for other accounts, billing files collected from other accounts will be discarded.
+       - Usage File/Bucket URL: The URL of the bucket where usage data is stored. For details, please refer to [How to Get the Usage File Bucket URL and File Prefix?](#how-to-get-the-billing-file-bucket-url-and-file-prefix).
+       - Usage File/File Prefix: The report prefix information from the settings page. When the usage bucket contains files other than usage files, you need to configure the file prefix to only retrieve usage files from the bucket.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the Google Cloud account.
+
+#### Google Parameter Retrieval Methods
+
+##### How to Get the Google Cloud Service Account Key Information?
+
+**Managing Specified Projects**
+
+1. Open the "[IAM & Admin - IAM page in GCP Console](https://console.cloud.google.com/project/_/iam-admin)" page and log in.
+
+    ![](./images/google_iam.png)
+
+2. Click "Select a project" at the top and select the project to be authorized.
+
+    ![](./images/google_project.png)
+
+3. In the left navigation bar, go to the "IAM & Admin" page and click the **_"Service Accounts"_** button to enter the Service Accounts page.
+4. Click the **_"Create Service Account"_** button to enter the Create Service Account page.
+5. Configure the service account name, service account ID, service account description, etc., and click the **_"Create and Continue"_** button to create the service account and grant the service account access to the project.
+
+    ![](./images/google_createserviceaccount.png)
+
+6. Select the Project-Owner or Project-Viewer role. Owner represents management permissions for the project, and Viewer represents read-only permissions. If the Cloud Management Platform needs to manage Google Cloud account resources, please select the Project-Owner role, and click the **_"Continue"_** button.
+
+    ![](./images/google_serviceaccountpolicy.png)
+
+7. The step to grant users access to this service account (optional) does not affect the Cloud Management Platform. Please set it according to your needs. After configuration, click the **_"Continue"_** button.
+
+8. On the Service Accounts page, click the action column button on the right side of the newly created service account, and click the **_"Manage keys"_** menu item.
+
+    ![](./images/google_serviceaccount.png)
+
+9. On the Keys page, click the **_"Add Key"_** button, click **_"Create new key"_** in the pop-up dialog, select the key type as "JSON", and click the **_"Create"_** button to download the JSON format key file with the following content. Obtain the project_id, private_key_id, private_key, client_email, etc.
+
+    ![](./images/google_create1.png)
+
+    ![](./images/google_create.png)
+
+    ```bash
+    {
+     "type": "service_account",
+     "project_id": "[PROJECT-ID]",
+     "private_key_id": "[KEY-ID]",
+     "private_key": "-----BEGIN PRIVATE KEY-----\n[PRIVATE-KEY]\n-----END PRIVATE KEY-----\n",
+     "client_email": "[SERVICE-ACCOUNT-EMAIL]",
+     "client_id": "[CLIENT-ID]",
+     "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+     "token_uri": "https://accounts.google.com/o/oauth2/token",
+     "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+     "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/[SERVICE-ACCOUNT-EMAIL]"
+     }
+    ```
+
+**Managing Multiple Projects**
+
+To use the service account key obtained above to manage multiple projects, follow these steps.
+
+1. Open the "[IAM & Admin - IAM page in GCP Console](https://console.cloud.google.com/project/_/iam-admin)" page and select another project to manage.
+2. Click the **_"Add"_** button at the top, add the service account created in the above steps as a new member, and set the role to Project-Owner or Project-Viewer. Owner represents management permissions for the project, and Viewer represents read-only permissions. If the Cloud Management Platform needs to manage Google Cloud account resources, please select the Project-Owner role, and click the **_"Save"_** button.
+
+    ![](./images/google_serviceaccount_otherproject.png)
+
+3. Repeat the above steps to manage more projects.
+
+##### Enable Related APIs
+
+:::tip
+Google Cloud APIs have project attributes. When managing multiple projects on Google Cloud, you need to enable related APIs in each project separately.
+:::
+
+**APIs Required for Managing Google Cloud**:
+
+After obtaining the key file, you also need to enable the Cloud Resource Manager API, Cloud Build API, and Compute Engine API for the authorized projects in the Google API Library. After enabling the APIs, users can manage and use Google Cloud on the platform.
+
+1. Enable the Cloud Resource Manager API for the authorized project on the [Cloud Resource Manager API](https://console.developers.google.com/apis/library/cloudresourcemanager.googleapis.com) page in the API Library. You can switch authorized projects at the top.
+   ![](./images/cloudresourcemanagerapi.png)
+
+2. Enable the Cloud Build API for the authorized project on the [Cloud Build API](https://console.developers.google.com/apis/library/cloudbuild.googleapis.com) page in the API Library. You can switch authorized projects at the top.
+   ![](./images/cloudbuildapi.png)
+
+**APIs Required for Managing Google Cloud RDS**:
+
+1. Enable the Cloud SQL Admin API on the [Cloud SQL Admin API](https://console.developers.google.com/apis/library/sqladmin.googleapis.com) page in the API Library. You can switch authorized projects at the top.
+   ![](./images/cloudsqladminapi.png)
+
+##### What Permissions Does the Cloud Account Need to Manage Google Cloud Resources Through the Platform?
+
+| Permission Notes                       | Read-Only Permission                                               | Read-Write Permission                      |
+| :----------                    | :--------                                              | :----------                   |
+| Permission to manage all Google Cloud resources       | Viewer                                                 | Editor                        |
+| Permission to manage virtual machines             | Compute Viewer                                         | Compute Editor                |
+| Permission to manage network resources             | Compute Network Viewer                                 | Compute Network Admin         |
+| Permission to manage object storage resources         | Storage Legacy Bucket Reader<br/>Storage Object Viewer | Storage Admin                 |
+| Permission to manage cloud databases             | Cloud SQL Viewer                                       | Cloud SQL Admin               |
+| Permission to manage Redis                | Redis Enterprise Cloud Viewer                          | Redis Enterprise Cloud Admin  |
+| Permission to manage logs                 | Logs Viewer                                            | Logging Admin                 |
+| Permission to manage file storage             | Cloud Filestore Viewer                                 | Cloud Filestore Editor        |
+| Permission to manage all custom roles in a project | Role Viewer                                            | Role Administrator            |
+| Permission to manage DNS                  | DNS Reader                                             | DNS Administrator             |
+| Permission to manage account billing             | Billing Account Viewer                                 | Billing Account Administrator |
+| Permission to manage monitoring                 | Monitoring Viewer                                      | Monitoring Admin              |
+
+##### How to Configure and Get Bigquery Configuration Information on the Google Cloud Platform?
+
+1. Log in to the Google Cloud console, click the **_"Billing"_** menu item in the left menu to enter the Billing page.
+   ![](./images/googlebilling.png)
+
+2. Click the [Billing export] menu on the left. On the BIGQUERY EXPORT tab, enable detailed usage cost and configure the project and dataset name.
+
+    ![](./images/googlebigqueryconfig.png)
+
+3. Click the dataset name to jump to Bigquery. Expand the right-side node, select the partitioned table under the dataset name, and on the page that opens, click the "Details" tab at the top to get the Table ID information.
+
+    ![](./images/gcpbigquerytableid.png)
+
+4. On the Table Details page, click the **_"Edit Details"_** button in the upper right corner, and set the expiration to None. If an expiration is set, expired data will be cleaned from Bigquery. Please set it carefully.
+
+    ![](./images/gcomodifytable.png)
+
+##### How to Get the Billing File Bucket URL and File Prefix?
+
+1. Log in to the Google Cloud console, click the **_"Billing"_** menu item in the left menu to enter the Billing page.
+   ![](./images/googlebilling.png)
+
+2. Click the [Billing export] menu on the left. On the billing page that opens, click the "File export" tab to view and record the storage bucket name and report prefix information. The report prefix is the file prefix. If not set, you need to configure the storage bucket name and report prefix information on this page. After setup, daily incremental billing data will be synchronized to the corresponding storage. It is recommended that the bucket only stores billing files.
+   ![](./images/googlebillingbucket.png)
+
+3. Click the [Storage/Browser] menu on the left. On the storage page that opens, click the corresponding storage bucket name and click the "Overview" tab to view the bucket overview information. The link URL is the bucket URL.
+   ![](./images/googlebillingbucketurl.png)
+
+4. When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket.
+
+##### How to Get the Usage File Bucket URL and File Prefix?
+
+1. In the Google Cloud console, click the [Compute Engine/Settings] menu on the left to enter the Settings page.<br/>
+   ![](./images/googleusagesetting.png)
+
+2. Please ensure "Enable usage export" is checked, and record the storage bucket name and report prefix information. The report prefix is the file prefix. If not configured, you need to check "Enable usage export" and configure the storage bucket.
+   ![](./images/googleusagebucket.png)
+
+3. Click the [Storage/Browser] menu on the left. On the storage page that opens, click the corresponding storage bucket name and click the "Overview" tab to view the bucket overview information. The link URL is the bucket URL.
+   ![](./images/googleusagebucketurl.png)
+
+4. When the usage bucket contains files other than usage files, you need to configure the file prefix to only retrieve usage files from the bucket.
+
+
+### Create China Telecom Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as "China Telecom Cloud", click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the China Telecom Cloud account.
+   - Account Type: Currently supports connecting to China Telecom Cloud accounts in the Global and China regions.
+   - Key ID, Secret: For retrieval methods, please refer to [China Telecom Cloud Parameter Retrieval Methods](#china-telecom-cloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+6. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the China Telecom Cloud account.
+
+:::tip
+Since China Telecom Cloud has not opened tier-2 node APIs, some regional information cannot be obtained via API.
+:::
+
+
+#### China Telecom Cloud Parameter Retrieval Methods
+
+##### How to Get the China Telecom Cloud API Key?
+
+1. Log in to the China Telecom Cloud console, and select Security Settings from the user information in the upper right corner.
+
+    ![](./images/ctyun.png)
+
+2. In Security Settings, click to view user AccessKey.
+
+    ![](./images/ctyunaccesskey.png)
+
+
+### Create China Mobile Cloud Account
+
+Currently, only synchronization of resources on China Mobile Cloud accounts is supported. Resource operations are not supported.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as "China Mobile Cloud", click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the China Mobile Cloud account.
+    - Key ID, Secret: For retrieval methods, please refer to [China Mobile Cloud Parameter Retrieval Methods](#china-mobile-cloud-parameter-retrieval-methods).
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+6. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the China Mobile Cloud account.
+
+
+#### China Mobile Cloud Parameter Retrieval Methods
+
+##### How to Get the China Mobile Cloud API Key?
+
+1. Log in to the China Mobile Cloud console, search for "AK Management" in all products to enter the AccessKey Management page.
+
+    ![](./images/ecloud.png)
+
+2. On the AccessKey Management page, create a key or view the Access key and Secret key of existing keys.
+
+    ![](./images/ecloudaccesskey.png)
+
+##### What Permissions Does the Cloud Account Need to Manage China Mobile Cloud Resources?
+
+| Permission Policy            | Policy Description                        |
+| :------------------ | :---------------------- |
+| Admin| Administrator role |
+
+### Create JD Cloud Account
+
+Currently, only synchronization of resources on JD Cloud accounts is supported. Resource operations are not supported.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as "JD Cloud", click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the JD Cloud account.
+    - Key ID, Secret: For retrieval methods, please refer to [JD Cloud Parameter Retrieval Methods](#jd-cloud-parameter-retrieval-methods).
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+7. JD Cloud billing is obtained via API, so only the following parameters need to be configured on this page.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+8. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the JD Cloud account and collect billing.
+#### JD Cloud Parameter Retrieval Methods
+
+##### How to Get the JD Cloud API Key
+
+1. Log in to the JD Cloud console, hover over the username in the upper right corner, and select the **_"Access Key Management"_** menu item from the dropdown menu to enter the Access Key Management page.
+
+    ![](./images/jdak.png)
+
+2. View existing Access Key information, or click the **_"Create"_** button to create a new Access Key. Click the **_"View"_** button to get the Access Key Secret information.
+
+    ![](./images/jdaksk.png)
+
+### Create Baidu Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Baidu Cloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Baidu Cloud platform.
+   - Key ID/Secret: Connect to the Baidu Cloud platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [Baidu Cloud Parameter Retrieval Methods](#baidu-cloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+7. Baidu Cloud billing is obtained via API, so only the following parameters need to be configured on this page.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+8. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the Baidu Cloud account.
+
+#### Baidu Cloud Parameter Retrieval Methods
+
+##### How to Get the Baidu Cloud API Key
+
+1. Log in to the Baidu Cloud console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"Security Authentication"_** menu item to enter the Access Key page.
+   ![](./images/baidu-accesskeys.png)
+
+2. On the Access Key page, you can view existing Access Key information, or click the **_"Create AccessKey"_** button to create a new user AccessKey. When creating a new Access Key, Baidu Cloud will send a verification code to the account contact's phone. The AccessKey can only be created after verification.
+   ![](./images/baidu-get_accesskey_list.png)
+
+3. The Access Key Secret is hidden by default. Click the "**Show**" link, and Baidu Cloud will send a verification code to the account owner's contact phone. The Access Key Secret will only be displayed after verification.
+   ![](./images/baidu-get_access_key_secret.png)
+
+### Create China Unicom Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as China Unicom Cloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the China Unicom Cloud platform.
+   - Key ID/Secret: Connect to the China Unicom Cloud platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [China Unicom Cloud Parameter Retrieval Methods](#china-unicom-cloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+7. China Unicom Cloud billing is obtained via API, so only the following parameters need to be configured on this page.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+8. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the China Unicom Cloud account.
+
+#### China Unicom Cloud Parameter Retrieval Methods
+
+##### How to Get the China Unicom Cloud API Key
+
+1. Log in to the China Unicom Cloud console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"Access Control"_** menu item to enter the IAM Access Control page.
+   ![](./images/liantong-accesskeys.png)
+
+2. On the IAM Access Control page, click the **_"Security Settings"_** button in the operation column to the right of the username to enter the Security Settings page.
+   ![](./images/liantong-accesskeys1.png)
+
+3. On the Security Settings page, click the **_"Create Access Key"_** button. When creating a new access key, China Unicom Cloud will send a verification code to the account contact's phone. After verification, the key information will be displayed in the pop-up New Access Key dialog, including the Key ID (Access Key ID) and Secret (Access Key Secret).
+   ![](./images/liantong-get_access_key_secret.png)
+
+### Create Kingsoft Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Kingsoft Cloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Kingsoft Cloud platform.
+   - Key ID/Secret: Connect to the Kingsoft Cloud platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [Kingsoft Cloud Parameter Retrieval Methods](#kingsoft-cloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+
+:::warning
+If the added Kingsoft Cloud account is a new account, please first enable Object Storage Service on the Kingsoft Cloud platform.
+:::
+   - Cloud Account Type: Includes primary account and associated account. Before using an associated account, please ensure the primary account has been imported to the platform, and select the primary account when using the associated account.
+   - Bucket URL: The URL of the bucket where billing files are stored. For details, please refer to [How to Get the Kingsoft Cloud Billing Bucket URL?](#how-to-get-the-kingsoft-cloud-billing-bucket-url).
+   - File Prefix: When the billing bucket contains files other than billing files, you need to configure the file prefix to only retrieve billing files from the bucket. The billing file prefix for Alibaba Cloud is the account ID, which can be viewed in Account Management - Security Settings.
+   - Billing Analysis Scope: Set the scope for the platform to analyze cloud account billing. Currently only supports accounts managed by this platform.
+       - Accounts Managed by This Platform: Collects billing information for the primary account and sub-accounts associated with the primary account. If the primary account only serves as a payment account for other accounts, billing files collected from other accounts will be discarded.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the Kingsoft Cloud account.
+
+#### Kingsoft Cloud Parameter Retrieval Methods
+
+##### How to Get the Kingsoft Cloud API Key
+
+1. Log in to the Kingsoft Cloud console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"Access Keys"_** menu item to enter the AK Key Management page.
+   ![](./images/jinshan-accesskeys.png)
+
+2. Click the **_"Create Key"_** button. In the pop-up Risk Warning dialog, click the **_"Continue"_** button. Kingsoft Cloud will send a verification code to the account owner's contact phone. After verification, a Generate Key dialog will pop up, which supports viewing AccessKey details and downloading.
+   ![](./images/jinshan-get_access_key_secret.png)
+
+
+##### How to Get the Kingsoft Cloud Billing Bucket URL
+1. Log in to the Kingsoft Cloud console, click the dropdown menu **_"Account Overview"_** under the top [Expenses] menu to enter the Expenses User Center page.
+   ![](./images/jinshanyunusercenter.png)
+
+2. Click the **_"Set Bill Data Storage"_** button to enter the Bill Data Storage page.
+   ![](./images/jinshanusercenterhome.png)
+
+3. View and record the billing item detail bill bucket name. If not set, you need to subscribe to a bucket on this page. After setup, daily incremental billing data will be synchronized to the corresponding storage bucket. It is recommended that the bucket only stores billing files. Note that Kingsoft Cloud requires setting a KS3 directory, which can be custom input. It will be used when entering the address in the Cloud Management Platform, e.g., "details".
+   ![](./images/jinshanossbucket.png)
+
+
+4. On the Object Storage page of the Kingsoft Cloud console, view the overview information of the corresponding bucket. The bucket domain name is the bucket URL. Note that when entering information in the Cloud Management Platform, you need to add the directory information. For example, if the previous step was set to "details", the address entered in the Cloud Management Platform needs to have /details appended after the object storage domain name. As shown in the figure below, the address to enter in the Cloud Management Platform would be: ksbilling.ks3-cn-beijing.ksyuncs.com/details
+   ![](./images/jinshanbucketurl.png)
+
+
+### Create QingCloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as QingCloud, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the QingCloud platform.
+   - Key ID/Secret: Connect to the QingCloud platform through API Key (Access Key) authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [QingCloud Parameter Retrieval Methods](#qingcloud-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+7. QingCloud billing is obtained via API, so only the following parameters need to be configured on this page.
+   - Collect Bills Immediately: The platform automatically collects bills at 4 AM every day by default. After enabling this, bills will be collected immediately after configuring the billing file access information.
+   - Time Range: When immediate bill collection is enabled, you can set a time range to immediately collect bills within that range. Please ensure there is billing data within the selected time range. It is recommended to collect bills within 1-6 months, otherwise too much data may cause excessive system pressure and affect daily bill collection tasks.
+8. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the QingCloud account.
+
+
+
+#### QingCloud Parameter Retrieval Methods
+
+##### How to Get the QingCloud API Key
+
+1. Log in to the QingCloud console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, and click the **_"API Keys"_** menu item to enter the API Key Management page.
+   ![](./images/qingcloud-accesskeys.png)
+
+2. Click the **_"Create"_** button. In the pop-up Create API Key dialog, click the **_"Submit"_** button to generate the API key. Supports downloading to obtain the private key.
+   ![](./images/qingcloud-get_access_key_secret.png)
+
+
+### Create ORACLE Cloud Account
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as ORACLE, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the ORACLE platform.
+   - Key ID/Secret: Connect to the ORACLE platform through API Key (Access Key) authentication. The API key consists of user, tenancy, and key file. For details, please refer to [ORACLE Parameter Retrieval Methods](#oracle-parameter-retrieval-methods).
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Enable SSO Login: After enabling this, the system's SAML information will be automatically synchronized to the cloud account, becoming the identity provider for cloud login. This enables single sign-on from this system to the public cloud platform.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to enter the Configure Sync Resource Regions page. This configuration can be modified on the cloud account details page - Subscriptions - Regions (all regions are synchronized by default). To synchronize all regions by default on the platform, you can directly click the **_"Skip"_** button.
+6. After successful configuration, click the **_"Next: Billing File Access Information (Optional)"_** button to enter the Billing File Access Information page to configure the cloud account's billing parameters so that users can view the cloud account's billing information in the Expenses section. The Billing File Access Information page is optional. If you do not need to view cloud account billing information on the platform, you can directly click the **_"Skip"_** button. If you need to view billing information on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button, and proceed to the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable.
+7. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test passes, click the **_"OK"_** button to create the ORACLE Cloud account.
+
+
+
+#### ORACLE Parameter Retrieval Methods
+
+##### How to Get the ORACLE API Key
+
+1. Log in to the ORACLE Cloud console using the primary account, click the personal information in the upper right corner of the page, expand the dropdown menu, click the **_"My Profile"_** menu, then click the **_"API Keys"_** menu item to enter the API Key Management page.
+   ![](./images/oraclecloud-accesskeys.png)
+
+2. Click the **_"Add API Key"_** button. In the pop-up Add API Key dialog, click the **_"Add"_** button to generate the API key. Supports downloading the private key.
+   ![](./images/oraclcloud-get_access_key_secret.png)
+
+3. Click the **_"Add"_** button. In the pop-up Create API Key dialog, obtain the user and tenancy information needed for the Cloud Management Platform, and import the private key downloaded in the previous step.
+   ![](./images/oraclcloud-get_access_key_secret-2.png)
+
+
+
+### Create VMware Account
+
+**Supported Versions**
+
+Supports managing VMware versions 5.0 to 7.0.
+
+**VMware Resource Management Process**
+
+1. Create a VMware cloud account, which automatically creates Layer 2 networks and IP subnets on the platform. The mapping between VMware networks and platform Layer 2 networks and IP subnets is as follows:
+    - One vSwitch or Distributed vSwitch corresponds to one Layer 2 network;
+    - Consecutive IP address ranges with the same VLAN under the same Layer 2 network form one IP subnet;
+2. After the VMware cloud account is added, if the automatically added Layer 2 networks and IP subnets do not meet the networking requirements, please merge wires and merge IP subnets according to the actual VMware network environment. The merge wire operation is irreversible. If configured incorrectly, please delete the cloud account and re-add it.
+3. For more VMware network-related issues, please refer to: [VMware Network Principles](./vmware_net).
+
+**Steps**
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as VMware, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the VMware account.
+   - vCenter Address: The domain name or IP address of the vCenter server.
+   - Port: Default is 443.
+   - Account: The administrator username for vCenter.
+   - Password: The password for the vCenter administrator user.
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to start creating the VMware cloud account, related IP subnets, and begin synchronizing resources on the cloud account.
+
+:::tip
+If no resources are found under the account after importing the cloud account, please check whether a non-administrator account was used.
+:::
+
+
+### Create OpenStack Account
+
+**Supported Versions**
+
+Supports managing OpenStack M release and later versions.
+
+**Notes**
+
+If the OpenStack platform's authentication address uses a domain name, you also need to configure DNS resolution on the control node. Otherwise, resources on the OpenStack platform cannot be synchronized because the domain name cannot be resolved.
+
+Steps:
+
+```bash
+# Modify the coredns configmap
+$ kubectl edit cm -n kube-system coredns
+
+   Corefile: |
+       .:53 {
+           errors
+           health
+           kubernetes cluster.local in-addr.arpa ip6.arpa {
+              pods insecure
+              upstream
+              fallthrough in-addr.arpa ip6.arpa
+              ttl 30
+           }
+           hosts {
+               192.168.1.2 domain
+
+               fallthrough
+           }
+           prometheus :9153
+           forward . /etc/resolv.conf
+           cache 30
+           loop
+           reload
+           loadbalance
+       }
+
+# Add hosts information above "prometheus :9153", configure IP address and domain name.
+   hosts {
+               192.168.1.2 domain
+
+               fallthrough
+           }
+# After configuration, restart coredns
+$ kubectl rollout restart deployment -n kube-system coredns
+```
+
+**Steps**
+
+:::tip
+After successfully creating an OpenStack account, since the Cloud Management Platform cannot obtain the actual storage capacity on the OpenStack platform, you need to set the OpenStack storage capacity on the **Storage - Block Storage** page. Please set the storage capacity to the actual storage capacity as much as possible to maximize storage usage and avoid disk creation failures caused by setting the capacity beyond the actual storage capacity.
+:::
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as OpenStack, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the OpenStack account.
+   - Authentication URL: The authentication address of the OpenStack management platform, such as **http:\/\/host:port/v3**.
+   - Account: The administrator username of the OpenStack platform, such as admin.
+   - Password: The password for the OpenStack platform administrator user.
+   - Project: The project on the OpenStack platform, such as the admin project.
+   - Domain Name: The Domain name on the OpenStack platform, such as default.
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the OpenStack account.
+
+### Create ZStack/DStack Account
+
+**Supported Versions**
+
+Supports managing ZStack version 3.5.0 and later.
+
+**Steps**
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as ZStack or DStack, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+
+   - Name: The name of the ZStack or DStack account.
+   - Authentication URL: The authentication address of the ZStack or DStack platform, generally [http://host:8080/](http://host:8080/), where host is the IP address of the ZStack or DStack control node.
+   - Key ID: The Access Key ID on the ZStack or DStack platform.
+   - Secret: The Access Key Secret on the ZStack or DStack platform.
+:::tip
+Users can generate new Access Key information or use existing Access Keys on the [Platform Management - Access Key] page of the ZStack management platform.
+:::
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the ZStack/DStack account.
+
+### Create Alibaba Apsara Stack
+
+This feature is used to manage Alibaba Apsara Stack private cloud. Currently, only synchronization of resources on the Apsara Stack private cloud is supported.
+
+**Supported Versions**
+
+Supports managing Apsara Stack v3.12.0 and later.
+
+**Steps**
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Apsara Stack, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following information:
+    - Name: The name of the Apsara Stack cloud account.
+    - Key ID/Secret: Connect to the Alibaba Cloud platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [Apsara Stack Parameter Retrieval Methods](#apsara-stack-parameter-retrieval-methods).
+    - Key ID: Assuming the key is: NbzBaQ94MPzjZf5i and the highest viewable organization ID is: 4, the key should be entered as: NbzBaQ94MPzjZf5i/4.
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the Alibaba Apsara Stack private cloud account.
+
+#### Apsara Stack Parameter Retrieval Methods
+
+##### Apsara Stack AccessKey Retrieval
+
+Only operations administrators and first-level organization administrators can obtain organization AccessKeys.
+
+1. The administrator logs in to the ASCM console.
+2. Click **_"Enterprise"_** on the top menu bar of the page.
+3. In the left navigation bar of the **_"Enterprise"_** page, click **_"Organization Management"_**.
+4. In the organization structure, click the settings icon after the parent organization you want to add.
+5. In the pop-up dropdown menu, select **_"Get AccessKey"_**.
+6. In the pop-up dialog, view the organization AccessKey information.
+7. To get the organization ID, open the browser debugger, find the ListResourceGroup API request, and find the first organizationID in the return value.
+
+##### Apsara Stack Endpoint Retrieval
+
+1. In the address bar, enter the ASO access address region-id.aso.intranet-domain-id.com and press Enter.
+2. Enter the correct username and password, click **_"Login"_** to enter the ASO page.
+3. In the left navigation bar of the page, click **_"Product Operation Management > Product List > Tianji"_** to jump to the Tianji console page.
+4. In the left navigation bar of the Tianji console, select **_"Reports"_**.
+5. On the **_"All Reports"_** page, search for **_"Service Registration Variables"_**. Click **_"Service Registration Variables"_**.
+6. On the Service Registration Variables page, click the icon next to Service and search for the corresponding product service.
+7. In the Service Registration column of the service, right-click and select **_"Show More"_**.
+8. On the **_"Details"_** page, view the product service's Endpoint address.
+
+### Create Cloudpods Cloud Account
+
+This feature is used to manage Cloudpods accounts.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Cloudpods, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the Cloudpods cloud account.
+    - Authentication URL: The corresponding keystone service address. You can obtain OS_AUTH_URL on the Cloudpods control node by running `cat /root/.onecloud_rcadmin`. Generally in the format http://domain(IP address):30500/v3.
+    - Key ID/Secret: Connect to Cloudpods through Access Key authentication. For retrieval methods, please refer to [Cloudpods Parameter Retrieval Methods](#cloudpods-parameter-retrieval-methods).
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the Cloudpods account.
+#### Cloudpods Parameter Retrieval Methods
+
+##### Cloudpods AccessKey Retrieval (Open Source Edition)
+###### 1. Use climc to create AKSK first
+
+```
+$ climc credential-create-aksk
++--------+----------------------------------------------+
+| Field  |                    Value                     |
++--------+----------------------------------------------+
+| expire | 0                                            |
+| secret | OGVmTXNKQWpBWHpUejZTWDNKcndSdXlHQUNFeXhLVWI= |
++--------+----------------------------------------------+
+```
+
+###### 2. Use climc to query the newly created AKSK
+
+```
+$ climc credential-get-aksk
++--------+----------------------------------+----------------------------------+----------------------------------------------+----------------------+
+| expire |              key_id              |            project_id            |                    secret                    |      time_stamp      |
++--------+----------------------------------+----------------------------------+----------------------------------------------+----------------------+
+| 0      | ba92f912922044268d4ad1dc70aafe57 | 0e4416c837644f5a8f0d67c9930ff228 | OGVmTXNKQWpBWHpUejZTWDNKcndSdXlHQUNFeXhLVWI= | 2022-02-20T17:12:26Z |
++--------+----------------------------------+----------------------------------+----------------------------------------------+----------------------+
+```
+
+##### Cloudpods AccessKey Retrieval (Enterprise Edition)
+
+1. Log in to the Cloudpods platform, hover over the username in the upper right corner, and select the **_"Access Credentials"_** menu item from the dropdown menu to enter the Access Credentials page.
+
+    ![](./images/cloudpodsaksk.png)
+
+2. On the AccessKey Management page, click the **_"Create"_** button to create a new AccessKey.
+
+    ![](./images/cloudpodsaddaksk.png)
+
+3. If an AccessKey already exists, the corresponding ID and Client Secret are the Key ID and Secret information.
+
+    ![](./images/cloudpodsaksklist.png)
+
+
+### Create HCSO Account
+
+This feature is used to manage HCSO accounts.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as HCSO, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the HCSO account.
+    - Key ID/Secret: Connect to the HCSO platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [HCSO Parameter Retrieval Methods](#hcso-parameter-retrieval-methods).
+    - Default Region/Endpoint Domain: Taking the address iam.cn-north-1.test.com as an example, `iam` refers to the Identity and Access Management service, `cn-north-1` refers to the endpoint region, and `test.com` is the endpoint domain name.
+    - Identity Authentication Service Endpoint/Elastic Cloud Server Endpoint/Virtual Private Cloud Endpoint/Image Management Service Endpoint/Elastic Volume Service Endpoint/Distributed Cache Service Endpoint/Elastic Load Balance Endpoint/Object Storage Service Endpoint/Relational Database Service Endpoint/NAT Gateway Endpoint/Cloud Trace Service Endpoint/Cloud Eye Service Endpoint/Enterprise Project Endpoint/Scalable File Service (SFS Turbo) Endpoint: Optional. When using resources through APIs, you need to specify the corresponding endpoints. Please obtain endpoint information from the enterprise administrator.
+    - Subnet DNS: Set the default DNS address for subnets in the environment. A maximum of two can be set, separated by English commas. For example: 10.125.0.26,10.125.0.27.
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the HCSO account.
+
+#### HCSO Parameter Retrieval Methods
+
+##### HCSO AccessKey Retrieval
+
+1. Log in to the HCSO console, hover over the username in the upper right corner, and select the **_"My Credentials"_** menu item from the dropdown menu to enter the My Credentials page.
+
+    ![](./images/hcsoaksk.png)
+2. Click the [Access Keys] menu on the left, and on the Access Keys page, click the **_"Create Access Key"_** button.
+
+    ![](./images/hcsoaddaksk.png)
+
+3. After verification, an Excel file named "credentials" will be downloaded. Open the file to get the Key ID (Access Key ID) and Secret (Secret Access Key).
+    ![](./images/faq_account_huawei_3.png)
+
+### Create HCS Account
+
+This feature is used to manage HCS accounts.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as HCS, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the HCS cloud account.
+    - Description: The description of the HCS cloud account.
+    - Key ID/Secret: Connect to the HCS platform through Access Key authentication. The Access Key consists of a Key ID (Access Key ID) and Secret (Access Key Secret). For details, please refer to [HCS Parameter Retrieval Methods](#hcs-parameter-retrieval-methods).
+    - Authentication URL: The authentication address of the HCS management platform, such as region1.example.com.
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Read-Only Mode: When enabled, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the HCS account.
+
+#### HCS Parameter Retrieval Methods
+
+##### HCS AccessKey Retrieval
+
+1. Log in to the HCS console, hover over the user in the upper right corner, and select the **_"Personal Settings"_** menu item from the dropdown menu to enter the Personal Settings page.
+
+    ![](./images/hcsaksk.png)
+2. Click the **_"Manage Access Keys"_** menu under Basic Information, and on the Manage Access Keys page, click the **_"Create Access Key"_** button.
+
+    ![](./images/hcsaddaksk.png)
+
+3. After clicking the **_"Create Access Key"_** button, the generated access key file will be downloaded locally (CSV file). Open it to get the Key ID (Access Key ID) and Secret (Secret Access Key).
+    ![](./images/hcsbelongaksk.png)
+
+### Create Nutanix Account
+
+This feature is used to manage Nutanix platform resources. Supports managing Nutanix V2 version.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Nutanix, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the Nutanix cloud account.
+    - Description: The description of the Nutanix cloud account.
+    - Prism Address: The address of the Nutanix platform's Prism web console.
+    - Port: The access port of the Prism web console, default is 9440.
+    - Account, Password: The account and password for logging into the Prism web console.
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the Nutanix platform account.
+
+### Create External Data Account
+
+External data format: Reference: [Developer Manual/Multi-Cloud Resource Integration/Import External Data](../../development/resource_sync/remotefile);
+This feature is used to integrate and import external data resources. It requires the user to be able to access the external data HTTP server.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as External Data, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the external data.
+   - Description: The description of the external data.
+   - Link Address: The access address of the external data HTTP server.
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"OK"_** button to create the external data account.
+
+### Create Proxmox Account
+
+This feature is used to manage Proxmox accounts.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Proxmox, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the Proxmox cloud account.
+    - Description: The description of the Proxmox cloud account.
+    - Access Address: The address of the Proxmox platform console.
+    - Port: The access port of the Proxmox console, default is 8006.
+    - Authentication Method: Proxmox supports PAM and PVE authentication methods.
+    - Account, Password: The account and password for logging into the Proxmox console.
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to configure the relevant parameters.
+5. Click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the Proxmox platform account.
+
+### Create H3C Account
+
+This feature is used to manage H3C accounts.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as H3C, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the H3C cloud account.
+    - Description: The description of the H3C cloud account.
+    - Access Address: The address of the H3C platform console.
+    - Port: The access port of the H3C console, default is 11000.
+    - Account, Password: The account and password for logging into the H3C console.
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+    - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+    - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+    - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+    - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Configure Sync Resource Regions"_** button to configure the relevant parameters.
+5. Click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the H3C platform account.
+
+### Create S3 Account
+
+S3 stands for Simple Storage Service. Before creating an S3 account, you need to first deploy an object storage server based on the S3 protocol, such as MinIO. For MinIO installation and deployment, [refer to this link](https://min.io/download#/linux).
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as S3, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+    - Name: The name of the S3 object storage server.
+    - Access Address: The access address of the S3 object storage server. If deploying a MinIO server, the access address format is [http://IP-address:9000](http://IP-address:9000).
+    - Key ID: The Access Key.
+    - Secret: The Secret Key.
+
+    ```bash
+    # Execute the following command on the MinIO storage server to get the Access Address (Endpoint), Key ID (Access Key), and Secret (Secret Key) information #
+    $ ./minio server /mnt/data
+    Endpoint:  http://10.127.10.201:9000  http://127.0.0.1:9000
+    AccessKey: XRSN7GL67M70AM342UGV
+    SecretKey: mUd+e+h0DS3oIDEvF27b2EE4l+WN5MuZ2ZI+VOag
+    ```
+
+    - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+    - Resource Ownership Project: Select a local project on the platform to synchronize the cloud account's resources to. If you need to classify cloud account resources by cloud project, please first specify the default resource ownership project and check auto-create projects. After checking, local projects with the same name as the cloud project will be created on the platform, and resources will be synchronized to the corresponding projects. Resources without a cloud project attribute will be synchronized to the default resource ownership project.
+    - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+    - Auto Sync: Set whether to automatically synchronize information on the S3 object storage server and set the auto sync interval.
+    - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the S3 account.
+
+### Create Ceph Account
+
+This feature is used to integrate and import Ceph object storage resources.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as Ceph, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the Ceph object storage server.
+   - Access Address: The access address of the Ceph object storage server.
+   - Key ID: The Key ID of the Ceph object storage server.
+   - Secret: The secret corresponding to the Key ID.
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"OK"_** button to create the Ceph account.
+
+### Create XSKY Account
+
+This feature is used to integrate and import XSKY storage resources. It requires the user environment to have XSKY object storage.
+
+1. On the Cloud Accounts page, click the **_"Create"_** button above the list to enter the Create Cloud Account page.
+2. Select the cloud platform as XSKY, click the **_"Next: Configure Cloud Account"_** button to enter the Configure Cloud Account page.
+3. Configure the following parameters:
+   - Name: The name of the XSKY storage server.
+   - Access Address: The access address of the XSKY storage server.
+   - Key ID: The Key ID of the XSKY object storage server.
+   - Secret: The secret corresponding to the Key ID.
+   - Domain: Select the domain to which the cloud account belongs. When the cloud account is in private state, all project users under the domain can use the cloud account to create resources.
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+   - Block Sync Resources: When enabled, supports selecting resource types to block. Multiple selections are supported. Blocked resource types will not be synchronized during cloud account synchronization.
+   - Proxy: Set this when the cloud account requires a proxy for normal access. Leave empty for direct connection. If there is no suitable proxy, click the "Create" hyperlink directly, and set the relevant parameters in the pop-up Create Proxy dialog to create a proxy.
+   - Sharing Scope: Set the sharing scope of the cloud account. The default is not shared, meaning only the domain where the cloud account resides can use the account. If set to global sharing, all users on the platform can use this cloud account to create resources.
+4. Click the **_"Connection Test"_** button to test whether the input parameters are correct.
+5. After successful testing, click the **_"Next: Scheduled Sync Task Settings (Optional)"_** button to enter the Scheduled Sync Task Settings page to configure the cloud account's sync tasks to make the cloud account's automatic sync behavior more controllable. The Scheduled Sync Task Settings page is optional. If you do not need to set up automatic sync tasks on the platform, you can directly click the **_"Skip"_** button. If you need to set up automatic sync times for the cloud account on the platform, please configure the relevant parameters. After configuration is complete and the test is successful, click the **_"OK"_** button to create the XSKY account.
+
+## Sync Cloud Account
+
+This feature is used to synchronize resource information on the cloud account.
+
+:::warning
+- Cloud accounts in disabled state do not support syncing;
+:::
+
+**Single Cloud Account Sync**
+
+1. On the Cloud Accounts page, click the **_"Sync Cloud Account"_** button in the operation column to the right of the cloud account to open the Sync Cloud Account dialog.
+2. Select the sync mode. Full sync and incremental sync are supported. Incremental sync only synchronizes newly added and deleted resources.
+3. Select the sync resource types, and click the **_"OK"_** button to complete the operation.
+
+**Batch Sync**
+
+1. In the Cloud Accounts list, select one or more cloud accounts, click the **_"Batch Operations"_** button above the list, select the **_"Sync Cloud Account"_** menu item from the dropdown menu to open the Sync Cloud Account dialog.
+2. Select the sync mode. Full sync and incremental sync are supported. Incremental sync only synchronizes newly added and deleted resources.
+3. Select the sync resource types, and click the **_"OK"_** button to complete the operation.
+
+## Enable
+
+This feature is used to enable cloud accounts in "Disabled" state. Resources of a disabled cloud account cannot be used.
+
+**Single Enable**
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a "Disabled" cloud account, select the **_"Status Settings"_** menu item from the dropdown menu, then select **_"Enable"_** to open the operation confirmation dialog.
+2. Click the **_"OK"_** button to enable the cloud account.
+
+**Batch Enable**
+
+1. In the Cloud Accounts list, select one or more "Disabled" cloud accounts, click the **_"Batch Operations"_** button above the list, select the **_"Status Settings"_** menu item from the dropdown menu, then select **_"Enable"_** to open the operation confirmation dialog.
+2. Click the **_"OK"_** button to enable the cloud accounts.
+
+
+## Disable
+
+This feature is used to disable cloud accounts in "Enabled" state. Cloud accounts must be disabled before they can be deleted.
+
+**Single Disable**
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of an "Enabled" cloud account, select the **_"Status Settings"_** menu item from the dropdown menu, then select **_"Disable"_** to open the operation confirmation dialog.
+2. Click the **_"OK"_** button to disable the cloud account.
+
+**Batch Disable**
+
+1. In the Cloud Accounts list, select one or more "Enabled" cloud accounts, click the **_"Batch Operations"_** button above the list, select the **_"Status Settings"_** menu item from the dropdown menu, then select **_"Disable"_** to open the operation confirmation dialog.
+2. Click the **_"OK"_** button to disable the cloud accounts.
+
+## Connection Test
+
+This feature is used to test the connection status of an account and synchronize resource information on the cloud account. Cloud accounts in disabled state do not support this operation.
+
+**Single Cloud Account Connection Test**
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Status Settings"_** menu item from the dropdown menu, then select **_"Connection Test"_** to test the account connection status. If the cloud account is connected, it will synchronize resource information on the cloud account.
+
+**Batch Connection Test**
+
+1. In the Cloud Accounts list, select one or more cloud accounts, click the **_"Batch Operations"_** button above the list, select the **_"Status Settings"_** menu item from the dropdown menu, then select **_"Connection Test"_** to test the account connection status. If the cloud accounts are connected, it will synchronize resource information on the cloud accounts.
+
+## Set Auto Sync
+
+This feature is used to set whether the cloud account enables auto sync and set the auto sync interval. Auto sync performs incremental synchronization of cloud account resources. Auto sync supports resource sync and billing tasks.
+
+**Cloud Account Set Resource Auto Sync**
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Auto Sync"_** to open the Set Scheduled Task dialog.
+2. Select the Resource Sync tab, click the **_"Create"_** button to enter the Configure Resource Auto Sync page.
+3. Configure the following parameters:
+   - Name: The name of the scheduled task.
+   - Type: Sync Cloud Account.
+   - Trigger Frequency: Supports single, daily, weekly, and monthly custom times.
+   - Trigger Time: Select a specific time as the trigger time, e.g., 2000-01-01 00:00.
+   - Valid Period: Can be left empty, meaning it is permanently valid.
+4. Click the **_"OK"_** button to complete the operation.
+
+**Cloud Account Set Billing Task**
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Auto Sync"_** to open the Set Scheduled Task dialog.
+2. Select the Billing Task tab, click the **_"Create"_** button to enter the Configure Billing Task page.
+3. Configure the following parameters:
+   - Task Type: Supports pulling bills, prepaid amortization, default project amortization, secondary pricing, and deleting bills.
+   - Time Range: Select the effective time range for the task type.
+4. Click the **_"OK"_** button to complete the operation.
+
+## Set Sync Policy
+
+This feature is used to assign resources under the cloud account to specified projects by setting tag-to-resource-project mapping rules. Reference: [Sync Policy Different Scenarios](https://www.cloudpods.org/web_ui/multiplecloud/cloudaccount/synchronizationpolicy/#sync-policy-different-scenarios)
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Set Sync Policy"_** to open the Set Auto Sync dialog.
+2. Configure the following parameters:
+   - Resource Ownership Method: Defaults to specified project, also supports ownership based on cloud project.
+   - Resource Ownership Project: When the resource ownership method is set to specified project, you can select a local project on the platform to synchronize cloud account resources to. Local projects are filtered by domain. When the resource ownership method is set to based on cloud project, resources will be synchronized to local projects with the same name as the cloud project. If a resource has no cloud project attribute, it will belong to the specified project.
+   - Sync Policy: When enabled, resources are assigned to specified projects based on tag-to-resource-project mapping rules. The sync policy only takes effect during cloud account synchronization.
+   - Sync Policy Scope: Displayed after enabling sync policy, supports selecting resource tags and project tags.
+3. Click the **_"OK"_** button to complete the operation.
+
+## Update Account
+
+This feature is used to update the account and password information of a cloud account. Different platforms have different cloud account parameters. For retrieval methods of different platform account passwords, please refer to the corresponding Create Cloud Account sections. Cloud accounts in disabled state do not support this operation.
+
+:::warning
+VMware cloud accounts do not currently support updating account information.
+:::
+
+1. In the Cloud Accounts list, click the **_"More"_** button in the operation column for cloud accounts of different platforms, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Update Account"_** to open the Update Account Password dialog.
+2. Modify the account password information for different platforms. After modification, click the **_"OK"_** button.
+
+## Read-Only Mode
+
+This feature is used to set the cloud account to read-only mode. After enabling read-only mode, the cloud account will only perform resource synchronization operations and cannot perform other task operations such as creating, deleting, or modifying.
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Read-Only Mode"_** to open the Read-Only Mode dialog.
+2. Set the read-only mode switch, and click the **_"OK"_** button to complete the operation.
+
+## Enable SSO Login
+
+This feature is used to enable the SSO login functionality for a cloud account, synchronizing the system's SAML information to the cloud account and becoming the identity provider for cloud login. Once enabled, SSO login users added on the cloud account details - SSO Login page can log in to the public cloud platform without a password. Currently, disabling this feature is not supported.
+
+:::tip
+Public cloud platforms currently supporting SSO login: Alibaba Cloud, Tencent Cloud, Huawei Cloud, AWS.
+:::
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Enable SSO Login"_** to open the operation confirmation dialog.
+2. Click the **_"OK"_** button to complete the operation.
+
+## Set Sharing
+
+This feature is used to set the sharing status of a cloud account.
+
+Cloud accounts, unlike other domain resources, have 5 sharing scenarios.
+
+- Not Shared (Private): Resources on the cloud account are only available to the domain the cloud account belongs to.
+- Share Cloud Subscription - Partial (Multi-Domain Shared Cloud Subscription): When sharing cloud subscriptions and specifying partial domains, administrators can change the project on the subscription page. Only projects under the shared domains can be selected. After setting, cloud account resources are only available to users in the domain where the project resides.
+- Share Cloud Subscription - All (Global Shared Cloud Subscription): When sharing cloud subscriptions and selecting all domains, administrators can change the project on the subscription page. Projects under any domain can be selected. After setting, cloud account resources are only available to users in the domain where the project resides.
+- Share Cloud Account - Partial (Multi-Domain Shared Cloud Account): The cloud account can be shared to specified domains (one or more). Only users in the cloud account's domain and shared domains can use the cloud account.
+- Share Cloud Account - All (Global Shared Cloud Account): The cloud account can be shared to all domains. All users in the system can use the cloud account.
+
+
+:::tip
+Conditions for setting sharing: Both must be met
+
+- The current user is in the admin backend.
+- Three-level permissions are enabled on the platform.
+:::
+
+:::warning
+The sharing scope of resources synchronized through cloud accounts (except security groups) is affected by the cloud account's sharing scope. Whether resources on the cloud account are available to other domains depends on the specific sharing scope of the resource.
+:::
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Set Sharing"_** to open the Set Sharing dialog.
+2. Configure the following parameters:
+   - When the sharing scope is set to "Not Shared", the cloud account's sharing scope is private. Only the domain the cloud account belongs to can use the cloud account's resources.
+   - When the sharing scope is set to "Share Cloud Subscription", you need to select the shared domains.
+       - When selecting one or more domains, the cloud account's sharing scope is Share Cloud Subscription - Partial. When subsequently changing the subscription's project, the selectable range is any project under the shared domains. After changing the project, only the domain where the project belongs can use the cloud account's resources.
+       - When selecting All, the cloud account's sharing scope is Share Cloud Subscription - All. When subsequently changing the subscription's project, the selectable range is any project under any domain. After changing the project, only the domain where the project belongs can use the cloud account's resources.
+   - When the sharing scope is set to "Share Cloud Account", you need to select the shared domains.
+       - When selecting one or more domains, the cloud account's sharing scope is Share Cloud Account - Partial. Only users in the cloud account's domain and shared domains can use the cloud account's resources.
+       - When selecting All, the cloud account's sharing scope is Share Cloud Account - All. All users in the system can use the cloud account's resources.
+3. Click the **_"OK"_** button to complete the operation.
+
+## Set Proxy
+
+This feature is used to bind a proxy to an already created cloud account.
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Property Settings"_** menu item from the dropdown menu, then select **_"Set Proxy"_** to open the Set Proxy dialog.
+2. Select the proxy, and click the **_"OK"_** button.
+
+## Update Billing
+
+This feature is used to update the billing files of a cloud account. Only Alibaba Cloud, Huawei Cloud, AWS, Azure, and Google are supported. Different platforms have different billing file parameters. For retrieval methods of different platform account passwords, please refer to the corresponding Create Cloud Account sections.
+
+1. In the Cloud Accounts list, click the **_"More"_** button in the operation column for cloud accounts of different platforms, select the **_"Expense Settings"_** menu item from the dropdown menu, then select **_"Update Billing"_** to enter the Update Billing File page.
+2. Modify the billing file parameters for different platforms. After modification, click the **_"OK"_** button.
+
+## Set Discount Rate
+
+This feature is used to set a discount rate for public cloud accounts. After setting the discount rate, the estimated price displayed when users create public cloud resources will be the discounted price.
+
+:::tip
+- Setting a discount rate for a public cloud account will not affect the actual billing on the public cloud platform.
+- Discounted prices are only displayed when creating resources within the cloud account's sharing scope.
+:::
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a cloud account, select the **_"Expense Settings"_** menu item from the dropdown menu, then select **_"Set Discount Rate"_** to open the Set Discount Rate dialog.
+2. Set the discount rate (discounted price = original price * (1 - discount rate)), and click the **_"OK"_** button to complete the operation.
+
+## Delete
+
+This feature is used to delete cloud accounts. Cloud accounts must be disabled before they can be deleted. Deleting a cloud account on the platform will not affect the resources on the cloud account.
+
+**Single Delete**
+
+1. On the Cloud Accounts page, click the **_"More"_** button in the operation column to the right of a "Disabled" cloud account, select the **_"Delete"_** menu item from the dropdown menu, then select **_"Delete"_** to open the operation confirmation dialog.
+2. Click the **_"OK"_** button to complete the operation.
+
+**Batch Delete**
+
+1. In the Cloud Accounts list, select one or more "Disabled" cloud accounts, click the **_"Batch Operations"_** button above the list, select the **_"Delete"_** menu item from the dropdown menu, then select **_"Delete"_** to open the operation confirmation dialog.
+2. Click the **_"OK"_** button to complete the operation.
+
+## View Cloud Account Details
+
+This feature is used to view detailed information about a cloud account.
+
+1. On the Cloud Accounts page, click the specified cloud account name to enter the Cloud Account Details page.
+2. The top menu on the details page supports operations such as updating account password, full sync, setting auto sync, connection test, setting as shared, setting as private, enable, disable, delete, etc.
+3. View the following information:
+   - Basic Information: Includes Cloud ID, ID, Name, Status, Domain, Resource Ownership Project, Sharing Scope, Platform, Account, Proxy, Enabled Status, Sync Time, Created At, Updated At, Description, etc.
+   - Account Information: Includes Environment, Health Status, Balance, VM Count, Host Count.
+
+## View Host Information
+
+This feature is used to view host information for private cloud platforms and VMware platforms. Public cloud accounts do not have this page.
+
+1. On the Cloud Accounts page, click the "Hosts" tab to enter the Hosts page.
+2. View host information and perform management operations on hosts.
+
+## View Resource Statistics
+
+This feature is used to view resource statistics under a cloud account.
+
+1. On the Cloud Account Details page, click the "Resource Statistics" tab to enter the Resource Statistics page.
+2. View the following information:
+    - View VM count, LB instance count, RDS instance count, Redis instance count, bucket count, object storage capacity, EIP count, public IP count, snapshot count, VPC count, IP subnet count, and total IP count.
+    - View VM shutdown rate: The percentage of VMs in shutdown state compared to the total number of VMs. Includes the number of VMs in shutdown state, the number of VMs not in shutdown state (including abnormal, running, and other states), and the total VM count.
+    - Disk mount rate: The percentage of disks mounted to VMs compared to the total number of disks. Includes the number of disks mounted to VMs, the number of disks not mounted to VMs, and the total disk count.
+    - EIP usage rate: The percentage of EIPs mounted to VMs compared to the total number of EIPs. Includes the number of EIPs in use, the number not in use, and the total EIP count.
+    - IP usage rate: The percentage of IPs in use compared to the total number of IPs. Includes the number of IPs in use, the number not in use, and the total IP count.
+
+## Subscription Management
+
+Subscriptions are similar to sub-accounts. Available resources on a public cloud are determined through cloud accounts and subscriptions. The Cloud Management Platform actually purchases resources on the corresponding public cloud platform through subscriptions.
+Subscriptions, like cloud accounts, are domain resources. Resources synchronized under a subscription belong to the same project as the cloud account, meaning users in the domain where the project resides have permissions to use the subscription to create resources.
+
+- VMware, OpenStack, ZStack, DStack, AWS, Alibaba Cloud, and Tencent Cloud platform cloud accounts have only one subscription.
+- Azure, Huawei Cloud, and UCloud platform cloud accounts support multiple subscriptions. For Huawei Cloud, one subscription belongs to one region.
+
+### Create Subscription
+
+Currently, only Azure Global cloud accounts support creating subscriptions.
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. Click the **_"Create"_** button above the list to open the Create Subscription dialog.
+3. Configure the following information:
+    - EA Account: Specify the EA account for creating the cloud subscription.
+    - Subscription Name: Set the name of the subscription.
+    - Purpose: Set the purpose of the subscription, including Dev/Test and Production.
+4. Click the **_"OK"_** button to complete the operation.
+
+### Change Project
+
+This feature is used to change the project that a subscription belongs to, which essentially changes the domain of the subscription. When the cloud account is set to share cloud subscription with a specified sharing scope, administrators can change the subscription's domain through the Change Project feature. The selectable domains are within the cloud subscription's sharing scope. After modification, only users in the subscription's domain have permissions to use subscription resources.
+
+**Single Subscription Change Project**
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. Click the **_"Change Project"_** button in the operation column to the right of the subscription to open the Change Project dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+**Batch Change Project**
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. In the list, select one or more subscriptions, and click the **_"Change Project"_** button above the list to open the Change Project dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+### Sync Resources
+
+This feature is used to synchronize resource information for a subscription.
+
+:::tip
+- When a cloud account has only one subscription, syncing all resource types for the subscription is equivalent to a full sync of the cloud account.
+- When a cloud account has multiple subscriptions, such as Huawei Cloud, syncing all resource types for a subscription only synchronizes region information under the subscription.
+:::
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. Click the **_"Sync Resources"_** button in the operation column to the right of the subscription to open the Sync Resources dialog.
+3. Select the sync resource types, and click the **_"OK"_** button to complete the operation.
+
+### Enable Subscription
+
+When a subscription is in "Enabled" state and its status is "Connected", users can normally use the subscription to create resources in the corresponding public cloud platform's region.
+
+**Single Enable**
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. Click the **_"More"_** button in the operation column to the right of a "Disabled" subscription, and select the **_"Enable"_** menu item from the dropdown menu to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+**Batch Enable**
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. In the list, select one or more "Disabled" subscriptions, and click the **_"Enable"_** button above the list to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+### Disable Subscription
+
+When a subscription is in "Disabled" state, users cannot use the subscription to create resources in the corresponding public cloud platform's region.
+
+**Single Disable**
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. Click the **_"More"_** button in the operation column to the right of an "Enabled" subscription, and select **_"Disable"_** from the dropdown menu to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+**Batch Disable**
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. In the list, select one or more "Enabled" subscriptions, and click the **_"Disable"_** button above the list to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+### Delete Subscription
+
+Currently, only Azure Global cloud accounts support deleting subscriptions. Deleting a subscription currently does not affect the cloud. If the subscription still exists on the cloud, it will reappear during the next sync.
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. Click the **_"More"_** button in the operation column to the right of a subscription, and select **_"Delete"_** from the dropdown menu to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+### View Subscription Details Page
+
+1. On the Cloud Account Details page, click the "Subscriptions" tab to enter the Subscriptions page.
+2. Click the subscription name to enter the Subscription Details page.
+3. View the following information.
+   - Basic Information: Includes Cloud ID, ID, Name, Status, Domain, Project, Platform, Account, Enabled Status, Sync Time, Created At, Updated At, Description.
+   - Other Information: Includes Health Status, etc.
+
+### View Regions Under a Subscription
+
+This feature is used to view region information under a subscription. Different platforms support different regions for subscriptions. For public cloud platforms other than Huawei Cloud, one subscription supports multiple regions. For Huawei Cloud, one subscription supports one region. Users need to select the corresponding platform's availability zone based on geographic location when creating virtual machines on public cloud platforms.
+
+#### Set Sync
+
+Users can set whether to synchronize resources in a region based on usage. For example, if users do not use resources in Alibaba Cloud international regions, they can use the batch Set Sync feature to disable synchronization for Alibaba Cloud international regions. Subsequently, when users perform full sync on the cloud account or subscription, resources in Alibaba Cloud international regions will not be synchronized, saving full sync time.
+
+**Single Region Set Sync**
+
+1. On the Subscription Details page, click the "Regions" tab to enter the Regions page.
+2. Click the **_"Set Sync"_** button in the operation column to the right of the region to open the Set Sync dialog.
+3. Select whether to sync resources for this region, and click the **_"OK"_** button.
+
+**Batch Set Sync**
+
+1. On the Subscription Details page, click the "Regions" tab to enter the Regions page.
+2. In the list, select one or more regions, and click the **_"Set Sync"_** button above the list to open the Set Sync dialog.
+3. Select whether to sync resources for these regions, and click the **_"OK"_** button.
+
+#### Full Sync
+
+This feature is used to perform a full sync of resources in a specified region under a subscription.
+
+1. On the Subscription Details page, click the "Regions" tab to enter the Regions page.
+2. Click the **_"Full Sync"_** button in the operation column to the right of the region to fully synchronize resources in that region.
+
+### View Cloud Quotas for a Subscription
+
+This feature is used to view quota information on the public cloud platform.
+
+1. On the Subscription Details page, click the "Cloud Quotas" tab to enter the Cloud Quotas page.
+2. View quota usage for different resources.
+
+### View Resource Statistics for a Subscription
+
+This feature is used to view resource statistics under a subscription. When a cloud account has multiple subscriptions, the sum of resource statistics for all subscriptions equals the resource statistics of the cloud account.
+
+1. On the Subscription Details page, click the "Resource Statistics" tab to enter the Resource Statistics page.
+2. View the following information:
+    - View VM count, LB instance count, RDS instance count, Redis instance count, bucket count, object storage capacity, EIP count, public IP count, snapshot count, VPC count, IP subnet count, and total IP count.
+    - View VM shutdown rate: The percentage of VMs in shutdown state compared to the total number of VMs. Includes the number of VMs in shutdown state, the number of VMs not in shutdown state (including abnormal, running, and other states), and the total VM count.
+    - Disk mount rate: The percentage of disks mounted to VMs compared to the total number of disks. Includes the number of disks mounted to VMs, the number of disks not mounted to VMs, and the total disk count.
+    - EIP usage rate: The percentage of EIPs mounted to VMs compared to the total number of EIPs. Includes the number of EIPs in use, the number not in use, and the total EIP count.
+    - IP usage rate: The percentage of IPs in use compared to the total number of IPs. Includes the number of IPs in use, the number not in use, and the total IP count.
+
+
+## SSO Login User Management
+
+This feature is used to manage system users who can log in to public cloud and HCSO platforms without a password.
+
+### Create SSO Login User
+
+This feature is used to set a local user in the system as an SSO login user for the public cloud platform.
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "SSO Login Users" tab to enter the SSO Login Users page.
+3. Click the **_"Create"_** button to open the Create SSO Login User dialog.
+4. Associate a local user and select the corresponding cloud user group.
+5. Click the \<OK\> button to complete the operation.
+
+### Delete SSO Login User
+
+This feature is used to delete SSO login users. After deletion, the system user will no longer be able to log in to the public cloud without a password.
+
+#### Delete SSO Login User
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "SSO Login Users" tab to enter the SSO Login Users page.
+3. Click the **_"Delete"_** button in the operation column to the right of the user to open the operation confirmation dialog.
+4. Click the **_"OK"_** button to complete the operation.
+
+#### Batch Delete SSO Login Users
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "SSO Login Users" tab to enter the SSO Login Users page.
+3. In the list, select one or more users, and click the **_"Delete"_** button to open the operation confirmation dialog.
+4. Click the **_"OK"_** button to complete the operation.
+
+## Cloud User Management
+
+Cloud users are users on public cloud platforms (China Telecom Cloud and UCloud not supported). This feature is used to manage cloud user information under public cloud accounts.
+
+**Cloud User Sources**
+
+- When the Cloud Management Platform connects to a public cloud platform account, it will synchronize sub-accounts and collaborators from the public cloud platform to the Cloud Management Platform.
+- Create cloud users.
+
+:::tip
+- System administrators can manage cloud users in cloud accounts of any domain.
+- Domain administrators can only manage cloud users in cloud accounts under their own domain.
+:::
+
+### Create Cloud User
+
+This feature is used to create cloud users, i.e., create users on the corresponding public cloud platform, and supports associating the user with a local user on the platform. After associating with a local user, the local user can view the associated cloud user information in User Info - Multi-Cloud Unified Login and conveniently log in to the public cloud platform using the cloud user.
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the **_"Create"_** button above the list to open the Create Cloud User dialog.
+4. Configure the following parameters:
+   - Cloud Subscription: Only Google Cloud requires this parameter. Google Cloud subscriptions correspond to Google Cloud projects. Specifying a cloud subscription adds the corresponding project to the specified Google Cloud account.
+   - Username: Set the name of the cloud user. This name will be used to create a user on the corresponding public cloud platform (except Google Cloud). For Google Cloud, an existing account must be entered.
+:::tip
+For Google Cloud, the Create Cloud User operation associates an existing Google Cloud account with the Google Cloud account connected to the platform through a project.
+   - Cloud User Group: Add the cloud user to a cloud user group. The cloud user will have all permissions of that cloud user group.
+   - Associate Local User: Select a local user who has joined a project.
+**Admin Backend**
+
+- When the cloud account sharing scope is private or shared cloud subscription, only users who have joined projects under the cloud account's domain can be selected.
+- When the cloud account sharing scope is global sharing, users who have joined projects under any domain can be selected.
+
+**Domain Admin Backend**
+
+- Regardless of the cloud account's sharing scope, only users who have joined projects under the local domain can be selected.
+   - Email: Configure the email address to receive the cloud user creation information. When "Send create cloud user email" is checked, the creation information will be sent to this email address.
+Please ensure that the email service has been configured in the notification channels.
+:::
+5. Click the **_"OK"_** button to complete the operation.
+
+### Sync Status
+
+This feature is used to get the current status of a cloud user.
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the **_"Sync Status"_** button in the operation column to the right of the cloud user to synchronize the cloud user's status.
+
+### Create Access Key
+
+This feature is used to create access keys for cloud users.
+
+:::warning
+- Only Huawei Cloud accounts are supported.
+- A maximum of two access keys can be created.
+:::
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the "Access Keys" tab to enter the Access Keys page.
+4. Click the **_"Create"_** button above the list to open the Create Access Key dialog. Enter a description and click the **_"OK"_** button to complete the operation.
+5. After the access key is created successfully, click the **_"Download"_** button to download the access key information.
+
+### Modify Local User
+
+This feature is used to modify the local user associated with a cloud user. The Modify Local User operation will reset the cloud user's password.
+
+:::warning
+Associating a local user with a Google Cloud platform cloud user will not reset the password.
+:::
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the **_"More"_** button in the operation column to the right of the cloud user, and select the **_"Modify Local User"_** menu item from the dropdown menu to open the Modify Local User dialog.
+4. Select a local user, and click the **_"OK"_** button.
+
+:::tip
+**Admin Backend**
+
+- When the cloud account sharing scope is private or shared cloud subscription, only users who have joined projects under the cloud account's domain can be selected.
+- When the cloud account sharing scope is global sharing, users who have joined projects under any domain can be selected.
+
+**Domain Admin Backend**
+
+- Regardless of the cloud account's sharing scope, only users who have joined projects under the local domain can be selected.
+:::
+
+### Associate Cloud User Group
+
+This feature is used to add a cloud user to a cloud user group. The cloud user will have all permissions of that cloud user group.
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the **_"More"_** button in the operation column to the right of the cloud user, and select the **_"Associate Cloud User Group"_** menu item from the dropdown menu to open the Associate Cloud User Group dialog.
+4. Select a cloud user group, and click the **_"OK"_** button to complete the operation.
+
+### Delete
+
+This feature is used to delete cloud users. The delete operation will delete the corresponding user on the public cloud platform.
+
+**Single Delete**
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the **_"More"_** button in the operation column to the right of the cloud user, and select the **_"Delete"_** menu item from the dropdown menu to open the operation confirmation dialog.
+4. Click the **_"OK"_** button to complete the operation.
+
+**Batch Delete**
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. In the list, select one or more cloud users, click the **_"Batch Operations"_** button above the list, and select the **_"Delete"_** menu item from the dropdown menu to open the operation confirmation dialog.
+4. Click the **_"OK"_** button to complete the operation.
+
+### View Cloud User Details
+
+This feature is used to view detailed information about a cloud user.
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the cloud user name to enter the Cloud User Details page.
+4. View the following information: Cloud ID, ID, Name, Status, Domain, Project, Platform, Login URL, Associated Local User, Console Login, Created At, Updated At, Description.
+
+### View Cloud User Groups Associated with a Cloud User
+
+This feature is used to view cloud user groups associated with a cloud user and supports removing the cloud user from cloud user groups.
+
+#### Remove Cloud User Group
+
+This feature is used to remove a cloud user from a cloud user group.
+
+**Single Remove**
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the cloud user name to enter the Cloud User Details page.
+4. Click the "Cloud User Groups" tab to enter the Cloud User Groups page.
+5. Click the **_"Delete"_** button in the operation column to the right of the cloud user group to open the operation confirmation dialog.
+6. Click the **_"OK"_** button to complete the operation.
+
+**Batch Remove**
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the cloud user name to enter the Cloud User Details page.
+4. Click the "Cloud User Groups" tab to enter the Cloud User Groups page.
+5. In the list, select one or more cloud user groups, and click the **_"Delete"_** button above the list to open the operation confirmation dialog.
+6. Click the **_"OK"_** button to complete the operation.
+
+### View Cloud User Operation Logs
+
+This feature is used to view operation logs related to cloud user operations.
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud Users" tab to enter the Cloud Users page.
+3. Click the cloud user name to enter the Cloud User Details page.
+4. Click the "Operation Logs" tab to enter the Operation Logs page.
+    - Load More Logs: The list displays 20 operation log entries by default. To view more operation logs, click the **_"Load More"_** button to retrieve more log information.
+    - View Log Details: Click the **_"View"_** button in the operation column to the right of the operation log to view the log details. Supports copying the details content.
+    - View Logs for a Specific Time Period: To view operation logs for a specific time period, set the specific dates in the start date and end date fields in the upper right of the list to query log information for the specified time period.
+    - Export Logs: Currently only supports exporting logs displayed on the current page. Click the download icon in the upper right corner. In the pop-up Export Data dialog, set the export data columns, and click the **_"OK"_** button to export logs.
+
+## Cloud User Group Management
+
+This feature is used to view available cloud user groups on the public cloud platform corresponding to the cloud account. If the current cloud user groups do not meet requirements, you can create new cloud user groups.
+
+1. On the Cloud Accounts page, click a public cloud platform cloud account name to enter the Cloud Account Details page.
+2. Click the "Cloud User Groups" tab to enter the Cloud User Groups page.
+3. Management operations can be performed on cloud user groups. For details, please refer to [Cloud User Groups](../cloudgroup).
+
+## View Cloud Projects
+
+This feature is used to view the mapping between cloud platform projects and local projects, and also supports creating cloud projects and associating them with local projects. Projects on VMware, OpenStack, Alibaba Cloud, Huawei Cloud, Tencent Cloud, and Azure platforms support bidirectional synchronization with local projects.
+
+:::tip
+- Creating resources in the corresponding project of a cloud project will synchronize them to the corresponding cloud project;
+- Creating resources in a project without a corresponding cloud project: if there is a project with the same name on the cloud platform, it will synchronize to the same-name project; if there is no same-name project, a same-name project will be created on the cloud and resources will be synchronized to it.
+:::
+
+### Create Cloud Project
+
+This feature is used to create cloud projects and also supports associating cloud projects with local projects.
+
+:::tip
+- Only supported for Alibaba Cloud, Tencent Cloud, Huawei Cloud, and Azure.
+:::
+
+1. On the Cloud Account Details page, click the "Cloud Projects" tab to enter the Cloud Projects page.
+2. Click the **_"Create"_** button in the corresponding operation column to open the Create Cloud Project dialog.
+3. Enter the cloud project name, and click the **_"Create"_** button to enter the Associate Local Project page.
+4. Configure the following parameters:
+   - Type: Supports selecting an existing local project or creating a new local project.
+   - Project: When type is "Select Existing Project", you need to select the domain and project; when type is "Create New Local Project", enter the name.
+5. Click the **_"OK"_** button to complete the operation. If you don't want to associate a local project at this time, you can click the **_"Skip"_** button.
+
+### Switch Local Project
+
+This feature is used to change the mapping between a local project and a cloud project. After switching the local project, the cloud account's resources will also be synchronized to the new project.
+
+:::tip
+- If resources on the cloud account have already been changed to a different project on the platform, switching the local project will not affect resources that have already been changed.
+- After switching the local project, billing will also be synchronized to the new project.
+- The selectable range of domains is related to the cloud account's sharing scope; when the cloud account is private, only the cloud account's own domain can be selected; when the cloud account shares cloud subscriptions, only the cloud subscription's domain can be selected; when the cloud account is multi-domain shared, the cloud account's own domain and shared domains can be selected.
+:::
+
+**Switch Local Project**
+
+1. On the Cloud Account Details page, click the "Cloud Projects" tab to enter the Cloud Projects page.
+2. Click the **_"Switch Local Project"_** button in the corresponding operation column to open the Switch Local Project dialog.
+3. Select the domain and project, and click the **_"OK"_** button.
+
+**Batch Switch Local Project**
+
+1. On the Cloud Account Details page, click the "Cloud Projects" tab to enter the Cloud Projects page.
+2. In the list, select one or more projects, and click the **_"Switch Local Project"_** button above the list to open the Switch Local Project dialog.
+3. Select the domain and project, and click the **_"OK"_** button.
+
+## Set Scheduled Tasks
+
+This feature is used to create scheduled sync tasks and view billing sync tasks.
+
+**Cloud Account Set Resource Auto Sync**
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks - Resource Sync page.
+2. On the Scheduled Tasks - Resource Sync page, click the **_"Create"_** button above the list to enter the Create Scheduled Task - Resource Sync page.
+3. Configure the following parameters:
+   - Name: The name of the scheduled task.
+   - Type: Sync Cloud Account.
+   - Trigger Frequency: Supports selecting single, daily, weekly, and monthly.
+   - Trigger Time: When the trigger frequency is set to single, you need to set a specific time for a one-time reminder; when set to daily, you need to set a daily trigger time and the current task's valid period; when set to weekly, you need to set the specific day of the week, the specific trigger time, and the current task's valid period; when set to monthly, you need to set the specific date, the specific trigger time, and the current task's valid period.
+   - Valid Period: Can be left empty, meaning it is permanently valid.
+4. Click the **_"OK"_** button to complete the operation.
+
+**Cloud Account Set Billing Task**
+
+1. On the Cloud Accounts page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks - Resource Sync page.
+2. Select the Billing Task tab, click the **_"Create"_** button to enter the Configure Billing Task page.
+3. Configure the following parameters:
+   - Task Type: Supports pulling bills, prepaid amortization, default project amortization, secondary pricing, and deleting bills.
+   - Time Range: Select the effective time range for the task type.
+4. Click the **_"OK"_** button to complete the operation.
+
+### Enable Scheduled Task
+
+**Single Enable**
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks page.
+2. In the list, select a "Disabled" scheduled task, and click the **_"Enable"_** button in the operation column to the right of the scheduled task to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+**Batch Enable**
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks page.
+2. In the list, select one or more "Disabled" scheduled tasks, and click the **_"Enable"_** button on the right side of the list to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+### Disable Scheduled Task
+
+**Single Disable**
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks page.
+2. In the list, select an "Enabled" scheduled task, and click the **_"Disable"_** button in the operation column to the right of the scheduled task to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+**Batch Disable**
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks page.
+2. In the list, select one or more "Enabled" scheduled tasks, and click the **_"Disable"_** button on the right side of the list to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+### Delete Scheduled Task
+
+**Single Delete**
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks page.
+2. Click the **_"Delete"_** button in the operation column to the right of the scheduled task to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+**Batch Delete**
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks page.
+2. In the list, select one or more scheduled tasks, click the "Batch Operations" button above the list, and select the **_"Delete"_** button from the dropdown menu to open the operation confirmation dialog.
+3. Click the **_"OK"_** button to complete the operation.
+
+### View Billing Sync Tasks
+
+1. On the Cloud Account Details page, click the "Scheduled Tasks" tab to enter the Scheduled Tasks - Resource Sync page.
+2. On the Scheduled Tasks - Resource Sync page, click the **_"Billing Sync"_** tab to enter the Scheduled Tasks - Billing Sync page.
+
+## View Operation Logs
+
+This feature is used to view log information for cloud account-related operations.
+
+1. On the Cloud Accounts page, click the specified cloud account name to enter the Cloud Account Details page.
+2. Click the "Operation Logs" tab to enter the Operation Logs page.
+    - Load More Logs: The list displays 20 operation log entries by default. To view more operation logs, click the **_"Load More"_** button to retrieve more log information.
+    - View Log Details: Click the **_"View"_** button in the operation column to the right of the operation log to view the log details. Supports copying the details content.
+    - View Logs for a Specific Time Period: To view operation logs for a specific time period, set the specific dates in the start date and end date fields in the upper right of the list to query log information for the specified time period.
+    - Export Logs: Currently only supports exporting logs displayed on the current page. Click the download icon in the upper right corner. In the pop-up Export Data dialog, set the export data columns, and click the **_"OK"_** button to export logs.
+
+## How to Log in to Public Cloud Platform via SSO from This System?
+
+Public cloud platforms support single sign-on based on the SAML protocol. Through the identity provider feature, enterprise users can log in to the public cloud platform using their own account system and manage public cloud platform resources.
+
+### Identity Provider
+
+An Identity Provider (IdP) is used to provide identity authentication. External users can log in to the public cloud platform using roles after identity verification through a known identity provider. External users will access resources within the limited permissions of the role. Because external identity users log in to Tencent Cloud using roles, and roles use temporary keys, you can avoid security issues caused by long-term use of keys (such as Cloud API keys), which are difficult to rotate and can be compromised if intercepted.
+
+### Configure Azure External Identities
+
+:::tip
+Set the platform to use domain name access and configure the access domain name in Global Settings - Console Address. A platform without domain name access cannot serve as Azure's External Identity.
+:::
+
+1. Get the Azure account ID on the platform.
+
+    ![](./images/azureaccountid.png)
+
+2. In the browser, enter "https://\<domain-name\>/api/saml/idp/metadata/\<account-ID\>". Save the displayed XML file content. For example: "[https://saml.test.cn/api/saml/idp/metadata/7c6c10d5-953a-444c-8685-d0b8f53984b2](#configure-azure-external-identities)", and save the file.
+
+    ![](./images/azurexml.png)
+
+3. In the [Azure](https://portal.azure.com/) console, search for "external identities" and enter the page.
+
+    ![](./images/externalidenties.png)
+
+4. Click the "All identity providers" menu item on the left to enter the "All identity providers" page.
+
+    ![](./images/createexternalidenties.png)
+
+5. Click "New SAML/WS-Fed Idp" and configure the following parameters in the pop-up dialog.
+    - Identity provider protocol: Select SAML.
+    - Domain name of federating IdP: Set to the platform's domain name, e.g., saml.test.cn.
+    - Select a method for populating metadata: It is recommended to select "Parse metadata file", upload the XML file saved in the above steps, and click "Parse" to automatically populate the parameters below. If selecting "Input metadata manually", you need to fill in the fields according to the above screenshot. Note that the Certificate copied directly may have spaces, which need to be completely removed.
+
+    ![](./images/newsaml.png)
+
+6. Additionally, you need to add user permissions to the Azure application. For Azure application details, please refer to [Getting Azure Tenant ID and Client Information](#getting-azure-tenant-id-and-client-information).
+7. On the application details page, click "API permission" to enter the API permission page. Ensure the application has "User.Invite.ALL" and "User.ReadWrite.All" permissions under Microsoft Graph. If these permissions are missing, click "add a permission" to add the corresponding permissions.
+
+    ![](./images/permission.png)
+    ![](./images/addpermission.png)
+    ![](./images/adduserpermission.png)
+
+### Configure Chrome Browser
+
+When using SSO to log in to the Azure platform from this platform, Cookies need to be carried back to the platform during the Azure login process. Chrome browser does not allow cross-site Cookies by default, so the following configuration is needed:
+
+1. In the Chrome browser address bar, enter "chrome://flags/" and search for "SameSite by default cookies".
+2. Disable "SameSite by default cookies" and "Cookies without SameSite must be secure".
+    ![](./images/disablesamesite.png)
+
+3. Restart the browser for the configuration to take effect.
+
+### Usage Process
+
+1. When creating a cloud account on the platform, enable the SSO login feature. This will upload the system's SAML information to the public cloud platform, making the system an identity provider for the public cloud platform.
+2. On the Cloud User Groups page, create the corresponding platform cloud user group and select the corresponding permissions.
+3. On the Cloud Account Details - SSO Login Users page, create SSO login users, associate local users, and specify the cloud user group the users belong to. This operation grants system users the permission to log in to the public cloud without a password.
+4. Subsequently, local users associated with cloud SAML users can click the **_"SSO Login"_** button in **_"User Info - Multi-Cloud Unified Login - SSO Login Users"_** to log in to the public cloud platform with the specified permissions without a password.
+
+:::warning
+When using SSO to log in to the Azure platform from this platform, users still need to enter their account. Currently, the login account is not displayed on the frontend. The format is: username@domain-name. For example, for the test user on the saml.test.cn environment to access the Azure platform without a password, the user account would be test@saml.test.cn.
+:::
diff --git a/i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-12.md b/i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-12.md
new file mode 100644
index 00000000..88f104cf
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-12.md
@@ -0,0 +1,338 @@
+---
+sidebar_position: -31112
+---
+
+# v3.11.12
+
+Released at 2025-10-20 15:44:44
+
+-----
+
+## cloudmux
+
+Repo: https://github.com/yunionio/cloudmux
+
+51 commits to [cloudmux - v3.11.12](https://github.com/yunionio/cloudmux/compare/v3.11.11...v3.11.12) since this release.
+
+### Bug Fixes (51)
+- fmt code ([1c5be3ba](https://github.com/yunionio/cloudmux/commit/1c5be3baa66f413bd5a7172ea93e6f51534a1dca), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** mongodb cluster backup ([d4331fc0](https://github.com/yunionio/cloudmux/commit/d4331fc0783c97db04e687cac446581a7a949e6d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** health status ([44cb89b6](https://github.com/yunionio/cloudmux/commit/44cb89b6d7c91d5aa1a5b810933d1b48f920b9e8), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** dns record line ([fdaa3313](https://github.com/yunionio/cloudmux/commit/fdaa33137c14c324a3468e09092ab30a51b64040), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** support change disk storage type ([c0b1e289](https://github.com/yunionio/cloudmux/commit/c0b1e289c9138fd306871f7fe696245965a10847), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** mongodb shared count ([37520542](https://github.com/yunionio/cloudmux/commit/3752054203331b77c3150671ceccaec80f006f17), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** lb listener rule ([5148162b](https://github.com/yunionio/cloudmux/commit/5148162bccc73ac4e46720ad3e7a13ff8553451a), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** support set disk tag ([a329dfcc](https://github.com/yunionio/cloudmux/commit/a329dfcc67fd477f55f0da77ea0ca4c36a5cc130), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** es instance type ([286f6543](https://github.com/yunionio/cloudmux/commit/286f654396533b21aea40a31ef67d4d464c31803), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** snapshot name ([484e2e2f](https://github.com/yunionio/cloudmux/commit/484e2e2f9dd6b53e475c704b3d1e1c720658e2f6), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** eip relationship ([f32a0737](https://github.com/yunionio/cloudmux/commit/f32a07374c2d7799e70a1d4689229f2547f4790b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** eip associate type ([6b5471a2](https://github.com/yunionio/cloudmux/commit/6b5471a24d3d674ab0f36492ae8585e8af16399b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** bucket sync ([39d28dd0](https://github.com/yunionio/cloudmux/commit/39d28dd0f84be4054524b681386dd70fa4fe4477), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** remove debug info ([ba4ac36a](https://github.com/yunionio/cloudmux/commit/ba4ac36a0bf08f6ba62b31a9163575f420646b44), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aws:** add region name ([fc4765d5](https://github.com/yunionio/cloudmux/commit/fc4765d57abf736b5198c85213563122073ee116), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aws:** master account id ([5c2816c9](https://github.com/yunionio/cloudmux/commit/5c2816c9307ea9b0b2047bcb83aba94d7cca23d3), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aws:** lb listener rule ([9a623be8](https://github.com/yunionio/cloudmux/commit/9a623be84c64738c625593c90552c93841180be3), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** delete esxi vm ([c9213b22](https://github.com/yunionio/cloudmux/commit/c9213b2237fe3f5e47ab4ae1bfae3405976fa5d2), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** root image path ([5ce51c99](https://github.com/yunionio/cloudmux/commit/5ce51c99905b82f925ed7833414bd67ee77c341d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** add delete vm debug info ([e8e1b138](https://github.com/yunionio/cloudmux/commit/e8e1b13883af43d44472e9e2fcbad3f49dc79d29), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** delete vm with deletion protection ([aa7b7ce9](https://github.com/yunionio/cloudmux/commit/aa7b7ce9b773894cf22d2b9a007ee35e10158524), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** rds engine version ([3cba036a](https://github.com/yunionio/cloudmux/commit/3cba036aedbd18c223295244cf428bebc2216947), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** add pd extreme storage ([091d2325](https://github.com/yunionio/cloudmux/commit/091d232550638e41e0814fcbbb7b2ec036c47ee5), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** add gcp storage const ([dec73114](https://github.com/yunionio/cloudmux/commit/dec7311479554f270c6bd5ff76f6089c05063af8), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** image upload ([a9ebb027](https://github.com/yunionio/cloudmux/commit/a9ebb027c62c6bff7ee6943402cd91400f84f45d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** vm sync ([dcd40463](https://github.com/yunionio/cloudmux/commit/dcd40463549e5fb6bef120a09ec704ed94ba06a7), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** support share vpc ([370dfc78](https://github.com/yunionio/cloudmux/commit/370dfc7879fa41c79c41fd394e0e3c67267daf25), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** vm create net params ([1790a812](https://github.com/yunionio/cloudmux/commit/1790a812e4ed1c2633e47129863d2888f29a353b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** resource name ([f0e2c4a6](https://github.com/yunionio/cloudmux/commit/f0e2c4a616a6b9e8b7c11b25d2f4d6a50111efed), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** allow use shared image ([1ecb52a9](https://github.com/yunionio/cloudmux/commit/1ecb52a9ec23bfe5e03b26beeba5152b0d3230a8), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **huawei:** huawei vm list ([3fb533bc](https://github.com/yunionio/cloudmux/commit/3fb533bcc7f4a785bbe9d7c176252e13b0e3109b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** support post signv4 ([13e25430](https://github.com/yunionio/cloudmux/commit/13e2543028ae828479504a5532d4b3da0a534ad9), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** keypair import ([dd4b75b5](https://github.com/yunionio/cloudmux/commit/dd4b75b531c67cfe7e27cfa8659bfc4f0041f6bd), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** storage sync ([4901d10a](https://github.com/yunionio/cloudmux/commit/4901d10a5c3e2e41813fd4e4f321a24b03ac4953), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** snapshot sync ([503cbcba](https://github.com/yunionio/cloudmux/commit/503cbcba0604ff5337fccf4c0a27651fd00dce0f), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** metric data ([18341ef3](https://github.com/yunionio/cloudmux/commit/18341ef3c126aa820c6db87bebe1c116d2f40f34), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** support objectstore ([271c11bc](https://github.com/yunionio/cloudmux/commit/271c11bc044da9ff39086a1304e7bb3224a4d314), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** vm vnc ([a5c08ce3](https://github.com/yunionio/cloudmux/commit/a5c08ce38910c2c81a254e23a8748d5c2258d857), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** support ksyun operation ([f09065df](https://github.com/yunionio/cloudmux/commit/f09065df2a39fd72027e58d3977fa7435e51eab3), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** add auto pl storage type ([b44c8020](https://github.com/yunionio/cloudmux/commit/b44c8020c0ab4e66ed8db6e730b480284fa41b3a), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** sync qcloud storage type ([62404ad9](https://github.com/yunionio/cloudmux/commit/62404ad904f5a0190c60633a02b70c4d90ed529d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** lb backend sync ([3eb7c9aa](https://github.com/yunionio/cloudmux/commit/3eb7c9aae115be6cd43ff160a5cff38117f975e6), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** add sql server monitor ([ebd56789](https://github.com/yunionio/cloudmux/commit/ebd56789052c9f2746bbb55706d54c0bbdc459ed), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** metric period 60s ([a768ab15](https://github.com/yunionio/cloudmux/commit/a768ab15981a20d7a9aa66a192fbb9b5a94fcbcc), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** sql server ([ad887860](https://github.com/yunionio/cloudmux/commit/ad887860918eb2b4e9ac7766b66569e1153e6cae), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** add qcloud disk usage metric ([7f1696f2](https://github.com/yunionio/cloudmux/commit/7f1696f2e7558d6f2a84e680befb85d77cf08277), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** sync sqlserver expired time ([2f742967](https://github.com/yunionio/cloudmux/commit/2f742967c3911ee735520eb0f111ac39ad62cc1e), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** create disk with tags ([878d8589](https://github.com/yunionio/cloudmux/commit/878d8589a9c852fa1afdf46184ce460565095340), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** sync aws lb backend ip ([a7093162](https://github.com/yunionio/cloudmux/commit/a7093162485fa223a6addfd52cb18f2eb7847b5f), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **s3:** add set bucket lifecycle ([badac3eb](https://github.com/yunionio/cloudmux/commit/badac3eb6c3a70be96c1c09dcbaeede96504d72e), [wanyaoqi](mailto:wanyaoqi@yunion.cn))
+- **volc:** vpc only support get request method ([7ede353e](https://github.com/yunionio/cloudmux/commit/7ede353e1b6b32936c66909364e923f34e6487e5), [Qu Xuan](mailto:qu_xuan@icloud.com))
+
+-----
+
+## cloudpods
+
+Repo: https://github.com/yunionio/cloudpods
+
+110 commits to [cloudpods - v3.11.12](https://github.com/yunionio/cloudpods/compare/v3.11.11...v3.11.12) since this release.
+
+### Bug Fixes (105)
+- ignore e2fsck errors if retcode \< 4 ([#23488](https://github.com/yunionio/cloudpods/issues/23488)) ([35cb610755](https://github.com/yunionio/cloudpods/commit/35cb6107551fb2ffe9a0ecce764d44d2a1d0515e), [Jian Qiu](mailto:swordqiu@gmail.com))
+- guest ipv6 vip ([#23181](https://github.com/yunionio/cloudpods/issues/23181)) ([bd72a48ecb](https://github.com/yunionio/cloudpods/commit/bd72a48ecb03a5edbfc68a71f27cda0945050663), [Jian Qiu](mailto:swordqiu@gmail.com))
+- filter guest by multiple ips with exact match ([#23040](https://github.com/yunionio/cloudpods/issues/23040)) ([5fce56f5e6](https://github.com/yunionio/cloudpods/commit/5fce56f5e67431be09605dd4df888897dbd483e0), [Jian Qiu](mailto:swordqiu@gmail.com))
+- updte vendor 3.11.11 20250718 ([#22915](https://github.com/yunionio/cloudpods/issues/22915)) ([e304c99316](https://github.com/yunionio/cloudpods/commit/e304c993161b382755f5f08dd0294c865bc2fc3a), [Jian Qiu](mailto:swordqiu@gmail.com))
+- linux sshd_config support ([#23336](https://github.com/yunionio/cloudpods/issues/23336)) ([e4391b9cce](https://github.com/yunionio/cloudpods/commit/e4391b9cce15ddd159b3fc5f89ba5577f79b9a75), [Jian Qiu](mailto:swordqiu@gmail.com))
+- disable password history unique check by default ([#23437](https://github.com/yunionio/cloudpods/issues/23437)) ([4f0ca33bf9](https://github.com/yunionio/cloudpods/commit/4f0ca33bf9843fb68d1dad95090ae82f23d9a801), [Jian Qiu](mailto:swordqiu@gmail.com))
+- image self check status ([#23252](https://github.com/yunionio/cloudpods/issues/23252)) ([0777418c63](https://github.com/yunionio/cloudpods/commit/0777418c63557fabfedd92c2623d2ce2fae2aa90), [Jian Qiu](mailto:swordqiu@gmail.com))
+- network manager supports ipv4 static routes for 3.11 ([#23485](https://github.com/yunionio/cloudpods/issues/23485)) ([2ba9f0b887](https://github.com/yunionio/cloudpods/commit/2ba9f0b88724d809fb3d528b3b0a1ee65bc2929e), [Jian Qiu](mailto:swordqiu@gmail.com))
+- force NetworkManager unmanged physical netinterface ([#23069](https://github.com/yunionio/cloudpods/issues/23069)) ([4377da3aff](https://github.com/yunionio/cloudpods/commit/4377da3affedcd0a1c16d180d09c2e02b9293f7c), [Jian Qiu](mailto:swordqiu@gmail.com))
+- check os_arch when server rebuilding root ([#23337](https://github.com/yunionio/cloudpods/issues/23337)) ([b96abf5af6](https://github.com/yunionio/cloudpods/commit/b96abf5af6eb9f9442bf6ca6210f8931f39d254b), [Jian Qiu](mailto:swordqiu@gmail.com))
+- glance converts all queued subimages, regardless of format ([#22970](https://github.com/yunionio/cloudpods/issues/22970)) ([a5e4471e1f](https://github.com/yunionio/cloudpods/commit/a5e4471e1f27e6f2afdfbc7c4c824a6fe23675bb), [Jian Qiu](mailto:swordqiu@gmail.com))
+- deploy gai.conf if both v4 and v6 present ([#23164](https://github.com/yunionio/cloudpods/issues/23164)) ([78850c6d03](https://github.com/yunionio/cloudpods/commit/78850c6d03c71289e543ce7fc3861aeb82ae700a), [Jian Qiu](mailto:swordqiu@gmail.com))
+- too many recursive locks when batch create ([#23197](https://github.com/yunionio/cloudpods/issues/23197)) ([84dea5ace9](https://github.com/yunionio/cloudpods/commit/84dea5ace9bc2c8832e58d6e6b42076c580bfa26), [Jian Qiu](mailto:swordqiu@gmail.com))
+- network filter by ipv6 address ([#23226](https://github.com/yunionio/cloudpods/issues/23226)) ([4781f552e2](https://github.com/yunionio/cloudpods/commit/4781f552e2c6a798d6cc51302fb3e8f47b913ef3), [Jian Qiu](mailto:swordqiu@gmail.com))
+- set default worker parameter ([#22960](https://github.com/yunionio/cloudpods/issues/22960)) ([061988edea](https://github.com/yunionio/cloudpods/commit/061988edeaed1f3892cf62ae785f7ed646864366), [Jian Qiu](mailto:swordqiu@gmail.com))
+- default cloud region init error ([#23471](https://github.com/yunionio/cloudpods/issues/23471)) ([1e676fb2e8](https://github.com/yunionio/cloudpods/commit/1e676fb2e843a00cc6bd62028feae7b8b99d6641), [Jian Qiu](mailto:swordqiu@gmail.com))
+- support network manager connection profiles ([#23466](https://github.com/yunionio/cloudpods/issues/23466)) ([cfc6d56361](https://github.com/yunionio/cloudpods/commit/cfc6d56361d2abb22c1003663c7a24bfdb1f6048), [Jian Qiu](mailto:swordqiu@gmail.com))
+- webconsole skip refererer check by default ([#23093](https://github.com/yunionio/cloudpods/issues/23093)) ([a316053a4f](https://github.com/yunionio/cloudpods/commit/a316053a4f8ee49c50d9a8ef28c290e743d2be9a), [Jian Qiu](mailto:swordqiu@gmail.com))
+- fail to delete cas idp due to readonly domain ([#23216](https://github.com/yunionio/cloudpods/issues/23216)) ([f40095bd46](https://github.com/yunionio/cloudpods/commit/f40095bd46f04df5edaf457850b16b2a8052b5f6), [Jian Qiu](mailto:swordqiu@gmail.com))
+- inconsist checksum between image and its same format subimage ([#22989](https://github.com/yunionio/cloudpods/issues/22989)) ([1f39911996](https://github.com/yunionio/cloudpods/commit/1f39911996d348aa205f0f86ddbb667706e6903a), [Jian Qiu](mailto:swordqiu@gmail.com))
+- always update hostname for rhel-like os ([#23019](https://github.com/yunionio/cloudpods/issues/23019)) ([4d45708d11](https://github.com/yunionio/cloudpods/commit/4d45708d11a08e40558bf16491702dbbe384a5ea), [Jian Qiu](mailto:swordqiu@gmail.com))
+- update vendor 20250930 3.11.12 ([#23454](https://github.com/yunionio/cloudpods/issues/23454)) ([2241f34b9b](https://github.com/yunionio/cloudpods/commit/2241f34b9be6180983f8951f9d05431268530666), [Jian Qiu](mailto:swordqiu@gmail.com))
+- hostman master nic may be nil ([#23449](https://github.com/yunionio/cloudpods/issues/23449)) ([59ad7f73e8](https://github.com/yunionio/cloudpods/commit/59ad7f73e82d309705516517a3e73cbb1a66fb53), [Jian Qiu](mailto:swordqiu@gmail.com))
+- s3 common options ([#23442](https://github.com/yunionio/cloudpods/issues/23442)) ([2b08c946ff](https://github.com/yunionio/cloudpods/commit/2b08c946ffc0e06a2914c8457dd7899ddba77f62), [Jian Qiu](mailto:swordqiu@gmail.com))
+- **apigateway:** remove unnecessary queries to avoid long user login time ([#22954](https://github.com/yunionio/cloudpods/issues/22954)) ([c231b0bc66](https://github.com/yunionio/cloudpods/commit/c231b0bc668d30e74038dc7cd29cdeef6ef32647), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **baremetal:** agent storagecache input params error ([#23044](https://github.com/yunionio/cloudpods/issues/23044)) ([c15d5ba838](https://github.com/yunionio/cloudpods/commit/c15d5ba83829cb970df20b02513fa8437360584d), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **baremetal:** update the grub auto configuration to fix the aarch64 disk boot ([#23127](https://github.com/yunionio/cloudpods/issues/23127)) ([78eaa50af1](https://github.com/yunionio/cloudpods/commit/78eaa50af1e0ff073933ef8fe6b9417ac2f7d75c), [Zexi Li](mailto:zexi.li@icloud.com))
+- **baremetal:** ensure the execution of the BaremetalServerDestroyTask ([#23496](https://github.com/yunionio/cloudpods/issues/23496)) ([70f29b481c](https://github.com/yunionio/cloudpods/commit/70f29b481ca36c5ab58d39e22f264fc9802c168f), [Zexi Li](mailto:zexi.li@icloud.com))
+- **baremetal-agent:** error occurred when removing logical volumes on the arm64 host ([#23120](https://github.com/yunionio/cloudpods/issues/23120)) ([b93d913948](https://github.com/yunionio/cloudpods/commit/b93d9139482d92f0114512392007d44748f2029a), [Zexi Li](mailto:zexi.li@icloud.com))
+- **climc:** sku create params ([#23300](https://github.com/yunionio/cloudpods/issues/23300)) ([104c927e74](https://github.com/yunionio/cloudpods/commit/104c927e744f3698a6d7c6a66d8194946e71e20b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **climc:** monitor-alertrecords-total-alert command ([#23265](https://github.com/yunionio/cloudpods/issues/23265)) ([1a4a0fe647](https://github.com/yunionio/cloudpods/commit/1a4a0fe647a26e91ab6cd96623052c6763d92737), [Zexi Li](mailto:zexi.li@icloud.com))
+- **cloudmon:** metric sync ([#23464](https://github.com/yunionio/cloudpods/issues/23464)) ([2ebbfb4dd9](https://github.com/yunionio/cloudpods/commit/2ebbfb4dd9cf8f1e520c7ccdb8d249e0ea98fe6c), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **cloudmon:** alert metric with tenant id ([#23316](https://github.com/yunionio/cloudpods/issues/23316)) ([160b6e3faf](https://github.com/yunionio/cloudpods/commit/160b6e3faf0f5ae11c97a2f8cb5319314a9dc408), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **glance:** add notify for image create ([#23554](https://github.com/yunionio/cloudpods/issues/23554)) ([bd01cc9c95](https://github.com/yunionio/cloudpods/commit/bd01cc9c9548b5abd985f3de5101768442d0b0a7), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **host:** run ifdown script on guest delete ([#23100](https://github.com/yunionio/cloudpods/issues/23100)) ([382d51e18c](https://github.com/yunionio/cloudpods/commit/382d51e18cde6df2b5a304d03151c03924d0de3c), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** check storage id is correct on src migrate prepare ([#22891](https://github.com/yunionio/cloudpods/issues/22891)) ([ba9457df30](https://github.com/yunionio/cloudpods/commit/ba9457df3022e6c2b1cb4573c44622449eb90459), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** host init no numa node ([#22947](https://github.com/yunionio/cloudpods/issues/22947)) ([d83fd7490a](https://github.com/yunionio/cloudpods/commit/d83fd7490a91d134e1c32ff38f75eb982761900d), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** set qemuimg convert cluster_size 64k on compat image ([#22964](https://github.com/yunionio/cloudpods/issues/22964)) ([c00c81f23b](https://github.com/yunionio/cloudpods/commit/c00c81f23b1b7e64a3520b0ca0bee25ede29f359), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** disk resize error input params ([#23492](https://github.com/yunionio/cloudpods/issues/23492)) ([62f44a77ff](https://github.com/yunionio/cloudpods/commit/62f44a77ff65ae5d8859ba00e47be04c57fd6cc5), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** add check mem dev is null on guest setup ([#22846](https://github.com/yunionio/cloudpods/issues/22846)) ([1b6f13738a](https://github.com/yunionio/cloudpods/commit/1b6f13738adfa6215a12ede70a528b2ad1dacc3b), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** ensure host wire marshal nil value ([#23506](https://github.com/yunionio/cloudpods/issues/23506)) ([87e65dab12](https://github.com/yunionio/cloudpods/commit/87e65dab12f7fd98df6c60249cd872d609758d78), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** lvm guest reload disk before delete snapshot ([#23048](https://github.com/yunionio/cloudpods/issues/23048)) ([555d77f9d0](https://github.com/yunionio/cloudpods/commit/555d77f9d0008f38017fccfb7b9dc1938445ac51), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host,glance:** only target qcow2 set cluster size on image convert ([#22976](https://github.com/yunionio/cloudpods/issues/22976)) ([d3154a0cde](https://github.com/yunionio/cloudpods/commit/d3154a0cde1cbacef3e00a7b0db1e93ff3ae971f), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host,host-deployer:** support lvm disk resize ([#23333](https://github.com/yunionio/cloudpods/issues/23333)) ([34b417c60b](https://github.com/yunionio/cloudpods/commit/34b417c60b1983a7313e57baaf50b1f861f0aa40), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host-deployer:** update host-deployer-base to 1.4.11 ([#23411](https://github.com/yunionio/cloudpods/issues/23411)) ([ae0920476b](https://github.com/yunionio/cloudpods/commit/ae0920476bcf5ee6751819c3b61ba3d8122b1255), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host-deployer:** allow growpart on primary partition ([#23386](https://github.com/yunionio/cloudpods/issues/23386)) ([5ab6e57d73](https://github.com/yunionio/cloudpods/commit/5ab6e57d73327ec4674cc992bfcda0d463852e73), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **keystone:** show ldap url ([#23175](https://github.com/yunionio/cloudpods/issues/23175)) ([140fda72e6](https://github.com/yunionio/cloudpods/commit/140fda72e6630071ac0571c12fffa66df0593926), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **keystone:** upgrade ldap version ([#23167](https://github.com/yunionio/cloudpods/issues/23167)) ([521bc94749](https://github.com/yunionio/cloudpods/commit/521bc94749af0dddee7330470a87ecdede24c50e), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **keystone:** distribute permissions when the organization changes ([#23504](https://github.com/yunionio/cloudpods/issues/23504)) ([c9f3c9578d](https://github.com/yunionio/cloudpods/commit/c9f3c9578d9c02a6ff1b8ff7ba5053978119d3fa), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **monitor:** history alert report ([#23279](https://github.com/yunionio/cloudpods/issues/23279)) ([e0ed7e80df](https://github.com/yunionio/cloudpods/commit/e0ed7e80df269e6b14f2c3ed0320ea20bfd0128f), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **monitor:** fetch total alert resources from monitor_resource_alert ([#23274](https://github.com/yunionio/cloudpods/issues/23274)) ([c880ee5940](https://github.com/yunionio/cloudpods/commit/c880ee59409b911c46498f0032105ed00aa47006), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** diffTagKeys are empty when only one series in results ([#23310](https://github.com/yunionio/cloudpods/issues/23310)) ([614b13cd13](https://github.com/yunionio/cloudpods/commit/614b13cd1373c0e9d1da4141ecb09330dd548b51), [Zexi Li](mailto:zexi.li@icloud.com))
+- **notify:** optimized workwx access token expired time ([#23324](https://github.com/yunionio/cloudpods/issues/23324)) ([433747ff99](https://github.com/yunionio/cloudpods/commit/433747ff997853f664a9801cc688be748a357fc3), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add disk change billing type log ([#23233](https://github.com/yunionio/cloudpods/issues/23233)) ([0eb0f9d99c](https://github.com/yunionio/cloudpods/commit/0eb0f9d99c1063e7d32d2ba371b966f38448b9a1), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** dns record policy type ([#23077](https://github.com/yunionio/cloudpods/issues/23077)) ([6615224f93](https://github.com/yunionio/cloudpods/commit/6615224f93815253bc0ef37bf769a0f41fc107d2), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add kafka and mongodb capability ([#23230](https://github.com/yunionio/cloudpods/issues/23230)) ([620fd06d87](https://github.com/yunionio/cloudpods/commit/620fd06d870a2bba2fbb1f25bde0a55229493449), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** sync prepaid disk expired time ([#23237](https://github.com/yunionio/cloudpods/issues/23237)) ([c37b15a3d0](https://github.com/yunionio/cloudpods/commit/c37b15a3d07f5197bf2bc58efcc30faf3592979c), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** avoid change to the same config sku not effective ([#23204](https://github.com/yunionio/cloudpods/issues/23204)) ([523653e755](https://github.com/yunionio/cloudpods/commit/523653e755617b626f3c6a07ced594039201f869), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** snapshot policy unbind disks ([#23240](https://github.com/yunionio/cloudpods/issues/23240)) ([0c090d08f2](https://github.com/yunionio/cloudpods/commit/0c090d08f2d888e43f854d62a1e6f890518e291d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add cloud_env filter for cachedimages ([#23192](https://github.com/yunionio/cloudpods/issues/23192)) ([07912a9f8c](https://github.com/yunionio/cloudpods/commit/07912a9f8c246b619c59cbd3ca998cffad4c3005), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** support hyperdisk for gcp ([#23270](https://github.com/yunionio/cloudpods/issues/23270)) ([3ddd2603f8](https://github.com/yunionio/cloudpods/commit/3ddd2603f8d7606847ccfbb09c883e09b1462dab), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** update cloudprovider external id ([#23273](https://github.com/yunionio/cloudpods/issues/23273)) ([88f61e6be2](https://github.com/yunionio/cloudpods/commit/88f61e6be204fa7ce6c83a5beff3c7a7ba0f7b72), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** support gcp shared vpc and image ([#23297](https://github.com/yunionio/cloudpods/issues/23297)) ([2d795063dd](https://github.com/yunionio/cloudpods/commit/2d795063ddf6d4cb7b1f40614d11d2e872ebdda2), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** remove debug sql ([#23319](https://github.com/yunionio/cloudpods/issues/23319)) ([d7f0a6f065](https://github.com/yunionio/cloudpods/commit/d7f0a6f065ac3de34ad6371d036dec471d750749), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** rds backup sync ([#23307](https://github.com/yunionio/cloudpods/issues/23307)) ([66840c2c16](https://github.com/yunionio/cloudpods/commit/66840c2c16074aee857d661f88fef50d8e6bf3ad), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** optimized cached image list ([#23156](https://github.com/yunionio/cloudpods/issues/23156)) ([32b85c1b28](https://github.com/yunionio/cloudpods/commit/32b85c1b28849e6279d708fbb20748ceb7fe0637), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#22831](https://github.com/yunionio/cloudpods/issues/22831)) ([944953957e](https://github.com/yunionio/cloudpods/commit/944953957e8e4fbb7b688b9b3d16e07e709aca21), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** avoid update guest disable_delete attribute error when host id is empty ([#23136](https://github.com/yunionio/cloudpods/issues/23136)) ([f09e9f081d](https://github.com/yunionio/cloudpods/commit/f09e9f081dc619a5f7191c0f0179404748ac759b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** create disk with tags ([#22835](https://github.com/yunionio/cloudpods/issues/22835)) ([345de4a5c3](https://github.com/yunionio/cloudpods/commit/345de4a5c312330cd1527b0e4e3156836c50932f), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** sync lb eip ([#23126](https://github.com/yunionio/cloudpods/issues/23126)) ([d9e8c89711](https://github.com/yunionio/cloudpods/commit/d9e8c8971171ede62df38c07abd4e0f35a48936d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add expired release notify hour options ([#23350](https://github.com/yunionio/cloudpods/issues/23350)) ([6722c43868](https://github.com/yunionio/cloudpods/commit/6722c43868f3e9a229f8caf4e68ee7a651a22c8d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** sync eip associate resource ([#23113](https://github.com/yunionio/cloudpods/issues/23113)) ([7d2bcd2828](https://github.com/yunionio/cloudpods/commit/7d2bcd282871287230e0dacd753f53ffc6114bad), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add storage filter for snapshot ([#23107](https://github.com/yunionio/cloudpods/issues/23107)) ([76d798044e](https://github.com/yunionio/cloudpods/commit/76d798044e36e748f9bdd869f4dd0433bc3290fb), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23369](https://github.com/yunionio/cloudpods/issues/23369)) ([0bbc92e46d](https://github.com/yunionio/cloudpods/commit/0bbc92e46d4abfe4d7d8e9949670468428e1a4ce), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23385](https://github.com/yunionio/cloudpods/issues/23385)) ([f00099e29f](https://github.com/yunionio/cloudpods/commit/f00099e29f1592917fd341c070a9f697531cfdaa), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** avoid failing to delete subsequently attached disks when deleting a VM ([#22844](https://github.com/yunionio/cloudpods/issues/22844)) ([4455aa2f6d](https://github.com/yunionio/cloudpods/commit/4455aa2f6dd7d7eae88732ac46174ec4caecddb8), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** fix conflict between local expiration release and resource sync ([#22862](https://github.com/yunionio/cloudpods/issues/22862)) ([6c726c7211](https://github.com/yunionio/cloudpods/commit/6c726c7211c31945d08edac4daf255b6c9b75be6), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** server snapshot policy ([#23079](https://github.com/yunionio/cloudpods/issues/23079)) ([e244be79b1](https://github.com/yunionio/cloudpods/commit/e244be79b1037ce8f3a5ee81cb9dd3a861bf8b32), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** support more scheme keypair ([#23211](https://github.com/yunionio/cloudpods/issues/23211)) ([944267af35](https://github.com/yunionio/cloudpods/commit/944267af35dd0d7f44830468b92318ce31ec192c), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23400](https://github.com/yunionio/cloudpods/issues/23400)) ([0ec0162857](https://github.com/yunionio/cloudpods/commit/0ec0162857dfbd920e09d12ab8e05aa3295720f3), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23407](https://github.com/yunionio/cloudpods/issues/23407)) ([2ffa2cf4ca](https://github.com/yunionio/cloudpods/commit/2ffa2cf4ca91c09931ec08a11d72cb484ccc3e69), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23418](https://github.com/yunionio/cloudpods/issues/23418)) ([340d246ee5](https://github.com/yunionio/cloudpods/commit/340d246ee564ff878424a3759a0a99d27fd4ba5b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** disk update tag ([#23026](https://github.com/yunionio/cloudpods/issues/23026)) ([9a5b906d10](https://github.com/yunionio/cloudpods/commit/9a5b906d100d71d657bb06317c8c5c1432fc5e34), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** host order by virt cpu ([#23456](https://github.com/yunionio/cloudpods/issues/23456)) ([ded669c7a2](https://github.com/yunionio/cloudpods/commit/ded669c7a2a1c0309a77207389a3c85f27c62b9b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23461](https://github.com/yunionio/cloudpods/issues/23461)) ([feb6a1981f](https://github.com/yunionio/cloudpods/commit/feb6a1981f8726389675b50f41e31f954ff3162d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23465](https://github.com/yunionio/cloudpods/issues/23465)) ([f50929bc60](https://github.com/yunionio/cloudpods/commit/f50929bc60534bcaaedf149ff622ecb424d6c9f2), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** do not set guest to resuce status on guest running ([#22864](https://github.com/yunionio/cloudpods/issues/22864)) ([13060902a0](https://github.com/yunionio/cloudpods/commit/13060902a0ae1823ac43ce6da4ae0715902431bd), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region:** server sku create with region id ([#23511](https://github.com/yunionio/cloudpods/issues/23511)) ([671e24b01e](https://github.com/yunionio/cloudpods/commit/671e24b01e0e7953d19199c2dc766f211be1f1b6), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** private zone create status ([#23523](https://github.com/yunionio/cloudpods/issues/23523)) ([8deaead935](https://github.com/yunionio/cloudpods/commit/8deaead935b367487fe53c927fbf8e6936e41af6), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** iso boot do not check boot mode ([#22948](https://github.com/yunionio/cloudpods/issues/22948)) ([7d453caff6](https://github.com/yunionio/cloudpods/commit/7d453caff6f191415a17f54930771b4ec8d2b8de), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region:** healt status ([#23527](https://github.com/yunionio/cloudpods/issues/23527)) ([bed77085c2](https://github.com/yunionio/cloudpods/commit/bed77085c2f9b147df821b1e43c3114e15e032ac), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** support change storage type ([#23532](https://github.com/yunionio/cloudpods/issues/23532)) ([272e32c0b9](https://github.com/yunionio/cloudpods/commit/272e32c0b933f601be439e87e7926dadf15f61da), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add guest billing type for disk ([#22937](https://github.com/yunionio/cloudpods/issues/22937)) ([1d7b27e5e3](https://github.com/yunionio/cloudpods/commit/1d7b27e5e3c073e1132ddb38684840e47f6aad5a), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** host order ([#22928](https://github.com/yunionio/cloudpods/issues/22928)) ([1f083d2490](https://github.com/yunionio/cloudpods/commit/1f083d249067891086fcfe3f6f3f3f2fd8bb01ac), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#22921](https://github.com/yunionio/cloudpods/issues/22921)) ([e7227612ea](https://github.com/yunionio/cloudpods/commit/e7227612eae401cf744a892a7c6e1fca285ac46c), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23542](https://github.com/yunionio/cloudpods/issues/23542)) ([e04fe21a5c](https://github.com/yunionio/cloudpods/commit/e04fe21a5c95d0c822420c653cfbcebc331ec6c0), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add sort for host ([#22878](https://github.com/yunionio/cloudpods/issues/22878)) ([5027e6bbde](https://github.com/yunionio/cloudpods/commit/5027e6bbde72c057229b7a8ed7df6990e4af6ca0), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** valid essd pl0 disk resize ([#23548](https://github.com/yunionio/cloudpods/issues/23548)) ([23a8fefbd0](https://github.com/yunionio/cloudpods/commit/23a8fefbd0273efb1c3452239b223441b0243d90), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region,glance,host-deployer:** guest image support bios boot mode detect ([#23380](https://github.com/yunionio/cloudpods/issues/23380)) ([3d8ea72139](https://github.com/yunionio/cloudpods/commit/3d8ea72139b3c72f55fa744421ff64554450ab39), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **scheduledtask:** force sync account ([#23086](https://github.com/yunionio/cloudpods/issues/23086)) ([4c2ba4a9c9](https://github.com/yunionio/cloudpods/commit/4c2ba4a9c985acd8e2a7ca4c1e61512040c0c765), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **scheduler:** netinterface cache is not informed ([#22898](https://github.com/yunionio/cloudpods/issues/22898)) ([6c4c73c79e](https://github.com/yunionio/cloudpods/commit/6c4c73c79e8bfb929692b5c0d5a07e982d6a3e8c), [Zexi Li](mailto:zexi.li@icloud.com))
+- **scheduler:** watch serversku ([#23327](https://github.com/yunionio/cloudpods/issues/23327)) ([70887c8d58](https://github.com/yunionio/cloudpods/commit/70887c8d586e473f0a75fc29ef3860250fbaba47), [Zexi Li](mailto:zexi.li@icloud.com))
+- **scheduler:** add session usage timeout options ([#23142](https://github.com/yunionio/cloudpods/issues/23142)) ([ea65acf6ed](https://github.com/yunionio/cloudpods/commit/ea65acf6ed1a8cbb3c6d70303da5243852dbc5d5), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **vpcagent:** dhcp enable default gateway on default network ([#23096](https://github.com/yunionio/cloudpods/issues/23096)) ([634058a832](https://github.com/yunionio/cloudpods/commit/634058a8329e8359dfd2eef8f8afcea2c95c9fc1), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **webconsole:** baremteasl ipmi sol instance_name hide password ([#23549](https://github.com/yunionio/cloudpods/issues/23549)) ([6f5feb6a7f](https://github.com/yunionio/cloudpods/commit/6f5feb6a7fbffc90efcda39b0407ccd8fbeeb592), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+
+### Features (3)
+- **host:** cgroupv2 support ([#23304](https://github.com/yunionio/cloudpods/issues/23304)) ([7a82d04f70](https://github.com/yunionio/cloudpods/commit/7a82d04f70130be4ec559214c3af32676bd9fc01), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** add SdnFetchDataFromComputeService option ([#23205](https://github.com/yunionio/cloudpods/issues/23205)) ([8eb11e7865](https://github.com/yunionio/cloudpods/commit/8eb11e78658d3a50f1385368671ca86520fd260f), [Zexi Li](mailto:zexi.li@icloud.com))
+- **region:** fix ISO size display ([#23130](https://github.com/yunionio/cloudpods/issues/23130)) ([3b34ac8dba](https://github.com/yunionio/cloudpods/commit/3b34ac8dbaa30cd402cc717a63bfa9876e2e0c8c), [Zexi Li](mailto:zexi.li@icloud.com))
+
+### Others (2)
+- Automated cherry pick of [#23374](https://github.com/yunionio/cloudpods/issues/23374): fix(region,host): guest add vnc screen dump support ([#23379](https://github.com/yunionio/cloudpods/issues/23379)) ([cc4fdf189a](https://github.com/yunionio/cloudpods/commit/cc4fdf189a7ebf220834b4831a59d2d6049d6f2c), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- Automated cherry pick of [#23363](https://github.com/yunionio/cloudpods/issues/23363): fix: network filter by ip error for dameng ([#23366](https://github.com/yunionio/cloudpods/issues/23366)) ([4c3186f4a1](https://github.com/yunionio/cloudpods/commit/4c3186f4a1bcddb0dd31953401164ee8eab0f8df), [Jian Qiu](mailto:swordqiu@gmail.com))
+
+-----
+
+## cloudpods-operator
+
+Repo: https://github.com/yunionio/cloudpods-operator
+
+11 commits to [cloudpods-operator - v3.11.12](https://github.com/yunionio/cloudpods-operator/compare/v3.11.11...v3.11.12) since this release.
+
+### Bug Fixes (10)
+- disable components by product version ([9c264d40](https://github.com/yunionio/cloudpods-operator/commit/9c264d40364a03c2564e1228ad0bae332e0902bb), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- recover password validation when sync-user ([d8eb94e7](https://github.com/yunionio/cloudpods-operator/commit/d8eb94e7def1412c2f0a741a55c95ea2ea349272), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- wrap error ([671c4ac1](https://github.com/yunionio/cloudpods-operator/commit/671c4ac1da38efe32f36a7fe612c4a23c5f8e076), [Zexi Li](mailto:zexi.li@icloud.com))
+- aovid conflict with aliyun rds user ([cae7bdbb](https://github.com/yunionio/cloudpods-operator/commit/cae7bdbb349326d26f104f56fbf6f7fd509cc7d8), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- report and extdb default options ([4965b5e6](https://github.com/yunionio/cloudpods-operator/commit/4965b5e687d71e4e4967bfb800ae94fd7cad8215), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- check etcd certs content on init ([3746bd5e](https://github.com/yunionio/cloudpods-operator/commit/3746bd5e4244cbf97d9eb5310bc158277812a8f8), [wanyaoqi](mailto:wanyaoqi@yunion.cn))
+- **host:** add s3 config ([2560fae4](https://github.com/yunionio/cloudpods-operator/commit/2560fae4a7b6018ecb41f98db22fb34568c35320), [wanyaoqi](mailto:wanyaoqi@yunion.cn))
+- **operator:** enable autoupdate service for LightEdige product version ([a495d5c8](https://github.com/yunionio/cloudpods-operator/commit/a495d5c8528607b45d20ea26501826e4e7e9db9a), [Zexi Li](mailto:zexi.li@icloud.com))
+- **operator:** disable the apimap service defaultly ([d40b5d97](https://github.com/yunionio/cloudpods-operator/commit/d40b5d97e5b7c58926e904030782d1eb87de2d5c), [Zexi Li](mailto:zexi.li@icloud.com))
+- **operator:** sync oc defaults ([a0dfdc97](https://github.com/yunionio/cloudpods-operator/commit/a0dfdc9711305a966cabe7f58b5d061f37b92fce), [Zexi Li](mailto:zexi.li@icloud.com))
+
+### Others (1)
+- update vendor 3.11.12 20250930 ([b84d0068](https://github.com/yunionio/cloudpods-operator/commit/b84d006803f589fb25659b3c762bcf2300a2f091), [Qiu Jian](mailto:qiujian@yunionyun.com))
+
+-----
+
+## dashboard
+
+Repo: https://github.com/yunionio/dashboard
+
+78 commits to [dashboard - v3.11.12](https://github.com/yunionio/dashboard/compare/v3.11.11...v3.11.12) since this release.
+
+### Bug Fixes (45)
+- parse data error ([fe6a6c6ba](https://github.com/yunionio/dashboard/commit/fe6a6c6ba414740453db2a7c68c7639270da64f3), [GuoLiBin6](mailto:glbin533@163.com))
+- data parse error ([c8bd74373](https://github.com/yunionio/dashboard/commit/c8bd7437309ad482c5c6ff9f7ffa0b57b5c4df35), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal sol info hidden password ([0b0b28bba](https://github.com/yunionio/dashboard/commit/0b0b28bba103d8ae1887d68528b0ad3f616adf76), [GuoLiBin6](mailto:glbin533@163.com))
+- image export tooltip message error ([3c0b356ef](https://github.com/yunionio/dashboard/commit/3c0b356efb9a74afd781fadb634c99fad940a200), [GuoLiBin6](mailto:glbin533@163.com))
+- fix domain and project component memory feature ([29ace7a00](https://github.com/yunionio/dashboard/commit/29ace7a008d345d6e4be4175d7d4cd4d01f78fab), [GuoLiBin6](mailto:glbin533@163.com))
+- fix VM join bastion host parameter passing ([fa5015bb2](https://github.com/yunionio/dashboard/commit/fa5015bb25fe4615913741f70b76edadea53a794), [GuoLiBin6](mailto:glbin533@163.com))
+- hide disk encryption display when creating public cloud disks ([190421e1c](https://github.com/yunionio/dashboard/commit/190421e1c1a73a5eab1c3a438ac7a0cdd474d1c6), [GuoLiBin6](mailto:glbin533@163.com))
+- incorrect batch delete prompt for disk backups ([7ca7d71b4](https://github.com/yunionio/dashboard/commit/7ca7d71b4d8a05b7782a572163abe8cc866621ad), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize monitoring overview display ([1667e66d7](https://github.com/yunionio/dashboard/commit/1667e66d72fe536cfd13da5d08f53594bf0eabb2), [GuoLiBin6](mailto:glbin533@163.com))
+- filter VM resize SKU by architecture ([4080d6722](https://github.com/yunionio/dashboard/commit/4080d67226e3877641926b8897d8a95b095c7278), [GuoLiBin6](mailto:glbin533@163.com))
+- fix missing operation logs in VM details ([8d0d112a8](https://github.com/yunionio/dashboard/commit/8d0d112a855cd2ec6ae107042ea6fca548b59020), [GuoLiBin6](mailto:glbin533@163.com))
+- mongodb platform filter parameter ([20239c8f5](https://github.com/yunionio/dashboard/commit/20239c8f5631df36aaee56f2ff778e4cbc2973f3), [GuoLiBin6](mailto:glbin533@163.com))
+- network details show ipv6 usage ([2bf841334](https://github.com/yunionio/dashboard/commit/2bf8413344e681ebbca4f85b3a205305da4ecf24), [QIU Jian](mailto:qiujian@yunionyun.com))
+- optimize capability API parameter usage ([c4fb7fe21](https://github.com/yunionio/dashboard/commit/c4fb7fe219cffacd3d227e9b3f60a762a61b39f5), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize global resource search ([df2dbb82f](https://github.com/yunionio/dashboard/commit/df2dbb82f0015340e1799c37f6a3861606cfa30d), [GuoLiBin6](mailto:glbin533@163.com))
+- fix security group rule port validation logic ([5889b5d45](https://github.com/yunionio/dashboard/commit/5889b5d45978e64342ac294d30c1f5661ed18812), [GuoLiBin6](mailto:glbin533@163.com))
+- onecloud VM VNC only checks power status ([c676fa575](https://github.com/yunionio/dashboard/commit/c676fa575efc80797bc4db4965f5c1f5141b4a73), [GuoLiBin6](mailto:glbin533@163.com))
+- auto snapshot policy unbind resource parameter issue ([51d14dc04](https://github.com/yunionio/dashboard/commit/51d14dc04b886525ef0a06fe96131c014ed75af8), [GuoLiBin6](mailto:glbin533@163.com))
+- fix DNS record domain name validation rules ([55117d160](https://github.com/yunionio/dashboard/commit/55117d1609dda2f38fff761bbd87392d9339369c), [GuoLiBin6](mailto:glbin533@163.com))
+- image display encryption ([da54889d6](https://github.com/yunionio/dashboard/commit/da54889d644e4c7f340059c3c785562d41320327), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize auto backup policy modification ([3f9d4c5f1](https://github.com/yunionio/dashboard/commit/3f9d4c5f133243215ffafedc33aec410483928b6), [GuoLiBin6](mailto:glbin533@163.com))
+- auto snapshot policy create type parameter ([51cf20185](https://github.com/yunionio/dashboard/commit/51cf20185f0bff490bcc9eca5fac575486f973fa), [GuoLiBin6](mailto:glbin533@163.com))
+- add platform limitation for EIP bandwidth modification ([423ce4eb4](https://github.com/yunionio/dashboard/commit/423ce4eb4c8f8b5c0667bd6c8844c6896f749038), [GuoLiBin6](mailto:glbin533@163.com))
+- add build info ([a93641298](https://github.com/yunionio/dashboard/commit/a93641298e24fb6cc82f5178f3ccb9bf64b867c6), [GuoLiBin6](mailto:glbin533@163.com))
+- add permission check for navbar monitoring alert icon ([760d6b0ec](https://github.com/yunionio/dashboard/commit/760d6b0eca920d0a586e16199926a6e52f4271a9), [GuoLiBin6](mailto:glbin533@163.com))
+- update contact information ([fec34705a](https://github.com/yunionio/dashboard/commit/fec34705aa337fc709d485df37ee0b18d1b4864e), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize prompt when host resize does not match original SKU ([2dc5bb386](https://github.com/yunionio/dashboard/commit/2dc5bb38633c628b4e257d43203ce30f242649a3), [GuoLiBin6](mailto:glbin533@163.com))
+- fix navbar more menu showing blank ([30ae21db6](https://github.com/yunionio/dashboard/commit/30ae21db67cd789d9bd8907b0267538503a6c299), [GuoLiBin6](mailto:glbin533@163.com))
+- get system image upload progress from request ([773ee262c](https://github.com/yunionio/dashboard/commit/773ee262c7e12d3983b773d78ba733400c7085da), [GuoLiBin6](mailto:glbin533@163.com))
+- for Alibaba Cloud VMs with pay-as-you-go billing, pay-as-you-go disks should convert to subscription along with the VM ([79b8e6497](https://github.com/yunionio/dashboard/commit/79b8e6497f9be8078d0d17974a7298ba76f27b6f), [GuoLiBin6](mailto:glbin533@163.com))
+- hide "Advanced" config display when creating VM disks without extra config ([e82d15d62](https://github.com/yunionio/dashboard/commit/e82d15d62f88c3e739d34c5e62616ce769c94d90), [GuoLiBin6](mailto:glbin533@163.com))
+- disable navigation when dashboard resource has no permission ([ee994f147](https://github.com/yunionio/dashboard/commit/ee994f1473ed04628b4eb06ea8e8dbb76f8aeb38), [GuoLiBin6](mailto:glbin533@163.com))
+- distinguish partial auto-reset for disk shutdown auto-reset of data disks ([7dd630391](https://github.com/yunionio/dashboard/commit/7dd63039105865c0761fd63e2ef6f1b61c85d1f7), [GuoLiBin6](mailto:glbin533@163.com))
+- add default value for resource id field in resource detail tag editing ([26236e352](https://github.com/yunionio/dashboard/commit/26236e352ae7104ed9f5eb7c22e62f937f149bb7), [GuoLiBin6](mailto:glbin533@163.com))
+- fix page title disorder and missing issues ([2c1942b4b](https://github.com/yunionio/dashboard/commit/2c1942b4b355d7799e4a34505c7601e017cfe60b), [GuoLiBin6](mailto:glbin533@163.com))
+- simplify parameters for monitoring query aggregation by domain/project ([565210d53](https://github.com/yunionio/dashboard/commit/565210d530d603bd85f5a5490a5ed41cbbcfaba2), [GuoLiBin6](mailto:glbin533@163.com))
+- fix snapshot dictionary value translation not taking effect ([7647a1b02](https://github.com/yunionio/dashboard/commit/7647a1b02cbabc454f4dbacb30bb19af8270ca31), [GuoLiBin6](mailto:glbin533@163.com))
+- fix authorization dialog not closing after authorization completes ([dccb875b1](https://github.com/yunionio/dashboard/commit/dccb875b1d5da2f73f9d6cc1056be505ec979ab5), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize security group Google rule priority range ([3271ed9de](https://github.com/yunionio/dashboard/commit/3271ed9debbb5859cf5280572015e40e5fdf7ba9), [GuoLiBin6](mailto:glbin533@163.com))
+- sort host list resources by usage rate and allocation rate ([d34e06f4b](https://github.com/yunionio/dashboard/commit/d34e06f4b6675bdd2eace41c2fefb94d62326e16), [GuoLiBin6](mailto:glbin533@163.com))
+- fix pay-as-you-go machine expiration release time parameter ([66b8e72dd](https://github.com/yunionio/dashboard/commit/66b8e72ddde48e8a2bf3cb9323f83752eec9557f), [GuoLiBin6](mailto:glbin533@163.com))
+- echart optimization, dynamically calculate whether interval is needed after x-axis label tilting ([691cc9811](https://github.com/yunionio/dashboard/commit/691cc981132351db30aeb7bd24fa30656fd2fced), [GuoLiBin6](mailto:glbin533@163.com))
+- adjust VPC empty value handling when creating subnet ([81c66a73d](https://github.com/yunionio/dashboard/commit/81c66a73d00dc9390b78967b7cba4aaad8861c46), [GuoLiBin6](mailto:glbin533@163.com))
+- adjust tag selector position ([91b2189f0](https://github.com/yunionio/dashboard/commit/91b2189f0b75f6a0350161fa235f17ce2014bd23), [GuoLiBin6](mailto:glbin533@163.com))
+- adjust documentation links ([5c225ee72](https://github.com/yunionio/dashboard/commit/5c225ee72c0afbac0412ab5a42eb43a30201ca6b), [GuoLiBin6](mailto:glbin533@163.com))
+
+### Features (32)
+- image support bios & uefi ([7a3d27bc3](https://github.com/yunionio/dashboard/commit/7a3d27bc3f4c3398dcdb3334713c713684a008e7), [GuoLiBin6](mailto:glbin533@163.com))
+- VM panicked display screenshot ([357eedc8d](https://github.com/yunionio/dashboard/commit/357eedc8d3c180db0e1166e9456a7843a5559aec), [GuoLiBin6](mailto:glbin533@163.com))
+- update cloudpods account authentication URL ([b70fc6462](https://github.com/yunionio/dashboard/commit/b70fc64622308ce9c57b0a3db8d85bd39c7fc45d), [GuoLiBin6](mailto:glbin533@163.com))
+- filter unauthorized content when selecting all in single feature selection ([a28adfabd](https://github.com/yunionio/dashboard/commit/a28adfabdcf7fafadcf4fb145a64776cb8b0e489), [GuoLiBin6](mailto:glbin533@163.com))
+- add Google disk types ([d0d556e2a](https://github.com/yunionio/dashboard/commit/d0d556e2a50f33961fc6a80799f9b4b95c17de60), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize capability parameters ([b9219ef61](https://github.com/yunionio/dashboard/commit/b9219ef6167d2fe03033141e932d8115ed331e0e), [GuoLiBin6](mailto:glbin533@163.com))
+- filter VM resize SKU by architecture ([2c2e81390](https://github.com/yunionio/dashboard/commit/2c2e81390fcf07623072e03fbf797cfac58c43a4), [GuoLiBin6](mailto:glbin533@163.com))
+- support ED25519/ECDSA key formats ([f6a3e43b2](https://github.com/yunionio/dashboard/commit/f6a3e43b2535d1d6646e1b7d27bd4ce403cb011c), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize cloudshell ([ab78ea881](https://github.com/yunionio/dashboard/commit/ab78ea8816ab1679e97bd2e036d35f5f5b0750e1), [GuoLiBin6](mailto:glbin533@163.com))
+- correct Google Cloud re-run billing API ([47362d3da](https://github.com/yunionio/dashboard/commit/47362d3da23f5c30a5f291b820bfade1471d9553), [GuoLiBin6](mailto:glbin533@163.com))
+- support VMware disk detach ([f19b6894e](https://github.com/yunionio/dashboard/commit/f19b6894e881b84153af9af129c38b709b3759b9), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize system image public cloud image filtering ([1d459b543](https://github.com/yunionio/dashboard/commit/1d459b543ad0261ead03ade2b0138abab74de32a), [GuoLiBin6](mailto:glbin533@163.com))
+- support IPv6 assignment for VIP in anti-affinity groups ([be88f46fc](https://github.com/yunionio/dashboard/commit/be88f46fc427327f4e30ca66e368c6f4f148cb06), [GuoLiBin6](mailto:glbin533@163.com))
+- support IPv6 for anti-affinity groups ([edac0a72d](https://github.com/yunionio/dashboard/commit/edac0a72df59da1c73a27aa82ecce3e53e280121), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize auto snapshot policy ([e14e3b5e4](https://github.com/yunionio/dashboard/commit/e14e3b5e4ae7ca317b7c3c6191cede28309270e0), [GuoLiBin6](mailto:glbin533@163.com))
+- display private cloud and public cloud images in system images ([9aeb4eabb](https://github.com/yunionio/dashboard/commit/9aeb4eabb5748347326335a905fb543acf558829), [GuoLiBin6](mailto:glbin533@163.com))
+- add icons ([ea662d902](https://github.com/yunionio/dashboard/commit/ea662d9029fc31adee16b3a285cebcd6b09c1f4f), [GuoLiBin6](mailto:glbin533@163.com))
+- add list status statistics for resources ([5aa77f6fc](https://github.com/yunionio/dashboard/commit/5aa77f6fc6e18114d800c95ac9c92e732152488b), [GuoLiBin6](mailto:glbin533@163.com))
+- update web-console environment ([143e1cc98](https://github.com/yunionio/dashboard/commit/143e1cc98697e77b3d400f4d43e58a629eb08b61), [GuoLiBin6](mailto:glbin533@163.com))
+- update web-console environment ([e93cc5993](https://github.com/yunionio/dashboard/commit/e93cc599384d46b5e45d60246e2f91a36c877f16), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize local build info ([462b4eb16](https://github.com/yunionio/dashboard/commit/462b4eb163d369c2fd4d578fd529f0beb7aa1eaf), [GuoLiBin6](mailto:glbin533@163.com))
+- extend status component ([2cf30ba41](https://github.com/yunionio/dashboard/commit/2cf30ba413186bfbba61709358b54b503f0bcd33), [GuoLiBin6](mailto:glbin533@163.com))
+- add distribution type to image property modification ([5cd74a71c](https://github.com/yunionio/dashboard/commit/5cd74a71ce284d4845bd326dc4a08c351ba705b7), [GuoLiBin6](mailto:glbin533@163.com))
+- add disk snapshot display for storage ([14389ef24](https://github.com/yunionio/dashboard/commit/14389ef246e72a4d0350b91344f54e93b50f275a), [GuoLiBin6](mailto:glbin533@163.com))
+- add build info ([1ffe44d8f](https://github.com/yunionio/dashboard/commit/1ffe44d8ff581fe577b8238aadb73881e3edb6bd), [GuoLiBin6](mailto:glbin533@163.com))
+- support auto snapshot policy modification ([3f00dcb68](https://github.com/yunionio/dashboard/commit/3f00dcb685c94dd728b29a096659a54bc4e11efc), [GuoLiBin6](mailto:glbin533@163.com))
+- VM auto snapshot policy ([a195a16d5](https://github.com/yunionio/dashboard/commit/a195a16d551627ab7599a4777780d0bdd7fad5fb), [GuoLiBin6](mailto:glbin533@163.com))
+- use docker to build source with node 20 ([844316839](https://github.com/yunionio/dashboard/commit/844316839b53fdc4954f60a96b9fa391e0a12944), [GuoLiBin6](mailto:glbin533@163.com))
+- optimize cluster list display ([c2ee857fa](https://github.com/yunionio/dashboard/commit/c2ee857fa73167b5ca905e574fab4abdbfd8308e), [GuoLiBin6](mailto:glbin533@163.com))
+- support changing disk type when creating VM from host backup ([d1254ea33](https://github.com/yunionio/dashboard/commit/d1254ea33109bef58f41dce9b72215a5ff720b31), [GuoLiBin6](mailto:glbin533@163.com))
+- add sorting description for host list sorting ([9899b11ba](https://github.com/yunionio/dashboard/commit/9899b11bae0571a4aa99ec375eb2ac860dff66a8), [GuoLiBin6](mailto:glbin533@163.com))
+- display MongoDB domain address ([df2d2f779](https://github.com/yunionio/dashboard/commit/df2d2f7791f0eefe32ae5d0655390f67b0de992e), [GuoLiBin6](mailto:glbin533@163.com))
+
+### Fixfix (1)
+- fix dashboard alert trend parameter error ([1cf7c46e7](https://github.com/yunionio/dashboard/commit/1cf7c46e76cbb9946bd5a09da9163552672e5bea), [GuoLiBin6](mailto:glbin533@163.com))
+
+-----
+
+## ocboot
+
+Repo: https://github.com/yunionio/ocboot
+
+4 commits to [ocboot - v3.11.12](https://github.com/yunionio/ocboot/compare/v3.11.11...v3.11.12) since this release.
+
+### Bug Fixes (4)
+- enable hugetbl for x86 only ([9984fe2](https://github.com/yunionio/ocboo/commit/9984fe232c84c87352373066c7a8d710deacf058), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- support oe2203 LTS sp4 ([7311f60](https://github.com/yunionio/ocboo/commit/7311f6090f662efd1ee75f51be3fbc30acba74d7), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- fix openEuler LVM system disk initrd boot failure ([e6ca16d](https://github.com/yunionio/ocboo/commit/e6ca16d393cf36f6d8e311cf8cea3ccc83b0a486), [Zexi Li](mailto:zexi.li@icloud.com))
+- **openeuler-x86_64:** add python3-libselinux package ([b89741e](https://github.com/yunionio/ocboo/commit/b89741e86b1208f4142d13e582c5c07e167657bd), [Zexi Li](mailto:zexi.li@icloud.com))
+
+-----
+
+## sdnagent
+
+Repo: https://github.com/yunionio/sdnagent
+
+5 commits to [sdnagent - v3.11.12](https://github.com/yunionio/sdnagent/compare/v3.11.11...v3.11.12) since this release.
+
+### Bug Fixes (4)
+- update vendor 3.11.12 20251004 ([437db031](https://github.com/yunionio/sdnagen/commit/437db03191697ae3e5e40e81e9055c445e03134e), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- vpc metadata server queue size zero ([15aeb5f5](https://github.com/yunionio/sdnagen/commit/15aeb5f5331e4f339bc17b8b8c566091e1934957), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- update vendor and update metadata service ([87c6bb47](https://github.com/yunionio/sdnagen/commit/87c6bb4704afec36b49ba74ea95c43be5e721907), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- **eip:** use the option SdnFetchDataFromComputeService ([296a1fd9](https://github.com/yunionio/sdnagen/commit/296a1fd96d0b3585d15af487e8b97aa4c44c5d41), [Zexi Li](mailto:zexi.li@icloud.com))
+
+### Others (1)
+- update vendor 3.11.12 20250930 ([f02504f3](https://github.com/yunionio/sdnagen/commit/f02504f3717531b84ff3ee771c20edba1c979f89), [Qiu Jian](mailto:qiujian@yunionyun.com))
diff --git a/i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-13.md b/i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-13.md
new file mode 100644
index 00000000..4c615a60
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs/current/development/changelog/release-3_11/3-11-13.md
@@ -0,0 +1,401 @@
+---
+sidebar_position: -31113
+---
+
+# v3.11.13
+
+Release Date 2026-02-12 16:28:15
+
+-----
+
+## cloudmux
+
+Repository: https://github.com/yunionio/cloudmux
+
+41 commits to [cloudmux - v3.11.13](https://github.com/yunionio/cloudmux/compare/v3.11.12...v3.11.13) since this release.
+
+### Bug Fixes (41)
+- add disk driver options ([ac40de3f](https://github.com/yunionio/cloudmux/commit/ac40de3fabd510f7da11e81dd23e7eaffbba7497), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** health status ([65c12ae0](https://github.com/yunionio/cloudmux/commit/65c12ae08ee2e964816150c1f35e9d4bdceff596), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** bucket sync ([96dea79d](https://github.com/yunionio/cloudmux/commit/96dea79dc396aa911eed8042c4029f0251db74ac), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** secgroup rule update ([3e3475da](https://github.com/yunionio/cloudmux/commit/3e3475da35735f6117d00df60bd448e053542a5d), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** support change disk storage type ([ab7540aa](https://github.com/yunionio/cloudmux/commit/ab7540aad1a77199f79af941d207ad4777d47791), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aliyun:** vnc ([559ed533](https://github.com/yunionio/cloudmux/commit/559ed533d11b7146bb255eb26218a55aa483804f), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **aws:** aovid panic ([8fe7fd08](https://github.com/yunionio/cloudmux/commit/8fe7fd08ba9d77de3a1e6f08baec439004637980), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **azure:** remove vhd sdk ([205ee59b](https://github.com/yunionio/cloudmux/commit/205ee59bd1ece7084f62c5e8402cc289d46145cd), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **azure:** remove azure sdk ([00162d98](https://github.com/yunionio/cloudmux/commit/00162d98baa5ea4bb9ed34ea48a5de9f2b88c2d2), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** host sched tag sync ([0f32f62e](https://github.com/yunionio/cloudmux/commit/0f32f62e175c3fcd8ecb87265600704081a297cc), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** sync esxi host schedtags ([0f1757eb](https://github.com/yunionio/cloudmux/commit/0f1757eb8d85e21793da29fb11052ba3bac99934), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** support resource pool ([ed32babf](https://github.com/yunionio/cloudmux/commit/ed32babf3b8006a71c4c68f4daaa7ad1fb0afe79), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** support vm folder ([d59639cf](https://github.com/yunionio/cloudmux/commit/d59639cfebd6e7390083f1d36e5d143ce7e7ea54), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **esxi:** support preallocate system disk ([1b881cfd](https://github.com/yunionio/cloudmux/commit/1b881cfdbf96c0395f03c7b1941c88aacc3a7bc9), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **gcp:** share network sync ([3c2300a3](https://github.com/yunionio/cloudmux/commit/3c2300a33924be2ee132c1938ef9fd0c110f6807), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **huawei:** bucket policy principal ([c1175cfd](https://github.com/yunionio/cloudmux/commit/c1175cfd99a4970cec78d190e68a18e42d39dc4f), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **huawei:** secgroup rule port sync ([9f844230](https://github.com/yunionio/cloudmux/commit/9f844230b19e78ba7b20b32815cab561409a8e78), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** snapshot sync ([62b6ad69](https://github.com/yunionio/cloudmux/commit/62b6ad69749814a2afc8fdb674141318ddf14bc7), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** support post signv4 ([ceace1a9](https://github.com/yunionio/cloudmux/commit/ceace1a9d6e004314e49ca8289b1543e122673e5), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** create with hostname ([ecd86b95](https://github.com/yunionio/cloudmux/commit/ecd86b950a6b1b3d564a8b07b9b69a7d07438ef7), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** support ksyun operation ([9be30645](https://github.com/yunionio/cloudmux/commit/9be3064547079dafd1273a4a254cf1c68ab377f8), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** add auto pl storage type ([430ded7c](https://github.com/yunionio/cloudmux/commit/430ded7ce18de53e4db74b59d0f7de6a972ce0bd), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** support set tags ([f8956213](https://github.com/yunionio/cloudmux/commit/f8956213ad3766ee285a3347ac264801d1a7b59b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** wait secgroup rule created ([b06fe427](https://github.com/yunionio/cloudmux/commit/b06fe4273eef3a94e266bc5bca72798a63444873), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** vm create with tag ([3537d568](https://github.com/yunionio/cloudmux/commit/3537d56884a42b299f5c9003e84dca087a70cdb2), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** keypair import ([2dd22b7c](https://github.com/yunionio/cloudmux/commit/2dd22b7c5abee798a351f52b3a0d496ff6dc57f6), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** vm vnc ([5d0391d3](https://github.com/yunionio/cloudmux/commit/5d0391d3edd4f8557aedd9c9dcf0ed79631b7c1b), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** add api retry ([eae0ac12](https://github.com/yunionio/cloudmux/commit/eae0ac12e627ce1663013f059839eac673e63ff9), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** metric data ([ba484745](https://github.com/yunionio/cloudmux/commit/ba48474557d12d45e83131d652af76dc4d47a8b7), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **ksyun:** storage sync ([e74bf583](https://github.com/yunionio/cloudmux/commit/e74bf58334924166f65f46caeaabda717f71fb25), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **oracle:** find vm by id ([6de7171a](https://github.com/yunionio/cloudmux/commit/6de7171aa397fd8931a38b2cd699814c0e9459dc), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **oracle:** skip termited vm ([563a8b53](https://github.com/yunionio/cloudmux/commit/563a8b538716896a5505f5d514d23f36a2146a32), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **oracle:** vm tags ([23ab0c87](https://github.com/yunionio/cloudmux/commit/23ab0c873d292d1942dba41cbffd49b263662460), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **oracle:** avoid panic ([a8a11d3c](https://github.com/yunionio/cloudmux/commit/a8a11d3ccd96c4e459d6ca7356971df3c8372fad), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** metric period 60s ([87691b8e](https://github.com/yunionio/cloudmux/commit/87691b8e63c975f8a05b7559314a9275ae874f42), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **qcloud:** event lookup readonly ([215de3de](https://github.com/yunionio/cloudmux/commit/215de3dea755fc881c85204a116d53cd0518fff3), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** vm start ([d16a50db](https://github.com/yunionio/cloudmux/commit/d16a50db9edb206867cd71809d2fe47cb037b2a3), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **region:** add device name ([8493310d](https://github.com/yunionio/cloudmux/commit/8493310de90f555412124f528634029d8ff43ede), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **volc:** support vm tag ([9174485f](https://github.com/yunionio/cloudmux/commit/9174485f73c2fbf4f72d923e3ba2b6c8ae9d180e), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **volc:** vpc only support get request method ([5e675391](https://github.com/yunionio/cloudmux/commit/5e6753917eed16ea647754358b511338a6544222), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- **volc:** update region name ([fd1a9cee](https://github.com/yunionio/cloudmux/commit/fd1a9cee199b2c93a66521e3022fe74ec638bbc6), [Qu Xuan](mailto:qu_xuan@icloud.com))
+
+-----
+
+## cloudpods
+
+Repository: https://github.com/yunionio/cloudpods
+
+159 commits to [cloudpods - v3.11.13](https://github.com/yunionio/cloudpods/compare/v3.11.12...v3.11.13) since this release.
+
+### Bug Fixes (151)
+- diskbackup fail to syncstatus on offline backend ([#23763](https://github.com/yunionio/cloudpods/issues/23763)) ([0de6db47a8](https://github.com/yunionio/cloudpods/commit/0de6db47a86ec82da36cb55818ba9539719463af), [Jian Qiu](mailto:swordqiu@gmail.com))
+- suport bulding multi-arch rpm deb ([#23571](https://github.com/yunionio/cloudpods/issues/23571)) ([d74b732b86](https://github.com/yunionio/cloudpods/commit/d74b732b86c2f93585955651e603d80e3797d1d3), [Jian Qiu](mailto:swordqiu@gmail.com))
+- region-dns not support dameng dialect ([#23797](https://github.com/yunionio/cloudpods/issues/23797)) ([3fccc13548](https://github.com/yunionio/cloudpods/commit/3fccc13548a396b98a8a195e94520644c1f321e9), [Jian Qiu](mailto:swordqiu@gmail.com))
+- backend proxy worker count ([#23636](https://github.com/yunionio/cloudpods/issues/23636)) ([a10ea01c84](https://github.com/yunionio/cloudpods/commit/a10ea01c847c2ebae1ac75a6342a175370280ecc), [Zexi Li](mailto:zexi.li@icloud.com))
+- splitable not function due to empty datefield ([#23907](https://github.com/yunionio/cloudpods/issues/23907)) ([7132a3be67](https://github.com/yunionio/cloudpods/commit/7132a3be6710b7ec75ff9d08fe9614c14ae9e605), [Jian Qiu](mailto:swordqiu@gmail.com))
+- rpm/deb support postinst/preinst/prerm/postrm hooks ([#23595](https://github.com/yunionio/cloudpods/issues/23595)) ([ea51d3f05f](https://github.com/yunionio/cloudpods/commit/ea51d3f05f5c661f12f90fe7c3ea4a7290da9d2d), [Jian Qiu](mailto:swordqiu@gmail.com))
+- disable password history unique check by default ([#23436](https://github.com/yunionio/cloudpods/issues/23436)) ([7947bd6686](https://github.com/yunionio/cloudpods/commit/7947bd6686c3d308d7cda836b742a2e5e8c0d59c), [Jian Qiu](mailto:swordqiu@gmail.com))
+- ensure s3 client init for s3 storage driver ([#24319](https://github.com/yunionio/cloudpods/issues/24319)) ([c6d5c9ea0a](https://github.com/yunionio/cloudpods/commit/c6d5c9ea0a3798f35c74c1cf8fe79ba5657b8282), [Jian Qiu](mailto:swordqiu@gmail.com))
+- s3 common options ([#23443](https://github.com/yunionio/cloudpods/issues/23443)) ([ab6f22c5db](https://github.com/yunionio/cloudpods/commit/ab6f22c5db1eea416af42e9431e5a9502e02be28), [Jian Qiu](mailto:swordqiu@gmail.com))
+- hostman master nic may be nil ([#23448](https://github.com/yunionio/cloudpods/issues/23448)) ([defb33a861](https://github.com/yunionio/cloudpods/commit/defb33a8618f0ee219c5644acbad918bb3b5511e), [Jian Qiu](mailto:swordqiu@gmail.com))
+- rename check when change project ([#23676](https://github.com/yunionio/cloudpods/issues/23676)) ([bdc3693c2b](https://github.com/yunionio/cloudpods/commit/bdc3693c2b62f500ba8ca4c1223563a91fdcc817), [Jian Qiu](mailto:swordqiu@gmail.com))
+- default cloud region init error ([#23472](https://github.com/yunionio/cloudpods/issues/23472)) ([ec3b52930e](https://github.com/yunionio/cloudpods/commit/ec3b52930e0c58a9771efe891c6d154188b373de), [Jian Qiu](mailto:swordqiu@gmail.com))
+- support network manager connection profiles ([#23467](https://github.com/yunionio/cloudpods/issues/23467)) ([74a8b5667f](https://github.com/yunionio/cloudpods/commit/74a8b5667f0b840990236e4cd28a1ef6274eb067), [Jian Qiu](mailto:swordqiu@gmail.com))
+- network manager supports ipv4 static routes for 3.11 ([#23484](https://github.com/yunionio/cloudpods/issues/23484)) ([30bac52d1c](https://github.com/yunionio/cloudpods/commit/30bac52d1c721076919d9cb3f2fef06fd6d0d030), [Jian Qiu](mailto:swordqiu@gmail.com))
+- change OutOfResource http status code to 507 ([#23988](https://github.com/yunionio/cloudpods/issues/23988)) ([532f4eb1db](https://github.com/yunionio/cloudpods/commit/532f4eb1dbe4ac5ff7ed0b0e62d05b638d23ca4e), [Jian Qiu](mailto:swordqiu@gmail.com))
+- notify receiver update precedure recode ([#24102](https://github.com/yunionio/cloudpods/issues/24102)) ([4a6adeea1f](https://github.com/yunionio/cloudpods/commit/4a6adeea1f96cea173376ffa7d82c0e6d29118b5), [Jian Qiu](mailto:swordqiu@gmail.com))
+- user filter revisit ([#24104](https://github.com/yunionio/cloudpods/issues/24104)) ([4a512da8a8](https://github.com/yunionio/cloudpods/commit/4a512da8a8b362957198007b90885c104e5e8b98), [Jian Qiu](mailto:swordqiu@gmail.com))
+- update deps version 3.11.13 ([#24105](https://github.com/yunionio/cloudpods/issues/24105)) ([60082c3534](https://github.com/yunionio/cloudpods/commit/60082c353484edcd102b713d1d6cb87f96c15132), [Jian Qiu](mailto:swordqiu@gmail.com))
+- validate policy role delete condition ([#23810](https://github.com/yunionio/cloudpods/issues/23810)) ([d2c6e5514f](https://github.com/yunionio/cloudpods/commit/d2c6e5514f19671345b9f36f41ac1a542c82f940), [Jian Qiu](mailto:swordqiu@gmail.com))
+- filter schedtags by zones ([#23744](https://github.com/yunionio/cloudpods/issues/23744)) ([ea87fbb8aa](https://github.com/yunionio/cloudpods/commit/ea87fbb8aaa90e94eb08ba344fe873cf022bb6e0), [Jian Qiu](mailto:swordqiu@gmail.com))
+- ignore e2fsck errors if retcode \< 4 ([#23487](https://github.com/yunionio/cloudpods/issues/23487)) ([c88e8fef1b](https://github.com/yunionio/cloudpods/commit/c88e8fef1b1426e3ff5a91959c5a8ae49d451e7b), [Jian Qiu](mailto:swordqiu@gmail.com))
+- detailed apigateway auth failure log ([#24078](https://github.com/yunionio/cloudpods/issues/24078)) ([a4b5078997](https://github.com/yunionio/cloudpods/commit/a4b507899790917bf8192e133bfc7352b41dcd68), [Jian Qiu](mailto:swordqiu@gmail.com))
+- **baremetal:** ensure the execution of the BaremetalServerDestroyTask ([#23495](https://github.com/yunionio/cloudpods/issues/23495)) ([2cb0437596](https://github.com/yunionio/cloudpods/commit/2cb04375960460967a68d3bc9330f3236c02873a), [Zexi Li](mailto:zexi.li@icloud.com))
+- **baremetal:** power status of server is not synced ([#23689](https://github.com/yunionio/cloudpods/issues/23689)) ([a34da1092c](https://github.com/yunionio/cloudpods/commit/a34da1092ccb04a1f15d99dcc900d0717049242d), [Zexi Li](mailto:zexi.li@icloud.com))
+- **baremetal-agent:** msdos typo in grub configuration ([#23774](https://github.com/yunionio/cloudpods/issues/23774)) ([11ec38b8b7](https://github.com/yunionio/cloudpods/commit/11ec38b8b7bb7e9062d0d57aac959569fda907fd), [Zexi Li](mailto:zexi.li@icloud.com))
+- **baremetal-agent:** chose root disk by pci path ([#23682](https://github.com/yunionio/cloudpods/issues/23682)) ([beb3e9f9fd](https://github.com/yunionio/cloudpods/commit/beb3e9f9fdb65ba36c7ed0e38e5b4944491b0010), [Zexi Li](mailto:zexi.li@icloud.com))
+- **climc:** host set memory commit bound incorrect params ([#23973](https://github.com/yunionio/cloudpods/issues/23973)) ([6bf92e0ea7](https://github.com/yunionio/cloudpods/commit/6bf92e0ea775de491859c50f53cd8066b930af25), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **climc:** sku create support arch ([#24189](https://github.com/yunionio/cloudpods/issues/24189)) ([69fce36cab](https://github.com/yunionio/cloudpods/commit/69fce36cab014d40e58e50b261d0688844ed70a7), [屈轩](mailto:qu_xuan@icloud.com))
+- **cloudevent:** options changed with etcd ([#23434](https://github.com/yunionio/cloudpods/issues/23434)) ([50ab8bf4d4](https://github.com/yunionio/cloudpods/commit/50ab8bf4d4a50f152ef5b1de1e72ea5ea4e60029), [屈轩](mailto:qu_xuan@icloud.com))
+- **cloudmon:** metric sync ([#23463](https://github.com/yunionio/cloudpods/issues/23463)) ([4703a7094d](https://github.com/yunionio/cloudpods/commit/4703a7094d08a0360cc8c536ee23803298df9b2f), [屈轩](mailto:qu_xuan@icloud.com))
+- **cloudmon:** avoid undetected new resources ([#23779](https://github.com/yunionio/cloudpods/issues/23779)) ([49b7f9df7e](https://github.com/yunionio/cloudpods/commit/49b7f9df7ea888a9584850430dce4068df17b046), [屈轩](mailto:qu_xuan@icloud.com))
+- **cloudmon:** account balance metric with tenant_id ([#23786](https://github.com/yunionio/cloudpods/issues/23786)) ([350028425e](https://github.com/yunionio/cloudpods/commit/350028425e468868ae91637d08bed4a6adf6f281), [屈轩](mailto:qu_xuan@icloud.com))
+- **common:** skip octet-stream warnning ([#24069](https://github.com/yunionio/cloudpods/issues/24069)) ([dffd2aa2d9](https://github.com/yunionio/cloudpods/commit/dffd2aa2d9f63c5e65b37c080e3e79a95519befe), [屈轩](mailto:qu_xuan@icloud.com))
+- **glance:** add notify for image create ([#23555](https://github.com/yunionio/cloudpods/issues/23555)) ([b999ad72ac](https://github.com/yunionio/cloudpods/commit/b999ad72ac899eaa5bd1831b3f712a1dc63eac10), [屈轩](mailto:qu_xuan@icloud.com))
+- **glance:** image disk_format use String2ImageFormat ([#23991](https://github.com/yunionio/cloudpods/issues/23991)) ([5eae491d47](https://github.com/yunionio/cloudpods/commit/5eae491d47092d0c92f45a90a5c2ccb217db72fa), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **glance:** avoid context warnning ([#24075](https://github.com/yunionio/cloudpods/issues/24075)) ([411a6df9f9](https://github.com/yunionio/cloudpods/commit/411a6df9f9a3943241d28ebde4d84a042c88720a), [屈轩](mailto:qu_xuan@icloud.com))
+- **glance:** support prob iso image ([#24136](https://github.com/yunionio/cloudpods/issues/24136)) ([246721c529](https://github.com/yunionio/cloudpods/commit/246721c529e8827df0408a78d6e60e23ac7d21f1), [屈轩](mailto:qu_xuan@icloud.com))
+- **glance:** set glance s3 bucket name default onecloud-images ([#24170](https://github.com/yunionio/cloudpods/issues/24170)) ([28f83d8dac](https://github.com/yunionio/cloudpods/commit/28f83d8dacee5faa605e47388febcc67c987540d), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **glance:** set s3 bucket name before s3 init check ([#24236](https://github.com/yunionio/cloudpods/issues/24236)) ([43bb829edc](https://github.com/yunionio/cloudpods/commit/43bb829edcf5372b61c3a011c571d69b2d8c4d2e), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** live migrate add timeout ([#24164](https://github.com/yunionio/cloudpods/issues/24164)) ([67566abfbb](https://github.com/yunionio/cloudpods/commit/67566abfbb1514d0cebee624b80456dfabb2d568), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** disk resize error input params ([#23491](https://github.com/yunionio/cloudpods/issues/23491)) ([2ca2435595](https://github.com/yunionio/cloudpods/commit/2ca2435595f57d49bdf8a7068e6a9a39af269d98), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** guestnetworksync do nothing on detach vfio nic ([#24177](https://github.com/yunionio/cloudpods/issues/24177)) ([24fdc3782f](https://github.com/yunionio/cloudpods/commit/24fdc3782f39495f2f37ed7c92174a93237d9cf3), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** host handlers use gotypes check ret value is nil ([#23848](https://github.com/yunionio/cloudpods/issues/23848)) ([323b64116a](https://github.com/yunionio/cloudpods/commit/323b64116a69c04ed1762dbb6587b7f0fb53cf9a), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** move the hostInstance.Init() step after InitAuth ([#23622](https://github.com/yunionio/cloudpods/issues/23622)) ([cd68e4c156](https://github.com/yunionio/cloudpods/commit/cd68e4c1563b06a5f0379dfbf2e70947dbdfcbf8), [Zexi Li](mailto:zexi.li@icloud.com))
+- **host:** add query id on detect qemu machine info ([#24045](https://github.com/yunionio/cloudpods/issues/24045)) ([91061f28cc](https://github.com/yunionio/cloudpods/commit/91061f28cc025139e788c56a69707c3859004f1c), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** set dmesg parse failed log level to debug ([#24308](https://github.com/yunionio/cloudpods/issues/24308)) ([ecb65c2563](https://github.com/yunionio/cloudpods/commit/ecb65c256333e830e9a07a1347919c57430606ab), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** deploy nics config defore do add nics ([#24275](https://github.com/yunionio/cloudpods/issues/24275)) ([0b02c49c7c](https://github.com/yunionio/cloudpods/commit/0b02c49c7c73c0a1a827e2269a2110b46035e0a6), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** format sLsusbTree field content json tag ([#23793](https://github.com/yunionio/cloudpods/issues/23793)) ([6e9b1e790f](https://github.com/yunionio/cloudpods/commit/6e9b1e790f04dc1cab4ff618e880dc959d1da2d4), [屈轩](mailto:qu_xuan@icloud.com))
+- **host:** ensure host wire marshal nil value ([#23500](https://github.com/yunionio/cloudpods/issues/23500)) ([73049f487a](https://github.com/yunionio/cloudpods/commit/73049f487a75b35084741d483f002057adc80e13), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** ensure scsi pci addr on add scsi disk ([#24096](https://github.com/yunionio/cloudpods/issues/24096)) ([65cbea196f](https://github.com/yunionio/cloudpods/commit/65cbea196f12ef0d05c141f7752d6fcb0a220424), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host:** SHostPingTask was stuck by calling docker command ([#23734](https://github.com/yunionio/cloudpods/issues/23734)) ([3ae144e233](https://github.com/yunionio/cloudpods/commit/3ae144e2339df585ab8639a1c7f60b79117e9ce1), [Zexi Li](mailto:zexi.li@icloud.com))
+- **host,host-deployer:** host-deployer add password quality check ([#23873](https://github.com/yunionio/cloudpods/issues/23873)) ([166b4b34f5](https://github.com/yunionio/cloudpods/commit/166b4b34f519c073348347b1bc9c5988222750b9), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **host-deployer:** update host-deployer-base to 1.4.11 ([#23412](https://github.com/yunionio/cloudpods/issues/23412)) ([96b330b6c4](https://github.com/yunionio/cloudpods/commit/96b330b6c4ca2b0aaa99a01d8d63f6576441672b), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **keystone:** distribute permissions when the organization changes ([#23503](https://github.com/yunionio/cloudpods/issues/23503)) ([c8efe3d1e6](https://github.com/yunionio/cloudpods/commit/c8efe3d1e6885b16f9e5252b6f71a710272c39a4), [屈轩](mailto:qu_xuan@icloud.com))
+- **keystone:** fetch domain user count ([#23592](https://github.com/yunionio/cloudpods/issues/23592)) ([7d36c1fe1b](https://github.com/yunionio/cloudpods/commit/7d36c1fe1b07bbda698cd962b45e6959fa5676d3), [屈轩](mailto:qu_xuan@icloud.com))
+- **keystone:** change token AuditIds width ([#23850](https://github.com/yunionio/cloudpods/issues/23850)) ([f22db65285](https://github.com/yunionio/cloudpods/commit/f22db6528549b871102e5a62834697003325172d), [屈轩](mailto:qu_xuan@icloud.com))
+- **monitor:** avoid panic ([#23796](https://github.com/yunionio/cloudpods/issues/23796)) ([8e9f4c12c2](https://github.com/yunionio/cloudpods/commit/8e9f4c12c2ce6e7b519f8e3acc2e4a6ad707a10d), [屈轩](mailto:qu_xuan@icloud.com))
+- **monitor:** fill resource ids of the cloud account ([#24031](https://github.com/yunionio/cloudpods/issues/24031)) ([bcf544574f](https://github.com/yunionio/cloudpods/commit/bcf544574f06da8dee272da82d23cb5a8ff0ab45), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** check if LastSendNotification is zero ([#23783](https://github.com/yunionio/cloudpods/issues/23783)) ([2fc05e9bbb](https://github.com/yunionio/cloudpods/commit/2fc05e9bbbe2d26b238d3c231fda6d3429843411), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** threshold_range message ([#23856](https://github.com/yunionio/cloudpods/issues/23856)) ([9024e78dfc](https://github.com/yunionio/cloudpods/commit/9024e78dfca4842e14f5c7c63eb4037dc54bd2e3), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** filter baremetal host for no data query ([#23892](https://github.com/yunionio/cloudpods/issues/23892)) ([06482d2f20](https://github.com/yunionio/cloudpods/commit/06482d2f206d6662d052a0916f137639450d1658), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** optimized common alert list ([#24044](https://github.com/yunionio/cloudpods/issues/24044)) ([5560cc9371](https://github.com/yunionio/cloudpods/commit/5560cc93715bafd57f1d7715014518fc33a28303), [屈轩](mailto:qu_xuan@icloud.com))
+- **monitor:** title of notification by language context ([#23798](https://github.com/yunionio/cloudpods/issues/23798)) ([ae45d0d1d1](https://github.com/yunionio/cloudpods/commit/ae45d0d1d111ab605c8f11e3aee996b82791cd00), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** meter alert panic ([#23919](https://github.com/yunionio/cloudpods/issues/23919)) ([c6502eebd7](https://github.com/yunionio/cloudpods/commit/c6502eebd7a944b6901ade78288604f2a9738d6d), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** optimized monitor resource list ([#24040](https://github.com/yunionio/cloudpods/issues/24040)) ([f359c67632](https://github.com/yunionio/cloudpods/commit/f359c676325955a64056b66c947981468954111b), [屈轩](mailto:qu_xuan@icloud.com))
+- **monitor:** filter alertrecords by alert_name and res_name ([#23866](https://github.com/yunionio/cloudpods/issues/23866)) ([52962980c5](https://github.com/yunionio/cloudpods/commit/52962980c5943c0199ae9bde3da562083c2728aa), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** alerting level ([#23802](https://github.com/yunionio/cloudpods/issues/23802)) ([e175225af5](https://github.com/yunionio/cloudpods/commit/e175225af5435d2f7a3448723fed5d79d7decc06), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** resource id deduplication of alert record ([#24034](https://github.com/yunionio/cloudpods/issues/24034)) ([7355547b2b](https://github.com/yunionio/cloudpods/commit/7355547b2b28ac9a96202e3b67311b7dfabf4a50), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** alert shield is not working ([#23863](https://github.com/yunionio/cloudpods/issues/23863)) ([4a3a9f1b11](https://github.com/yunionio/cloudpods/commit/4a3a9f1b11a20fb5cf5ab9eb083d55e6aac384c9), [Zexi Li](mailto:zexi.li@icloud.com))
+- **notify:** notify receiver ([#24300](https://github.com/yunionio/cloudpods/issues/24300)) ([7dc2246c10](https://github.com/yunionio/cloudpods/commit/7dc2246c10c84cb2a54a1f7b0f668b220597e251), [屈轩](mailto:qu_xuan@icloud.com))
+- **notify:** support webhook sign ([#24184](https://github.com/yunionio/cloudpods/issues/24184)) ([aef3f68fd5](https://github.com/yunionio/cloudpods/commit/aef3f68fd5eacb38fb7f321ff39e5492c3e69aab), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** host schedtag sync ([#24057](https://github.com/yunionio/cloudpods/issues/24057)) ([f6928c9ca9](https://github.com/yunionio/cloudpods/commit/f6928c9ca9eb00b8d46f8712285d06f092619215), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** allow batch resize disk ([#24051](https://github.com/yunionio/cloudpods/issues/24051)) ([e479741459](https://github.com/yunionio/cloudpods/commit/e479741459d82328525b6ebe209b6cf62b5a051a), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** disk take snapshot check backing snapshot is merged ([#23823](https://github.com/yunionio/cloudpods/issues/23823)) ([d9660431fd](https://github.com/yunionio/cloudpods/commit/d9660431fd2e21aad1afdc9d951dba6b25e2fa7b), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region:** support vmware resource pool ([#23828](https://github.com/yunionio/cloudpods/issues/23828)) ([2e58bba807](https://github.com/yunionio/cloudpods/commit/2e58bba807c5b33f3ff1b6a81ccdf49162caaf57), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23821](https://github.com/yunionio/cloudpods/issues/23821)) ([19c0680c4b](https://github.com/yunionio/cloudpods/commit/19c0680c4b67028d231533cb6c9b3e71c049f9dd), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23845](https://github.com/yunionio/cloudpods/issues/23845)) ([d8ea9f576a](https://github.com/yunionio/cloudpods/commit/d8ea9f576a89b06b033b71a0a1b3ad437261e06a), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23860](https://github.com/yunionio/cloudpods/issues/23860)) ([01cd87d8eb](https://github.com/yunionio/cloudpods/commit/01cd87d8eb4ae303571ad3e7b39830d30403b5fc), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23869](https://github.com/yunionio/cloudpods/issues/23869)) ([27f44e909a](https://github.com/yunionio/cloudpods/commit/27f44e909add48c3af5e5aaa072ccc90647bb747), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** snapshot policy resource purge ([#23804](https://github.com/yunionio/cloudpods/issues/23804)) ([4b78268ff6](https://github.com/yunionio/cloudpods/commit/4b78268ff6a6eb449a9b856bd4a00918173b521e), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** aliyun vnc addr ([#23885](https://github.com/yunionio/cloudpods/issues/23885)) ([0d2cb66dc1](https://github.com/yunionio/cloudpods/commit/0d2cb66dc1d0d856753760538f357d5277a52f0a), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** optimized backend sync ([#23891](https://github.com/yunionio/cloudpods/issues/23891)) ([557715bea3](https://github.com/yunionio/cloudpods/commit/557715bea3a926eb2f4af07000c1a74819df3cef), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** aliyun system disk size ([#23927](https://github.com/yunionio/cloudpods/issues/23927)) ([3b7615b264](https://github.com/yunionio/cloudpods/commit/3b7615b26425e6d5758881c56b135e1c00d3b0f8), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** add provider info for sync log ([#23933](https://github.com/yunionio/cloudpods/issues/23933)) ([4455a99645](https://github.com/yunionio/cloudpods/commit/4455a996456875dab78a18bc0916d44ba5dc52fd), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** migrate snapshot policy resource ([#23790](https://github.com/yunionio/cloudpods/issues/23790)) ([ef046d10c9](https://github.com/yunionio/cloudpods/commit/ef046d10c959aa2896f984d2796e491b639bd7ab), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** disable cloudpods auto create project ([#23938](https://github.com/yunionio/cloudpods/issues/23938)) ([73076cfc19](https://github.com/yunionio/cloudpods/commit/73076cfc19a5be4c13f387f0c1a22774229cd12f), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** disable sync schedtags ([#23943](https://github.com/yunionio/cloudpods/issues/23943)) ([c6f3e714ee](https://github.com/yunionio/cloudpods/commit/c6f3e714ee521d83b9a33cb1b4a8bf2feb71e126), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** allow clean history data ([#23950](https://github.com/yunionio/cloudpods/issues/23950)) ([7c3929bc5e](https://github.com/yunionio/cloudpods/commit/7c3929bc5ef5cfdc485f6d424a257287b11b9015), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** guest usage by arch ([#23954](https://github.com/yunionio/cloudpods/issues/23954)) ([231711d0fb](https://github.com/yunionio/cloudpods/commit/231711d0fb287f4e041ce80bc9b4c01e6cbc6483), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region:** esxi vm folder ([#23751](https://github.com/yunionio/cloudpods/issues/23751)) ([9e72da7b1e](https://github.com/yunionio/cloudpods/commit/9e72da7b1e9f429845f6bf725b258bc7711cdfd7), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** server sku create status ([#23750](https://github.com/yunionio/cloudpods/issues/23750)) ([1875cf7bd6](https://github.com/yunionio/cloudpods/commit/1875cf7bd60f95c0cc9ab61c36f57fe3a62ac6c5), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** show guest nic index ([#23957](https://github.com/yunionio/cloudpods/issues/23957)) ([865a019ba3](https://github.com/yunionio/cloudpods/commit/865a019ba35f93529eb09a54c1760bdd618fd6c2), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** update private cloud host cpu and mem usage by cloudmon ([#23985](https://github.com/yunionio/cloudpods/issues/23985)) ([395bc3f317](https://github.com/yunionio/cloudpods/commit/395bc3f317be85b646e75a6c449e59f16aff913d), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** scope resource ([#23737](https://github.com/yunionio/cloudpods/issues/23737)) ([873a5d6b16](https://github.com/yunionio/cloudpods/commit/873a5d6b164b45b2edd30c79968bc4abd7f8a3e5), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23384](https://github.com/yunionio/cloudpods/issues/23384)) ([85bc3abc77](https://github.com/yunionio/cloudpods/commit/85bc3abc7785a8da9cc1a6611036bd797124531d), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** show host cpu and mem usage ([#23999](https://github.com/yunionio/cloudpods/issues/23999)) ([26fd3424f3](https://github.com/yunionio/cloudpods/commit/26fd3424f3ea1ae26e8e3e7fb5a0e621ee0165b5), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** allow delete server sku ([#23695](https://github.com/yunionio/cloudpods/issues/23695)) ([aa394ead62](https://github.com/yunionio/cloudpods/commit/aa394ead62d8c65fa37ce7bd9e1f498d1ef3be1c), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** add device for disk ([#23692](https://github.com/yunionio/cloudpods/issues/23692)) ([039a69eed6](https://github.com/yunionio/cloudpods/commit/039a69eed646074222f4b431f5da569e43e4db9e), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23399](https://github.com/yunionio/cloudpods/issues/23399)) ([b6c3aa0a7a](https://github.com/yunionio/cloudpods/commit/b6c3aa0a7a776103883a6aefe185789e784c546b), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23406](https://github.com/yunionio/cloudpods/issues/23406)) ([d62f1c1149](https://github.com/yunionio/cloudpods/commit/d62f1c11496b35c021058a6e7a2bbf6a5bec8c37), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** show pretty error ([#24022](https://github.com/yunionio/cloudpods/issues/24022)) ([9a01e1fdb3](https://github.com/yunionio/cloudpods/commit/9a01e1fdb3d5c3c8b7c323deb95f9781a7e636e7), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** optimized aws server sku sync ([#23675](https://github.com/yunionio/cloudpods/issues/23675)) ([260b8557d8](https://github.com/yunionio/cloudpods/commit/260b8557d8c3d3cdd59e22ccff092bc403cdda6a), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** metadata filter by value ([#23672](https://github.com/yunionio/cloudpods/issues/23672)) ([e0706a1b43](https://github.com/yunionio/cloudpods/commit/e0706a1b430f54fc0009ab79bd04d05018eeadfa), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** optimzed server sku sync ([#23664](https://github.com/yunionio/cloudpods/issues/23664)) ([0ba9578ec7](https://github.com/yunionio/cloudpods/commit/0ba9578ec752a8a26314b4e5d773295ac55f242b), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** disk filter by server ([#23660](https://github.com/yunionio/cloudpods/issues/23660)) ([1a1feba74d](https://github.com/yunionio/cloudpods/commit/1a1feba74d53640352c8cd06a2c96364d4108bc9), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** optimized filter sku by zone ([#23657](https://github.com/yunionio/cloudpods/issues/23657)) ([5427facb6a](https://github.com/yunionio/cloudpods/commit/5427facb6a0522061e558f8151081c9397210c00), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23654](https://github.com/yunionio/cloudpods/issues/23654)) ([6b347bf00c](https://github.com/yunionio/cloudpods/commit/6b347bf00c56da0c05ee7fb705171e0207d928fd), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#24268](https://github.com/yunionio/cloudpods/issues/24268)) ([5e565cf2be](https://github.com/yunionio/cloudpods/commit/5e565cf2be9471c1935e5c32e93869b3784fc70e), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** sku cpu mem sync ([#23650](https://github.com/yunionio/cloudpods/issues/23650)) ([b4fd2eb122](https://github.com/yunionio/cloudpods/commit/b4fd2eb122999d71e43f3029c9e8d02fa52c08d4), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** filter disks by server list ([#23645](https://github.com/yunionio/cloudpods/issues/23645)) ([a846649f1c](https://github.com/yunionio/cloudpods/commit/a846649f1cf60aa7b73f1371c1b0032258875c2f), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23417](https://github.com/yunionio/cloudpods/issues/23417)) ([5a5dbed43b](https://github.com/yunionio/cloudpods/commit/5a5dbed43b31a5de6fe7b898bf8b194d0f467fd7), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23640](https://github.com/yunionio/cloudpods/issues/23640)) ([2bb2742bf0](https://github.com/yunionio/cloudpods/commit/2bb2742bf054992d5b76d0b2d9af3b6e891aa242), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** add billing resource check ([#24059](https://github.com/yunionio/cloudpods/issues/24059)) ([23e3234d8d](https://github.com/yunionio/cloudpods/commit/23e3234d8dc82cc7ea91deed5626bae0f60248b8), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** set ksyun tag ([#23612](https://github.com/yunionio/cloudpods/issues/23612)) ([78fa396097](https://github.com/yunionio/cloudpods/commit/78fa39609780b5ea68272a23c0f2f57fbf2e99ab), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** remove useless mod ([#24062](https://github.com/yunionio/cloudpods/issues/24062)) ([fec5f1f8a7](https://github.com/yunionio/cloudpods/commit/fec5f1f8a7ee1ef85b2380d4dfadac1027fbf877), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** avoid panic when update user resource ([#24072](https://github.com/yunionio/cloudpods/issues/24072)) ([2ba0bdfee7](https://github.com/yunionio/cloudpods/commit/2ba0bdfee7f8cec0e5ebfc1692a439edc93e9315), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#24081](https://github.com/yunionio/cloudpods/issues/24081)) ([4ba88e37cd](https://github.com/yunionio/cloudpods/commit/4ba88e37cd9236c4abf05dbd190a34d6ac554903), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** snapshot policy operation ([#24251](https://github.com/yunionio/cloudpods/issues/24251)) ([335cdf37b4](https://github.com/yunionio/cloudpods/commit/335cdf37b4b2bcc2223c87e408ae67162406a1bd), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** disable cloudprovider when sync lost ([#23583](https://github.com/yunionio/cloudpods/issues/23583)) ([106f7b3d2a](https://github.com/yunionio/cloudpods/commit/106f7b3d2ad2700d35bd6f11ac916c179f5a2cee), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23580](https://github.com/yunionio/cloudpods/issues/23580)) ([807454ab63](https://github.com/yunionio/cloudpods/commit/807454ab63d77b7e2984f575f810716bf8b6a356), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** adjust the ip_addr character length ([#23564](https://github.com/yunionio/cloudpods/issues/23564)) ([d5711d7d64](https://github.com/yunionio/cloudpods/commit/d5711d7d64fa7e40ee2b6f7c29bc6cbd0608f982), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** public cloud sku create ([#24229](https://github.com/yunionio/cloudpods/issues/24229)) ([f2d2495be3](https://github.com/yunionio/cloudpods/commit/f2d2495be3faaa0e06bddaa6907b2fd3e43b769a), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** host order by virt cpu ([#23455](https://github.com/yunionio/cloudpods/issues/23455)) ([a64749ef31](https://github.com/yunionio/cloudpods/commit/a64749ef317c5b85446628de8e70c8e06ffd2ddb), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** valid essd pl0 disk resize ([#23547](https://github.com/yunionio/cloudpods/issues/23547)) ([451d289903](https://github.com/yunionio/cloudpods/commit/451d289903201de5f92d7bf4cce5778ca7dc8d87), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23541](https://github.com/yunionio/cloudpods/issues/23541)) ([93101837f7](https://github.com/yunionio/cloudpods/commit/93101837f7b4a455be8cdc0b6f8389a346cf3930), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** support change storage type ([#23531](https://github.com/yunionio/cloudpods/issues/23531)) ([a7bc8c0fff](https://github.com/yunionio/cloudpods/commit/a7bc8c0fff0e0ee1a71381b5904e4f02779a624b), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** healt status ([#23526](https://github.com/yunionio/cloudpods/issues/23526)) ([d913be0312](https://github.com/yunionio/cloudpods/commit/d913be0312dde2fcb2f8624b6edcdeb535a9d0ac), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#24093](https://github.com/yunionio/cloudpods/issues/24093)) ([45e6c8cf59](https://github.com/yunionio/cloudpods/commit/45e6c8cf5985f74567c0c49e64e7d6f1a6c22ed9), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** private zone create status ([#23522](https://github.com/yunionio/cloudpods/issues/23522)) ([d7b0a10ad9](https://github.com/yunionio/cloudpods/commit/d7b0a10ad9ef761e0264c66dd6a2fd5e8b59571d), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#24121](https://github.com/yunionio/cloudpods/issues/24121)) ([60ae50c608](https://github.com/yunionio/cloudpods/commit/60ae50c608c5c3ecb2f17ebf1bc3d3980f89ace1), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** server sku create with region id ([#23510](https://github.com/yunionio/cloudpods/issues/23510)) ([d9060328fc](https://github.com/yunionio/cloudpods/commit/d9060328fc7e96b1034970ce49d4854e9a19158c), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** vendor update ([#23460](https://github.com/yunionio/cloudpods/issues/23460)) ([f8a46a06fc](https://github.com/yunionio/cloudpods/commit/f8a46a06fc3b8dfd502b8f9e2f5b5e7364845926), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** billing resource create time ([#24143](https://github.com/yunionio/cloudpods/issues/24143)) ([8f03c28919](https://github.com/yunionio/cloudpods/commit/8f03c28919ef66c2ab6491a9a666048e9cdcfc70), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** have agent add check is telegraf deployed ([#24146](https://github.com/yunionio/cloudpods/issues/24146)) ([bdd024d699](https://github.com/yunionio/cloudpods/commit/bdd024d6998aac409021dbc9a9f7b5db3ccf83e9), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region:** server add set network num queues ([#24165](https://github.com/yunionio/cloudpods/issues/24165)) ([382ec17c04](https://github.com/yunionio/cloudpods/commit/382ec17c04e73f2e0b42bd1d550cbd0705463296), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region:** init snapshot policy disk table ([#24201](https://github.com/yunionio/cloudpods/issues/24201)) ([55c139f4ab](https://github.com/yunionio/cloudpods/commit/55c139f4ab2cc036f3b58151b97fd0fd998721ce), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** avoid duplicate check when update account aksk ([#24208](https://github.com/yunionio/cloudpods/issues/24208)) ([8a70ad1fe1](https://github.com/yunionio/cloudpods/commit/8a70ad1fe1d87e725a16d027cceb34d0d5ed6dff), [屈轩](mailto:qu_xuan@icloud.com))
+- **region:** support cloudpods vm disk driver ([#24224](https://github.com/yunionio/cloudpods/issues/24224)) ([b333d023f9](https://github.com/yunionio/cloudpods/commit/b333d023f93abae5bcfc4792f637b9696692fdfc), [屈轩](mailto:qu_xuan@icloud.com))
+- **region,climc:** persist netinterface vlan_id to hostnetwork ([#24214](https://github.com/yunionio/cloudpods/issues/24214)) ([29d1a9beb3](https://github.com/yunionio/cloudpods/commit/29d1a9beb311154f0d2894b9f528676167d64f30), [Zexi Li](mailto:zexi.li@icloud.com))
+- **region,glance,host-deployer:** guest image support bios boot mode detect ([#23284](https://github.com/yunionio/cloudpods/issues/23284)) ([ccf1694237](https://github.com/yunionio/cloudpods/commit/ccf1694237c642abbb4867df9fa0801e7bb3be03), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region,host:** perform screendump no save to s3 ([#23824](https://github.com/yunionio/cloudpods/issues/23824)) ([56711f01f2](https://github.com/yunionio/cloudpods/commit/56711f01f23f0e8b6607372fe6ad03a10bed2aa0), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region,host:** guest add vnc screen dump support ([#23374](https://github.com/yunionio/cloudpods/issues/23374)) ([2b90c029ee](https://github.com/yunionio/cloudpods/commit/2b90c029ee67db39dd13653acc2f4dabc26e2246), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region,host:** rename screen dump info structure ([#24257](https://github.com/yunionio/cloudpods/issues/24257)) ([aef2e3e956](https://github.com/yunionio/cloudpods/commit/aef2e3e9560b7964980042f5704367bb30a1d5ef), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region,host,scheduler:** add check kvm cpu max on cpu predicate ([#23513](https://github.com/yunionio/cloudpods/issues/23513)) ([606916760b](https://github.com/yunionio/cloudpods/commit/606916760b6f91da7046720737d8601eaad52178), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **region,scheduler:** check is BIOS boot request on uefi predicate ([#23717](https://github.com/yunionio/cloudpods/issues/23717)) ([1b212051a9](https://github.com/yunionio/cloudpods/commit/1b212051a94f3da1729c65fed5e4a3b4db24854c), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **scheduler:** correct mem_free = (mem_total - mem_reserved) * mem_cmtbound ([#23982](https://github.com/yunionio/cloudpods/issues/23982)) ([7d92eb9a63](https://github.com/yunionio/cloudpods/commit/7d92eb9a6352449155774a6a1e53447fb35e22fc), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **scheduler:** enable profiling ([#23642](https://github.com/yunionio/cloudpods/issues/23642)) ([357a0f22e3](https://github.com/yunionio/cloudpods/commit/357a0f22e36d5aacf65af462c1239046a2317b82), [Zexi Li](mailto:zexi.li@icloud.com))
+- **scheduler:** sku predicate with empty zone id ([#23686](https://github.com/yunionio/cloudpods/issues/23686)) ([8ddca94bdc](https://github.com/yunionio/cloudpods/commit/8ddca94bdcddda240ef8921e181499bd7d7ecd46), [屈轩](mailto:qu_xuan@icloud.com))
+- **telegraf-raid-plugin:** working for victoria metrics ([#24086](https://github.com/yunionio/cloudpods/issues/24086)) ([a36039ccc1](https://github.com/yunionio/cloudpods/commit/a36039ccc1a9450aaf29869d182cb1e9c2cecfe1), [Zexi Li](mailto:zexi.li@icloud.com))
+- **webconsole:** baremteasl ipmi sol instance_name hide password ([#23536](https://github.com/yunionio/cloudpods/issues/23536)) ([fedf62f75b](https://github.com/yunionio/cloudpods/commit/fedf62f75bf34b34215e4a3e8ed1821ba3749c7b), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **yunionconf:** support tags ([#24234](https://github.com/yunionio/cloudpods/issues/24234)) ([217496161a](https://github.com/yunionio/cloudpods/commit/217496161a0899af12c0228b641103583d43bd8b), [屈轩](mailto:qu_xuan@icloud.com))
+
+### Chore (1)
+- **ci:** turn off goimports-check rule ([#23609](https://github.com/yunionio/cloudpods/issues/23609)) ([b4876fa013](https://github.com/yunionio/cloudpods/commit/b4876fa013de96dd14ed514210d00d37a6fa4eeb), [Zexi Li](mailto:zexi.li@icloud.com))
+
+### Feature (1)
+- assume user login support ([#23961](https://github.com/yunionio/cloudpods/issues/23961)) ([16ce2a6a66](https://github.com/yunionio/cloudpods/commit/16ce2a6a669cfadddb7923891254b332420eecbe), [Jian Qiu](mailto:swordqiu@gmail.com))
+
+### Features (5)
+- **baremetal-agent:** Linux PCIE disk support mdadm soft raid ([#23725](https://github.com/yunionio/cloudpods/issues/23725)) ([7c69f96725](https://github.com/yunionio/cloudpods/commit/7c69f967258614c9d9ed20efa61f103c7ad73037), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+- **climc:** support --ouput option for pprof command ([#23841](https://github.com/yunionio/cloudpods/issues/23841)) ([859384643f](https://github.com/yunionio/cloudpods/commit/859384643f1979f5ca01822b28b09d6c5b24a215), [Zexi Li](mailto:zexi.li@icloud.com))
+- **cloudcommon:** add ExtraHook steps to joint model ([#23741](https://github.com/yunionio/cloudpods/issues/23741)) ([453d47c99b](https://github.com/yunionio/cloudpods/commit/453d47c99b409b47586b2b182e25f9ff39e563d9), [Zexi Li](mailto:zexi.li@icloud.com))
+- **monitor:** support threashold range ([#23854](https://github.com/yunionio/cloudpods/issues/23854)) ([92be2b6d11](https://github.com/yunionio/cloudpods/commit/92be2b6d11a52032db76c75fd5ef531e6580b25f), [Zexi Li](mailto:zexi.li@icloud.com))
+- **region,host:** host dmesg collect ([#23721](https://github.com/yunionio/cloudpods/issues/23721)) ([c1e814ba6e](https://github.com/yunionio/cloudpods/commit/c1e814ba6ed86ec91970fd002b19029e1511c730), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+
+### Others (1)
+- Automated cherry pick of [#23386](https://github.com/yunionio/cloudpods/issues/23386): fix(host-deployer): allow growpart on primary partition ([#23393](https://github.com/yunionio/cloudpods/issues/23393)) ([edefdd6ca1](https://github.com/yunionio/cloudpods/commit/edefdd6ca15f7c1da616e4c9b29ce9ba17e1c410), [wanyaoqi](mailto:18528551+wanyaoqi@users.noreply.github.com))
+
+-----
+
+## cloudpods-operator
+
+Repository: https://github.com/yunionio/cloudpods-operator
+
+13 commits to [cloudpods-operator - v3.11.13](https://github.com/yunionio/cloudpods-operator/compare/v3.11.12...v3.11.13) since this release.
+
+### Bug Fixes (12)
+- region dns CacheTtl param ([f4949de4](https://github.com/yunionio/cloudpods-operator/commit/f4949de408a8c2718f799ea552e0b46ff1165cdc), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- update vendor 3.11.13 20260203 ([cdbfe44f](https://github.com/yunionio/cloudpods-operator/commit/cdbfe44f564cbf3d2ea433009d77d72ef1efa6e3), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- update vendor 3.11 20260203 ([7dc8a596](https://github.com/yunionio/cloudpods-operator/commit/7dc8a596f86aa1fcbb90e8a3fd76aa2b753fe7d7), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- update telegraf-raid-plugin to v4.0-20260115.0 ([4f4142e9](https://github.com/yunionio/cloudpods-operator/commit/4f4142e99f958cc599e2d6ca018e760f100926eb), [Zexi Li](mailto:zexi.li@icloud.com))
+- set loki retention days ([e9d040aa](https://github.com/yunionio/cloudpods-operator/commit/e9d040aab36feec45ea22eef25a0ed8bf6e3a612), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- region-dns support dameng ([b48e8214](https://github.com/yunionio/cloudpods-operator/commit/b48e821495aef715ae7fb5a98f9fbb8334ee8b0c), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- add more cloud account brand to alert policy ([3c99cf9d](https://github.com/yunionio/cloudpods-operator/commit/3c99cf9dce1a2b5dec6c4634f978756ff4f31a70), [Zexi Li](mailto:zexi.li@icloud.com))
+- disable components by product version ([aec2069d](https://github.com/yunionio/cloudpods-operator/commit/aec2069dc5952c6d49589221a390ed4e66e5f6bc), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- recover password validation when sync-user ([5a209fd0](https://github.com/yunionio/cloudpods-operator/commit/5a209fd0b630632f9555605c05068014a6ab4b2b), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- **host:** add s3 config ([646c995b](https://github.com/yunionio/cloudpods-operator/commit/646c995b5ebf7d681b06e066391fcad983a77cd9), [wanyaoqi](mailto:wanyaoqi@yunion.cn))
+- **operator:** set resource limits to region-dns ([290bbd69](https://github.com/yunionio/cloudpods-operator/commit/290bbd6945db0fe3dd28319643cad57cfb7a3c8e), [Zexi Li](mailto:zexi.li@icloud.com))
+- **operator:** enable autoupdate service for LightEdige product version ([5052371a](https://github.com/yunionio/cloudpods-operator/commit/5052371ad5bdfcaf225b2d8d30a2058c1e20d1de), [Zexi Li](mailto:zexi.li@icloud.com))
+
+### Optimized (1)
+- limit 1/16 memory of node for each pod ([fbf7fa7c](https://github.com/yunionio/cloudpods-operator/commit/fbf7fa7c23ba2999b6ea8f67950f7ea0949dc6b8), [Zexi Li](mailto:zexi.li@icloud.com))
+
+-----
+
+## cloudpods-service-operator
+
+Repository: https://github.com/yunionio/cloudpods-service-operator
+
+1 commits to [cloudpods-service-operator - v3.11.13](https://github.com/yunionio/cloudpods-service-operator/compare/v3.11.12...v3.11.13) since this release.
+
+### Bug Fixes (1)
+- update docker-push.sh 3.11 20260129 ([fb5f3dd](https://github.com/yunionio/cloudpods-service-operator/commit/fb5f3ddd41854a1e5e8509d492c63890b68a1d0e), [Qiu Jian](mailto:qiujian@yunionyun.com))
+
+-----
+
+## dashboard
+
+Repository: https://github.com/yunionio/dashboard
+
+88 commits to [dashboard - v3.11.13](https://github.com/yunionio/dashboard/compare/v3.11.12...v3.11.13) since this release.
+
+### Bug Fixes (50)
+- account update permission ([28d22e711](https://github.com/yunionio/dashboard/commit/28d22e7118e66a2538c36950a469af61aeeebe96), [Qu Xuan](mailto:qu_xuan@icloud.com))
+- docker build with host network ([44710b902](https://github.com/yunionio/dashboard/commit/44710b902cd5bf0990e94d89da46e6959d44b343), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- The monitoring alarm notification type allows only the alarm robot to be selected ([56d92bed6](https://github.com/yunionio/dashboard/commit/56d92bed697f76353dd02b0eaec75411f6a53bc1), [GuoLiBin6](mailto:glbin533@163.com))
+- Fix login page request error ([0954b828d](https://github.com/yunionio/dashboard/commit/0954b828d51eb85b5be74d9d655744fdae1c1b89), [GuoLiBin6](mailto:glbin533@163.com))
+- ThresholdInput component input values following matching units ([90a4d7cb5](https://github.com/yunionio/dashboard/commit/90a4d7cb559e96d74eb2a12b05baf31929c05112), [GuoLiBin6](mailto:glbin533@163.com))
+- Host monitoring indicators for the management cloud platform ([e0621953e](https://github.com/yunionio/dashboard/commit/e0621953eef725129fabe6542f2c10b049d4ebbc), [GuoLiBin6](mailto:glbin533@163.com))
+- clear auth from cookie when logout ([63a3773d1](https://github.com/yunionio/dashboard/commit/63a3773d142d4ba71bda347fe48bbd848f47909f), [GuoLiBin6](mailto:glbin533@163.com))
+- dns-zone menu polciy ([54b97280c](https://github.com/yunionio/dashboard/commit/54b97280c7b297411b5c9a5a0776b2561da6cbfc), [GuoLiBin6](mailto:glbin533@163.com))
+- server-price-comparator error type ([6cf4a99a9](https://github.com/yunionio/dashboard/commit/6cf4a99a914fdc154e9585ff5e1007c41c6aa554), [GuoLiBin6](mailto:glbin533@163.com))
+- Supplement missing variables ([4b64dde74](https://github.com/yunionio/dashboard/commit/4b64dde7460c9a0f9749b214fbffe74f87a546df), [GuoLiBin6](mailto:glbin533@163.com))
+- enable filter with customized option text ([ad1e8c76c](https://github.com/yunionio/dashboard/commit/ad1e8c76c9eb69ce15dbccff08e6fba0de6e05ac), [邱剑](mailto:qiujian@yunionyun.com))
+- host mem usage ([4d4448dda](https://github.com/yunionio/dashboard/commit/4d4448dda3d45cc4fd87f05894bba6bbcdfbed2b), [GuoLiBin6](mailto:glbin533@163.com))
+- workflow create message ([b9b040df4](https://github.com/yunionio/dashboard/commit/b9b040df4d5ed43258f4c0c5fc8dffd2b3ad8c46), [GuoLiBin6](mailto:glbin533@163.com))
+- loadmore list refresh clear paging_marker ([5f971b6b8](https://github.com/yunionio/dashboard/commit/5f971b6b8acd5eaa78a65574b9132cffea2fcd81), [GuoLiBin6](mailto:glbin533@163.com))
+- alert-record detail params ([fa65dd2f8](https://github.com/yunionio/dashboard/commit/fa65dd2f8c56a37f6969ca6b71c4b789b95d4d10), [GuoLiBin6](mailto:glbin533@163.com))
+- Alarm increase login detection ([6fe3128f4](https://github.com/yunionio/dashboard/commit/6fe3128f4c07a582b43117af8aab5a89a2579692), [GuoLiBin6](mailto:glbin533@163.com))
+- Modify the list load more display rules ([651a839c4](https://github.com/yunionio/dashboard/commit/651a839c40cee315ab468660c539880bed049954), [GuoLiBin6](mailto:glbin533@163.com))
+- add server perform policy items ([4f7bf0db8](https://github.com/yunionio/dashboard/commit/4f7bf0db88a226ebb8bb58ffb33e540a981969b5), [GuoLiBin6](mailto:glbin533@163.com))
+- Add resource ID filtering to GPU operation logs ([24797bf26](https://github.com/yunionio/dashboard/commit/24797bf262c20908bed96be1133a68a40318dab7), [GuoLiBin6](mailto:glbin533@163.com))
+- alertrecord filter alert name param ([ab1bb28f5](https://github.com/yunionio/dashboard/commit/ab1bb28f50cff9951ed1c3c4086b212e826f4113), [GuoLiBin6](mailto:glbin533@163.com))
+- alert policy filter params ([0b99d4c2a](https://github.com/yunionio/dashboard/commit/0b99d4c2a390342ddae95e7d10bd95dfa6029ce0), [GuoLiBin6](mailto:glbin533@163.com))
+- Verify the guest_status field during the unbinding operation of transparent transmission devices ([89dd209ba](https://github.com/yunionio/dashboard/commit/89dd209ba20834eb1aacdd249b2066de407cbfc7), [GuoLiBin6](mailto:glbin533@163.com))
+- alertrecord details add scope param ([a74174d5a](https://github.com/yunionio/dashboard/commit/a74174d5a1ec691bcb76f11f9bff4e5d90f8cd8b), [GuoLiBin6](mailto:glbin533@163.com))
+- alert record detail params ([9d6fed570](https://github.com/yunionio/dashboard/commit/9d6fed57076f4f96bb0b9a1cc0dc670cec5aa9df), [GuoLiBin6](mailto:glbin533@163.com))
+- commonalerts create params ([c6a8da646](https://github.com/yunionio/dashboard/commit/c6a8da646565d0e567759648b75a829c39a5178c), [GuoLiBin6](mailto:glbin533@163.com))
+- sched tags set scope params ([8e7e102fd](https://github.com/yunionio/dashboard/commit/8e7e102fdbe8d7b732fdf0161e6eab95a2f3110c), [GuoLiBin6](mailto:glbin533@163.com))
+- remove snapshot policy bind resources tips ([79ce3f206](https://github.com/yunionio/dashboard/commit/79ce3f206500081728f5b2ebc47199cf91335c49), [GuoLiBin6](mailto:glbin533@163.com))
+- Add shopping cart, add meter service verification ([7026a3949](https://github.com/yunionio/dashboard/commit/7026a3949491c1bac99a12c4d93ceae6edb41647), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal create error ([f50600166](https://github.com/yunionio/dashboard/commit/f50600166148f521488cd91a873450761560bb84), [GuoLiBin6](mailto:glbin533@163.com))
+- export list data params ([0798ed620](https://github.com/yunionio/dashboard/commit/0798ed620eb6281221f7be36e06a08a61bc34a13), [GuoLiBin6](mailto:glbin533@163.com))
+- Bare metal network prohibits container and hostlocal types ([0af05b0b5](https://github.com/yunionio/dashboard/commit/0af05b0b5230908a64ff5fa1104233a26e1b625f), [GuoLiBin6](mailto:glbin533@163.com))
+- Bare metal network prohibits container and hostlocal types ([50cf7e9ea](https://github.com/yunionio/dashboard/commit/50cf7e9ea9779e766902f67275073de3ce3a8465), [GuoLiBin6](mailto:glbin533@163.com))
+- Remove the minimum width limit from the dashboard panel ([833c123a6](https://github.com/yunionio/dashboard/commit/833c123a65a41ef5da878bbc6a7be6f3c9c807ed), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal create params ([703b06d96](https://github.com/yunionio/dashboard/commit/703b06d963e4b1fc5a71033dd63218203f00979d), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal create params ([0e339aea4](https://github.com/yunionio/dashboard/commit/0e339aea4a3d6ee3751cd662d521e99dd981aa44), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal create params ([4643ca4e9](https://github.com/yunionio/dashboard/commit/4643ca4e96889eea7d0f99ba72a937319efac890), [GuoLiBin6](mailto:glbin533@163.com))
+- action validate when list selected ([d79ec3a1a](https://github.com/yunionio/dashboard/commit/d79ec3a1a99b51d6c803da97232da9fa6d2c6011), [GuoLiBin6](mailto:glbin533@163.com))
+- build params ([766203019](https://github.com/yunionio/dashboard/commit/7662030199f5f3518a4a68c9b605aaa923c53968), [GuoLiBin6](mailto:glbin533@163.com))
+- missing docker build environment variables ([2bd27b3f6](https://github.com/yunionio/dashboard/commit/2bd27b3f6698a435925a8a4e52e1686f0c6a6623), [QIU Jian](mailto:qiujian@yunionyun.com))
+- baremetal monitor error ([700937be0](https://github.com/yunionio/dashboard/commit/700937be0c4ef853aaae98d6bd84dbe5ed40d186), [GuoLiBin6](mailto:glbin533@163.com))
+- parse data error ([b781a5815](https://github.com/yunionio/dashboard/commit/b781a58153902f24e99efdfa3131d7d590175a3e), [GuoLiBin6](mailto:glbin533@163.com))
+- data parse error ([cdd1a4050](https://github.com/yunionio/dashboard/commit/cdd1a4050e1ce13538f04544177411dd1d07af39), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal sol info hidden password ([87d401aaa](https://github.com/yunionio/dashboard/commit/87d401aaa0851f6c3f5bd1bd549f23afcde93467), [GuoLiBin6](mailto:glbin533@163.com))
+- delete document default tite ([acdc223d9](https://github.com/yunionio/dashboard/commit/acdc223d9d7f442841dfd66d549133269cd36e51), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal ssh status tooltip ([7f05632f8](https://github.com/yunionio/dashboard/commit/7f05632f8d9653e3b898388a35b08c8b679c7d0d), [GuoLiBin6](mailto:glbin533@163.com))
+- image export tooltip message error ([f554eb26e](https://github.com/yunionio/dashboard/commit/f554eb26ee73f4aa1660428798fc841e20e10021), [GuoLiBin6](mailto:glbin533@163.com))
+- Fix domain and project component memory function ([d47869cf1](https://github.com/yunionio/dashboard/commit/d47869cf1b7be84adbafad71ebebe3c8d674b7e6), [GuoLiBin6](mailto:glbin533@163.com))
+- Add remark validation for security group rules ([80b657ede](https://github.com/yunionio/dashboard/commit/80b657eded3e3063a0d025ff15645d9e973a526d), [GuoLiBin6](mailto:glbin533@163.com))
+- Fix inconsistency between resource list statistics filter and list status filter items ([30337fb0b](https://github.com/yunionio/dashboard/commit/30337fb0b2b46668346085654562e81d44ce111a), [GuoLiBin6](mailto:glbin533@163.com))
+- Alert policy alert robot uses project filter ([f5a477773](https://github.com/yunionio/dashboard/commit/f5a4777733718045cf994ee52aff4b99ac539243), [GuoLiBin6](mailto:glbin533@163.com))
+
+### Features (35)
+- webhook notify add secret key ([d9814c578](https://github.com/yunionio/dashboard/commit/d9814c57865b9aae137cb7fa3a052f9c2491eada), [GuoLiBin6](mailto:glbin533@163.com))
+- Optimization of Search Box Component Performance ([261f02e5e](https://github.com/yunionio/dashboard/commit/261f02e5e87700fe7cbe57ea18015622e590d435), [GuoLiBin6](mailto:glbin533@163.com))
+- server show block stream status ([0baf91fd8](https://github.com/yunionio/dashboard/commit/0baf91fd8b736ba8cf08183669421ea940bad0dc), [GuoLiBin6](mailto:glbin533@163.com))
+- SVG compression ([7270e30b2](https://github.com/yunionio/dashboard/commit/7270e30b27e70f18de206b16e20490b1496f9c06), [GuoLiBin6](mailto:glbin533@163.com))
+- Display of simplified schedtags for host ([d5aa12860](https://github.com/yunionio/dashboard/commit/d5aa128601b4a7675adf5535230d38e1c8d185bb), [GuoLiBin6](mailto:glbin533@163.com))
+- host add resource statistics ([4c6ecfc7d](https://github.com/yunionio/dashboard/commit/4c6ecfc7de2f4567c708a2d90fdc8c1fa67e51f4), [GuoLiBin6](mailto:glbin533@163.com))
+- Control panel monitoring indicators add differentiation between x86 and ARM ([8be741e0b](https://github.com/yunionio/dashboard/commit/8be741e0b2bd09b82a2189aff6e118ff6268e6ae), [GuoLiBin6](mailto:glbin533@163.com))
+- Add supplementary permissions ([6cd0b012a](https://github.com/yunionio/dashboard/commit/6cd0b012a2746418f1c6684c153e5a154cb22e92), [GuoLiBin6](mailto:glbin533@163.com))
+- alert policy support set threshold range ([eb9de74a2](https://github.com/yunionio/dashboard/commit/eb9de74a2b6e02829ab4e09515a253dc60a26353), [GuoLiBin6](mailto:glbin533@163.com))
+- add THB currency ([b40350781](https://github.com/yunionio/dashboard/commit/b40350781b47b3f8fd5e20ecce796cd5f30825e6), [GuoLiBin6](mailto:glbin533@163.com))
+- modify host demesgs resource name ([c1fa8d621](https://github.com/yunionio/dashboard/commit/c1fa8d6217e30ca31db8e769ece810f128f4dd2b), [GuoLiBin6](mailto:glbin533@163.com))
+- modify physicaal machine i18n ([d8a23a3fe](https://github.com/yunionio/dashboard/commit/d8a23a3feabe7c035f4d64a12e6708e587631e69), [GuoLiBin6](mailto:glbin533@163.com))
+- rds add storage type column ([187cd184f](https://github.com/yunionio/dashboard/commit/187cd184f2072e98c7143017d2cdd912e570b1bf), [GuoLiBin6](mailto:glbin533@163.com))
+- vminstance add screen dump action ([47949a8c7](https://github.com/yunionio/dashboard/commit/47949a8c7842a9293c1ef1f2ee61d6b41edd47b8), [GuoLiBin6](mailto:glbin533@163.com))
+- tag-select filter support remote filter ([8e71a96ea](https://github.com/yunionio/dashboard/commit/8e71a96ea0d30d35dc6c905a8bc7bde329f3e476), [GuoLiBin6](mailto:glbin533@163.com))
+- Dmesg optimization ([38712349f](https://github.com/yunionio/dashboard/commit/38712349f43d9583494dc7c415dc52fd0a531e2e), [GuoLiBin6](mailto:glbin533@163.com))
+- host add dmesg log ([fc8de7685](https://github.com/yunionio/dashboard/commit/fc8de7685751d46d5ca4f831ead8f16d10142007), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal disk support linux/pcie software raid ([afed1ac30](https://github.com/yunionio/dashboard/commit/afed1ac3071b7d7f789ae8629555d9f93f71f60a), [GuoLiBin6](mailto:glbin533@163.com))
+- The physical machine list supports opening bare metal details ([3b485a2c2](https://github.com/yunionio/dashboard/commit/3b485a2c27713621fea72393306d9acc31a51aaf), [GuoLiBin6](mailto:glbin533@163.com))
+- Sku deletion, cancellation of platform check ([40385766d](https://github.com/yunionio/dashboard/commit/40385766da7d1e63405f95305dbb60dcc2545ada), [GuoLiBin6](mailto:glbin533@163.com))
+- baremetal show power states ([2a7351d31](https://github.com/yunionio/dashboard/commit/2a7351d31bc87c88662722256816ebc129fb1a6a), [GuoLiBin6](mailto:glbin533@163.com))
+- disk support multiple resize capacity ([80500229e](https://github.com/yunionio/dashboard/commit/80500229e45307b47e3c03973e9632f383d11ec8), [GuoLiBin6](mailto:glbin533@163.com))
+- build params ([897402989](https://github.com/yunionio/dashboard/commit/8974029890e01932e5796840a27dcefdecc82eba), [GuoLiBin6](mailto:glbin533@163.com))
+- resource type label add origin key ([597db9697](https://github.com/yunionio/dashboard/commit/597db9697f61d8d6cd88d8a1ff6b99dfba55e749), [GuoLiBin6](mailto:glbin533@163.com))
+- block account params ([56e128e8d](https://github.com/yunionio/dashboard/commit/56e128e8d1e0ad85ebb3b9076115798ea886a939), [GuoLiBin6](mailto:glbin533@163.com))
+- aliyun secgroup rules support edit ([c02fa02a7](https://github.com/yunionio/dashboard/commit/c02fa02a78723df783ee4730bcecaabe097ec1e8), [GuoLiBin6](mailto:glbin533@163.com))
+- server recycle bin i18n ([6687b020b](https://github.com/yunionio/dashboard/commit/6687b020b223d070ace768c80cf1708393f4b584), [GuoLiBin6](mailto:glbin533@163.com))
+- image support bios & uefi ([df898c8c5](https://github.com/yunionio/dashboard/commit/df898c8c51626eb312a7f58223a6dc5948b1a287), [GuoLiBin6](mailto:glbin533@163.com))
+- add cloudaccount health status - pending ([7d1dac19c](https://github.com/yunionio/dashboard/commit/7d1dac19cbd34c0a42da771939ea5c926766d6b5), [GuoLiBin6](mailto:glbin533@163.com))
+- Operation log displays service type ([a2932c99b](https://github.com/yunionio/dashboard/commit/a2932c99bf76e27a905bfa14a0e56828e43d94ce), [GuoLiBin6](mailto:glbin533@163.com))
+- Optimize work order VM form backfill modification ([6efc04739](https://github.com/yunionio/dashboard/commit/6efc04739f32416416eb1052a5480e3ba740bfc9), [GuoLiBin6](mailto:glbin533@163.com))
+- Show screenshot for panicked VM ([f49c1f1ab](https://github.com/yunionio/dashboard/commit/f49c1f1ab728799e63a3805edcbe9d06da393a69), [GuoLiBin6](mailto:glbin533@163.com))
+- Change authentication address for new cloudpods account ([f07df4948](https://github.com/yunionio/dashboard/commit/f07df4948f277a62dc6d35671c5cfe5d46fcf40d), [GuoLiBin6](mailto:glbin533@163.com))
+- Work order supports modification ([b46bf5da6](https://github.com/yunionio/dashboard/commit/b46bf5da6e96e0695aac554ed2677ca5ffacf44d), [GuoLiBin6](mailto:glbin533@163.com))
+- Work order supports modification ([1c84e9435](https://github.com/yunionio/dashboard/commit/1c84e9435f7428b4aa3930a66cb0e3a0516be646), [GuoLiBin6](mailto:glbin533@163.com))
+
+### Fixfix (1)
+- Fix dashboard alert trend parameter error ([97f634f82](https://github.com/yunionio/dashboard/commit/97f634f82184942d9ba9370d055a49ef95bd0013), [GuoLiBin6](mailto:glbin533@163.com))
+
+### Others (2)
+- disk show device name ([f77b99a0d](https://github.com/yunionio/dashboard/commit/f77b99a0dd1a782ca73547f9dd25da4f1d442bdb), [GuoLiBin6](mailto:glbin533@163.com))
+- onestack account show oem name ([ff14bdd53](https://github.com/yunionio/dashboard/commit/ff14bdd532710425cedd5d0251ffbcdd509a6c54), [GuoLiBin6](mailto:glbin533@163.com))
+
+-----
+
+## ocboot
+
+Repository: https://github.com/yunionio/ocboot
+
+4 commits to [ocboot - v3.11.13](https://github.com/yunionio/ocboot/compare/v3.11.12...v3.11.13) since this release.
+
+### Bug Fixes (4)
+- parallel limit jobs by nproc at release/3.11 ([a3c741f](https://github.com/yunionio/ocboo/commit/a3c741f022a7c93b7efef1d8ecebec68a07be05d), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- return do_action code ([ad70990](https://github.com/yunionio/ocboo/commit/ad70990fd6a751c98cdd30d5dc5709b25b0f3fde), [Zexi Li](mailto:zexi.li@icloud.com))
+- enable hugetbl for x86 only ([5e96a4e](https://github.com/yunionio/ocboo/commit/5e96a4e61248480c506adf0bad2043f0d216c2e9), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- support oe2203 LTS sp4 ([958a253](https://github.com/yunionio/ocboo/commit/958a2536fe535769025b592ffea01adfefc9d17d), [Qiu Jian](mailto:qiujian@yunionyun.com))
+
+-----
+
+## sdnagent
+
+Repository: https://github.com/yunionio/sdnagent
+
+2 commits to [sdnagent - v3.11.13](https://github.com/yunionio/sdnagent/compare/v3.11.12...v3.11.13) since this release.
+
+### Bug Fixes (2)
+- docker push update for 3.11 ([6db14bb5](https://github.com/yunionio/sdnagen/commit/6db14bb598758806026c2a71fe666a5bb87d354a), [Qiu Jian](mailto:qiujian@yunionyun.com))
+- update vendor 3.11.13 20260121 ([78fb26cd](https://github.com/yunionio/sdnagen/commit/78fb26cd7719dcadd5a815304cc016055e7d5c2f), [Qiu Jian](mailto:qiujian@yunionyun.com))
diff --git a/i18n/en/docusaurus-plugin-content-docs/current/release-notes/v4_0_x.md b/i18n/en/docusaurus-plugin-content-docs/current/release-notes/v4_0_x.md
new file mode 100644
index 00000000..c3ee611f
--- /dev/null
+++ b/i18n/en/docusaurus-plugin-content-docs/current/release-notes/v4_0_x.md
@@ -0,0 +1,7 @@
+---
+sidebar_position: -400
+---
+
+# v4.0.x
+
+## v4.0.2
diff --git a/i18n/en/docusaurus-theme-classic/navbar.json b/i18n/en/docusaurus-theme-classic/navbar.json
index 80c68c60..6dc5a5b9 100644
--- a/i18n/en/docusaurus-theme-classic/navbar.json
+++ b/i18n/en/docusaurus-theme-classic/navbar.json
@@ -38,5 +38,9 @@
   "item.label.物理机管理": {
     "message": "Baremetal Management",
     "description": "Navbar item with label 物理机管理"
+  },
+  "item.label.AI云": {
+    "message": "AI Cloud",
+    "description": "Navbar item with label AI云"
   }
 }