CN113301106A

CN113301106A - Operation and maintenance processing system, method and device

Info

Publication number: CN113301106A
Application number: CN202110306882.4A
Authority: CN
Inventors: 余斌; 朱兆良
Original assignee: Alibaba Singapore Holdings Pte Ltd
Current assignee: Alibaba Singapore Holdings Pte Ltd
Priority date: 2021-03-23
Filing date: 2021-03-23
Publication date: 2021-08-24

Abstract

The embodiment of the specification provides an operation and maintenance processing system, a method and a device, wherein the operation and maintenance processing system comprises: the system comprises a first terminal, a first cloud server and a second terminal; the method comprises the steps that a first terminal generates an operation and maintenance data acquisition request of a second terminal, the operation and maintenance data acquisition request is packaged through a data transmission protocol, a packaging result is sent to a first cloud server, the first cloud server transmits the packaging result to the second terminal through a protocol transmission tunnel established between the first cloud server and the second terminal, the operation and maintenance data returned by the second terminal through the protocol transmission tunnel are received, the operation and maintenance data are forwarded to the first terminal, the first terminal analyzes the received operation and maintenance data, an operation and maintenance instruction generated according to the analysis result is sent to the second terminal through the first cloud server, and the second terminal executes operation and maintenance operation based on the operation and maintenance instruction.

Description

Operation and maintenance processing system, method and device

Technical Field

The embodiment of the specification relates to the technical field of cloud computing, in particular to an operation and maintenance processing system. One or more embodiments of the present specification also relate to an operation and maintenance processing method, an operation and maintenance processing apparatus, a computing device, and a computer-readable storage medium.

Background

With the rapid development of the cloud computing industry, Private Clouds (Private Clouds) that are an important part thereof have also taken a large market share. In particular, the private cloud is built for individual use by one user, and thus provides effective control of data, security, and quality of service. The core property of a private cloud is a proprietary resource, and for a private cloud, a user owns the infrastructure and can control the deployment of applications on that infrastructure. In addition, the private cloud can be deployed in a firewall of the enterprise data center, and can also be deployed in a safe host hosting place.

For private clouds of different Network security domains, the private clouds of different Network security domains are isolated from each other due to the fact that the private clouds are built on different hardware resources or Virtual Local Area Networks (VLANs) of applications are different. Therefore, when the private clouds isolated from each other are managed, a corresponding management platform needs to be respectively constructed for each private cloud to perform individual management.

However, in practical applications, the management platform and the private cloud are in one-to-one correspondence, and when the number of the private clouds is large, the number of the management platforms is increased, which generally results in low management efficiency and high operation and maintenance cost.

Disclosure of Invention

In view of this, this specification provides an operation and maintenance processing system. One or more embodiments of the present disclosure also relate to an operation and maintenance processing method, an operation and maintenance processing apparatus, a computing device, and a computer-readable storage medium to solve the technical deficiencies in the prior art.

According to a first aspect of embodiments herein, there is provided an operation and maintenance processing system, including:

the system comprises a first terminal, a first cloud server and a second terminal;

the first terminal is configured to generate an operation and maintenance data acquisition request of the second terminal, package the operation and maintenance data acquisition request through a data transmission protocol, and send a package result to the first cloud server;

the first cloud server is configured to transmit the encapsulation result to the second terminal through a protocol transmission tunnel established between the first cloud server and the second terminal, receive operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and forward the operation and maintenance data to the first terminal;

the first terminal is further configured to analyze the received operation and maintenance data and send an operation and maintenance instruction generated according to an analysis result to the second terminal through the first cloud server;

the second terminal is configured to execute operation and maintenance operation based on the operation and maintenance instruction.

Optionally, the second terminal is configured to establish a long connection with the first cloud server, and generate a protocol transmission tunnel between the second terminal and the first cloud server.

Optionally, the first terminal is further configured to send a data channel establishment request to the first cloud server;

the first cloud server is further configured to establish a first long connection data channel with the first terminal based on the data channel establishment request, and send a first control message obtained by encapsulation to the second terminal;

the second terminal is configured to generate a second control packet including first confirmation information based on the received first control packet, send the second control packet to the first terminal, and establish a second long connection data channel with the first cloud server, where the first long connection data channel and the second long connection data channel constitute the protocol transmission tunnel.

Optionally, the second terminal is further configured to parse the encapsulation result, obtain operation and maintenance data based on the operation and maintenance data obtaining request in the parsing result, encapsulate the operation and maintenance data through the data transmission protocol, and return the encapsulated first data packet to the first cloud server;

the first cloud server is further configured to forward the first data packet to the first terminal through the first long connection data channel.

Optionally, the first terminal is further configured to parse the first data packet, generate an operation and maintenance instruction according to the operation and maintenance data obtained through parsing, package the operation and maintenance instruction through the data transmission protocol, and send a second data packet after being packaged to the second terminal through the second long connection data channel.

Optionally, the second terminal is further configured to establish a first long connection control channel with the first cloud server;

the first terminal is further configured to send a control channel establishment request to the first cloud server;

the first cloud server is further configured to establish a second long connection control channel with the first terminal based on the data channel establishment request.

Optionally, the first cloud server is further configured to establish a first long connection data channel with the first terminal, and send a third control packet obtained by encapsulation to the second terminal through the first long connection control channel;

the second terminal is configured to generate a fourth control packet including third confirmation information based on the received third control packet, send the fourth control packet to the first terminal through the second long connection control channel, and establish a second long connection data channel with the first cloud server, where the first long connection data channel and the second long connection data channel constitute the protocol transmission tunnel.

Optionally, the first terminal is further configured to generate a data channel closing request according to identification information of a protocol transmission tunnel, encapsulate the data channel closing request through the data transmission protocol, and send a first end packet generated by encapsulation to the first cloud server;

the first cloud server is further configured to close the first long connection data channel and forward the first end packet to the second terminal through the first long connection control channel;

the second terminal is configured to close the second long connection data channel, generate a second end packet including fourth acknowledgement information based on the first end packet, and send the second end packet to the first cloud server through the second long connection control channel;

the first cloud server is further configured to forward the second end packet to the first terminal through the second long connection control channel.

Optionally, the second terminal is a second cloud server in a local area network, the second cloud server includes a firewall module, and the firewall module is provided with a local area network interface, an isolation area, and an external network interface;

the second cloud server comprises an operation and maintenance processing module, wherein the operation and maintenance processing module is deployed in the isolation area;

correspondingly, the operation and maintenance processing module is configured to receive the encapsulation result and forward the encapsulation result to the local network device.

Optionally, the local network device is configured to analyze the encapsulation result, obtain operation and maintenance data based on the analysis result, encapsulate the operation and maintenance data through the data transmission protocol, and return an encapsulated third data packet to the operation and maintenance processing module;

the operation and maintenance processing module is further configured to forward the third data packet to the first cloud server;

the first cloud server is further configured to forward the third data packet to the first terminal.

Optionally, the first cloud server is a public cloud server, and the second cloud server is a private cloud server.

According to a second aspect of the embodiments of the present specification, there is provided an operation and maintenance processing method, including:

receiving an encapsulation result generated by encapsulating an operation and maintenance data acquisition request through a data transmission protocol, wherein the operation and maintenance data acquisition request is generated according to a communication address corresponding to a second terminal;

transmitting the encapsulation result to the second terminal corresponding to the communication address through a protocol transmission tunnel established between the second terminal and the encapsulation result;

receiving operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and forwarding the operation and maintenance data to the first terminal;

and receiving an operation and maintenance instruction returned by the first terminal, and sending the operation and maintenance instruction to the second terminal so that the second terminal executes operation and maintenance operation based on the operation and maintenance instruction, wherein the operation and maintenance instruction is generated by the first terminal according to an analysis result obtained by analyzing the operation and maintenance data.

Optionally, the encapsulating the operation and maintenance data obtaining request through a data transmission protocol, and transmitting an encapsulation result to the second terminal corresponding to the communication address through a protocol transmission tunnel established between the second terminal and the operation and maintenance data obtaining request includes:

and establishing a first long connection data channel between the first terminal and the second terminal, and sending a first control message obtained by encapsulation to the second terminal corresponding to the communication address through a first long connection control channel which is established with the second terminal in advance.

Optionally, before receiving the operation and maintenance data returned by the second terminal through the protocol transmission tunnel, the method further includes:

and receiving a second control message which is returned by the second terminal and contains first confirmation information of the first control message, and establishing a second long connection data channel with the second terminal, wherein the first long connection data channel and the second long connection data channel form the protocol transmission tunnel.

Optionally, the receiving the operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and forwarding the operation and maintenance data to the first terminal includes:

and receiving a first data message generated by encapsulating the operation and maintenance data through the data transmission protocol and returned by the second terminal, and forwarding the first data message to the first terminal through the second long connection data channel.

Optionally, the receiving an operation and maintenance instruction returned by the first terminal, and sending the operation and maintenance instruction to the second terminal includes:

and receiving a second data message which is generated by packaging the operation and maintenance instruction through the data transmission protocol and sent by the first terminal, and forwarding the second data message to the second terminal through the second long connection data channel.

Optionally, before receiving the operation and maintenance data acquisition request sent by the first terminal, the method further includes:

establishing a first long connection control channel with the second terminal;

and establishing a first long connection control channel with the first terminal based on a control channel establishment request sent by the first terminal.

Optionally, the operation and maintenance processing method further includes:

receiving a first end message generated by encapsulating a data channel closing request through the data transmission protocol and sent by the second terminal, wherein the data channel closing request carries identification information of the protocol transmission tunnel;

closing the first long connection data channel, and sending the first end message to the second terminal through the first long connection control channel;

and receiving a second end message which is returned by the second terminal and contains fourth confirmation information of the first end message, and confirming that the protocol transmission tunnel is closed.

Optionally, the first cloud server is a public cloud server, the second terminal is a private cloud server in a local area network, the private cloud server includes a firewall module, and the firewall module is provided with a local area network interface, an isolation area and an external network interface;

the private cloud server comprises an operation and maintenance processing module, wherein the operation and maintenance processing module is deployed in the isolation area;

correspondingly, the transmitting the encapsulation result to the second terminal corresponding to the communication address through the protocol transmission tunnel established between the second terminal and the encapsulation result includes:

and transmitting the encapsulation result to the operation and maintenance processing module through a protocol transmission tunnel established between the second terminal and the operation and maintenance processing module.

Optionally, the receiving operation and maintenance data returned by the second terminal through the protocol transmission tunnel includes:

and receiving operation and maintenance data which is obtained by the operation and maintenance processing module through accessing the communication address and returned through the protocol transmission tunnel.

According to a third aspect of the embodiments of the present specification, there is provided an operation and maintenance processing apparatus, including:

the receiving module is configured to receive an encapsulation result generated by encapsulating an operation and maintenance data acquisition request through a data transmission protocol, wherein the encapsulation result is sent by a first terminal, and the operation and maintenance data acquisition request is generated according to a communication address corresponding to a second terminal;

the transmission module is configured to transmit the encapsulation result to the second terminal corresponding to the communication address through a protocol transmission tunnel established between the transmission module and the second terminal;

the forwarding module is configured to receive operation and maintenance data returned by the second terminal through the protocol transmission tunnel and forward the operation and maintenance data to the first terminal;

and the operation and maintenance module is configured to receive an operation and maintenance instruction returned by the first terminal and send the operation and maintenance instruction to the second terminal so as to enable the second terminal to execute operation and maintenance operations based on the operation and maintenance instruction, wherein the operation and maintenance instruction is generated by the first terminal according to an analysis result obtained by analyzing the operation and maintenance data.

According to a fourth aspect of embodiments herein, there is provided a computing device comprising:

a memory and a processor;

the memory is used for storing computer executable instructions, and the processor is used for executing the computer executable instructions to realize the operation and maintenance processing method.

According to a fifth aspect of embodiments herein, there is provided a computer-readable storage medium storing computer-executable instructions that, when executed by a processor, implement the steps of the operation and maintenance processing method.

In one embodiment of the description, an operation and maintenance data acquisition request of a second terminal is generated through a first terminal, the operation and maintenance data acquisition request is encapsulated through a data transmission protocol, and an encapsulation result is sent to a first cloud server; the first cloud server transmits the encapsulation result to the second terminal through a protocol transmission tunnel established between the first cloud server and the second terminal, receives operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and forwards the operation and maintenance data to the first terminal; the first terminal analyzes the received operation and maintenance data and sends an operation and maintenance instruction generated according to an analysis result to the second terminal through the first cloud server; and the second terminal executes operation and maintenance operation based on the operation and maintenance instruction.

In the embodiment of the specification, the first terminal establishes the protocol transmission tunnel with the second terminal through the first cloud server, and performs information transmission between the protocol transmission tunnel and the second terminal, so that the remote operation and maintenance of the second terminal is realized through the operation and maintenance system jointly composed of the first terminal, the first cloud server and the second terminal, the operation and maintenance cost is favorably reduced, the difficulty of operation and maintenance work is reduced, and the operation and maintenance management efficiency of the second terminal is favorably improved.

Drawings

FIG. 1 is a schematic diagram of an operation and maintenance processing system provided in one embodiment of the present disclosure;

FIG. 2 is a process flow diagram of an operation and maintenance processing method according to an embodiment of the present disclosure;

FIG. 3 is an interaction diagram of an operation and maintenance processing method according to an embodiment of the present disclosure;

fig. 4 is a schematic diagram of an operation and maintenance processing apparatus according to an embodiment of the present disclosure;

fig. 5 is a block diagram of a computing device according to an embodiment of the present disclosure.

Detailed Description

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present description. This description may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, as those skilled in the art will be able to make and use the present disclosure without departing from the spirit and scope of the present disclosure.

The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification refers to and encompasses any and all possible combinations of one or more of the associated listed items.

It will be understood that, although the terms first, second, etc. may be used herein in one or more embodiments to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first can also be referred to as a second and, similarly, a second can also be referred to as a first without departing from the scope of one or more embodiments of the present description. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.

First, the noun terms to which one or more embodiments of the present specification relate are explained.

A rebound port: the technology for realizing remote access or controlling the server by actively connecting the server with the client can pass through the NAT agent and pass through any firewall to realize the access of the intranet host.

HTTP tunneling: the understanding of HTTP tunneling (HTTP tunnel) can be similar to building PPTP tunnels over TCP/IP to establish VPN links, HTTP tunneling is a tunnel built over the HTTP protocol. It is used to encapsulate all the data to be transmitted into HTTP protocol for transmission.

DMZ: english full name "refined Zone", Chinese meaning "isolation Zone", the area between the internal and external network firewall, the service that the user wants to visit from the external network, can all put into DMZ district theoretically.

HTTP long connection: a technology for realizing HTTP Push refers to that an HTTP server does not return a response immediately after receiving a request, but keeps connection for a period of time, and returns when a message needs to be pushed.

In the present specification, an operation and maintenance processing system is provided, and the present specification relates to an operation and maintenance processing method, an operation and maintenance processing apparatus, a computing device, and a computer-readable storage medium, which are described in detail in the following embodiments one by one.

Fig. 1 is a schematic diagram illustrating an operation and maintenance processing system according to an embodiment of the present disclosure, including:

a first terminal 102, a first cloud server 104, and a second terminal 106;

the first terminal 102 is configured to generate an operation and maintenance data acquisition request of the second terminal 106, package the operation and maintenance data acquisition request through a data transmission protocol, and send a package result to the first cloud server 104;

the first cloud server 104 is configured to transmit the encapsulation result to the second terminal 106 through a protocol transmission tunnel established between the first cloud server and the second terminal 106, receive operation and maintenance data returned by the second terminal 106 through the protocol transmission tunnel, and forward the operation and maintenance data to the first terminal 102;

the first terminal 102 is further configured to analyze the received operation and maintenance data, and send an operation and maintenance instruction generated according to an analysis result to the second terminal 106 through the first cloud server 104;

the second terminal 106 is configured to execute the operation and maintenance operation based on the operation and maintenance instruction.

Specifically, the first terminal may be an operation and maintenance terminal, and is configured to perform operation and maintenance management on the second terminal; the second terminal may be any device in the local area network, including but not limited to a second cloud server (private cloud server), a video playing device, a game machine, a desktop computer, a smart phone, a tablet computer, an MP3(Moving Picture Experts Group Audio Layer III, motion Picture Experts compression standard Audio Layer 3) player, an MP4(Moving Picture Experts Group Audio Layer IV, motion Picture Experts compression standard Audio Layer 4) player, a laptop, an e-book reader, and other display terminals, which are connected through the second cloud server to form the local area network, and the second cloud server is used as a gateway, where devices in the local area network may surf the internet through the second cloud server, or perform information interaction with other devices in the local area network.

The second cloud server is used as a gateway, a public network IP address exists, communication addresses (IP addresses) of other devices in the local area network can be set according to the public network IP address, a protocol transmission tunnel is established between the second cloud server and the first cloud server outside the local area network through a data transmission protocol, and the communication addresses distributed to the devices are synchronized to the first cloud server.

In addition, the data transfer protocol, i.e., hypertext transfer protocol (HTTP), the protocol transfers a tunnel, i.e., HTTP tunnel.

In the current operation and maintenance process of the equipment, when the managed equipment (a second terminal) is in a local area network, a plurality of pieces of equipment in the local area network all use the same public network IP to access the Internet; this may result in the lan external device not being able to accurately find one or more target devices within the lan according to an IP. Therefore, the current management method cannot remotely perform operation and maintenance management on the devices in the local area network through the internet.

The operation and maintenance processing system provided in the embodiment of the present specification implements remote operation and maintenance on the second terminal in the local area network or any other device in the local area network by using a bounce port technology and a mode of establishing a protocol transmission tunnel (HTTP tunnel) between the first cloud server and the second terminal.

Specifically, the bounce port technology is that a server (a first terminal) is actively connected to 80 ports of an IP corresponding device where a client (a second terminal) is located. Specifically, the information of the client (the second terminal) may be stored in a third-party server (the first cloud server) with a fixed IP, and the server calculates an IP address and a port of the client after obtaining the information from the third-party server, and then actively connects the client. In addition, in the process of communication between the server and the client, communication data is included in a message generated by encapsulating through a data transmission protocol, namely, the so-called "tunneling" technology.

In specific implementation, a protocol transmission tunnel is established between a second terminal and the first cloud server through a bounce port technology, that is, a long connection is established between the second terminal and the first cloud server, so as to generate the protocol transmission tunnel between the second terminal and the first cloud server.

Further, in the case that the second terminal is a second cloud server, the second cloud server includes a firewall module, and the firewall module is provided with a local area network interface, an isolation area and an external network interface; in addition, the second cloud server comprises an operation and maintenance processing module, and the operation and maintenance processing module is deployed in the isolation area; therefore, a long connection is established between the second terminal and the first cloud server, that is, a long connection is established between the first cloud server and the operation and maintenance processing module.

In practical applications, for network security reasons, a firewall is usually installed, and not all ports under the control of the firewall can be freely accessed by an external network. According to the embodiment of the application, the problem that the outer network cannot access the intranet server after a firewall is installed is solved by arranging the isolation zone (DMZ) between the outer network and the intranet, so that the two networks can be safely interconnected.

The DMZ functions as an intermediate server, and some public servers without confidential information, such as Web, Mail, FTP, etc., are usually placed in the DMZ. In this way, the visitor from the external network can access the service in the DMZ, but cannot access the private data and the like stored in the internal network. Even if the server in the DMZ is damaged, the privacy data in the intranet cannot be influenced.

The DMZ connects a server allowing external access to the port of the zone independently, so that the whole internal network needing protection is not allowed to access after being connected to the port of the trust zone, and the separation of an internal network and an external network is realized, thereby meeting the requirements of users.

When the DMZ is set, the access relationship between the networks can be clarified, for example, the intranet can access the extranet, the intranet can access the DMZ, the extranet cannot access the intranet, the extranet can access the DMZ, the DMZ cannot access the intranet, and the DMZ cannot access the extranet, so that the secure interconnection between the intranet and the extranet can be realized.

In addition, when the second terminal is a private cloud server, the first cloud server may be a public cloud server, and the first terminal, that is, the operation and maintenance terminal deploys a channel service (HTTPS service) on the public cloud server to provide a remote access service for the second terminal, so as to establish a protocol transmission tunnel with the private cloud server through the public cloud server, and perform information transmission between the protocol transmission tunnel and the private cloud server, thereby implementing remote operation and maintenance on the private cloud server or other devices in the local area network through an operation and maintenance system formed by the operation and maintenance terminal, the public cloud server, and the private cloud server and the public cloud server may be connected through a routing module.

The operation and maintenance processing module (operation and maintenance agent module) is deployed in the isolation area of the private cloud server, the local area network can open the authority of accessing the local network service to the operation and maintenance processing module, and can access the intranet and the extranet, so that the operation and maintenance processing module is equivalent to a transfer between the extranet and the intranet.

In specific implementation, the first terminal is further configured to send a data channel establishment request to the first cloud server;

Before the first cloud server establishes a first long connection data channel with a first terminal, the second terminal is further configured to establish a first long connection control channel with the first cloud server;

Further, the first cloud server is further configured to establish a first long connection data channel with the first terminal, and send a third control packet obtained by encapsulation to the second terminal through the first long connection control channel;

Specifically, the long connection communication is that communication connection is established between the second terminal and the first cloud server and between the first cloud server and the first terminal, the connection is not disconnected after the connection is established, then message sending and receiving are performed, and after the message sending and receiving are completed, the original connection is not disconnected and continues to exist, so that the message sending and receiving can be continuously performed. In this way, since the communication connection exists all the time, the TCP/IP status is the established connection, and the display network connection command (netstat command) of the operating system can be used to check whether the connection is established.

In addition, the first long connection control channel is used for sending or receiving control messages and controlling the second terminal to establish long connection with the first cloud server, and the second long connection control channel is also used for sending or receiving control messages and controlling the first terminal to establish long connection with the first cloud server. The first long connection data channel is used for sending or receiving data messages and controlling the second terminal to establish long connection with the first cloud server, the second long connection data channel is used for sending or receiving data messages and controlling the first terminal to establish long connection with the first cloud server, and therefore the protocol transmission tunnel is formed based on the first long connection data channel and the second long connection data channel.

The establishment process of the long connection needs three-way handshake, namely, a first terminal and a first cloud server establish a first long connection data channel, the first terminal encapsulates a data channel establishment request into a first control message (TCP message) containing a synchronization mark (SYN mark), the message can indicate a communication address of a second terminal, and the first terminal can determine which equipment in a local area network needs to establish a protocol transmission tunnel according to the communication address;

after receiving the first control message, the second terminal returns a second control message containing a synchronization + acknowledgement (SYN + ACK) mark to the first terminal, which indicates that the request of the first terminal is accepted, wherein ACK is acknowledgement (acknowledgement), and a second long connection data channel is established between the second terminal and the first cloud server;

and after receiving the second control message, the first terminal returns an acknowledgement message ACK to the first cloud server, and the first cloud server forwards the acknowledgement message ACK to the second terminal, so that the long connection is completed.

After the first long connection data channel and the second long connection data channel are established, the protocol transmission tunnel can be established between the first cloud server and the second terminal through the first long connection data channel and the second long connection data channel.

Specifically, when the operation and maintenance terminal needs to access a certain device of the local area network to which the second terminal belongs, the first terminal actively establishes a first long connection data channel (Tunnel-C1) with the first cloud server, the first terminal encapsulates the data channel establishment request through an HTTP protocol, and then the first cloud server forwards a first control packet obtained by encapsulation to the second terminal through the first long connection control channel; when the second terminal is a second cloud server and an operation and maintenance processing module is deployed in the second cloud server, the first cloud server may send a first control message obtained by encapsulation to the operation and maintenance processing module, where the first control message indicates a communication address of a device to be connected, and a second long connection control channel Tunnel-C0 and a first long connection data channel Tunnel-C1 that are used by the second terminal;

after receiving the first control message, the second terminal (operation and maintenance processing module) establishes a new second long connection data channel (Tunnel-P1) from the second cloud server to the second terminal (operation and maintenance processing module), sends a second control message containing a synchronization + response (SYN + ACK) mark to the first cloud server, and forwards the second control message to the first terminal by the first cloud server, so that establishment of a protocol transmission Tunnel formed by the first long connection data channel and the second long connection data channel is completed.

In addition, in the case that the second terminal is the second cloud server, since the first control packet may indicate a communication address, such as an IP address and a port, of the private cloud server, that is, the first control packet may indicate a device to be connected. Therefore, after the second long connection data channel is established between the second cloud server and the first cloud server, the second cloud server may determine, according to the communication address, a target local network device in the local area network corresponding to the communication address, and establish a TCP connection or a UDP connection with the target local network device, so as to establish a bidirectional protocol transmission channel of the first terminal- > the first cloud server- > Tunnel-P1- > the second cloud server- > local network device- > the second cloud server- > the first cloud server- > Tunnel-C1- > the first terminal.

After receiving the SYN + ACK control message, the first terminal starts to monitor the data message sent from the first long connection data channel Tunnel-C1, and realizes communication with the second terminal through the protocol transmission Tunnel (HTTPS Tunnel), thereby realizing remote operation and maintenance of the second terminal (a device in a local area network to which the second terminal belongs) by the first terminal. Wherein, any message of communication is packaged into HTTPS message for transmission.

In addition, the first long connection control channel, the second long connection control channel, the first long connection data channel and the second long connection data channel are all one-way channels, the first long connection control channel is used for sending a control message to a first terminal by a first cloud server, the second long connection control channel is used for sending a control message to a second terminal by the first cloud server, the first long connection data channel is used for sending a data message to the first terminal by the first cloud server, and the second long connection data channel is used for sending a data message to the second terminal by the first cloud server.

In specific implementation, the second terminal is further configured to analyze the encapsulation result, obtain operation and maintenance data based on the operation and maintenance data obtaining request in the analysis result, encapsulate the operation and maintenance data through the data transmission protocol, and return the encapsulated first data packet to the first cloud server;

Or, when the second terminal is a second cloud server and an operation and maintenance processing module is deployed in the second cloud server, if the first cloud server sends, to the operation and maintenance processing module through a first long connection control channel, an encapsulation result obtained by encapsulating an operation and maintenance data acquisition request through a data transmission protocol, the operation and maintenance processing module is configured to forward the encapsulation result to a local network device;

the local network equipment receives the encapsulation result, analyzes the encapsulation result, acquires operation and maintenance data based on the analysis result, encapsulates the operation and maintenance data through the data transmission protocol, and sends an encapsulated third data message to the operation and maintenance processing module;

the operation and maintenance processing module is configured to forward the third data packet to the first cloud server;

Specifically, the first terminal establishes a bidirectional protocol transmission channel in a manner of establishing a long connection data channel with the second terminal, that is, establishes a bidirectional protocol transmission channel of the first terminal- > the first cloud server- > Tunnel-P1- > the second cloud server- > the local network device- > the second cloud server- > the first cloud server- > Tunnel-C1- > the first terminal.

In practical application, the communication address is an IP address allocated by the second cloud server to the device in the local area network, and since the communication address of the second cloud server is indicated in the first control message, it can be determined according to the communication address which device in the local area network the first terminal needs to acquire. Therefore, the first cloud server establishes a second long connection data channel with a second cloud server (operation and maintenance processing module) according to the communication address, and after the second cloud server establishes a TCP connection or a UDP connection with the local network device of the local area network, the second cloud server functions to forward data between the first cloud server and the local network device. Therefore, after the first cloud server receives the third data packet and sends the third data packet to the second cloud server (operation and maintenance processing module) through the second long connection data channel (Tunnel-P1), the second cloud server forwards the third data packet to the local network device.

After receiving the encapsulation result, the local network device may analyze the encapsulation result, obtain operation and maintenance data based on the analysis result, encapsulate the operation and maintenance data by using an HTTP protocol, and send a third data packet generated by encapsulation to the second cloud server, which forwards the third data packet to the first cloud server, and forwards the third data packet to the first terminal through a first long connection data channel (Tunnel-C1).

The operation and maintenance data are transmitted after being packaged through the HTTP, and the safety of the operation and maintenance data is guaranteed.

In specific implementation, the first terminal 102 is further configured to parse the first data packet, generate an operation and maintenance instruction according to the operation and maintenance data obtained through parsing, package the operation and maintenance instruction through the data transmission protocol, and send a second data packet after being packaged to the second terminal through the second long connection data channel.

Specifically, after receiving a first data message returned by a second terminal, a first terminal analyzes the first data message, analyzes operation and maintenance data of target equipment obtained by analysis, automatically generates an operation and maintenance instruction according to an analysis result (or an operation and maintenance person generates the operation and maintenance instruction according to the analysis result), packages the operation and maintenance instruction through a data transmission protocol by the first terminal, sends a second data message generated by packaging to a first cloud server, and forwards the second data message to the second terminal by the first cloud server, so that the second terminal executes corresponding operation and maintenance operation based on the operation and maintenance instruction; the operation and maintenance includes, but is not limited to, monitoring the operation condition of the service system, positioning problems, troubleshooting, and the like.

Or, when the second terminal is a second cloud server, the first cloud server forwards the second data message to the second cloud server, the second cloud server forwards the second data message to the local network device, and the local network device executes a corresponding operation and maintenance operation based on the operation and maintenance instruction.

The communication between the first cloud server and the second terminal is realized through the protocol transmission tunnel established between the first cloud server and the second terminal, so that the communication between the first terminal and the second terminal is indirectly realized, the remote operation and maintenance of the first terminal to other equipment in the second terminal or the local area network are further realized, the operation and maintenance cost is favorably reduced, the difficulty of operation and maintenance work is reduced, and the operation and maintenance management efficiency of the second terminal is favorably improved.

In addition, when the communication between the first cloud server and the second terminal is finished, the first terminal is further configured to generate a data channel closing request according to the identification information of the protocol transmission tunnel, package the data channel closing request through the data transmission protocol, and send a first end packet generated by the package to the first cloud server;

the second terminal is configured to close the second long connection data channel, generate a second end packet including fourth acknowledgement information based on the first end packet, and send the second end packet to the first cloud server;

Specifically, when the communication between the first terminal and the second terminal is finished, the first terminal generates a data channel closing request according to the identification information of the protocol transmission tunnel, encapsulates the data channel closing request through the data transmission protocol, and sends a first end message generated by encapsulation to the first cloud server;

after receiving the first end packet, the first cloud server first closes the first long connection data channel Tunnel-C1, and forwards the first end packet (FIN packet) to the second terminal through the first long connection control channel Tunnel-P0, and closes the second long connection data channel Tunnel-P1 with the second terminal, and after receiving the first end packet, the second terminal closes the second long connection data channel Tunnel-P1, and sends an acknowledgement packet (second end packet) to the first cloud server, and the first cloud server forwards the acknowledgement packet to the first terminal, and after receiving the acknowledgement packet, the first terminal confirms that the HTTP Tunnel between the first cloud server and the second terminal is closed.

When the communication between the first terminal and the second terminal is finished, the long connection is closed in time, so that the consumption of system resources is reduced, and the utilization rate of the system resources is improved.

In one embodiment of the description, a first terminal generates an operation and maintenance data acquisition request of a second terminal, packages the operation and maintenance data acquisition request through a data transmission protocol, and sends a packaging result to a first cloud server; the first cloud server transmits the encapsulation result to the second terminal through a protocol transmission tunnel established between the first cloud server and the second terminal, receives operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and forwards the operation and maintenance data to the first terminal; the first terminal analyzes the received operation and maintenance data and sends an operation and maintenance instruction generated according to an analysis result to the second terminal through the first cloud server; and the second terminal executes operation and maintenance operation based on the operation and maintenance instruction.

Fig. 2 shows a process flow diagram of an operation and maintenance processing method according to an embodiment of the present disclosure, which includes steps 202 to 208.

Step 202, receiving an encapsulation result generated by encapsulating an operation and maintenance data acquisition request through a data transmission protocol, where the operation and maintenance data acquisition request is generated according to a communication address corresponding to a second terminal.

And step 204, transmitting the encapsulation result to the second terminal corresponding to the communication address through a protocol transmission tunnel established between the second terminal and the encapsulation result.

Step 206, receiving the operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and forwarding the operation and maintenance data to the first terminal.

And 208, receiving an operation and maintenance instruction returned by the first terminal, and sending the operation and maintenance instruction to the second terminal so that the second terminal executes operation and maintenance operations based on the operation and maintenance instruction, wherein the operation and maintenance instruction is generated by the first terminal according to an analysis result obtained by analyzing the operation and maintenance data.

establishing a first long connection control channel with the second terminal;

Optionally, the operation and maintenance processing method further includes:

An operation and maintenance processing method provided in an embodiment of the present specification is applied to a first cloud server, and generates an encapsulation result by receiving an operation and maintenance data acquisition request sent by a first terminal and encapsulating the operation and maintenance data acquisition request through a data transmission protocol, where the operation and maintenance data acquisition request is generated according to a communication address corresponding to a second terminal, transmitting the encapsulation result to the second terminal corresponding to the communication address through a protocol transmission tunnel established between the second terminal and the second terminal, receiving operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and the operation and maintenance data are forwarded to the first terminal, the operation and maintenance instruction returned by the first terminal is received, and sending the operation and maintenance instruction to the second terminal so that the second terminal executes operation and maintenance operation based on the operation and maintenance instruction, and the operation and maintenance instruction is generated by the first terminal according to an analysis result obtained by analyzing the operation and maintenance data.

The foregoing is an exemplary scheme of an operation and maintenance processing method applied to the first cloud server in this embodiment. It should be noted that the technical solution of the operation and maintenance processing method and the technical solution of the operation and maintenance processing system belong to the same concept, and details of the technical solution of the operation and maintenance processing method, which are not described in detail, can be referred to the description of the technical solution of the operation and maintenance processing system.

The operation and maintenance processing method provided in this specification is further described below with reference to fig. 3, by taking an application of the operation and maintenance processing method in remote operation and maintenance of a private cloud server as an example. Fig. 3 shows an interaction diagram of an operation and maintenance processing method provided in an embodiment of the present specification, and specific steps include steps 302 to 326.

Step 302, the private cloud server and the public cloud server establish a first long connection control channel.

And 304, establishing a second long connection control channel between the operation and maintenance terminal and the public cloud server.

And step 306, the operation and maintenance terminal sends a first control message to the private cloud server through the public cloud server.

The method comprises the steps that a public cloud server and a private cloud server establish a first long connection control channel, an operation and maintenance terminal encapsulates a data channel establishment request through a data transmission protocol, sends an encapsulated first control message to the public cloud server, and establishes a first long connection data channel (Tunnel-C1) with the public cloud server; and then forwarding the first control packet obtained by encapsulation to the private cloud server by the public cloud server through the first long connection control channel.

And 308, the private cloud server sends a second control message to the operation and maintenance terminal through the public cloud server.

Specifically, after receiving the first control packet, the private cloud server establishes a second long connection data channel (Tunnel-P1) with the public cloud server, and returns a second control packet including a synchronization + acknowledgement (SYN + ACK) flag to the public cloud server, indicating that the request of the operation and maintenance terminal is accepted, and the ACK is an acknowledgement (acknowledgement), and the public cloud server forwards the second control packet to the operation and maintenance terminal.

And 310, the operation and maintenance terminal returns a confirmation message of the second control message to the private cloud server through the public cloud server.

Establishing a protocol transmission tunnel between the public cloud server and the private cloud server in steps 306 to 310 by establishing a long connection, wherein the establishment process of the long connection needs three-way handshake, that is, firstly, an operation and maintenance terminal encapsulates a data channel establishment request into a first control message (TCP message) containing a synchronization flag (SYN flag), and sends the first control message to the private cloud server through the public cloud server, wherein the first control message indicates a communication address, such as an IP address + port, of the private cloud server, and establishes a first long connection data channel with the public cloud server;

after receiving the first control message, the private cloud server establishes a second long connection data channel with the public cloud server, returns a second control message containing a synchronization + response (SYN + ACK) mark to the public cloud server, the public cloud server forwards the second control message to the operation and maintenance terminal, the operation and maintenance terminal returns an acknowledgement message ACK to the public cloud server after receiving the second control message, and the public cloud server forwards the acknowledgement message ACK (third control message) to the private cloud server until the long connection is completed.

After the first long connection data channel and the second long connection data channel are established, the protocol transmission tunnel can be established between the operation and maintenance terminal and the private cloud server through the first long connection data channel and the second long connection data channel.

In addition, since the first control message may indicate a communication address, such as an IP address and a port, of the private cloud server, the first control message may indicate a device to be connected. Therefore, after the second long connection data channel is established between the private cloud server and the public cloud server, the private cloud server may determine, according to the communication address, a target local network device in the local area network corresponding to the communication address, and establish a TCP connection or a UDP connection with the target local network device, so as to establish a bidirectional protocol transmission channel of the operation and maintenance terminal- > public cloud server- > Tunnel-P1- > private cloud server- > local network device- > private cloud server- > public cloud server- > Tunnel-C1- > operation and maintenance terminal.

In step 312, the operation and maintenance terminal sends an operation and maintenance data acquisition request to the local network device.

The operation and maintenance terminal packages the operation and maintenance data acquisition request and sends the packaging result to the public cloud server, the public cloud server forwards the operation and maintenance data acquisition request to the private cloud server through the second long connection data channel, and the private cloud server forwards the operation and maintenance data acquisition request to the local network equipment.

In step 314, the local network device encapsulates the operation and maintenance data.

Step 316, the local network device sends the encapsulated first data packet to the operation and maintenance terminal.

Specifically, after the private cloud server establishes a second long connection data channel with the public cloud server and establishes a TCP connection with the local network device, the private cloud server is used for forwarding data between the public cloud server and the local network device. Therefore, after receiving the encapsulation result sent by the public cloud server, the private cloud server can forward the encapsulation result to the local network device; the local network equipment receives the encapsulation result, can analyze the encapsulation result, obtains operation and maintenance data based on the analysis result, encapsulates the operation and maintenance data through the data transmission protocol, and sends a first data message generated by encapsulation to the private cloud server.

And the private cloud server forwards the first data message to a public cloud server, and the public cloud server forwards the first data message to the operation and maintenance terminal through the first long connection data channel.

Step 318, the operation and maintenance terminal receives the first data message, and analyzes the first data message to obtain the operation and maintenance data.

And 320, the operation and maintenance terminal analyzes the received operation and maintenance data and sends an operation and maintenance instruction generated according to the analysis result to the local network equipment.

The operation and maintenance terminal analyzes the received operation and maintenance data and sends an operation and maintenance instruction generated according to an analysis result to the public cloud server, the public cloud server forwards the operation and maintenance instruction to the private cloud server through the second long connection data channel, and the private cloud server forwards the operation and maintenance instruction to the local network equipment.

And step 322, the local network device executes the operation and maintenance operation based on the operation and maintenance instruction.

Step 324, the operation and maintenance terminal sends a data channel closing request to the private cloud server through the public cloud server, and closes the first long connection data channel.

And encapsulating the data channel closing request through the data transmission protocol, and sending a first end message generated by encapsulation to the private cloud server through the second long connection control channel.

Step 326, the private cloud server closes the second long connection data channel, generates a second end packet including fourth confirmation information based on the first end packet, and sends the second end packet to the operation and maintenance terminal through the public cloud server.

And the private cloud server sends the second end message to a public cloud server, and the public server forwards the second end message to the operation and maintenance terminal through a second long connection control channel.

In the embodiment of the specification, the operation and maintenance terminal establishes a protocol transmission tunnel with the private cloud server through the public cloud server, and performs information transmission between the protocol transmission tunnel and the private cloud server, so that the operation and maintenance system jointly composed of the operation and maintenance terminal, the public cloud server and the private cloud server realizes remote operation and maintenance of the private cloud server, and the operation and maintenance terminal, the public cloud server and the private cloud server are favorable for reducing operation and maintenance cost and operation and maintenance work difficulty, and are favorable for improving operation and maintenance management efficiency of the private cloud server.

Corresponding to the above method embodiment, the present specification further provides an operation and maintenance processing apparatus embodiment, and fig. 4 shows a schematic diagram of an operation and maintenance processing apparatus provided in an embodiment of the present specification. As shown in fig. 4, the apparatus includes:

a receiving module 402, configured to receive an operation and maintenance data acquisition request sent by a first terminal, where the operation and maintenance data acquisition request includes a communication address corresponding to a second terminal;

a transmission module 404, configured to encapsulate the operation and maintenance data acquisition request through a data transmission protocol, and transmit an encapsulation result to the second terminal corresponding to the communication address through a protocol transmission tunnel established between the second terminal and the transmission module;

a forwarding module 406, configured to receive operation and maintenance data returned by the second terminal through the protocol transmission tunnel, and forward the operation and maintenance data to the first terminal;

the operation and maintenance module 408 is configured to receive an operation and maintenance instruction returned by the first terminal, and send the operation and maintenance instruction to the second terminal, so that the second terminal executes operation and maintenance operations based on the operation and maintenance instruction, where the operation and maintenance instruction is generated by the first terminal according to an analysis result obtained by analyzing the operation and maintenance data.

Optionally, the transmission module 404 includes:

and the first control message sending submodule is configured to establish a first long connection data channel between the first control message sending submodule and the first terminal, and send the first control message obtained by encapsulation to the second terminal corresponding to the communication address through the first long connection control channel which is established with the second terminal in advance.

Optionally, the operation and maintenance processing apparatus further includes:

and the channel establishing module is configured to receive a second control message which is returned by the second terminal and contains first confirmation information of the first control message, and establish a second long connection data channel with the second terminal, wherein the first long connection data channel and the second long connection data channel form the protocol transmission tunnel.

Optionally, the forwarding module 406 includes:

and the first data message receiving submodule is configured to receive a first data message, which is generated by encapsulating the operation and maintenance data through the data transmission protocol and is returned by the second terminal, and forward the first data message to the first terminal through the second long connection data channel.

Optionally, the sending module 408 includes:

and the second data message sending submodule is configured to receive the operation and maintenance instruction returned by the first terminal, package the operation and maintenance instruction through the data transmission protocol, and send the packaged second data message to the second terminal through the second long connection data channel.

a first control channel establishing module configured to establish a first long connection control channel with the second terminal;

the second control channel establishing module is configured to establish a first long connection control channel with the first terminal based on a control channel establishing request sent by the first terminal.

a channel closing request receiving module configured to receive a data channel closing request sent by the second terminal, where the data channel closing request carries identification information of the protocol transmission tunnel;

a first end packet sending module, configured to close the first long connection data channel and send the first end packet to the second terminal through the first long connection control channel;

and the second end message receiving module is configured to receive a second end message which is returned by the second terminal and contains fourth confirmation information of the first end message, and confirm that the protocol transmission tunnel is closed.

accordingly, the transmission module 404 includes:

and the transmission sub-module is configured to transmit the encapsulation result to the operation and maintenance processing module through a protocol transmission tunnel established between the transmission sub-module and the second terminal.

Optionally, the forwarding module 406 includes:

and the operation and maintenance data receiving submodule is configured to receive the operation and maintenance data which is obtained by the operation and maintenance processing module through accessing the communication address and is returned through the protocol transmission tunnel.

The above is a schematic scheme of an operation and maintenance processing apparatus of this embodiment. It should be noted that the technical solution of the operation and maintenance processing apparatus and the technical solution of the operation and maintenance processing method belong to the same concept, and details of the technical solution of the operation and maintenance processing apparatus, which are not described in detail, can be referred to the description of the technical solution of the operation and maintenance processing method.

FIG. 5 illustrates a block diagram of a computing device 500 provided in accordance with one embodiment of the present description. The components of the computing device 500 include, but are not limited to, a memory 510 and a processor 520. Processor 520 is coupled to memory 510 via bus 530, and database 550 is used to store data.

Computing device 500 also includes access device 540, access device 540 enabling computing device 500 to communicate via one or more networks 560. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. The access device 540 may include one or more of any type of network interface, e.g., a Network Interface Card (NIC), wired or wireless, such as an IEEE802.11 Wireless Local Area Network (WLAN) wireless interface, a worldwide interoperability for microwave access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.

In one embodiment of the present description, the above-described components of computing device 500, as well as other components not shown in FIG. 5, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device architecture shown in FIG. 5 is for purposes of example only and is not limiting as to the scope of the present description. Those skilled in the art may add or replace other components as desired.

Computing device 500 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), mobile phone (e.g., smartphone), wearable computing device (e.g., smartwatch, smartglasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 500 may also be a mobile or stationary server.

Wherein the memory 510 is used for storing computer executable instructions, and the processor 520 is used for executing the computer executable instructions to implement the steps of the operation and maintenance processing method.

The above is an illustrative scheme of a computing device of the present embodiment. It should be noted that the technical solution of the computing device and the technical solution of the operation and maintenance processing method belong to the same concept, and details that are not described in detail in the technical solution of the computing device can be referred to the description of the technical solution of the operation and maintenance processing method.

An embodiment of the present specification further provides a computer-readable storage medium storing computer-executable instructions, which are executed by a processor to implement the steps of the operation and maintenance processing method.

The above is an illustrative scheme of a computer-readable storage medium of the present embodiment. It should be noted that the technical solution of the storage medium belongs to the same concept as the technical solution of the operation and maintenance processing method described above, and for details that are not described in detail in the technical solution of the storage medium, reference may be made to the description of the technical solution of the operation and maintenance processing method described above.

The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

The computer-executable instructions comprise computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.

It should be noted that, for the sake of simplicity, the foregoing method embodiments are described as a series of acts, but those skilled in the art should understand that the present embodiment is not limited by the described acts, because some steps may be performed in other sequences or simultaneously according to the present embodiment. Further, those skilled in the art should also appreciate that the embodiments described in this specification are preferred embodiments and that acts and modules referred to are not necessarily required for an embodiment of the specification.

In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

The preferred embodiments of the present specification disclosed above are intended only to aid in the description of the specification. Alternative embodiments are not exhaustive and do not limit the invention to the precise embodiments described. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the embodiments and the practical application, to thereby enable others skilled in the art to best understand and utilize the embodiments. The specification is limited only by the claims and their full scope and equivalents.

Claims

1. An operation and maintenance processing system comprising:

2. The operation and maintenance processing system according to claim 1, wherein the second terminal is configured to establish a long connection with the first cloud server, and generate a protocol transmission tunnel between the second terminal and the first cloud server.

3. The operation and maintenance processing system according to claim 1 or 2, wherein the first terminal is further configured to send a data channel establishment request to the first cloud server;

4. The operation and maintenance processing system according to claim 3, wherein the second terminal is further configured to parse the encapsulation result, obtain operation and maintenance data based on the operation and maintenance data obtaining request in the parsing result, encapsulate the operation and maintenance data through the data transmission protocol, and return the encapsulated first data packet to the first cloud server;

5. The operation and maintenance processing system according to claim 4, wherein the first terminal is further configured to parse the first data packet, generate an operation and maintenance instruction according to the operation and maintenance data obtained through parsing, package the operation and maintenance instruction through the data transmission protocol, and send a second data packet after being packaged to the second terminal through the second long connection data channel.

6. The operation and maintenance processing system according to claim 1 or 2, wherein the second terminal is further configured to establish a first long connection control channel with the first cloud server;

7. The operation and maintenance processing system according to claim 6, wherein the first cloud server is further configured to establish a first long connection data channel with the first terminal, and send a third control packet obtained by encapsulation to the second terminal through the first long connection control channel;

8. The operation and maintenance processing system according to claim 5 or 7, wherein the first terminal is further configured to generate a data channel closing request according to identification information of a protocol transmission tunnel, encapsulate the data channel closing request through the data transmission protocol, and send a first end packet generated by encapsulation to the first cloud server;

9. The operation and maintenance processing system according to claim 1, wherein the second terminal is a second cloud server in a local area network, the second cloud server includes a firewall module, and the firewall module is provided with a local area network interface, an isolation area and an external network interface;

correspondingly, the operation and maintenance processing module is configured to receive the encapsulation result and forward the encapsulation result to the local network device;

the local network equipment is configured to analyze the encapsulation result, obtain operation and maintenance data based on the analysis result, encapsulate the operation and maintenance data through the data transmission protocol, and return an encapsulated third data message to the operation and maintenance processing module;

10. An operation and maintenance processing method is applied to a first cloud server and comprises the following steps:

11. The operation and maintenance processing method according to claim 10, wherein the encapsulating the operation and maintenance data obtaining request by a data transmission protocol, and transmitting an encapsulated result to the second terminal corresponding to the communication address through a protocol transmission tunnel established between the second terminal includes:

12. The operation and maintenance processing method according to claim 11, before the receiving the operation and maintenance data returned by the second terminal through the protocol transmission tunnel, further comprising:

13. The operation and maintenance processing method according to claim 12, wherein the receiving operation and maintenance data returned by the second terminal through the protocol transmission tunnel and forwarding the operation and maintenance data to the first terminal includes:

14. The operation and maintenance processing method according to claim 13, wherein the receiving the operation and maintenance instruction returned by the first terminal and sending the operation and maintenance instruction to the second terminal includes:

15. The operation and maintenance processing method according to claim 10, wherein before receiving the operation and maintenance data acquisition request sent by the first terminal, the method further comprises:

establishing a first long connection control channel with the second terminal;

16. The operation and maintenance processing method of claim 15, further comprising:

17. The operation and maintenance processing method according to claim 10, wherein the first cloud server is a public cloud server, the second terminal is a private cloud server in a local area network, and the private cloud server includes a firewall module, and the firewall module is provided with a local area network interface, an isolation area, and an external network interface;

18. The operation and maintenance processing method according to claim 17, wherein the receiving operation and maintenance data returned by the second terminal through the protocol transmission tunnel includes:

19. An operation and maintenance processing apparatus comprising:

20. A computing device, comprising:

a memory and a processor;

the memory is configured to store computer-executable instructions, and the processor is configured to execute the computer-executable instructions to implement the steps of the operation and maintenance processing method according to any one of claims 10 to 18.

21. A computer readable storage medium storing computer executable instructions which, when executed by a processor, perform the steps of the operation and maintenance processing method of any one of claims 10 to 18.