CN108418705A - Virtual machine mixes the virtual network management method and system of nested framework with container - Google Patents
Virtual machine mixes the virtual network management method and system of nested framework with container Download PDFInfo
- Publication number
- CN108418705A CN108418705A CN201810083753.1A CN201810083753A CN108418705A CN 108418705 A CN108418705 A CN 108418705A CN 201810083753 A CN201810083753 A CN 201810083753A CN 108418705 A CN108418705 A CN 108418705A
- Authority
- CN
- China
- Prior art keywords
- virtual
- container
- virtual machine
- network
- switch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention provides the virtual network management method and system that a kind of virtual machine mixes nested framework with container, it is related to field of cloud calculation and computer network field, virtual machine and container are put on an equal footing, realize the unitized network management of virtual machine and container, it supports the horizontal mixed deployment scene of virtual machine and container, while also container nesting being supported to operate in the vertical mixed deployment scene in virtual machine.In addition, the present invention combines the advantages of centralization and distributed director, using two-step evolution device structure, control plane partial function is sunk in the local controller on hypervisor servers, centralized controller is responsible for global data and safeguards and transport pipe platform interface with third party, local controller is responsible for the maintenance of the flow table on native virtual machine interchanger, can effectively reduce the pressure of global centralized controller, promotes the performance of virtual network management.
Description
Technical field
The present invention relates to field of cloud calculation and computer network fields more particularly to a kind of virtual machine to mix nested framework with container
Virtual network management method.
Background technology
Virtualization based on virtual machine and the virtualization based on container are two kinds of typical servers of current field of cloud calculation
Virtualization technology, the former advantage are that the preferable isolation of resource, safe, Client OS and host operate
System decoupling, and the advantage of the latter is the lightweight of virtual platform, the convenience of service deployment and efficient resource elasticity
Flexible, both virtualization technologies have different application scenarios respectively, will and be deposited within foreseeable one section of long duration.
For virtual machine, current most popular virtual network solutions are the neutron schemes of openstack,
Control plane realizes that the virtual network of data plane manages then by each calculating by the neutron server services in control node
Agent on node is realized, such as realizes ovs bridge with ovsagent(Br-int, br-eth, br-tun etc.)Flow table management,
The defect of this mode includes:1)The virtual network management of centralization causes performance relatively low, is not suitable for the quick bullet of capacitor network
Property it is flexible;2)The virtualization scene that virtual machine is nested with container is not supported.
For container, at present popular virtual network solutions have Calico, Flannel, Weave,
Libnetwork etc., but these solutions do not provide the network support of virtual machine, less support virtual machine just for container
The virtualization scene nested with container.
Since virtual machine technique and container technique are two technology paths of independent development, the realization method of virtual network
It is also respective independent evolution, it is difficult to meet virtualization and the scene of the especially nested deployment of container mixed deployment, it is therefore desirable to
A set of new network management provides the Unified Network managerial ability of virtual machine and container.
Invention content
For current virtual machine and the especially nested deployment scenario of container mixed deployment, the present invention proposes a kind of virtual machine
The virtual network management method of nested framework is mixed with container.Realize the unified fusion management of virtual machine network and capacitor network.
The present invention combines the advantages of centralization and distributed director, using two-step evolution device structure, by control plane
Partial function is sunk in the local controller on hypervisor servers, centralized controller be responsible for global data safeguard with
And pipe platform interface is transported with third party, local controller is responsible for the maintenance of the flow table on native virtual machine interchanger, can effectively be dropped
The pressure of low overall situation centralized controller, promotes the performance of virtual network management.
Concrete operation step is:
1) local network controllers are introduced in server internal(local controller), abbreviation LC;
2) virtual machine on server and container are all connected to internal virtual switch(virtual switch-L0);
3) the nested scene for container operation on a virtual machine, container network interface card are connected to the virtual switch in virtual machine
(virtual switch-L1);
4) LC is from Unified Network controller(Unified Network Controller, abbreviation UNC)It is middle to obtain the necessary overall situation
Information, such as each tenant's virtual machine, the essential information of container and its physical distribution;
5) create virtual machine or when container, LC according to native virtual machine, container essential information under virtual switch-L0
Flow table is sent out, the access way of native virtual machine or container is got through, is isolated with vlan between tenant;
6) when virtual machine or container are deleted, LC is deleted on virtual switch-L0 and the relevant flow table of the virtual machine;
7) when virtual machine or container migrate, LC deletes before migration that virtual switch-L0 on host are upper and the void
The relevant flow table of quasi- machine, related flow table is re-issued after the completion of migration by the LC of target host machine;
8) the nested scene in virtual machine is operated in for container, when creating, delete in virtual machine, migrating container, host
LC will issue or delete corresponding flow table to virtual switch-L0, and the virtual switch virtual in virtual machine
Switch-L1 is then common Layer2 switching pattern;
9) when virtual machine or container cross-node communicate, virtual switch-L0 will be encapsulated according to the type of tenant network
It is sent for its corresponding format, as the network encapsulation of vlan types is vlan messages, is encapsulated as if the network of vxlan types
Vxlan messages;
If 10) tenant network is vlan types, configured firstly the need of the vlan for carrying out physical network;
If 11) tenant network is vxlan types, the vxlan between each server connects tunnel and is responsible for foundation by UNC entirely.
Due to UNC itself and the virtual management of not responsible virtual machine and container works, and UNC needs and third party cloud
Pipe platform interacts, and takes over its virtual network management service, and the events such as establishment, deletion, migration for monitoring virtual machine and container.
When creating virtual machine, UNC is by other respective fictionals of the relevant information of the virtual machine and current tenant network
The essential information and distribution situation of machine and container are advertised to the LC on hypervisor servers where the virtual machine, from the LC to
Its local virtual interchanger virtual switch-L0 issue flow table, get through other virtual machines in the virtual machine to tenant network
Or the communication port of container.In addition it is also necessary to which it is indoor other that the information of the virtual machine and distribution situation are advertised to this rent network
The LC on hypervisor servers where virtual machine or container, from these LC to its local virtual interchanger virtual
Switch-L0 issues flow table, gets through these virtual machines to the communication port of newly-built virtual machine, so far creates virtual machine and tenant's net
The bi-directional communication channels of other virtual machines or container are just set up in network.
When deleting virtual machine, UNC is by the relevant information announcement of the virtual machine to all virtual machines or appearance in tenant network
The LC on hypervisor servers where device is deleted by these LC on local virtual interchanger virtual switch-L0
With the relevant flow table of the virtual machine.
But when virtual machine (vm) migration, the relevant location information before the virtual machine (vm) migration is advertised in tenant network by UNC to be owned
The LC on hypervisor servers where virtual machine or container deletes local virtual interchanger virtual by these LC
Switch-L0 is upper with the relevant flow table of the virtual machine, while the location information after virtual machine (vm) migration is advertised to target after migration
In LC and tenant network on hypervisor servers on other virtual machines and hypervisor servers where container
LC is added and the relevant flow table of the virtual machine from these LC on respective local virtual interchanger virtual switch-L0.
The establishment of container, deletion, the establishment for migrating flow and above-mentioned virtual machine, deletion, migration flow are substantially similar, herein
It repeats no more, the nested virtualization scene that container operates in virtual machine is described below.
When creating nested, newly-built virtual machine is needed first, creates process as described above, when virtual machine creating is completed
Afterwards, container is created in the virtual machine internal(It is created by Container Management platform, such as kubernetes), UNC monitoring container establishment things
Other containers and virtual machine information of the relevant information of container and current tenant network are advertised to where it by part
LC on hypervisor servers issues flow table from the LC to its local virtual interchanger virtual switch-L0, gets through
The communication port of other virtual machines or container in the container to tenant network.In addition it is also necessary to by the information of the container and distribution
Situation is advertised to the LC on the hypervisor servers where other virtual machines in this tenant network or container, from these LC to
Its local virtual interchanger virtual switch-L0 issue flow table, and the communication for getting through these virtual machines to newly-built virtual machine is logical
Road so far creates virtual machine and is just set up with the bi-directional communication channels of other virtual machines or container in tenant network.
Container operates under the deletion of the container under the nested virtualization scene in virtual machine and migration and non-nested environment
Flow is almost the same, and details are not described herein again.
Communication process in tenant between virtual machine or container is also classified into several scenes, specifically includes as follows:
1)Communication between virtual machine inner pressurd vessel.Since the container in virtual machine belongs to same tenant, two kinds can be divided into again
Situation then can be communicated directly by virtual switch-L1, another kind is first, communicating pair is located at same subnet
Both sides are located at different sub-network(Between different sub-network can not direct communication, gateway need to be passed through), then need through virtual switch-
Message is sent to gateway by L0, then is sent back to after the addresses message purpose mac are changed to the addresses mac of target container network interface card by gateway
Virtual switch-L0, and virtual switch-L1 are sent to by virtual switch-L0, and finally it is sent to target appearance
Device.
2)Container in virtual machine and with the communication between the virtual machine or container on hypervisor servers.With 1)Class
Seemingly, being also classified into two kinds of situations of same subnet and different sub-network can directly pass through if source and destination belongs in same subnet
Communication is directly established in related flow table forwarding on virtual switch-L0, if source and destination belongs to different sub-network, message is first
Gateway first is given by virtual switch-L0, is sent back to after purpose mac is changed to the mac of target virtual machine or container by gateway
Virtual switch-L0, then specific virtual machine or container are sent to according to flow table forwarding by virtual switch-L0.
3)With on hypervisor servers between virtual machine and virtual machine, between virtual machine and container, container and container
Between communication.Communication process and 2)It is similar, it repeats no more.
4)Cross-node communicates.It is the same that cross-node, which is communicated with not cross-node communication nature process, and maximum difference is exactly,
When not cross-node communicates, communication is directly established by local virtual machine network between source and destination, is not necessarily to additional package(Such as
Vlan and vxlan encapsulation), and overstate node communication when, no matter source and destination whether be located at same subnet, be required to by additional
Encapsulation could establish communication process, and in addition to this other processes are almost the same.
The present invention also provides a kind of virtual machines to mix the virtual network management system of nested framework with container, includes mainly
Centralized controller and distributed director.
Centralized controller is responsible for safeguarding global information and interacts the phases such as acquisition virtual machine, container with third party cloud pipe platform
Information and distribution situation are closed, the dependent event of virtual machine and container is monitored, such as creates, delete, migration.
Distributed director(Or local controller)It is responsible for obtaining relevant information from centralized controller and safeguards local
Virtual machine or the relevant forwarding flow table of container.
Internal virtual network connection, L0 grades of virtual friendships are connected and composed by two-stage virtual machine interchanger in virtualized server
The virtual switch-L0 that change planes are flow table forward mode, are operated on hypervisor, L1 grades of virtual switches
Virtual switch-L1 are common forward mode, operate in virtual machine internal.
The tenant of virtual machine and container isolation is by L0 virtual switch virtual switch-L0 on each virtual port
It is isolated with vlan and is realized, each container on L1 grades of interchanger virtual switch-L1 is not due to belonging to same tenant's container, therefore not
It does and is isolated.
When virtual machine or container create, UNC is by virtual machine or container essential information with distributing position information announcement to place
The LC on all hypervisor servers in tenant network, local virtual interchanger virtual is safeguarded by each LC
The communication flow table of virtual machine or container and other virtual machines and container in tenant network is created on switch-L0.
When virtual machine or container are deleted, UNC owns virtual machine or the relevant information announcement of container in tenant network
LC on hypervisor servers, is deleted that local virtual interchanger virtual switch-L0 are upper and the virtual machine by each LC
Or the relevant flow table of container.
When virtual machine or container migrate, the relevant information before UNC migrates virtual machine or container is advertised in tenant network
LC on all hypervisor servers, is deleted that local virtual interchanger virtual switch-L0 are upper and the void by each LC
Quasi- machine or the relevant flow table of container, the relevant information after UNC migrates virtual machine or container in addition are advertised to institute in tenant network
There is the LC on hypervisor servers, the virtual machine on local virtual interchanger virtual switch-L0 is safeguarded by each LC
Or the communication flow table of container and other virtual machines and container in tenant network.
The beneficial effects of the invention are as follows
1) virtual machine is put on an equal footing with container, can realize the Unified Network management of virtual machine and container;
2) container is supported to operate in the virtual network management of the nested virtualization scene in virtual machine;
3) on control plane section bottom to hypervisor servers, virtual network management of performance can be promoted.
Description of the drawings
The typical scene figure of Fig. 1 virtual machines and container mixed deployment;
Fig. 2 server internal virtual network annexation figures;
Fig. 3 Unified Network management framework figures.
Specific implementation mode
More detailed elaboration is carried out to present disclosure below:
The mixed deployment of virtual machine and container is divided into following several scenes:1)Virtual machine operates on physical server;2)Container
It operates on physical server;3)Container nesting operates in virtual machine;4)Virtual machine nesting is run in a reservoir;5)Virtual machine
Nesting operates in virtual machine;6)Container nesting is run in a reservoir.From the demand of current cloud calculation service and the value of application
From the point of view of, 1 and 2 belong to most typical application scenarios, and scene 3 can meet certain special application demands, such as to resource isolation
It is contemplated that and is deployed in inside independent virtual machine with the higher container of security requirement, and 4,5, the 6 currently practical application of scene
Less, application value is also little, may not necessarily temporarily consider, Unified Network management method proposed by the present invention primarily directed to
1,2,3 scene, as shown in Figure 1.
Unified Network management method proposed by the invention, including:
12) local network controllers are introduced in server internal(local controller), abbreviation LC;
13) virtual machine on server and container are all connected to internal virtual switch(virtual switch-L0);
14) the nested scene for container operation on a virtual machine, container network interface card are connected to the virtual switch in virtual machine
(virtual switch-L1);
15) LC is from Unified Network controller(Unified Network Controller, abbreviation UNC)It is middle to obtain the necessary overall situation
Information, such as each tenant's virtual machine, the essential information of container and its physical distribution;
16) create virtual machine or when container, LC according to native virtual machine, container essential information to virtual switch-L0
Flow table is issued, the access way of native virtual machine or container is got through, is isolated with vlan between tenant;
17) when virtual machine or container are deleted, LC is deleted on virtual switch-L0 and the relevant flow table of the virtual machine;
18) when virtual machine or container migrate, LC deletes before migration that virtual switch-L0 on host are upper and the void
The relevant flow table of quasi- machine, related flow table is re-issued after the completion of migration by the LC of target host machine;
19) the nested scene in virtual machine is operated in for container, when creating, delete in virtual machine, migrating container, host
LC will issue or delete corresponding flow table to virtual switch-L0, and the virtual switch virtual in virtual machine
Switch-L1 is then common Layer2 switching pattern;
20) when virtual machine or container cross-node communicate, virtual switch-L0 will be encapsulated according to the type of tenant network
It is sent for its corresponding format, as the network encapsulation of vlan types is vlan messages, is encapsulated as if the network of vxlan types
Vxlan messages;
If 21) tenant network is vlan types, configured firstly the need of the vlan for carrying out physical network;
If 22) tenant network is vxlan types, the vxlan between each server connects tunnel and is responsible for foundation by UNC entirely.
Fig. 2 is the connection relation of server internal virtual network, and the container and virtual machine on hypervisor servers are equal
Pass through tap mouthfuls or virtual port(Such as veth)It is connected to local virtual interchanger virtual switch-L0, virtual
Switch-L0 is operated in flow table forward mode, and flow table rule is issued by local controller LC.Container in virtual machine then passes through
Tap mouthfuls of virtual ports(Such as veth)It is connected to virtual switch the virtual switch-L1, virtual of virtual machine internal
Switch-L1 is operated in common L2 forward modes(Because the container in a virtual machine belongs to a tenant, therefore in virtual machine
Container between without vlan be isolated), since the tap of virtual machine is articulated on virtual switch-L0,
Virtual switch-L0 are connected to virtual switch-L1, since there may be multiple rents on hypervisor servers
The virtual machine or container at family, therefore need on the virtual port of virtual switch-L0 to open tenant's virtual machine or container
Vlan is isolated, and one only local No. vlan is distributed to different tenants, when virtual machine or across the physical node communication of container, need
By local No. vlan replace with actual physics network No. vlan in message(Vlan is encapsulated)Or the vni of vxlan(vxlan
Encapsulation).
Fig. 3 is the general frame of unified virtual network management system, with traditional virtual Networking Solutions & provisioned(Such as neutron)
Unlike, the present invention is using centralization in maintenance one in the distributed control plane being combined, system is global
Centre controller UNC, UNC are responsible for safeguarding the essential information of the global information of data center network and virtual machine and container(Call phase
It closes interface to obtain from third-party platform, such as openstack or kubernetes), additionally in each hypervisor servers
The upper local controller LC, LC for opening a lightweight is responsible for safeguarding on virtual switch virtual switch-L0 local empty
Quasi- machine and the relevant flow table rule of container, hide LC needs and obtain enough global informations from UNC, as tenant container with it is virtual
Machine essential information and distribution situation etc..
The unified virtual machine network management method that the present invention is carried, virtual machine is made no exception with container, is put on an equal footing, is carried
The virtual network managerial ability that container is merged with virtual machine is supplied, and it is empty to support that container operates in the nesting in virtual machine
Quasi-ization scene enriches the application scenarios of virtualization.
Claims (9)
1. virtual machine mixes the virtual network management method of nested framework with container, which is characterized in that
The advantages of combining centralization and distributed director, will be under control plane partial function using two-step evolution device structure
It sinks in the local controller on hypervisor servers, centralized controller is responsible for global data maintenance and and third party
Pipe platform interface is transported, local controller is responsible for the maintenance of the flow table on native virtual machine interchanger.
2. according to the method described in claim 1, it is characterized in that,
Mainly include the following steps:
1)Local network controllers, abbreviation LC are introduced in server internal;
2)Virtual machine and container on server are all connected to internal virtual switch(virtual switch-L0);
3)For the nested scene of container operation on a virtual machine, container network interface card is connected to the virtual switch in virtual machine
(virtual switch-L1);
4)LC obtains global information from Unified Network controller;
5)Create virtual machine or when container, LC according to native virtual machine, container essential information under virtual switch-L0
Flow table is sent out, the access way of native virtual machine or container is got through, is isolated with vlan between tenant;
6)When virtual machine or container are deleted, LC is deleted on virtual switch-L0 and the relevant flow table of the virtual machine;
7)When virtual machine or container migrate, LC deletes before migration that virtual switch-L0 on host are upper and the void
The relevant flow table of quasi- machine, related flow table is re-issued after the completion of migration by the LC of target host machine;
8)Nested scene in virtual machine is operated in for container, when creating, delete in virtual machine, migrating container, host
LC will issue or delete corresponding flow table to virtual switch-L0, and the virtual switch virtual in virtual machine
Switch-L1 is then common Layer2 switching pattern;
9)When virtual machine or container cross-node communicate, virtual switch-L0 will be encapsulated according to the type of tenant network
It is sent for its corresponding format;
10)If tenant network is vlan types, configured firstly the need of the vlan for carrying out physical network;
11)If tenant network is vxlan types, the vxlan between each server connects tunnel by Unified Network controller entirely
It is responsible for foundation.
3. according to the method described in claim 2, it is characterized in that,
When creating virtual machine, network controller(UNC)By other of the relevant information of the virtual machine and current tenant network
LC where the essential information and distribution situation of associated virtual machine and container are advertised to the virtual machine on hypervisor servers,
Issue flow table from the LC to its local virtual interchanger virtual switch-L0, get through the virtual machine in tenant network its
The communication port of its virtual machine or container.
4. according to the method described in claim 3, it is characterized in that,
It also needs to the information of the virtual machine and distribution situation being advertised to where the indoor other virtual machines of this rent network or container
LC on hypervisor servers issues flow table from these LC to its local virtual interchanger virtual switch-L0, beats
Lead to these virtual machines to the communication port of newly-built virtual machine, so far creates virtual machine and other virtual machines or container in tenant network
Bi-directional communication channels just set up.
5. according to the method described in claim 4, it is characterized in that,
When deleting virtual machine, network controller(UNC)By the relevant information announcement of the virtual machine to all void in tenant network
The LC on hypervisor servers where quasi- machine or container, local virtual interchanger virtual is deleted by these LC
Switch-L0 is upper with the relevant flow table of the virtual machine;
But when virtual machine (vm) migration, the relevant location information before the virtual machine (vm) migration is advertised to all virtual in tenant network by UNC
The LC on hypervisor servers where machine or container deletes local virtual interchanger virtual by these LC
Switch-L0 is upper with the relevant flow table of the virtual machine, while the location information after virtual machine (vm) migration is advertised to target after migration
In LC and tenant network on hypervisor servers on other virtual machines and hypervisor servers where container
LC is added and the relevant flow table of the virtual machine from these LC on respective local virtual interchanger virtual switch-L0.
6. according to the method described in claim 3, it is characterized in that,
When creating nested, need newly-built virtual machine, after the completion of virtual machine creating, create and hold in the virtual machine internal first
Device, UNC monitors container and creates event, by other containers and virtual machine information of the relevant information of container and current tenant network
The LC being advertised on the hypervisor servers where it, from the LC to its local virtual interchanger virtual switch-
L0 issues flow table, gets through the communication port of other virtual machines or container in the container to tenant network.
7. according to the method described in claim 6, it is characterized in that,
It also needs to the information of the container and distribution situation being advertised in this tenant network where other virtual machines or container
LC on hypervisor servers issues flow table from these LC to its local virtual interchanger virtual switch-L0, beats
Lead to these virtual machines to the communication port of newly-built virtual machine, so far creates virtual machine and other virtual machines or container in tenant network
Bi-directional communication channels just set up.
8. according to the method described in claim 6, it is characterized in that,
Communication process in tenant between virtual machine or container specifically includes as follows:
1)Communication between virtual machine inner pressurd vessel
Since the container in virtual machine belongs to same tenant, two kinds of situations can be divided into again, first, communicating pair is positioned at same
Subnet then can be communicated directly by virtual switch-L1, and another kind is that both sides are located at different sub-network, then needs to pass through
Message is sent to gateway by virtual switch-L0, then the addresses message purpose mac are changed to target container network interface card by gateway
It sends virtual switch-L0 behind the addresses mac back to, and virtual switch-L1 is sent to by virtual switch-L0, and
Finally it is sent to target container;
2)Container in virtual machine and with the communication between the virtual machine or container on hypervisor servers
Being also classified into two kinds of situations of same subnet and different sub-network can directly pass through if source and destination belongs in same subnet
Communication is directly established in related flow table forwarding on virtual switch-L0, if source and destination belongs to different sub-network, message is first
Gateway first is given by virtual switch-L0, is sent back to after purpose mac is changed to the mac of target virtual machine or container by gateway
Virtual switch-L0, then specific virtual machine or container are sent to according to flow table forwarding by virtual switch-L0;
3)With on hypervisor servers between virtual machine and virtual machine, between virtual machine and container, between container and container
Communication
Communication process and 2)It is identical;
4)Cross-node communicates
When not cross-node communicates, communication is directly established by local virtual machine network between source and destination, without additional envelope
Dress;And when overstating node communication, no matter whether source and destination is located at same subnet, is required to establish by additional encapsulation logical
Letter process, in addition to this other processes are consistent.
9. virtual machine mixes the virtual network management system of nested framework with container, which is characterized in that
Include mainly:Centralized controller and distributed director;
Centralized controller be responsible for safeguarding global information and interacted with third party cloud pipe platform obtain virtual machine, container information and
Distribution situation monitors the dependent event of virtual machine and container, such as creates, deletes, migration;
Distributed director is responsible for obtaining relevant information from centralized controller and safeguards that native virtual machine or container are relevant
Forward flow table;
Internal virtual network connection, L0 grades of virtual switches are connected and composed by two-stage virtual machine interchanger in virtualized server
Virtual switch-L0 are flow table forward mode, are operated on hypervisor, L1 grades of virtual switch virtual
Switch-L1 is common forward mode, operates in virtual machine internal;
The tenant of virtual machine and container isolation is used by L0 virtual switch virtual switch-L0 on each virtual port
Vlan isolation realizes that each container on L1 grades of interchanger virtual switch-L1 is not done due to belonging to same tenant's container
Isolation;
When virtual machine or container create, network controller UNC is by virtual machine or container essential information and distributing position information announcement
To the LC on all hypervisor servers in the tenant network of place, local virtual interchanger virtual is safeguarded by each LC
The communication flow table of virtual machine or container and other virtual machines and container in tenant network is created on switch-L0;
When virtual machine or container are deleted, UNC owns virtual machine or the relevant information announcement of container in tenant network
LC on hypervisor servers, is deleted that local virtual interchanger virtual switch-L0 are upper and the virtual machine by each LC
Or the relevant flow table of container;
When virtual machine or container migrate, the relevant information before virtual machine or container migration is advertised in tenant network by UNC to be owned
LC on hypervisor servers, is deleted that local virtual interchanger virtual switch-L0 are upper and the virtual machine by each LC
Or the relevant flow table of container, the relevant information after UNC migrates virtual machine or container in addition, which is advertised in tenant network, to be owned
LC on hypervisor servers, by each LC safeguard on local virtual interchanger virtual switch-L0 the virtual machine or
The communication flow table of container and other virtual machines and container in tenant network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810083753.1A CN108418705B (en) | 2018-01-29 | 2018-01-29 | Virtual network management method and system of virtual machine and container mixed nested architecture |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810083753.1A CN108418705B (en) | 2018-01-29 | 2018-01-29 | Virtual network management method and system of virtual machine and container mixed nested architecture |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108418705A true CN108418705A (en) | 2018-08-17 |
| CN108418705B CN108418705B (en) | 2021-01-08 |
Family
ID=63126581
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810083753.1A Active CN108418705B (en) | 2018-01-29 | 2018-01-29 | Virtual network management method and system of virtual machine and container mixed nested architecture |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108418705B (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109450768A (en) * | 2018-11-01 | 2019-03-08 | 中国联合网络通信集团有限公司 | The method of container interconnection and the system interconnected for container |
| CN110730133A (en) * | 2019-10-21 | 2020-01-24 | 北京百度网讯科技有限公司 | Route notification method and system |
| CN110838954A (en) * | 2019-11-07 | 2020-02-25 | 中国人民解放军国防科技大学 | Lightweight large-scale autonomous network protocol function test method |
| CN111522624A (en) * | 2020-04-17 | 2020-08-11 | 成都安恒信息技术有限公司 | Message forwarding performance flexible extension system based on virtualization technology and extension method thereof |
| CN112035216A (en) * | 2020-09-01 | 2020-12-04 | 浪潮云信息技术股份公司 | Communication method for Kubernetes cluster network and OpenStack network |
| CN112398688A (en) * | 2020-11-13 | 2021-02-23 | 广东省华南技术转移中心有限公司 | Container network configuration method, container network system, and storage medium |
| CN113114552A (en) * | 2020-01-13 | 2021-07-13 | 上海云轴信息科技有限公司 | Method and equipment for providing network for virtual machine and container in cloud platform |
| CN113472563A (en) * | 2021-05-13 | 2021-10-01 | 新华三大数据技术有限公司 | Network configuration issuing method and device |
| CN113472848A (en) * | 2021-05-31 | 2021-10-01 | 济南浪潮数据技术有限公司 | Network fusion method and device of virtual machine and container and related equipment |
| CN113612688A (en) * | 2021-07-14 | 2021-11-05 | 曙光信息产业(北京)有限公司 | Distributed software defined network control system and construction method thereof |
| CN113821268A (en) * | 2020-06-18 | 2021-12-21 | 复旦大学 | Kubernetes network plug-in method fused with OpenStack Neutron |
| CN114342342A (en) * | 2019-10-30 | 2022-04-12 | Vm维尔股份有限公司 | Distributed service chaining across multiple clouds |
| CN114363021A (en) * | 2021-12-22 | 2022-04-15 | 绿盟科技集团股份有限公司 | Network shooting range system, virtual network implementation method and device of network shooting range system |
| CN115426259A (en) * | 2022-08-29 | 2022-12-02 | 浪潮电子信息产业股份有限公司 | Network access control method, device, equipment and storage medium |
| CN116820686A (en) * | 2023-08-29 | 2023-09-29 | 苏州浪潮智能科技有限公司 | Physical machine deployment method, virtual machine and container unified monitoring method and device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090217267A1 (en) * | 2008-02-25 | 2009-08-27 | Alexander Gebhart | Dynamic Resizing of Applications Running on Virtual Machines |
| CN104518935A (en) * | 2013-09-27 | 2015-04-15 | 华为技术有限公司 | Method for realizing virtual network communication, device, and system |
| CN105763512A (en) * | 2014-12-17 | 2016-07-13 | 杭州华三通信技术有限公司 | SDN virtual network communication method and device |
| WO2016174597A1 (en) * | 2015-04-27 | 2016-11-03 | Telefonaktiebolaget Lm Ericsson (Publ) | Service based intelligent packet-in mechanism for openflow switches |
| CN106712988A (en) * | 2015-08-25 | 2017-05-24 | 新华三技术有限公司 | Virtual network management method and device |
| CN106936777A (en) * | 2015-12-29 | 2017-07-07 | 中移(苏州)软件技术有限公司 | Cloud computing distributed network implementation method based on OpenFlow, system |
| US20180006872A1 (en) * | 2016-06-30 | 2018-01-04 | Microsoft Technology Licensing, Llc. | Data Plane API in a Distributed Computing Network |
-
2018
- 2018-01-29 CN CN201810083753.1A patent/CN108418705B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090217267A1 (en) * | 2008-02-25 | 2009-08-27 | Alexander Gebhart | Dynamic Resizing of Applications Running on Virtual Machines |
| CN104518935A (en) * | 2013-09-27 | 2015-04-15 | 华为技术有限公司 | Method for realizing virtual network communication, device, and system |
| CN105763512A (en) * | 2014-12-17 | 2016-07-13 | 杭州华三通信技术有限公司 | SDN virtual network communication method and device |
| WO2016174597A1 (en) * | 2015-04-27 | 2016-11-03 | Telefonaktiebolaget Lm Ericsson (Publ) | Service based intelligent packet-in mechanism for openflow switches |
| CN106712988A (en) * | 2015-08-25 | 2017-05-24 | 新华三技术有限公司 | Virtual network management method and device |
| CN106936777A (en) * | 2015-12-29 | 2017-07-07 | 中移(苏州)软件技术有限公司 | Cloud computing distributed network implementation method based on OpenFlow, system |
| US20180006872A1 (en) * | 2016-06-30 | 2018-01-04 | Microsoft Technology Licensing, Llc. | Data Plane API in a Distributed Computing Network |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109450768B (en) * | 2018-11-01 | 2021-06-01 | 中国联合网络通信集团有限公司 | Method for interconnecting containers and system for interconnecting containers |
| CN109450768A (en) * | 2018-11-01 | 2019-03-08 | 中国联合网络通信集团有限公司 | The method of container interconnection and the system interconnected for container |
| CN110730133B (en) * | 2019-10-21 | 2021-11-12 | 北京百度网讯科技有限公司 | Route notification method and system |
| CN110730133A (en) * | 2019-10-21 | 2020-01-24 | 北京百度网讯科技有限公司 | Route notification method and system |
| CN114342342A (en) * | 2019-10-30 | 2022-04-12 | Vm维尔股份有限公司 | Distributed service chaining across multiple clouds |
| CN110838954A (en) * | 2019-11-07 | 2020-02-25 | 中国人民解放军国防科技大学 | Lightweight large-scale autonomous network protocol function test method |
| CN113114552A (en) * | 2020-01-13 | 2021-07-13 | 上海云轴信息科技有限公司 | Method and equipment for providing network for virtual machine and container in cloud platform |
| CN111522624A (en) * | 2020-04-17 | 2020-08-11 | 成都安恒信息技术有限公司 | Message forwarding performance flexible extension system based on virtualization technology and extension method thereof |
| CN111522624B (en) * | 2020-04-17 | 2023-10-20 | 成都安恒信息技术有限公司 | Message forwarding performance elastic expansion system and expansion method based on virtualization technology |
| CN113821268B (en) * | 2020-06-18 | 2024-06-04 | 复旦大学 | Kubernetes network plug-in method fused with OpenStack Neutron |
| CN113821268A (en) * | 2020-06-18 | 2021-12-21 | 复旦大学 | Kubernetes network plug-in method fused with OpenStack Neutron |
| CN112035216A (en) * | 2020-09-01 | 2020-12-04 | 浪潮云信息技术股份公司 | Communication method for Kubernetes cluster network and OpenStack network |
| CN112035216B (en) * | 2020-09-01 | 2023-02-21 | 浪潮云信息技术股份公司 | Communication method for Kubernetes cluster network and OpenStack network |
| CN112398688A (en) * | 2020-11-13 | 2021-02-23 | 广东省华南技术转移中心有限公司 | Container network configuration method, container network system, and storage medium |
| CN113472563A (en) * | 2021-05-13 | 2021-10-01 | 新华三大数据技术有限公司 | Network configuration issuing method and device |
| CN113472563B (en) * | 2021-05-13 | 2023-12-26 | 新华三大数据技术有限公司 | Network configuration issuing method and device |
| CN113472848A (en) * | 2021-05-31 | 2021-10-01 | 济南浪潮数据技术有限公司 | Network fusion method and device of virtual machine and container and related equipment |
| CN113612688A (en) * | 2021-07-14 | 2021-11-05 | 曙光信息产业(北京)有限公司 | Distributed software defined network control system and construction method thereof |
| CN114363021B (en) * | 2021-12-22 | 2023-11-03 | 绿盟科技集团股份有限公司 | Network target range system, virtual network implementation method and device of network target range system |
| CN114363021A (en) * | 2021-12-22 | 2022-04-15 | 绿盟科技集团股份有限公司 | Network shooting range system, virtual network implementation method and device of network shooting range system |
| CN115426259A (en) * | 2022-08-29 | 2022-12-02 | 浪潮电子信息产业股份有限公司 | Network access control method, device, equipment and storage medium |
| CN116820686A (en) * | 2023-08-29 | 2023-09-29 | 苏州浪潮智能科技有限公司 | Physical machine deployment method, virtual machine and container unified monitoring method and device |
| CN116820686B (en) * | 2023-08-29 | 2024-01-09 | 苏州浪潮智能科技有限公司 | Physical machine deployment method, virtual machine and container unified monitoring method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108418705B (en) | 2021-01-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108418705A (en) | Virtual machine mixes the virtual network management method and system of nested framework with container | |
| CN102457439B (en) | Virtual switching system and method of cloud computing system | |
| CN106953848B (en) | Software defined network implementation method based on ForCES | |
| US10476699B2 (en) | VLAN to VXLAN translation using VLAN-aware virtual machines | |
| CN104584491B (en) | Distributed virtual route and the system and method for exchanging (DVRS) are provided | |
| CN109194502B (en) | Management method of multi-tenant container cloud computing system | |
| CN106209688B (en) | Cloud data multicast methods, devices and systems | |
| CN107357660A (en) | The distribution method and device of a kind of virtual resource | |
| US20150100958A1 (en) | Traffic migration acceleration for overlay virtual environments | |
| CN106126318A (en) | The dynamic migration method of virtual machine in a kind of Openstack cloud platform | |
| CN105283838A (en) | Distributed lock management in a cloud computing environment | |
| CN107959614B (en) | Multi-tenant customized networking method and system based on network name space | |
| CN104584484A (en) | System and method providing policy based data center network automation | |
| EP3028528A1 (en) | System and method for mobile network function virtualization | |
| WO2014089052A1 (en) | Systems and methods for protecting an identity in network communications | |
| CN106685787A (en) | Power VM virtualized network management method and device based on Open Stack | |
| CN106899478B (en) | Method for realizing resource elastic expansion of power test service through cloud platform | |
| US20230231741A1 (en) | Per-namespace ip address management method for container networks | |
| US20240031432A1 (en) | High Availability and High Utilization Cloud Data Center Architecture for Supporting Telecommunications Services | |
| CN107070717A (en) | A kind of method that Docker containers across main frame are communicated | |
| CN111064649A (en) | Method and device for realizing binding of layered ports, control equipment and storage medium | |
| CN106487556A (en) | The dispositions method of business function SF and device | |
| CN108599999A (en) | The network of OVS and Linux bridge is disposed in a kind of SDN new networks | |
| US20240121186A1 (en) | Layer-2 networking using access control lists in a virtualized cloud environment | |
| CN117997734A (en) | Management method and system for multi-resource pool network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Qi Guangpeng Inventor after: Hu Zhangfeng Inventor before: Hu Zhangfeng |
|
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20201221 Address after: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Applicant after: Inspur cloud Information Technology Co., Ltd Address before: Floor S06, Inspur Science Park, No. 1036, Inspur Road, hi tech Zone, Jinan City, Shandong Province Applicant before: SHANDONG HUIMAO ELECTRONIC PORT Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |