CN113722007A - Configuration method, device and system of VPN branch equipment - Google Patents
Configuration method, device and system of VPN branch equipment Download PDFInfo
- Publication number
- CN113722007A CN113722007A CN202110977300.5A CN202110977300A CN113722007A CN 113722007 A CN113722007 A CN 113722007A CN 202110977300 A CN202110977300 A CN 202110977300A CN 113722007 A CN113722007 A CN 113722007A
- Authority
- CN
- China
- Prior art keywords
- configuration
- configuration file
- file
- centralized control
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000004458 analytical method Methods 0.000 claims description 2
- 230000006870 function Effects 0.000 description 13
- 238000010586 diagram Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 7
- 238000004891 communication Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000004590 computer program Methods 0.000 description 2
- 238000003780 insertion Methods 0.000 description 2
- 230000037431 insertion Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
- G06F9/4451—User profiles; Roaming
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The disclosure relates to a configuration method, device, system, electronic device and computer readable medium of a VPN branch device. Can be used for a centralized control end, and the method comprises the following steps: generating a first configuration file according to the configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; and sending the third configuration file to the equipment terminal for configuration. According to the configuration method, device, system, electronic equipment and computer readable medium of the VPN branch equipment, the VPN branch equipment can configure own special configuration items, and after the centralized control end completes unified configuration and issue, the original configuration of the equipment end cannot be cleared, so that configuration refinement and controllable management are achieved.
Description
Technical Field
The present disclosure relates to the field of computer information processing, and in particular, to a method, an apparatus, a system, an electronic device, and a computer-readable medium for configuring a VPN branch device.
Background
An intelligent network management system, or centralized control, is a service platform integrating management, monitoring and service configuration, and is used for managing VPN branch devices. After the VPN branch equipment is added into the centralized control, the branch equipment can be configured to issue commands, the configuration of the branch equipment is completed, the centralized control configuration is limited, certain specific settings cannot be configured at the centralized control end and only can be configured at the equipment end, and under the condition, when the configuration is issued next time, the equipment can be configured to roll back the existing single configuration, so that the configuration end needs to be set again.
In the prior art, when configuration is issued, the device does not actively send the existing configuration of the device to the centralized control, and the centralized control end cannot acquire the individual configuration of the device, so that the individual configuration of the device end is deleted after a planned task is executed. Affecting the existing business process of the device.
Therefore, there is a need for a new VPN branch device configuration method, apparatus, system, electronic device, and computer readable medium.
The above information disclosed in this background section is only for enhancement of understanding of the background of the disclosure and therefore it may contain information that does not constitute prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
In view of this, the present disclosure provides a method, an apparatus, a system, an electronic device, and a computer readable medium for configuring a VPN branch device, so that the VPN branch device can configure a configuration that is not supported by its own specific centralized control, and after the centralized control completes a unified configuration issue, the original configuration at the device end is not cleared, thereby implementing fine and controllable management of the configuration.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.
According to an aspect of the present disclosure, a method for configuring a VPN branch device is provided, which can be used at a centralized control end, and the method includes: generating a first configuration file according to the configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; and sending the third configuration file to the equipment terminal for configuration.
In an exemplary embodiment of the present disclosure, generating the first configuration file according to the configuration information further includes: acquiring a configuration request from an equipment end; generating the first configuration file based on the configuration request and the configuration information.
In an exemplary embodiment of the present disclosure, acquiring the second configuration file from the device side includes: determining whether the equipment side starts a configuration merging function or not based on a configuration file interface; and when the equipment end starts the configuration merging function, acquiring the second configuration file.
In an exemplary embodiment of the present disclosure, parsing the first configuration file and the second configuration file includes: and analyzing the view set of the first configuration file and the view set of the second configuration file.
In an exemplary embodiment of the present disclosure, configuring and merging the parsed first configuration file and the second configuration file to generate a third configuration file includes: the analyzed first configuration file and the second configuration file are sequentially stored in an abstract interface document mapped by a preset Key-Value pair; and traversing Key-Value to perform data merging on each line of the mapped abstract interface document one by one to generate the third configuration file.
In an exemplary embodiment of the present disclosure, sequentially storing the parsed first configuration file and the parsed second configuration file in an abstract interface document mapped by a preset Key-Value pair, includes: when the view commands in the first configuration file and/or the second configuration file are read, storing key values in a set, and creating a null set value; and when the sub-commands in the first configuration file and/or the second configuration file are read, storing the value values corresponding to the current key values.
In an exemplary embodiment of the disclosure, traversing Key-Value pairs for each row of the mapped abstract interface document, performing data merging one by one to generate the third configuration file includes: traversing Key-Value to delete conflict configuration one by one for each line of the mapped abstract interface document; generating a merged configuration set; generating the third configuration file based on the merged configuration set.
According to an aspect of the present disclosure, a method for configuring a VPN branch device is provided, which can be used at a device side, and the method includes: sending the configuration request to a centralized control end; sending a second configuration file to the centralized control end based on the configuration request; acquiring a third configuration file from the centralized control end; and configuring the equipment based on the third configuration file.
In an exemplary embodiment of the present disclosure, further comprising: generating the second configuration file based on current configuration information.
In an exemplary embodiment of the present disclosure, configuring a device based on the third configuration file includes: performing a configuration rollback to update a device configuration based on the third configuration file.
According to an aspect of the present disclosure, a configuration apparatus of a VPN branch device is provided, which can be used at a centralized control end, and the apparatus includes: the first configuration module is used for generating a first configuration file according to the configuration information; the second configuration module is used for acquiring a second configuration file from the equipment terminal; the analysis module is used for analyzing the first configuration file and the second configuration file; the configuration merging module is used for configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; and the sending module is used for sending the third configuration file to the equipment terminal for configuration.
According to an aspect of the present disclosure, a configuration apparatus of a VPN branch device is provided, which is applicable to a device side, and the apparatus includes: the request module is used for sending the configuration request to the centralized control end; the file module is used for sending a second configuration file to the centralized control end based on the configuration request; the acquisition module is used for acquiring a third configuration file from the centralized control end; and the configuration module is used for configuring the equipment based on the third configuration file.
According to an aspect of the present disclosure, a configuration system of a VPN branch device is provided, the system including: the centralized control end is used for generating a first configuration file according to the configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; sending the third configuration file to the equipment end for configuration; the device end is used for sending the configuration request to the centralized control end; sending a second configuration file to the centralized control end based on the configuration request; acquiring a third configuration file from the centralized control end; and configuring the equipment based on the third configuration file.
According to an aspect of the present disclosure, an electronic device is provided, the electronic device including: one or more processors; storage means for storing one or more programs; when executed by one or more processors, cause the one or more processors to implement a method as above.
According to an aspect of the disclosure, a computer-readable medium is proposed, on which a computer program is stored, which program, when being executed by a processor, carries out the method as above.
According to the configuration method, the device, the system, the electronic equipment and the computer readable medium of the VPN branch equipment, a first configuration file is generated according to configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; and sending the third configuration file to the equipment end for configuration, so that the VPN branch equipment can configure own unique centralized control unsupported configuration, and after the centralized control finishes issuing the unified configuration, the original configuration of the equipment end cannot be cleared, thereby realizing the refined and controllable management of the configuration.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings. The drawings described below are merely some embodiments of the present disclosure, and other drawings may be derived from those drawings by those of ordinary skill in the art without inventive effort.
Fig. 1 is a system block diagram illustrating a configuration system for a VPN branch device in accordance with an exemplary embodiment.
Fig. 2 is a flow chart illustrating a method of configuration of a VPN branch device in accordance with an exemplary embodiment.
Fig. 3 is a flowchart illustrating a method of configuring a VPN branch device according to another exemplary embodiment.
Fig. 4 is a flowchart illustrating a method of configuring a VPN branch device according to another exemplary embodiment.
Fig. 5 is a block diagram illustrating a configuration apparatus of a VPN branch device in accordance with an exemplary embodiment.
Fig. 6 is a block diagram illustrating a configuration apparatus of a VPN branch device according to another exemplary embodiment.
FIG. 7 is a block diagram illustrating an electronic device in accordance with an example embodiment.
FIG. 8 is a block diagram illustrating a computer-readable medium in accordance with an example embodiment.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals denote the same or similar parts in the drawings, and thus, a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, systems, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the disclosure.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various components, these components should not be limited by these terms. These terms are used to distinguish one element from another. Thus, a first component discussed below may be termed a second component without departing from the teachings of the disclosed concept. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
It is to be understood by those skilled in the art that the drawings are merely schematic representations of exemplary embodiments, and that the blocks or processes shown in the drawings are not necessarily required to practice the present disclosure and are, therefore, not intended to limit the scope of the present disclosure.
The technical abbreviations involved in this disclosure are explained as follows:
LinkedHashMap: the hash table and linked list implementation of the Map interface has a predictable iteration order. This implementation differs from the HashMap in that the latter maintains a doubly linked list that runs on all entries. This linked list defines the iteration order, which is typically the order in which the K keys are inserted into the map (the insertion order). It is worth mentioning that if the K-key is reinserted in the mapping, the insertion order is not affected. If m.contentinskey (k) returns true before calling m.put (k, v), key k will be reinserted into map m upon the call.
List in programming language, List is a class in the standard class library, and can be simply regarded as a doubly linked List, managing the collection of objects in a linear array.
Centralized control: and the integrated service platform integrates management, monitoring and service configuration and is used for managing the VPN branch equipment.
Configuration rollback: and comparing the device command view by taking the configuration file issued by the centralized control as a reference, and executing command line writing configuration.
View: modules, and commands.
The sub-command: configuration commands belonging to the current view.
Fig. 1 is a system block diagram illustrating a configuration system for a VPN branch device in accordance with an exemplary embodiment.
As shown in fig. 1, the system architecture 10 may include end devices 101, 102, 103, a network 104 and a centralized control device 105 as VPN branch devices. The network 104 is used to provide a medium for communication links between the terminal devices 101, 102, 103 and the centralized control device 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the central control device 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have various communication client applications installed thereon, such as a shopping application, a web browser application, a search application, an instant messaging tool, a mailbox client, social platform software, and the like.
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The centralized control device 105 may be a server that provides various services, such as a backend server that manages configuration information of the terminal devices 101, 102, 103. The background server can process the received configuration information and send the configuration file to the terminal equipment.
The centralized control device 105 may generate a first configuration file, for example, according to the configuration information; the centralized control device 105 may, for example, obtain a second configuration file from the device side; the centralized control device 105 may, for example, parse the first configuration file and the second configuration file; the centralized control device 105 may, for example, configure and combine the parsed first configuration file and the second configuration file to generate a third configuration file; the centralized control device 105 may, for example, send the third configuration file to the device side for configuration.
The terminal devices 101, 102, 103 may for example send configuration requests to the centralized control end; the terminal device 101, 102, 103 may send a second configuration file to the centralized control end, for example, based on the configuration request; the terminal devices 101, 102, 103 may, for example, obtain a third configuration file from the centralized control end; the terminal device 101, 102, 103 may for example perform a device configuration based on said third configuration file.
The central control device 105 may be an entity server, or may be composed of a plurality of servers, for example, it should be noted that the configuration method of the VPN branch device provided in the embodiment of the present disclosure may be executed by the central control device 105 and the terminal devices 101, 102, and 103 together, and accordingly, the configuration apparatus of the VPN branch device may be disposed in the central control device 105 and the terminal devices 101, 102, and 103.
Fig. 2 is a flow chart illustrating a method of configuration of a VPN branch device in accordance with an exemplary embodiment. The configuration method 20 of the VPN branch device may be applied to a centralized control end, and at least includes steps S202 to S210.
As shown in fig. 2, in S202, a first configuration file is generated according to the configuration information. May, for example, obtain a configuration request from the device side; generating the first configuration file based on the configuration request and the configuration information. The configuration information may be unified functional configuration data from administrator settings, may include configuration parameters, and the like.
In S204, a second configuration file from the device side is acquired. Whether the device side starts a configuration merging function can be determined based on a configuration file interface; and when the equipment end starts the configuration merging function, acquiring the second configuration file.
In S206, the first configuration file and the second configuration file are parsed. The view set of the first configuration file and the view set of the second configuration file may be parsed.
In S208, the parsed first configuration file and the second configuration file are configured and merged to generate a third configuration file. The method comprises the following steps: the analyzed first configuration file and the second configuration file are sequentially stored in an abstract interface document mapped by a preset Key-Value pair; and traversing Key-Value to perform data merging on each line of the mapped abstract interface document one by one to generate the third configuration file.
In one embodiment, the step of sequentially storing the parsed first configuration file and the second configuration file in an abstract interface document mapped by a preset Key-Value pair includes: when the view commands in the first configuration file and/or the second configuration file are read, storing key values in a set, and creating a null set value; and when the sub-commands in the first configuration file and/or the second configuration file are read, storing the value values corresponding to the current key values.
In one embodiment, traversing Key-Value for each row of the mapped abstract interface document, performing data merging one by one to generate the third configuration file, includes: traversing Key-Value to delete conflict configuration one by one for each line of the mapped abstract interface document; generating a merged configuration set; generating the third configuration file based on the merged configuration set.
In a specific embodiment, an inmnodemap (linkedhashmap) for storing a centralized control end command set, a devnododemap (linkedhashmap) for storing a device end set, and a set mergemap (linkedhashmap) for merging configuration are generated in advance.
Firstly, traversing equipment configuration deletes configuration conflicting with centralized control:
and circularly traversing the device side set devnodemap, taking out the current key value devkey, comparing whether the devkey exists in the inm _ config _ list set or not, and deleting the record if the devkey exists. And after the circulation is finished, only the unique configuration of the equipment end is left in the devnodemap.
Then, generating a merged set mergemap:
traversing the processed devnodemap, and recording a key value devkey and a value devvalue. And circularly traversing dev _ config _ list until devkey is found, and generating a new set keylists. Traversing the centralized control end inmnodemap, recording a key value inmkey, and if the inmkey value is equal to the recorded median value of keyists, generating a new key value inmkey # devkey and storing the new key value inmkey # devkey in the mergemap.
And finally, generating a final file after configuration merging:
traversing the centralized control end configuration file inmnodemap, recording a key value inmkey and a value inmvalue, writing into the file, namely, the view command is inmkey, and circularly traversing the inmvalue values by sub-commands, and sequentially writing. And simultaneously comparing the divided key values inmkey and devkey in the mergemap, and if the inmkey in the mergemap is equal to the current inmkey, continuously writing the record in the mergemap into the file at the same time. The writing method is the same as before.
In S210, the third configuration file is sent to the device side for configuration.
According to the configuration method of the VPN branch device, a first configuration file is generated according to configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; and sending the third configuration file to the equipment end for configuration, so that the VPN branch equipment can configure own unique centralized control unsupported configuration, and after the centralized control finishes issuing the unified configuration, the original configuration of the equipment end cannot be cleared, thereby realizing the refined and controllable management of the configuration.
It should be clearly understood that this disclosure describes how to make and use particular examples, but the principles of this disclosure are not limited to any details of these examples. Rather, these principles can be applied to many other embodiments based on the teachings of the present disclosure.
Fig. 3 is a flowchart illustrating a method of configuring a VPN branch device according to another exemplary embodiment. The VPN branch device configuration method 30 may be applied to the device side, and at least includes steps S302 to S308.
As shown in fig. 3, in S302, a configuration request is sent to the central control end.
In S304, a second configuration file is sent to the centralized control end based on the configuration request. The second configuration file may be generated, for example, based on current configuration information. The current configuration information may include special configuration information that is not supported by the centralized control end.
In S306, a third configuration file from the centralized control end is obtained.
In S308, device configuration is performed based on the third configuration file. More specifically, a configuration rollback may be performed to update a device configuration based on the third configuration file.
Fig. 4 is a flowchart illustrating a method of configuring a VPN branch device according to another exemplary embodiment. The process 40 shown in fig. 4 may be used in a configuration system for a VPN branch device. When the centralized control carries out configuration issuing, a configuration file of a centralized control end is generated, meanwhile, a configuration file of an equipment end is obtained, and a new configuration issuing file is generated by using a merging function.
When the project is started, two view sets may be instantiated, a centralized end view set (inm _ config _ list) and a device end view set (dev _ config _ list), with the centralized end view command being included in the device end view commands.
In one embodiment, the centralized control end can start a timed issuing task to generate a centralized control end configuration file inmfile, the device end obtains a centralized control timed task identifier, if the centralized control end starts a configuration merging function, a configuration file devfile of the device is generated and transmitted to the centralized control through http, and the configuration file devfile is respectively stored in a specific file position of the centralized control.
As shown in fig. 4, in S401, the device generates a second configuration file.
In S402, a device configuration request is sent.
In S403, the centralized control end generates a first configuration file based on the configuration request.
In S404, it is queried whether the device side starts the configuration merge function.
In S405, an acknowledgement on is returned. The device side calls an interface of the centralized control for obtaining the configuration file, and the centralized control server judges whether the configuration file of the device side exists or not and whether the configuration merging function is started or not. If the function is started, two configuration files, namely a centralized control end configuration file inmfile and an equipment end configuration file devfile, are obtained.
In S406, the centralized control end generates a third configuration file based on the first configuration file and the second configuration file. In order to implement configuration merging, the centralized control end may generate a map file in advance, an inmnodemap (linkedhashmap) for storing the command set of the centralized control end, a devnododemap (linkedhashmap) for storing the device end set, and a set mergemap (linkedhashmap) of the merged configuration.
The centralized control end analyzes the two configuration files and stores the two configuration files in the corresponding maps in sequence, more specifically, the files can be read according to lines, if a view command, namely a file has no space before the line is recorded, the key values are stored in the sets, a corresponding empty set value is newly established, the current key value is recorded and traversed again, if a sub-command, namely a file has a space before the command, the value corresponding to the current key value is searched and stored, and the files are read in a circulating mode in sequence.
In S407, the third configuration file is transmitted to the device side.
In S408, the device performs configuration update. And issuing the newly generated configuration file to the equipment, wherein the configuration file comprises centralized control configuration and unique configuration of the equipment end, and the equipment executes configuration rollback to generate centralized control configuration and restore the original configuration.
In a specific application embodiment, the stored configuration file may be as follows:
inm_config_list:{1,5,7};
Dev_config_list:{1,2,3,4,5,6,7,8,9};
Inmnodemap:{1,value},{5,value};
Devnodemap:{1,value}{2,value}{6,value};
after treatment Devnodemap: {2, value } {6, value };
Mergemap:{1#2,value}{5#6,value};
final configuration file: {1, value }, {2, value }, {5, value }, {6, value }.
According to the configuration method of the VPN branch equipment, the equipment can configure the configuration which is not supported by own specific centralized control, and after the centralized control finishes issuing the unified configuration, the original configuration of the equipment end cannot be cleared, so that the configuration is refined and controllable.
Those skilled in the art will appreciate that all or part of the steps implementing the above embodiments are implemented as computer programs executed by a CPU. When executed by the CPU, performs the functions defined by the above-described methods provided by the present disclosure. The program may be stored in a computer readable storage medium, which may be a read-only memory, a magnetic or optical disk, or the like.
Furthermore, it should be noted that the above-mentioned figures are only schematic illustrations of the processes involved in the methods according to exemplary embodiments of the present disclosure, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
The following are embodiments of the disclosed apparatus that may be used to perform embodiments of the disclosed methods. For details not disclosed in the embodiments of the apparatus of the present disclosure, refer to the embodiments of the method of the present disclosure.
Fig. 5 is a block diagram illustrating a configuration apparatus of a VPN branch device in accordance with an exemplary embodiment. As shown in fig. 5, the configuration apparatus 50 of the VPN branch device may be used in a centralized control end, and includes: a first configuration module 502, a second configuration module 504, a parsing module 506, a configuration merging module 508, and a sending module 510.
The first configuration module 502 is configured to generate a first configuration file according to the configuration information;
the second configuration module 504 is configured to obtain a second configuration file from the device side;
the parsing module 506 is configured to parse the first configuration file and the second configuration file;
the configuration merging module 508 is configured to merge the parsed first configuration file and the parsed second configuration file to generate a third configuration file;
the sending module 510 is configured to send the third configuration file to the device side for configuration.
Fig. 6 is a block diagram illustrating a configuration apparatus of a VPN branch device according to another exemplary embodiment. As shown in fig. 6, the configuration apparatus 60 of the VPN branch device may be used at the device side, and includes: a request module 602, a file module 604, an acquisition module 606, and a configuration module 608.
The request module 602 is configured to send a configuration request to the centralized control end;
the file module 604 is configured to send a second configuration file to the centralized control end based on the configuration request;
the obtaining module 606 is configured to obtain a third configuration file from the centralized control end;
the configuration module 608 is configured to configure the device based on the third configuration file.
According to the configuration device of the VPN branch equipment, a first configuration file is generated according to configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; and sending the third configuration file to the equipment end for configuration, so that the VPN branch equipment can configure own unique centralized control unsupported configuration, and after the centralized control finishes issuing the unified configuration, the original configuration of the equipment end cannot be cleared, thereby realizing the refined and controllable management of the configuration.
FIG. 7 is a block diagram illustrating an electronic device in accordance with an example embodiment.
An electronic device 700 according to this embodiment of the disclosure is described below with reference to fig. 7. The electronic device 700 shown in fig. 7 is only an example and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 7, electronic device 700 is embodied in the form of a general purpose computing device. The components of the electronic device 700 may include, but are not limited to: at least one processing unit 710, at least one memory unit 720, a bus 730 that connects the various system components (including the memory unit 720 and the processing unit 710), a display unit 740, and the like.
Wherein the storage unit stores program code that can be executed by the processing unit 710 to cause the processing unit 710 to perform the steps according to various exemplary embodiments of the present disclosure described in this specification. For example, the processing unit 710 may perform the steps as shown in fig. 2, 3, 4.
The memory unit 720 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)7201 and/or a cache memory unit 7202, and may further include a read only memory unit (ROM) 7203.
The memory unit 720 may also include a program/utility 7204 having a set (at least one) of program modules 7205, such program modules 7205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The electronic device 700 may also communicate with one or more external devices 700' (e.g., keyboard, pointing device, bluetooth device, etc.), such that a user can communicate with devices with which the electronic device 700 interacts, and/or any devices (e.g., router, modem, etc.) with which the electronic device 700 can communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 750. Also, the electronic device 700 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet) via the network adapter 760. The network adapter 760 may communicate with other modules of the electronic device 700 via the bus 730. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 700, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, as shown in fig. 8, the technical solution according to the embodiment of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, or a network device, etc.) to execute the above method according to the embodiment of the present disclosure.
The software product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The computer readable medium carries one or more programs which, when executed by a device, cause the computer readable medium to perform the functions of: generating a first configuration file according to the configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; and sending the third configuration file to the equipment terminal for configuration. The computer readable medium may also implement the following functions: sending the configuration request to a centralized control end; sending a second configuration file to the centralized control end based on the configuration request; acquiring a third configuration file from the centralized control end; and configuring the equipment based on the third configuration file.
Those skilled in the art will appreciate that the modules described above may be distributed in the apparatus according to the description of the embodiments, or may be modified accordingly in one or more apparatuses unique from the embodiments. The modules of the above embodiments may be combined into one module, or further split into multiple sub-modules.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
Exemplary embodiments of the present disclosure are specifically illustrated and described above. It is to be understood that the present disclosure is not limited to the precise arrangements, instrumentalities, or instrumentalities described herein; on the contrary, the disclosure is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
Claims (13)
1. A configuration method of VPN branch equipment can be used for a centralized control end, and is characterized by comprising the following steps:
generating a first configuration file according to the configuration information;
acquiring a second configuration file from the equipment terminal;
analyzing the first configuration file and the second configuration file;
configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file;
and sending the third configuration file to the equipment terminal for configuration.
2. The method of claim 1, wherein generating the first configuration file from the configuration information comprises:
acquiring a configuration request from an equipment end;
generating the first configuration file based on the configuration request and the configuration information.
3. The method of claim 1, wherein obtaining the second configuration file from the device side comprises:
determining whether the equipment side starts a configuration merging function or not based on a configuration file interface;
and when the equipment end starts the configuration merging function, acquiring the second configuration file.
4. The method of claim 1, wherein parsing the first configuration file and the second configuration file comprises:
and analyzing the view set of the first configuration file and the view set of the second configuration file.
5. The method of claim 1, wherein configuring and merging the parsed first configuration file and the second configuration file to generate a third configuration file comprises:
the analyzed first configuration file and the second configuration file are sequentially stored in an abstract interface document mapped by a preset Key-Value pair;
and traversing Key-Value to perform data merging on each line of the mapped abstract interface document one by one to generate the third configuration file.
6. The method of claim 5, wherein storing the parsed first configuration file and the second configuration file in an abstract interface document mapped by a preset Key-Value pair in order comprises:
when the view commands in the first configuration file and/or the second configuration file are read, storing key values in a set, and creating a null set value;
and when the sub-commands in the first configuration file and/or the second configuration file are read, storing the value values corresponding to the current key values.
7. The method of claim 5, wherein traversing Key-Value pairs for each row of the mapped abstract interface document, performing a data merge one by one to generate the third configuration file, comprises:
traversing Key-Value to delete conflict configuration one by one for each line of the mapped abstract interface document;
generating a merged configuration set;
generating the third configuration file based on the merged configuration set.
8. A configuration method of VPN branch equipment, which can be used at an equipment end, is characterized by comprising the following steps:
sending the configuration request to a centralized control end;
sending a second configuration file to the centralized control end based on the configuration request;
acquiring a third configuration file from the centralized control end;
and configuring the equipment based on the third configuration file.
9. The method of claim 8, further comprising:
generating the second configuration file based on current configuration information.
10. The method of claim 8, wherein configuring the device based on the third configuration file comprises:
performing a configuration rollback to update a device configuration based on the third configuration file.
11. A VPN branch device configuration apparatus, which can be used at a centralized control end, comprising:
the first configuration module is used for generating a first configuration file according to the configuration information;
the second configuration module is used for acquiring a second configuration file from the equipment terminal;
the analysis module is used for analyzing the first configuration file and the second configuration file;
the configuration merging module is used for configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file;
and the sending module is used for sending the third configuration file to the equipment terminal for configuration.
12. A VPN branch device configuration apparatus, which can be used at a device side, comprising:
the request module is used for sending the configuration request to the centralized control end;
the file module is used for sending a second configuration file to the centralized control end based on the configuration request;
the acquisition module is used for acquiring a third configuration file from the centralized control end;
and the configuration module is used for configuring the equipment based on the third configuration file.
13. A VPN branch device configuration system, comprising:
the centralized control end is used for generating a first configuration file according to the configuration information; acquiring a second configuration file from the equipment terminal; analyzing the first configuration file and the second configuration file; configuring and merging the analyzed first configuration file and the second configuration file to generate a third configuration file; sending the third configuration file to the equipment end for configuration;
the device end is used for sending the configuration request to the centralized control end; sending a second configuration file to the centralized control end based on the configuration request; acquiring a third configuration file from the centralized control end; and configuring the equipment based on the third configuration file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110977300.5A CN113722007B (en) | 2021-08-24 | 2021-08-24 | Configuration method, device and system of VPN branch equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110977300.5A CN113722007B (en) | 2021-08-24 | 2021-08-24 | Configuration method, device and system of VPN branch equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113722007A true CN113722007A (en) | 2021-11-30 |
| CN113722007B CN113722007B (en) | 2023-11-03 |
Family
ID=78677670
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110977300.5A Active CN113722007B (en) | 2021-08-24 | 2021-08-24 | Configuration method, device and system of VPN branch equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113722007B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116252305A (en) * | 2023-05-05 | 2023-06-13 | 苏州视通医疗科技有限公司 | Control system reconstruction method, control system, electronic equipment and storage medium |
Citations (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101442469A (en) * | 2007-11-22 | 2009-05-27 | 中国移动通信集团公司 | Method, system and apparatus for down distributing configuration data |
| CN107704283A (en) * | 2017-09-15 | 2018-02-16 | 深圳市诚壹科技有限公司 | A kind of method and apparatus for configuring Gitlab components in a distributed system |
| CN108156030A (en) * | 2017-12-21 | 2018-06-12 | 杭州迪普科技股份有限公司 | The method and device that a kind of configuration strategy synchronizes |
| CN108632074A (en) * | 2017-08-24 | 2018-10-09 | 新华三信息安全技术有限公司 | A kind of business configuration file delivery method and device |
| CN108880860A (en) * | 2018-05-24 | 2018-11-23 | 杭州迪普科技股份有限公司 | A kind of policy management method and device |
| CN108881521A (en) * | 2018-09-04 | 2018-11-23 | 深圳怡化电脑股份有限公司 | Network ID configuration method, device, electronic equipment and storage medium |
| CN109274532A (en) * | 2018-09-19 | 2019-01-25 | 杭州迪普科技股份有限公司 | Method, apparatus, system, collection control equipment and the readable storage medium storing program for executing of policy distribution |
| CN109309588A (en) * | 2018-10-15 | 2019-02-05 | 网易传媒科技(北京)有限公司 | Guarantee the method and apparatus of mobilism configuration data consistency |
| CN109308189A (en) * | 2018-09-27 | 2019-02-05 | 珠海市君天电子科技有限公司 | A kind of configuration file update method, device and electronic equipment |
| CN109714197A (en) * | 2018-12-12 | 2019-05-03 | 杭州迪普科技股份有限公司 | The method and apparatus of config set control strategy in centralized control |
| CN109739576A (en) * | 2018-12-29 | 2019-05-10 | 杭州迪普科技股份有限公司 | Configure general view command executing method, device, computer equipment and its storage medium |
| CN110011832A (en) * | 2019-03-04 | 2019-07-12 | 杭州迪普科技股份有限公司 | A kind of configuration distributing method and device of plan target |
| CN110708203A (en) * | 2019-10-25 | 2020-01-17 | 杭州迪普科技股份有限公司 | Fault tolerance method, device and equipment |
| CN111163173A (en) * | 2019-12-31 | 2020-05-15 | 迈普通信技术股份有限公司 | Cluster configuration method and device, server and readable storage medium |
| CN111343026A (en) * | 2020-03-09 | 2020-06-26 | 杭州迪普科技股份有限公司 | Electronic device and configuration importing method thereof |
| CN111400561A (en) * | 2020-03-17 | 2020-07-10 | 杭州迪普科技股份有限公司 | Electronic device and configuration method thereof |
| CN111694807A (en) * | 2020-06-15 | 2020-09-22 | 展讯通信(上海)有限公司 | Processing method, system, equipment and storage medium of nonvolatile storage file |
| CN111708836A (en) * | 2020-06-03 | 2020-09-25 | 北京天空卫士网络安全技术有限公司 | Cluster management method, device and cluster system |
| CN112052229A (en) * | 2020-08-31 | 2020-12-08 | 许继集团有限公司 | Graphic synchronization method and graphic synchronization system of auxiliary equipment centralized monitoring system |
| CN112597134A (en) * | 2020-12-29 | 2021-04-02 | 中国工商银行股份有限公司 | Configuration method and device of distributed configuration center, electronic equipment and medium |
| CN112787868A (en) * | 2021-01-29 | 2021-05-11 | 杭州迪普科技股份有限公司 | Information synchronization method and device |
| CN113179317A (en) * | 2021-04-27 | 2021-07-27 | 杭州迪普科技股份有限公司 | Test system and method for content rewriting device |
| CN114490889A (en) * | 2022-01-25 | 2022-05-13 | 成都鼎桥通信技术有限公司 | Configuration information processing method, device, equipment, medium and program product |
-
2021
- 2021-08-24 CN CN202110977300.5A patent/CN113722007B/en active Active
Patent Citations (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101442469A (en) * | 2007-11-22 | 2009-05-27 | 中国移动通信集团公司 | Method, system and apparatus for down distributing configuration data |
| CN108632074A (en) * | 2017-08-24 | 2018-10-09 | 新华三信息安全技术有限公司 | A kind of business configuration file delivery method and device |
| CN107704283A (en) * | 2017-09-15 | 2018-02-16 | 深圳市诚壹科技有限公司 | A kind of method and apparatus for configuring Gitlab components in a distributed system |
| CN108156030A (en) * | 2017-12-21 | 2018-06-12 | 杭州迪普科技股份有限公司 | The method and device that a kind of configuration strategy synchronizes |
| CN108880860A (en) * | 2018-05-24 | 2018-11-23 | 杭州迪普科技股份有限公司 | A kind of policy management method and device |
| CN108881521A (en) * | 2018-09-04 | 2018-11-23 | 深圳怡化电脑股份有限公司 | Network ID configuration method, device, electronic equipment and storage medium |
| CN109274532A (en) * | 2018-09-19 | 2019-01-25 | 杭州迪普科技股份有限公司 | Method, apparatus, system, collection control equipment and the readable storage medium storing program for executing of policy distribution |
| CN109308189A (en) * | 2018-09-27 | 2019-02-05 | 珠海市君天电子科技有限公司 | A kind of configuration file update method, device and electronic equipment |
| CN109309588A (en) * | 2018-10-15 | 2019-02-05 | 网易传媒科技(北京)有限公司 | Guarantee the method and apparatus of mobilism configuration data consistency |
| CN109714197A (en) * | 2018-12-12 | 2019-05-03 | 杭州迪普科技股份有限公司 | The method and apparatus of config set control strategy in centralized control |
| CN109739576A (en) * | 2018-12-29 | 2019-05-10 | 杭州迪普科技股份有限公司 | Configure general view command executing method, device, computer equipment and its storage medium |
| CN110011832A (en) * | 2019-03-04 | 2019-07-12 | 杭州迪普科技股份有限公司 | A kind of configuration distributing method and device of plan target |
| CN110708203A (en) * | 2019-10-25 | 2020-01-17 | 杭州迪普科技股份有限公司 | Fault tolerance method, device and equipment |
| CN111163173A (en) * | 2019-12-31 | 2020-05-15 | 迈普通信技术股份有限公司 | Cluster configuration method and device, server and readable storage medium |
| CN111343026A (en) * | 2020-03-09 | 2020-06-26 | 杭州迪普科技股份有限公司 | Electronic device and configuration importing method thereof |
| CN111400561A (en) * | 2020-03-17 | 2020-07-10 | 杭州迪普科技股份有限公司 | Electronic device and configuration method thereof |
| CN111708836A (en) * | 2020-06-03 | 2020-09-25 | 北京天空卫士网络安全技术有限公司 | Cluster management method, device and cluster system |
| CN111694807A (en) * | 2020-06-15 | 2020-09-22 | 展讯通信(上海)有限公司 | Processing method, system, equipment and storage medium of nonvolatile storage file |
| CN112052229A (en) * | 2020-08-31 | 2020-12-08 | 许继集团有限公司 | Graphic synchronization method and graphic synchronization system of auxiliary equipment centralized monitoring system |
| CN112597134A (en) * | 2020-12-29 | 2021-04-02 | 中国工商银行股份有限公司 | Configuration method and device of distributed configuration center, electronic equipment and medium |
| CN112787868A (en) * | 2021-01-29 | 2021-05-11 | 杭州迪普科技股份有限公司 | Information synchronization method and device |
| CN113179317A (en) * | 2021-04-27 | 2021-07-27 | 杭州迪普科技股份有限公司 | Test system and method for content rewriting device |
| CN114490889A (en) * | 2022-01-25 | 2022-05-13 | 成都鼎桥通信技术有限公司 | Configuration information processing method, device, equipment, medium and program product |
Non-Patent Citations (2)
| Title |
|---|
| MEILIN GAO; BO AI; YONG NIU: "Service management in secure and QoS-aware wireless enterprise networks", 《CHINA COMMUNICATIONS》, vol. 14, no. 12, pages 87 * |
| 吴家林: "面向光接入网的软定义动态资源管理与控制技术研究", 《中国优秀硕士学位论文全文数据库 (信息科技辑)》, no. 8, pages 136 - 173 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116252305A (en) * | 2023-05-05 | 2023-06-13 | 苏州视通医疗科技有限公司 | Control system reconstruction method, control system, electronic equipment and storage medium |
| CN116252305B (en) * | 2023-05-05 | 2024-02-20 | 苏州视通医疗科技有限公司 | Control system reconstruction method, control system, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113722007B (en) | 2023-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109086409B (en) | Microservice data processing method and device, electronic equipment and computer readable medium | |
| CN109492053B (en) | Method and device for accessing data | |
| CN109522751B (en) | Access right control method and device, electronic equipment and computer readable medium | |
| CN111190888A (en) | Method and device for managing graph database cluster | |
| CN111126948A (en) | Processing method and device for approval process | |
| CN113760722A (en) | Test system and test method | |
| CN105094857B (en) | Method and system for application load | |
| CN116244387A (en) | Entity relationship construction method, device, electronic equipment and storage medium | |
| CN113722007B (en) | Configuration method, device and system of VPN branch equipment | |
| CN110674426B (en) | Webpage behavior reporting method and device | |
| CN115344688B (en) | Business data display method and device, electronic equipment and computer readable medium | |
| US11675683B2 (en) | Method, electronic device, and computer program product for monitoring storage system | |
| CN115543428A (en) | Simulated data generation method and device based on strategy template | |
| CN112711572B (en) | Online capacity expansion method and device suitable for database and table division | |
| CN110309121B (en) | Log processing method and device, computer readable medium and electronic equipment | |
| CN113448960A (en) | Method and device for importing form file | |
| US20220253467A1 (en) | Method, device and program product for generating configuration information of storage system | |
| US9378225B2 (en) | Core service build / deployment for hierarchical database | |
| CN113362097B (en) | User determination method and device | |
| CN112600918B (en) | Industrial control edge big data efficient processing method and system based on BS architecture | |
| CN111460273B (en) | Information pushing method and device | |
| US10839026B2 (en) | Knowledge management by connecting users | |
| CN117609165A (en) | Data processing method, device, electronic equipment and computer readable medium | |
| CN113420037A (en) | Real-time asset data changing method and device | |
| CN115576935A (en) | Storage cleaning method and device for Hadoop, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |