CN113645081B - Method, equipment and medium for realizing multi-outlet of tenant network in cloud network environment - Google Patents
Method, equipment and medium for realizing multi-outlet of tenant network in cloud network environment Download PDFInfo
- Publication number
- CN113645081B CN113645081B CN202110941699.1A CN202110941699A CN113645081B CN 113645081 B CN113645081 B CN 113645081B CN 202110941699 A CN202110941699 A CN 202110941699A CN 113645081 B CN113645081 B CN 113645081B
- Authority
- CN
- China
- Prior art keywords
- network
- tenant
- switch
- tenant network
- sdn controller
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 230000001360 synchronised effect Effects 0.000 claims description 8
- 230000002776 aggregation Effects 0.000 claims description 7
- 238000004220 aggregation Methods 0.000 claims description 7
- 230000007246 mechanism Effects 0.000 claims description 4
- 238000000638 solvent extraction Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 5
- 238000002955 isolation Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the specification provides a method for realizing tenant network multi-export in a cloud network environment, wherein the network environment comprises the following steps: the method comprises the steps of: synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset project; selecting a boundary switch in a Spine-Leaf switch network for the tenant network based on the SDN controller; and binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch.
Description
Technical Field
The present disclosure relates to the field of cloud computing networks, and in particular, to a method for implementing multi-export of a tenant network in a cloud network environment.
Background
In recent years, cloud computing business needs develop rapidly, cloud computing has gradually formed products from a concept and is integrated into daily life, and in a data center of the cloud computing, resources not only comprise common computing resources, network resources and storage resources, but also comprise export resources, and generally, the export resources are included in the network resources. As data centers further develop, there is also an increasing demand for variability in data center outlets, sometimes requiring each tenant to have a unique extranet outlet in the virtual private cloud (Virtual Private Cloud, VPC) due to the nature of the traffic.
In the multi-tenant technology, a tenant refers to a user who uses a system or a computing resource, and all data included in the system that can be identified as a specific user, such as account and statistics information created in the system, format data set in the system, and a customized application environment set by the user, etc., belong to the scope of the tenant. The existing tenant network export scheme mainly uses multiple tenants to share one or a pair of aggregation exports, does not isolate traffic of tenant external exports physically, and the multiple tenants perform data transmission on one port of the boundary switch, so that the utilization rate of the port and the bandwidth of the boundary switch is low. And when the situation of high concurrency and high traffic of the tenant occurs, the traffic of the tenant exceeds the bandwidth of the port of the boundary switch, so that data congestion and packet loss can be caused.
Therefore, there is a need for a method that can improve the utilization of the border switch ports and bandwidth, and physically isolate different tenant traffic.
Disclosure of Invention
One or more embodiments of the present disclosure provide a method, an apparatus, and a medium for implementing tenant network multi-export in a cloud network environment, which are used to solve the following technical problems: how to provide a method for improving the port utilization rate of a boundary switch and physically isolating the traffic of different tenants.
One or more embodiments of the present disclosure adopt the following technical solutions:
one or more embodiments of the present disclosure provide a method for implementing tenant network multi-export in a cloud network environment, where the cloud network environment includes: the method comprises the following steps of:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
and binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch.
Optionally, in one or more embodiments of the present disclosure, before the synchronizing, by a preset item, configuration information of a tenant network in the cloud platform to the SDN controller, the method further includes:
performing configuration division on the tenant network based on a preset component of the cloud platform;
integrating the cloud platform with the SDN controller through a preset project so as to synchronize configuration information of the tenant network to the SDN controller later.
Optionally, in one or more embodiments of the present disclosure, the configuring and dividing the tenant network based on the preset component of the cloud platform specifically includes:
setting the network type of the tenant network based on a first network configuration item of the preset component; wherein the first network configuration item comprises: the tenant_network_types;
dividing the network segment range of the tenant network through a second network configuration item of the preset component; wherein the second network configuration item comprises vni_ ranges, network _vlan_ranges.
Optionally, in one or more embodiments of the present disclosure, after the synchronizing, by a preset item, configuration information of a tenant network in the cloud platform to the SDN controller, the method further includes:
issuing configuration information of the tenant network to a switch in a switch network of the Spine-Leaf structure through the SDN controller;
based on a synchronous linkage mechanism of the switch in the switch network of the Spine-Leaf structure and the configuration information in the cloud platform, the east-west flow intercommunication of the tenant network is realized.
Optionally, in one or more embodiments of the present disclosure, the selecting, based on the SDN controller, a border switch in the Spine-Leaf structure switch network for the tenant network specifically includes:
based on the operation interface of the SDN controller, randomly selecting one boundary switch or a pair of boundary switches in a switch network of the Spine-Leaf structure; the boundary switch is a BorderLeaf switch with a virtual private cloud.
Optionally, in one or more embodiments of the present disclosure, the binding, by the edge switch of the tenant network determined by the SDN controller, the tenant network to a port of the edge switch specifically includes:
if the boundary switch is determined to be one boundary switch in the switch network of the Spine-Leaf structure, any one or more physical ports of the boundary switch are selected to be bound with the tenant network;
and if the boundary switch is determined to be a pair of boundary switches with virtual private clouds in the switch network of the Spine-Leaf structure, selecting an aggregation port of the boundary switch to bind with the tenant network.
Optionally, in one or more embodiments of the present disclosure, after the binding of the tenant network with the port of the boundary switch in the Spine-Leaf switch is implemented according to the selected tenant network egress to complete configuration of the tenant network multi-egress, the method further includes:
connecting an external outlet of the tenant network with a hub, and accessing the hub into an operator network;
selecting an outlet of the operator network based on a preset priority of the operator network, and realizing the operator multilink outlet of the tenant network; the preset priority of the operator is determined at least based on the required frequency band of the tenant, the network flow of the tenant and the charging mode of the operator.
Optionally, in one or more embodiments of the present specification, the SDN controller includes: opendayleight; the cloud platform comprises an OpenStack; the preset plug-in comprises a networking-odl; the preset component includes a neutron.
One or more embodiments of the present disclosure provide an apparatus for implementing tenant network multi-export in a cloud network environment, including:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
and binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch.
One or more embodiments of the present specification provide a non-volatile computer storage medium storing computer-executable instructions configured to:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
and binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch.
The above-mentioned at least one technical scheme that this description embodiment adopted can reach following beneficial effect: by binding the tenant network into one or more ports of the border switch, the port utilization of the switch is improved, and traffic external to the tenant network and northbound traffic of the tenant are also physically isolated. The multi-outlet of the tenant network is realized through the isolation of the physical ports, and when the situation of high concurrency and high flow tenant is faced, the phenomenon of data congestion and packet loss caused by the fact that the flow of the tenant exceeds the port bandwidth is avoided.
Drawings
In order to more clearly illustrate the embodiments of the present description or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some of the embodiments described in the present description, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. In the drawings:
fig. 1 is a flow chart of a method for implementing tenant network multi-egress in a cloud network environment according to one or more embodiments of the present disclosure;
FIG. 2 is a schematic illustration of a Spine-Leaf physical topology of the method of FIG. 1 in an application scenario provided by one or more embodiments of the present disclosure;
fig. 3 is a schematic structural diagram of a method of fig. 1 for physically isolating tenants through a hardware device in an application scenario provided in one or more embodiments of the present disclosure;
fig. 4 is a schematic diagram of an internal structure of a device for implementing multi-outlets of a tenant network in a cloud network environment according to one or more embodiments of the present disclosure;
fig. 5 is a schematic diagram illustrating an internal structure of a nonvolatile storage medium according to one or more embodiments of the present disclosure.
Detailed Description
The embodiment of the specification provides a method, equipment and medium for realizing multi-outlet of a tenant network in a cloud network environment.
In order to make the technical solutions in the present specification better understood by those skilled in the art, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, shall fall within the scope of the present disclosure.
In recent years, cloud computing business demands develop rapidly, cloud computing is gradually integrated into daily life from a concept, and a mature cloud computing management platform is OpenStack. OpenStack is an open-source cloud computing management platform project, and specific work is completed by combining several components. OpenStack supports almost all types of cloud environments, and provides a cloud computing management platform which is simple to implement, can be expanded in a large scale, is rich and has unified standards.
In the multi-tenant technology, a tenant is a user who uses a system or a computing resource, and all data which is included in the system and can be identified as a specified user, such as accounts and statistical information created in the system, various data set in the system, and a customized application environment set by the user, etc., belong to the scope of the tenant.
Currently, in a cloud computing environment, multiple tenants use the underlying hardware resources provided by a unified resource pool. In order to ensure the security of tenant data, tenants need to be isolated, so that virtual machines inside the tenants can communicate with each other, and the virtual machines among the tenants are isolated from each other. In the prior art, ports of a virtual switch are bound with a network to isolate the tenant network, so that tenant isolation on a software layer is realized, but the multi-tenant network is still based on port output of the same physical switch, and when the high concurrency and high traffic of the tenant network are faced, the ports of the physical switch cannot meet the traffic demand of the multi-tenant network, so that data congestion and loss are caused.
In order to solve the above problems, in the embodiment of the present disclosure, an API port of a cloud platform-based preset setup project is combined with a preset plug-in docking SDN controller of the cloud platform in a cloud network integrated environment, so as to bind a tenant network with a port of a border switch, thereby solving the problem that the existing multi-tenant cannot face high concurrency of the tenant network when sharing one or a pair of aggregation outlets. Meanwhile, the isolation of the tenant network is realized based on the physical port, and the problem that port faults affect all tenant services is solved.
The technical scheme provided in the specification is described in detail below with reference to the accompanying drawings.
One or more embodiments of the present disclosure provide a cloud network environment, on the basis of which the coordination between devices or functional modules is more efficient and reasonable, and fig. 1 is a physical topology schematic diagram of the cloud network environment.
In fig. 1, the cloud environment includes: the system comprises a cloud platform, a Spine-Leaf switch network for providing switching services for the cloud platform, and an SDN controller for controlling the switch network. The cloud platform comprises a control node and a computing node, wherein network cards of the control node and the computing node can be connected with a Leaf switch in a switch network, the control node can be connected with an SDN controller to send data to the SDN controller, and the switch in the switch network sends configuration through the SDN controller to operate a corresponding routing protocol BGP EVPN. The boundary switch is connected with the operator network to access the private line, so that the fast switching of the intra-cloud route can be performed when the single point of the link of the operator fails, and the normal operation of the tenant service is ensured.
Based on the cloud environment in fig. 1, one or more embodiments of the present disclosure provide a method for implementing tenant network multi-export in the cloud environment, and fig. 2 is a method flow diagram of the method.
The flow in fig. 2 includes the following steps:
s201: and synchronizing configuration information of the tenant network in the cloud platform to the SDN controller through a preset item.
In one or more embodiments of the present disclosure, before the synchronizing, by a preset item, configuration information of a tenant network in the cloud platform to the SDN controller, the method further includes:
performing configuration division on the tenant network based on a preset component of the cloud platform;
integrating the cloud platform with the SDN controller through a preset project so as to synchronize configuration information of the tenant network to the SDN controller later.
In one or more embodiments of the present disclosure, the configuration partitioning of the tenant network based on the preset component of the cloud platform specifically includes:
setting the network type of the tenant network based on a first network configuration item of the preset component; wherein the first network configuration item comprises: the tenant_network_types;
dividing the network segment range of the tenant network through a second network configuration item of the preset component; wherein the second network configuration item comprises vni_ ranges, network _vlan_ranges.
In one or more embodiments of the present disclosure, after the synchronizing, by a preset item, configuration information of a tenant network in the cloud platform to the SDN controller, the method further includes:
issuing configuration information of the tenant network to a switch in a switch network of the Spine-Leaf structure through the SDN controller;
based on a synchronous linkage mechanism of the switch in the switch network of the Spine-Leaf structure and the configuration information in the cloud platform, the east-west flow intercommunication of the tenant network is realized.
In one or more embodiments of the present disclosure, a cloud network environment includes a cloud platform and an SDN controller. Before tenant network multi-outlet setting is performed, the cloud platform and the SDN controller need to be integrated based on preset items, so that each piece of configuration information of the interface of a preset component in the cloud platform can be synchronized into the SDN controller. The preset project is Networking-odl, the Networking-odl includes a driving module of a two-layer switching network and a three-layer switching plug-in, and the SDN controller and the cloud platform may be integrated together. After the cloud platform and the SDN are integrated, the SDN controller may monitor configuration updates in the cloud platform to issue information of the cloud platform configuration updates to the Spine-Leaf switch network.
The network type of the tenant network is configured based on the first network configuration item of the cloud platform preset component, the network range of the tenant network is divided based on the second network configuration item of the cloud platform preset component, and configuration division of the tenant network is completed. For example: when the first network configuration item, the tent_network_types, are configured as vxlan, the created tenant network type is vxlan; and based on the second network configuration item vni_range, configuring the network segment range of the vlan for the tenant network according to actual conditions or based on the second network configuration item network_vlan_range, configuring the network segment range of the vlan for the tenant network, and completing the division of the tenant network.
After the configuration of the tenant network is divided by the cloud platform, after the SDN controller monitors the configuration information of the tenant network in the cloud platform, the configuration information of the tenant network is synchronized into the SDN controller, the SDN controller is issued to the Spine-Leaf switch network, synchronous linkage of the switches in the switch network of the Spine-Leaf structure and the configuration information in the cloud platform is realized, and intercommunication of virtual machine thing flow in the tenant internal network is realized based on the synchronous linkage mechanism, so that processing operation of tenant internal data is realized.
The tenant needs to explain that, taking public cloud as an example: an application system related to a cloud service provider can accommodate more than a few tenants to use in the same environment. For example, amazon provides virtual servers at its data center for thousands of enterprise users, including well known enterprises such as Twitter and washington postings, which are tenants. In the private cloud environment, tenants become departments of the enterprise or government that occupy IT resources, and the occupation is different from the previous permanent occupation of the resources, and refers to sharing the resources in the private cloud in a specific time period or place. For example, a video conference system of a company is deployed in a private cloud data center of a company headquarter, and a branch company rents the video conference system at 16:00-17:00 pm every monday, and the branch company is a tenant.
S202: and selecting a boundary switch in the Spine-Leaf switch network for the tenant network based on the SDN controller.
In one or more embodiments of the present disclosure, the selecting, based on the SDN controller, a border switch in the Spine-Leaf fabric switch network for the tenant network specifically includes:
based on the operation interface of the SDN controller, randomly selecting one boundary switch or a pair of boundary switches in a switch network of the Spine-Leaf structure; the boundary switch is a BorderLeaf switch with a virtual private cloud.
After the step S201, the configuration information of the tenant network in the cloud platform is synchronized to the SDN controller, and the corresponding boundary device can be selected for the tenant network through the operation interface of the SD controller. When the boundary equipment is selected, a single boundary equipment in a switch network of a Spine-Leaf structure can be selected, and the boundary equipment can also be a pair of Borderleaf boundary switches which do virtual private clouds, so that matching of the tenant network and the boundary equipment is realized.
S203: and binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch.
In one or more embodiments of the present disclosure, the binding, by the border switch of the tenant network determined by the SDN controller, the tenant network to a port of the border switch specifically includes:
if the boundary switch is determined to be one boundary switch in the switch network of the Spine-Leaf structure, any one or more physical ports of the boundary switch are selected to be bound with the tenant network;
and if the boundary switch is determined to be a pair of boundary switches with virtual private clouds in the switch network of the Spine-Leaf structure, selecting an aggregation port of the boundary switch to bind with the tenant network.
In one or more embodiments of the present disclosure, after the binding between the tenant network and the port of the border switch in the Spine-Leaf switch is implemented according to the selected tenant network egress to complete the configuration of the tenant network multi-egress, the method further includes:
connecting an external outlet of the tenant network with a hub, and accessing the hub into an operator network;
selecting an outlet of the operator network based on a preset priority of the operator network, and realizing the operator multilink outlet of the tenant network; the preset priority of the operator is determined at least based on the required frequency band of the tenant, the network flow of the tenant and the charging mode of the operator.
According to the boundary switch selected in step S202, the tenant network is also bound to the port of the boundary switch to realize physical isolation. If the boundary device selected through the operation interface of the SDN controller is a single boundary switch, any one or more physical ports of the boundary switch can be selected to bind with the tenant network, as shown in fig. 3 below, tenant 01 binds with the Eth01 port of the boundary switch, tenant 02 binds with the Eth02 port of the boundary switch, and two tenants respectively bind with different ports of the boundary switch, thereby avoiding the phenomenon of data congestion under high concurrency. If the boundary device selected through the operation interface of the SDN controller is a pair of boundary switches making a virtual private cloud VPC, an aggregation port of the boundary switch needs to be selected to bind with the tenant network. The problem that in the prior art, the port utilization rate of a switch is low due to the fact that a pair of aggregation outlets are shared after one outlet is shared by multiple tenants is solved, and the problem that the northbound flow of the tenant network is limited by port bandwidth and data is blocked is solved, so that the port and bandwidth utilization rate of the boundary switch are improved.
As shown in fig. 3, the external outlets of the tenant network are connected with the hub, wherein the hub accesses a plurality of operator networks, and the automatic switching to the outlets of other operators can be realized when the main operator fails by configuring the network priorities of different operators, so that the rapid switching of the intra-cloud routing can be realized when the links of the operators have single-point failure, and the reliability of the outlets of the tenant network is ensured.
In one or more embodiments of the present specification as illustrated in fig. 4, there is provided an apparatus for implementing tenant network multi-export in a cloud network environment, where the apparatus includes:
at least one processor 401; the method comprises the steps of,
a memory 402 communicatively coupled to the at least one processor 401; wherein,
the memory 402 stores executable instructions of the at least one processor 401, the instructions being executable by the at least one processor 401 to enable the at least one processor 401 to:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
and binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch.
As shown in fig. 5, in one or more embodiments of the present specification, there is provided a nonvolatile storage medium storing computer-executable instructions 501, the computer-executable instructions 501 including:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
and binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The foregoing is merely one or more embodiments of the present description and is not intended to limit the present description. Various modifications and alterations to one or more embodiments of this description will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, or the like, which is within the spirit and principles of one or more embodiments of the present description, is intended to be included within the scope of the claims of the present description.
Claims (9)
1. A method for implementing tenant network multi-export in a cloud network environment, the cloud network environment comprising: the method comprises the following steps of:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch; wherein the multiple outlets are ports of a border switch that is an external outlet to the tenant network;
wherein, according to the selected tenant network outlet, port binding between the tenant network and the boundary switch in the Spine-Leaf switch is realized, so as to complete configuration of the tenant network multi-outlet, the method further comprises:
connecting an external outlet of the tenant network with a hub, and accessing the hub into an operator network; wherein the external outlet of the tenant network is a port of a boundary switch;
selecting an outlet of the operator network based on a preset priority of the operator network, and realizing the operator multilink outlet of the tenant network; the preset priority of the operator is determined at least based on the required frequency band of the tenant, the network flow of the tenant and the charging mode of the operator.
2. The method for implementing tenant network multi-export in a cloud network environment according to claim 1, wherein before synchronizing configuration information of tenant networks in the cloud platform to the SDN controller through preset items, the method further includes:
performing configuration division on the tenant network based on a preset component of the cloud platform;
integrating the cloud platform with the SDN controller through a preset project so as to synchronize configuration information of the tenant network to the SDN controller later.
3. The method for implementing tenant network multi-export in cloud network environment according to claim 2, wherein the configuration partitioning is performed on the tenant network based on the preset component of the cloud platform, specifically comprising:
setting the network type of the tenant network based on a first network configuration item of the preset component; wherein the first network configuration item comprises: the tenant_network_types;
dividing the network segment range of the tenant network through a second network configuration item of the preset component; wherein the second network configuration item comprises vni_ ranges, network _vlan_ranges.
4. The method for implementing tenant network multi-export in a cloud network environment according to claim 1, wherein after synchronizing configuration information of tenant networks in the cloud platform to the SDN controller through preset items, the method further includes:
issuing configuration information of the tenant network to a switch in a switch network of the Spine-Leaf structure through the SDN controller;
based on a synchronous linkage mechanism of the switch in the switch network of the Spine-Leaf structure and the configuration information in the cloud platform, the east-west flow intercommunication of the tenant network is realized.
5. The method for implementing tenant network multi-export in a cloud network environment according to claim 1, wherein the selecting, based on the SDN controller, a border switch in the Spine-Leaf switch network for the tenant network specifically includes:
based on the operation interface of the SDN controller, randomly selecting one boundary switch or a pair of boundary switches in a switch network of the Spine-Leaf structure; the boundary switch is a BorderLeaf switch with a virtual private cloud.
6. The method for implementing tenant network multi-egress in a cloud network environment of claim 5, wherein the edge switch of the tenant network determined by the SDN controller binds the tenant network to a port of the edge switch, specifically comprising:
if the boundary switch is determined to be one boundary switch in the switch network of the Spine-Leaf structure, any one or more physical ports of the boundary switch are selected to be bound with the tenant network;
and if the boundary switch is determined to be a pair of boundary switches with virtual private clouds in the switch network of the Spine-Leaf structure, selecting an aggregation port of the boundary switch to bind with the tenant network.
7. The method for implementing tenant network multi-egress in a cloud network environment according to any of claims 1 to 6, wherein the SDN controller comprises: opendayleight; the cloud platform comprises an OpenStack; the preset plug-in comprises a networking-odl; the preset component includes a neutron.
8. An apparatus for implementing tenant network multi-export in a cloud network environment, the cloud network environment comprising: cloud platform, SDN controller, spine-Leaf switch network, equipment includes:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores executable instructions for the at least one processor that are executed by the at least one processor to cause the at least one processor to:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch; wherein the multiple outlets are ports of a border switch that is an external outlet to the tenant network;
and after the port binding of the tenant network and the boundary switch in the Spine-Leaf switch is realized according to the selected tenant network outlet so as to complete the configuration of the tenant network multi-outlet, the method further comprises the following steps:
connecting an external outlet of the tenant network with a hub, and accessing the hub into an operator network; wherein the external outlet of the tenant network is a port of a boundary switch;
selecting an outlet of the operator network based on a preset priority of the operator network, and realizing the operator multilink outlet of the tenant network; the preset priority of the operator is determined at least based on the required frequency band of the tenant, the network flow of the tenant and the charging mode of the operator.
9. A non-volatile storage medium storing computer-executable instructions, characterized by being applied to a computer system comprising: in a cloud network environment of a cloud platform, an SDN controller, a Spine-Leaf switch network, the computer-executable instructions include:
synchronizing configuration information of a tenant network in the cloud platform to the SDN controller through a preset item;
selecting a border switch in the Spine-Leaf switch network for the tenant network based on the SDN controller;
binding the tenant network to a port of the boundary switch according to the boundary switch of the tenant network determined by the SDN controller, so that the tenant network realizes multi-outlet northbound traffic output based on the port of the boundary switch; wherein the multiple outlets are ports of a border switch that is an external outlet to the tenant network;
and after the port binding of the tenant network and the boundary switch in the Spine-Leaf switch is realized according to the selected tenant network outlet so as to complete the configuration of the tenant network multi-outlet, the method further comprises the following steps:
connecting an external outlet of the tenant network with a hub, and accessing the hub into an operator network; wherein the external outlet of the tenant network is a port of a boundary switch;
selecting an outlet of the operator network based on a preset priority of the operator network, and realizing the operator multilink outlet of the tenant network; the preset priority of the operator is determined at least based on the required frequency band of the tenant, the network flow of the tenant and the charging mode of the operator.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110941699.1A CN113645081B (en) | 2021-08-17 | 2021-08-17 | Method, equipment and medium for realizing multi-outlet of tenant network in cloud network environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110941699.1A CN113645081B (en) | 2021-08-17 | 2021-08-17 | Method, equipment and medium for realizing multi-outlet of tenant network in cloud network environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113645081A CN113645081A (en) | 2021-11-12 |
| CN113645081B true CN113645081B (en) | 2024-03-29 |
Family
ID=78422276
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110941699.1A Active CN113645081B (en) | 2021-08-17 | 2021-08-17 | Method, equipment and medium for realizing multi-outlet of tenant network in cloud network environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113645081B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114553471A (en) * | 2022-01-05 | 2022-05-27 | 广东南方通信建设有限公司 | Tenant safety management system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106059915A (en) * | 2016-07-20 | 2016-10-26 | 赛特斯信息科技股份有限公司 | System and method for implementing limitation of north-south traffic of tenants based on SDN controller |
| CN108075956A (en) * | 2016-11-16 | 2018-05-25 | 新华三技术有限公司 | A kind of data processing method and device |
| CN112272145A (en) * | 2020-10-26 | 2021-01-26 | 新华三信息安全技术有限公司 | Message processing method, device, equipment and machine readable storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3192298A4 (en) * | 2014-09-08 | 2018-02-28 | Liveu Ltd. | Methods and systems for managing bonded communications across multiple communication networks |
-
2021
- 2021-08-17 CN CN202110941699.1A patent/CN113645081B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106059915A (en) * | 2016-07-20 | 2016-10-26 | 赛特斯信息科技股份有限公司 | System and method for implementing limitation of north-south traffic of tenants based on SDN controller |
| CN108075956A (en) * | 2016-11-16 | 2018-05-25 | 新华三技术有限公司 | A kind of data processing method and device |
| CN112272145A (en) * | 2020-10-26 | 2021-01-26 | 新华三信息安全技术有限公司 | Message processing method, device, equipment and machine readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113645081A (en) | 2021-11-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110301104B (en) | Optical line terminal OLT equipment virtualization method and related equipment | |
| CN111064649B (en) | Method and device for realizing binding of layered ports, control equipment and storage medium | |
| US10715597B2 (en) | Methods and systems to create a network-agnostic SDN-based cloud gateway for connectivity to multiple cloud service providers | |
| CN112600903B (en) | Elastic virtual network card migration method | |
| US20210320817A1 (en) | Virtual routing and forwarding segregation and load balancing in networks with transit gateways | |
| Cui et al. | Synergistic policy and virtual machine consolidation in cloud data centers | |
| CN104144143B (en) | Method and control device that network is set up | |
| CN103152239A (en) | Open VSwitch-based virtual network implementation method and system | |
| CN110636036A (en) | OpenStack cloud host network access control method based on SDN | |
| EP4320839A1 (en) | Architectures for disaggregating sdn from the host | |
| CN109739622A (en) | Active and standby master control configuration and synchronization method and device based on frame type equipment | |
| CN106899478A (en) | The method that power test business realizes resource resilient expansion by cloud platform | |
| CN104539558A (en) | Capacity-expansible IP telephone exchange blade mechanism frame and automatic capacity expansion method | |
| CN113645081B (en) | Method, equipment and medium for realizing multi-outlet of tenant network in cloud network environment | |
| CN111030932B (en) | Method, device and system for anchoring data message | |
| CN112929206B (en) | Method and device for configuring cloud physical machine in cloud network environment | |
| CN103795603A (en) | Edge virtual bridging method and device based on multiple network interface cards | |
| CN202940854U (en) | Multi-I/O network application system based on public computing service | |
| Netes et al. | Reliability challenges in software defined networking | |
| US20180198708A1 (en) | Data center linking system and method therefor | |
| CN103873338A (en) | Method for realizing network virtualization by utilizing binding and VLANs (Virtual Local Area Networks) | |
| CN110971456A (en) | Design method of computer network system suitable for large-scale commercial complex | |
| CN109462537A (en) | A kind of across a network interoperability methods and device | |
| WO2016197749A1 (en) | Link stacking method and apparatus and cross-frame traffic forwarding method and apparatus | |
| CN208316770U (en) | A kind of privately owned cloud system applied to simple scenario |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |