CN110727547A - System and method for protecting Docker application container - Google Patents
System and method for protecting Docker application container Download PDFInfo
- Publication number
- CN110727547A CN110727547A CN201910859061.6A CN201910859061A CN110727547A CN 110727547 A CN110727547 A CN 110727547A CN 201910859061 A CN201910859061 A CN 201910859061A CN 110727547 A CN110727547 A CN 110727547A
- Authority
- CN
- China
- Prior art keywords
- docker
- container
- backup
- application
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention relates to a system and a method for protecting a Docker application Container, which construct and release a Docker Backup proxy mirror image by virtue of the advantages of a Docker Container technology, utilize a Container arrangement service module in an enterprise Container service platform to manage a Backup proxy process, deploy a Docker Backup proxy Container inside the enterprise Container service platform, and integrate the Backup proxy process into a Docker Backup proxy Container. Compared with the prior art, the method and the system solve a series of complicated problems of deployment, management, updating, upgrading and the like of the backup proxy process when the backup recovery subsystem protects the Docker application container, and can ensure the application consistency of backup data when the Docker application container is backed up.
Description
Technical Field
The invention relates to the field of backup recovery of computer application systems, in particular to a system and a method for protecting a Docker application container.
Background
Docker is a very successful Linux open source project, combines LXC, Union File System and cgroups, creates a containerization standard for millions of developers around the world, and becomes the fastest ever-adopted developer technology. Due to the excellent technical characteristics of the Docker container technology, such as flexibility, replaceability, portability, expandability and the like, the Docker container technology is widely applied to enterprises and becomes a main trend for deploying application programs in public clouds and private clouds.
Application data protection is a concern that should be considered at the outset of enterprise-level application programming. For some historical reasons, the data protection mechanism of the Docker container is not perfect at present, and is not mature as much as the data protection mechanism of the virtual machine (for example, VMware provides VADP for VMware virtual machine protection, and Microsoft provides VSS for Hyper-V virtualization protection), which makes the data protection of the Docker container more challenging.
The current industry protection schemes for Docker container data are mainly of two types:
one is based on a Docker built-in backup and recovery mechanism, which is usually implemented by an enterprise IT administrator through scripts to backup data to the local. The method is lack of effective historical version management of backup data, all backup and recovery operations need to be performed manually, and when the environment is changed, a script needs to be modified and updated, so that the method is complex in operation and difficult to maintain, and is only suitable for few Docker application container scenes;
another type is a traditional file-based backup and restore approach that requires a backup agent to be installed on the environment where the backup data source is located to be able to access and backup the file system. If applications such as Oracle, MySQL, and Redis run inside the application container, a corresponding application agent is also needed to ensure the application consistency of the backup data. The backup agent process, as part of the backup and restore system, needs to consider the tedious problems of deployment, management, updating, upgrading, etc. Many agents are destructive and need to be restarted by an operating system, so that all containers are destroyed, while other agents need to be restarted by an application program every time the agents are deployed, repaired or updated, and in the scene of backup recovery of a Docker application container, the problem of a backup agent is amplified invisibly because the design concept of the Docker container is that the Docker container is isolated from a host machine in a resource layer and discarded rather than repaired after exception.
In addition, all current backup schemes lack a verification link for the validity of the backup data of the application container. When a data disaster occurs, an enterprise expects to backup data, and the event that the enterprise data cannot be recovered due to the failure of the backup data often occurs, and the situation that the enterprise data is ready to be used is not really achieved. Therefore, how to flexibly, efficiently, safely and reliably solve the data protection problem of the Docker application container becomes a difficult problem to be solved urgently when an enterprise deploys the Docker application container environment in a large scale.
Disclosure of Invention
The present invention is directed to overcome the above-mentioned drawbacks of the prior art, and provides a system and a method for protecting a Docker application container, which flexibly, efficiently, safely, and reliably solve the problem of data protection of the Docker application container.
The purpose of the invention can be realized by the following technical scheme:
a system for protecting a Docker application container is used for backup recovery of the Docker application container, and comprises a backup recovery subsystem and an enterprise container service platform which are mutually communicated and connected, wherein the backup recovery subsystem comprises a WEB service module, a task arranging service module, a data backup service module and a snapshot storage system module which are sequentially connected, the enterprise container service platform comprises an enterprise private Docker mirror image warehouse, the backup recovery subsystem further comprises a Docker backup agent mirror image and a Docker container management service module which is respectively connected with the data backup service module and the snapshot storage system module, the Docker container management service module is internally preset with the Docker backup agent mirror image, and the Docker backup agent mirror image is led into the enterprise private Docker mirror image warehouse through the Docker container management service module so that the container arranging service module in the enterprise container service platform can be used, the problem of a series of complicacies in the backup process of the Docker application container is solved.
The enterprise Container service platform further comprises a plurality of Application containers Application Pods, Application Container data persistence storage Application volumes connected with the Application containers Application Pods in a one-to-one corresponding mode, a Docker Container arrangement system module and a Docker Backup proxy Container Backup Agent Container arranged through the Docker Container arrangement system module, wherein the data Backup service module is in communication connection with the Docker Backup proxy Container Backup Agent Container for data Backup recovery operation, a Backup proxy process is integrated in the Docker Backup proxy Container Backup Agent, and the Application consistency of Backup data during Backup of the Docker Application containers can be guaranteed through the Backup proxy process integrated in the Docker Backup proxy Container Backup Agent Container, so that management of the Backup proxy process is realized.
Further, the Docker container management service module comprises a Docker daemon process, an application data verification container and a local Docker mirror image, wherein the Docker backup proxy mirror image is preset in the local Docker mirror image, and the local Docker mirror image is connected with an enterprise private Docker mirror image warehouse, so that the Docker backup proxy mirror image is led into the enterprise private Docker mirror image warehouse.
Furthermore, the Docker daemon monitors Docker API requests and processes related requests in time, so that the system keeps high efficiency in the backup recovery and data verification processes, and manages Docker objects, wherein the Docker objects comprise images, containers, networks and volumes.
Further, the Docker backup Agent Image comprises an Operating system basic Image, a Library file Image dependent on the original backup Agent, and an original backup Agent process Agent Application Image, wherein the original backup Agent process Agent Application Image comprises a basic component Base Module and an upper layer Application backup Agent component, and the basic component Base Module comprises a Data transmission Client component Data Transfer Client and a Storage Client component Storage Client.
Furthermore, the backup recovery subsystem further comprises a data verification service module connected with the Docker container management service module, the data verification service module drives the Docker container management service module to verify the validity of backup data, an application container mirror image bearing production services is stored in the enterprise private Docker mirror image warehouse, the local Docker mirror image acquires the application container mirror image from the enterprise private Docker mirror image warehouse to provide a Docker operating environment, validity check is performed on the backup data, and the reliability of data protection of the Docker application container is further improved.
The method for protecting the Docker application container system is used for protecting the application data of an enterprise-level application program, and the method carries out data backup and recovery through the communication connection of a backup recovery subsystem and an enterprise container service platform, and is characterized by comprising the following steps:
s1, constructing a Docker backup proxy mirror image and a Docker container management service module, and pre-arranging the Docker backup proxy mirror image in the Docker container management service module;
s2, integrating a Docker container management service module in the backup recovery subsystem;
s3, importing the Docker backup proxy mirror image into an enterprise private Docker mirror image warehouse;
s4, deploying a Docker Backup Agent Container in the enterprise Container service platform;
and S5, the Docker Backup Agent Container communicates with the Backup recovery subsystem, and executes data Backup recovery operation according to the instruction of the Backup recovery subsystem.
Further, the step S4 includes:
41a) deploying a Docker Backup Agent Container provider for each Application Container Application Pod in the enterprise Container service platform by using a Docker Container arrangement system module;
42a) configuring an additional IP address for each Docker Backup proxy Container Backup Agent Container;
43a) and mounting the Application Volume of the Application Container data persistent storage into a Docker Backup proxy Container Backup Agent Container.
Further, the step S4 includes:
41b) deploying one or more Docker Backup proxy Container Backup Agent containers for all Application Container Application Pods in the enterprise Container service platform by using a Docker Container arranging system module;
42b) configuring an additional IP address for the Docker Backup Agent Container;
43b) and mounting the data persistence storage Application Volume of the Application Container into a Docker Backup proxy Container Backup Agent Container.
Further, the step S5 specifically includes:
51) the WEB service module receives a container backup task and a task arrangement strategy set by a login user in a backup recovery subsystem;
52) the task arranging service module stores the task arranging strategy and triggers the data backup service module or the data verification service module to execute operation according to the task arranging strategy;
53) the data Backup service module is communicated with a Docker Backup Agent Container and sends a data Backup command;
54) the Docker Backup proxy Container Backup Agent Container performs Backup operation on application Container data of a corresponding application Container applicationPod;
55) and the snapshot storage system module stores application backup data.
Compared with the prior art, the invention has the following advantages:
1) by means of the advantages of the Docker container technology, a Docker backup proxy mirror image is constructed, the Docker backup proxy mirror image is led into an enterprise private Docker mirror image warehouse, a container arrangement service module in an enterprise container service platform is used for managing a backup proxy process, and a series of complex problems of deployment, management, updating, upgrading and the like of the backup proxy process when a Docker application container is protected by a backup recovery subsystem are solved;
2) by means of the technical advantages of the existing Backup recovery subsystem in the field of data protection, a Docker Backup proxy Container Backup Agent is deployed in an enterprise Container service platform, a Backup proxy process is integrated in the Docker Backup proxy Container Backup Agent, and the application consistency of Backup data during Backup of a Docker application Container can be guaranteed;
3) by integrating the Docker container management service module in the backup recovery subsystem, a Docker operating environment is provided, application container mirroring in an enterprise private Docker mirroring warehouse is combined with the backup recovery system, and the reliability of the data protection technical scheme of the Docker application container is further improved.
Drawings
FIG. 1 is a schematic diagram of a mirror structure of a Docker backup proxy;
FIG. 2 is a schematic diagram of a Docker container management service module;
FIG. 3 is a schematic diagram of a backup recovery subsystem;
FIG. 4 is a schematic structural diagram of an enterprise container service platform after a backup proxy mirror image is imported into an enterprise private Docker mirror image warehouse;
fig. 5 is a schematic structural view of an enterprise container service platform after deployment of a Docker backup proxy container is completed according to the method in embodiment 1;
fig. 6 is a schematic structural view of an enterprise container service platform after deployment of a Docker backup proxy container is completed according to the method in embodiment 2.
The System comprises a Backup recovery subsystem 1, a Backup recovery subsystem 11, a WEB service Module 12, a task orchestration service Module 13, a data Backup service Module 14, a data verification service Module 15, a snapshot storage System Module 16, a Docker Container management service Module 161, a Docker daemon 162, a local Docker mirror Image 163, an Application data verification Container 2, an enterprise Container service platform 21, a Docker Container orchestration System Module 22, an enterprise private Docker mirror warehouse 23, an Application Container ApplicationPod 24, a Docker Backup proxy Container Backup Agent 3, a Docker Backup proxy Image 31, an original Backup proxy process Agent Application Image 32, a Library file mirror Image agentdendend Library Image depending on the original Backup proxy Agent 33, an Operating System Base Image 311, an upper-layer Application Backup proxy component 312, and a Base component Base.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments.
Examples
The invention constructs and releases a Docker Backup proxy mirror image 3 by virtue of the advantages of a Docker Container technology, arranges a service module by utilizing a Container in an enterprise Container service platform 2, and manages a Backup proxy process, meanwhile, the invention arranges a Docker Backup proxy Container Backup Agent provider 24 in the enterprise Container service platform 2, integrates the Backup proxy process in the Docker Backup proxy Container Backup Agent provider 24, further constructs a Docker operating environment by integrating a Docker Container management service module 16 in a Backup recovery subsystem 1, and performs validity check on Backup data by combining an application Container mirror image in an enterprise private Docker mirror image 22 and a data validity verification script or tool preset in the Backup recovery subsystem 1.
The basic idea of the invention is as follows: the backup agent of the existing backup recovery subsystem 1 is packaged into a Docker backup agent mirror image 3 and is issued to the outside, an enterprise IT administrator can lead the Docker backup agent mirror image 3 into an enterprise private Docker mirror image warehouse 22, so that the backup agent can be deployed and managed in the enterprise container service platform 2 quickly and agilely, and the Application data inside the Application container Application Pod23 running in the enterprise container service platform 2 is backed up by using the original Application system backup component in the backup agent. Synchronously, a whole set of Docker operating environment is integrated in the backup recovery subsystem 1, and an enterprise IT administrator can grant the access right of the enterprise private Docker mirror image warehouse 22 to the backup recovery subsystem 1, so that the backup recovery subsystem 1 can perform validity check on backup data generated by backup operation based on the application container mirror image stored in the enterprise private Docker mirror image warehouse 22, and further improve the security and reliability of the enterprise container application data.
To achieve the basic idea, the invention provides a system for protecting a Docker application container, which is used for backup recovery of the Docker application container, and the system comprises a backup recovery subsystem 1 and an enterprise container service platform 2 which are in communication connection with each other.
As shown in fig. 2 and 3, the backup restoring subsystem 1 includes:
the WEB service module 11: the interactive UI is used for providing backup and recovery systems and enterprise IT management, and comprises but is not limited to display of information such as system health state, logs, alarms and the like, creation of application container backup tasks and data verification tasks, formulation of task arrangement strategies and authorization of access information of an enterprise private Docker mirror image warehouse 22;
the task orchestration service module 12: the module comprises a task strategy plan metadata index and task arrangement scheduling engine, which is used for storing task strategies and triggering the execution of corresponding tasks according to the task strategies;
the data backup service module 13: the module comprises a Backup task metadata index and a Backup task scheduling engine, is used for managing and scheduling specific Application Backup tasks, communicates with a Docker Backup Agent Container 24 deployed on an enterprise Container service platform 2, and notifies the Docker Backup Agent Container to execute Backup operation of Application data running in a specific Application Container Application Pod 23;
the data verification service module 14: the module comprises a data verification task metadata index, a data verification task scheduling engine and a Docker client, and is used for managing and scheduling validity verification tasks of specific application backup data;
snapshot storage system module 15: the method is used for storing application backup data, and historical version management of the application backup data is realized through snapshot technology, and all snapshots can pass through a data access framework through standard data access protocols/interfaces, such as: iSCSI, SCSI, FC, NFS and LoopBak provide direct access capability to the outside;
docker container management service module 16: the module is a newly added module in the invention, and comprises a Docker daemon process 161, a local Docker mirror image 162 and an application data verification container 163, and is used for enabling the backup recovery subsystem 1 to have the capability of operating a Docker container;
docker backup proxy image 3: the Docker backup agent image 3 is preset in the local Docker image 162 of the Docker container management service module 16 and is imported into the enterprise private Docker image warehouse 22, so that the backup agent can be rapidly and swiftly deployed and managed in the enterprise container service platform 2, and the Application data running in the Application container Application Pod23 is backed up by using the original Application system backup component in the backup agent.
Wherein, the Docker daemon 161 is responsible for intercepting Docker API requests and managing Docker objects, such as mirrors, containers, networks, and volumes; the local Docker image 162 will initially preset the Docker backup proxy image 3, and subsequently may obtain the application container image from the enterprise private Docker image repository 22 as needed for the backup data validity verification task.
As shown in fig. 1, the Docker backup proxy Image 3 includes an Operating system Base Image 33, a Library file Image dependent on the original backup proxy Agent dependent Library file Image 32, and an original backup proxy process Agent Application Image 31, where the original backup proxy process Agent Application Image 31 includes a Base component Base Module 312 and an upper Application backup proxy component 311, and the Base component Base Module includes a Data transmission Client component Data Transfer Client and a storage Client component storage Client. The Operating System Base Image 33 is an Operating System Base Image obtained from a Docker Hub, a globally largest mirror Image warehouse maintained by a Docker company, and optionally a CentOS, an Ubuntu and other mainstream open source Linux distribution, and the upper application Backup Agent component comprises a Filesystem Backup Agent, an Oracle Backup Agent, a MySQL Backup Agent and the like.
As shown in fig. 4, 5, and 6, the enterprise Container service platform 2 includes a plurality of Application Container Application Pod23, a plurality of Application Container data persistence storage Application volumes correspondingly connected to each Application Container Application Pod23, a Docker Container orchestration system module 21, and an enterprise private Docker image repository 22, where the Docker Container orchestration system module 21 is configured to deploy a Docker Backup proxy Container Backup Agent Container 24 for the Application Container Application Pod23 in the enterprise Container service platform 2, and the enterprise private Docker image repository 22 stores all Application Container images in which an enterprise deploys Docker Application containers to carry production services.
After the access right of the enterprise private Docker image warehouse 22 is granted to the Backup recovery subsystem 1, the local Docker image 162 guides the Docker Backup proxy image 3 into the enterprise private Docker image warehouse 22 through the connection with the enterprise private Docker image warehouse 22, the data Backup service module 13 notifies the Docker Backup proxy Container Backup Agent Container 24 to perform data Backup recovery operation through the communication connection with the Docker Backup proxy Container Backup Agent Container 24, and a Backup proxy process is integrated in the Docker Backup proxy Container Backup Agent Container 24. When the validity of the backup data is verified, the data verification service module 14 drives the Docker container management service module 16 to verify the validity of the backup data according to the data validity verification task stored by the task orchestration service module 12, and the local Docker mirror image 162 obtains the application container mirror image from the enterprise private Docker mirror image warehouse 22.
The invention is based on the established system for protecting the Docker application container, and also provides a method for protecting the Docker application container by using the system, which is used for protecting the application data of enterprise-level application programs, and the method carries out data backup recovery and backup data validity verification through the communication connection between the backup recovery subsystem 1 and the enterprise container service platform 2.
As shown in fig. 4, the present embodiment takes a common container service platform of an enterprise data center as an example, and generally includes a Docker container orchestration system, an enterprise private Docker image warehouse 22, and an application container deployed according to an enterprise service, and a currently mainstream container orchestrator has Swarm developed by Docker and kubernets developed by Google, where kubernets developed by the industry most are taken as an example.
Example 1
Firstly, a Docker backup proxy image 3 and a Docker container management service module 16 are constructed, the Docker backup proxy image 3 is preset in the Docker container management service module 16, a backup recovery subsystem 1 shown in fig. 3 is integrated, then the backup recovery subsystem 1 is deployed in an enterprise internal data center, an access right of an enterprise private Docker image warehouse 22 is granted to the backup recovery subsystem 1, and the Docker backup proxy image 3 in the backup recovery subsystem 1 is pushed to the enterprise private Docker image warehouse 22.
After the Docker Backup proxy image 3 is imported into the enterprise private Docker image warehouse 22, the enterprise IT administrator operates the Docker Container orchestration system, and as shown in fig. 5, deploys one Docker Backup proxy Container Backup Agent Container 24 as an auxiliary Container for each Application Container Application Pod 23. An additional IP address is configured for the Docker Backup Agent Container 24 to enable the Docker Backup Agent Container to communicate with the Backup recovery subsystem 1 through a network, and the Application Volume of the Application Container data persistent storage is mounted inside the Docker Backup Agent Container 24, so that the Docker Backup Agent Container 24 can access the data of the Application Container. And completing deployment.
After the deployment is successful, the enterprise IT administrator may log in the management console of the WEB service module 11 of the backup recovery subsystem 1, create a data protection task or a backup data validity verification task for the corresponding Docker application container, arrange a policy for the task, and perform a data backup recovery operation or a backup validity verification operation by the system.
The data backup and recovery operation specifically comprises the following steps:
51) the WEB service module 11 receives a container backup task and a task arrangement strategy set by a login user in the backup recovery subsystem 1;
52) the task scheduling service module 12 stores the task scheduling policy and triggers the data backup service module 13 to execute the operation according to the task scheduling policy;
53) the data Backup service module 13 communicates with a Docker Backup Agent Container 24 and sends a data Backup command;
54) the Docker Backup proxy Container Backup Agent Container 24 performs Backup operation on the application Container data in the application Container application pod 23;
55) the snapshot storage system module 15 stores application backup data.
The key steps of the backup data validity verification comprise:
a) notifying the Docker container management service module 16 of acquiring a corresponding application container mirror image from the enterprise private Docker mirror image warehouse 22 according to the backup data source information of the data validity verification task, and storing the application container mirror image as a local Docker mirror image 162;
b) acquiring a corresponding application container data time point snapshot from a snapshot storage system according to the time point information of the data validity verification task, and mounting the snapshot to the local by using a LoopBak mode;
c) informing the Docker container management service module 16 to run the corresponding application container, and specifying relevant parameters during running to mount the snapshot of the application container data time point into the application data verification container 163;
d) a preset application container data validation script or tool is executed.
The system automatically triggers and executes according to a plan, and the data protection problem of the Docker application container is efficiently, safely and reliably solved.
Example 2
As shown in fig. 6, the present embodiment is different from embodiment 1 in that when a Docker Backup Agent Container 24 is deployed, an enterprise IT administrator operates the Docker Container orchestration system to deploy one or more Docker Backup Agent containers 24 as auxiliary containers for all Application containers Application Pod23, and the deployment of multiple Docker Backup Agent containers Backup Agent Container 24 is helpful to improve performance. Other parts of this example are the same as example 1.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and those skilled in the art can easily conceive of various equivalent modifications or substitutions within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A system for protecting a Docker application container is used for backup recovery of the Docker application container, and comprises a backup recovery subsystem (1) and an enterprise container service platform (2) which are in communication connection with each other, wherein the backup recovery subsystem (1) comprises a WEB service module (11), a task arrangement service module (12), a data backup service module (13) and a snapshot storage system module (15) which are sequentially connected, the enterprise container service platform (2) comprises an enterprise private Docker mirror image warehouse (22), and is characterized in that the backup recovery subsystem (1) further comprises a Docker backup agent mirror image (3) and a Docker container management service module (16) which is respectively connected with the data backup service module (13) and the snapshot storage system module (15), and the Docker backup agent mirror image (3) is preset in the Docker container management service module (16), the Docker backup proxy mirror image (3) is led into an enterprise private Docker mirror image warehouse (22) through a Docker container management service module (16).
2. The system for protecting a Docker Application Container according to claim 1, wherein the enterprise Container service platform (2) further comprises a plurality of Application Container Application Pods (23), Application Container data persistence storage Application volumes connected with each Application Container Application Pod (23) in a one-to-one correspondence manner, a Docker Container arrangement system module (21), and a Docker Backup Agent Container (24) deployed and set through the Docker Container arrangement system module (21), wherein the data Backup service module (13) and the Docker Backup Agent Container (24) are in communication connection with each other to perform data Backup and recovery operations, and a Backup Agent process is integrated in the Docker Backup Agent Container (24).
3. The system for protecting a Docker application container as claimed in claim 2, wherein the Docker container management service module (16) comprises a Docker daemon (161), an application data verification container (163) and a local Docker image (162), the Docker backup proxy image (3) is preset in the local Docker image (162), and the local Docker image (162) is connected to an enterprise private Docker image repository to import the Docker backup proxy image (3) into the enterprise private Docker image repository.
4. A system for protecting a Docker application container as claimed in claim 3, wherein the Docker daemon (161) listens for Docker API requests and manages Docker objects, the Docker objects including images, containers, networks and volumes.
5. A System for protecting a Docker Application container as claimed in claim 3, wherein the Docker backup Agent Image (3) comprises an Operating System Base Image (33), a primary backup Agent dependent Library file Image Agent dependent Library Image (32) and a primary backup Agent process Agent Application Image (31), the primary backup Agent process Agent Application Image (31) comprises a Base component Base Module (312) and an upper layer Application backup Agent component (311), the Base component Module Data (312) comprises a Data transmission Client component Transfer Client and a storage Client component storage Client.
6. The system for protecting a Docker application container according to claim 5, wherein the backup recovery subsystem (1) further includes a data verification service module (14) connected to the Docker container management service module (16), the data verification service module (14) drives the Docker container management service module (16) to perform validity verification on the backup data, the enterprise private Docker image repository (22) stores an application container image carrying production services, and the local Docker image (162) obtains the application container image from the enterprise private Docker image repository (22).
7. A method for application data protection for enterprise applications using a Docker application container system as claimed in claim 3, the method for data backup recovery via a communication connection of a backup recovery subsystem (1) with an enterprise container service platform (2), comprising the steps of:
s1, constructing a Docker backup proxy mirror image (3) and a Docker container management service module (16), and presetting the Docker backup proxy mirror image (3) in the Docker container management service module (16);
s2, integrating a Docker container management service module (16) in the backup recovery subsystem (1);
s3, importing the Docker backup proxy mirror image (3) into an enterprise private Docker mirror image warehouse (22);
s4, deploying a Docker Backup proxy Container Backup Agent Container (24) in the enterprise Container service platform (2);
s5, the Docker Backup Agent Container Backup Agent (24) communicates with the Backup recovery subsystem (1), and executes data Backup recovery operation according to the instruction of the Backup recovery subsystem (1).
8. A method for protecting a Docker application container as claimed in claim 7, wherein the step S4 comprises:
41a) deploying a Docker Backup proxy Container Backup Agent Container (24) for each Application Container Application Pod (23) in the enterprise Container service platform (2) by using a Docker Container arrangement system module (21);
42a) configuring an additional IP address for each Docker Backup Agent Container Backup Agent (24);
43a) and mounting the Application Volume of the Application Container data persistent storage into a Docker Backup proxy Container Backup Agent Container (24).
9. A method for protecting a Docker application container as claimed in claim 7, wherein the step S4 comprises:
41b) deploying one or more Docker Backup proxy Container Backup Agent containers (24) for all Application Container Application Pod (23) in the enterprise Container service platform by using a Docker Container arrangement system module (21);
42b) configuring an additional IP address for a Docker Backup Agent Container (24);
43b) and mounting the data persistence storage Application Volume of the Application Container into a Docker Backup proxy Container Backup Agent Container (24).
10. The method for protecting a Docker application container as claimed in claim 7, wherein the step S5 specifically comprises:
51) the WEB service module (11) receives a container backup task and a task arrangement strategy set by a login user in the backup recovery subsystem (1);
52) the task arranging service module (12) stores the task arranging strategy and triggers the data backup service module (13) or the data verification service module (14) to execute operation according to the task arranging strategy;
53) the data Backup service module (13) is communicated with a Docker Backup Agent Container (24) and sends a data Backup instruction;
54) a Docker Backup proxy Container Backup Agent Container (24) performs Backup operation on application Container data of a corresponding application Container ApplicationPod (23);
55) the snapshot storage system module (15) stores application backup data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910859061.6A CN110727547A (en) | 2019-09-11 | 2019-09-11 | System and method for protecting Docker application container |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910859061.6A CN110727547A (en) | 2019-09-11 | 2019-09-11 | System and method for protecting Docker application container |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110727547A true CN110727547A (en) | 2020-01-24 |
Family
ID=69218170
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910859061.6A Pending CN110727547A (en) | 2019-09-11 | 2019-09-11 | System and method for protecting Docker application container |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110727547A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111610976A (en) * | 2020-04-08 | 2020-09-01 | 曙光信息产业(北京)有限公司 | Heterogeneous application transplanting method and device and computer equipment |
| TWI759863B (en) * | 2020-09-15 | 2022-04-01 | 新漢股份有限公司 | Method for executing docker images under protection |
| US11550491B2 (en) | 2021-04-30 | 2023-01-10 | Nutanix, Inc. | Container-based application processing |
| CN116302711A (en) * | 2023-05-19 | 2023-06-23 | 山东捷瑞数字科技股份有限公司 | Disaster recovery method and device based on cloud platform mirror image, electronic equipment and storage medium |
| CN117851133A (en) * | 2024-03-07 | 2024-04-09 | 成都云祺科技有限公司 | Xen paravirtualized agent-free real-time backup method, system and recovery method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105159995A (en) * | 2015-09-06 | 2015-12-16 | 浪潮(北京)电子信息产业有限公司 | Method and device for carrying out effectiveness verification on database backup data |
| CN107506258A (en) * | 2016-06-14 | 2017-12-22 | 伊姆西公司 | Method and apparatus for data backup |
| US20180137139A1 (en) * | 2016-11-16 | 2018-05-17 | Commvault Systems, Inc. | Dynamically configuring a proxy server using containerization for concurrent and/or overlapping backup, restore, and/or test operations |
| CN108958971A (en) * | 2018-06-14 | 2018-12-07 | 北京小米移动软件有限公司 | Information backup method, device and equipment |
| CN109144777A (en) * | 2018-07-27 | 2019-01-04 | 北京友普信息技术有限公司 | A method of the isomery virtual computing calamity based on Docker is standby |
| CN109614202A (en) * | 2018-12-04 | 2019-04-12 | 北京京东尚科信息技术有限公司 | Backup, recovery and the mirror processing method and system of container environment |
-
2019
- 2019-09-11 CN CN201910859061.6A patent/CN110727547A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105159995A (en) * | 2015-09-06 | 2015-12-16 | 浪潮(北京)电子信息产业有限公司 | Method and device for carrying out effectiveness verification on database backup data |
| CN107506258A (en) * | 2016-06-14 | 2017-12-22 | 伊姆西公司 | Method and apparatus for data backup |
| US20180137139A1 (en) * | 2016-11-16 | 2018-05-17 | Commvault Systems, Inc. | Dynamically configuring a proxy server using containerization for concurrent and/or overlapping backup, restore, and/or test operations |
| CN108958971A (en) * | 2018-06-14 | 2018-12-07 | 北京小米移动软件有限公司 | Information backup method, device and equipment |
| CN109144777A (en) * | 2018-07-27 | 2019-01-04 | 北京友普信息技术有限公司 | A method of the isomery virtual computing calamity based on Docker is standby |
| CN109614202A (en) * | 2018-12-04 | 2019-04-12 | 北京京东尚科信息技术有限公司 | Backup, recovery and the mirror processing method and system of container environment |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111610976A (en) * | 2020-04-08 | 2020-09-01 | 曙光信息产业(北京)有限公司 | Heterogeneous application transplanting method and device and computer equipment |
| CN111610976B (en) * | 2020-04-08 | 2023-04-07 | 中科曙光(南京)计算技术有限公司 | Heterogeneous application transplanting method and device and computer equipment |
| TWI759863B (en) * | 2020-09-15 | 2022-04-01 | 新漢股份有限公司 | Method for executing docker images under protection |
| US11550491B2 (en) | 2021-04-30 | 2023-01-10 | Nutanix, Inc. | Container-based application processing |
| CN116302711A (en) * | 2023-05-19 | 2023-06-23 | 山东捷瑞数字科技股份有限公司 | Disaster recovery method and device based on cloud platform mirror image, electronic equipment and storage medium |
| CN116302711B (en) * | 2023-05-19 | 2023-10-03 | 山东捷瑞数字科技股份有限公司 | Disaster recovery method and device based on cloud platform mirror image, electronic equipment and storage medium |
| CN117851133A (en) * | 2024-03-07 | 2024-04-09 | 成都云祺科技有限公司 | Xen paravirtualized agent-free real-time backup method, system and recovery method |
| CN117851133B (en) * | 2024-03-07 | 2024-05-17 | 成都云祺科技有限公司 | Xen paravirtualized agent-free real-time backup method, system and recovery method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11422902B2 (en) | Recreating a computing environment using tags and snapshots | |
| US11907254B2 (en) | Provisioning and managing replicated data instances | |
| US10114834B2 (en) | Exogenous virtual machine synchronization and replication | |
| CN110727547A (en) | System and method for protecting Docker application container | |
| US10394550B2 (en) | System and method for supporting patching in a multitenant application server environment | |
| US11436099B2 (en) | Backup client agent | |
| KR102047216B1 (en) | Replaying jobs at a secondary location of a service | |
| CN104679534B (en) | System application installation package loading processing method, apparatus and terminal | |
| US9971655B1 (en) | Primed application recovery | |
| US9282021B2 (en) | Method and apparatus for simulated failover testing | |
| US10853180B2 (en) | Automatically setting a dynamic restore policy in a native cloud environment | |
| US20210149682A1 (en) | System and method for implementing a filesystem agent management solution | |
| US10860442B2 (en) | Systems, methods and computer readable media for business continuity and disaster recovery (BCDR) | |
| CN114661420B (en) | Application protection method, device and system based on Kubernetes container platform | |
| CN110543385A (en) | Virtual backup method and virtual backup restoration method | |
| CN115080309A (en) | Data backup system, method, storage medium, and electronic device | |
| US11782796B2 (en) | Method and system for virtual machine protection | |
| US20240143738A1 (en) | End-to-end distributed recovery of a user computing device on which secure workspaces are deployed | |
| CN116132276A (en) | Operating system replacement method, operating system replacement device, electronic equipment and readable storage medium | |
| US20180341593A1 (en) | Embedded image management | |
| Posey et al. | Virtual Machine Protection | |
| Windows | Optimizing and Troubleshooting |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |