CN114726774B - Method and device for realizing service chain of cloud platform and cloud platform-based system - Google Patents

Method and device for realizing service chain of cloud platform and cloud platform-based system Download PDF

Info

Publication number
CN114726774B
CN114726774B CN202210367519.8A CN202210367519A CN114726774B CN 114726774 B CN114726774 B CN 114726774B CN 202210367519 A CN202210367519 A CN 202210367519A CN 114726774 B CN114726774 B CN 114726774B
Authority
CN
China
Prior art keywords
data center
network
service chain
service
cloud platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210367519.8A
Other languages
Chinese (zh)
Other versions
CN114726774A (en
Inventor
张胜
胡进
廖桥生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anchao Cloud Software Co Ltd
Original Assignee
Anchao Cloud Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anchao Cloud Software Co Ltd filed Critical Anchao Cloud Software Co Ltd
Priority to CN202210367519.8A priority Critical patent/CN114726774B/en
Publication of CN114726774A publication Critical patent/CN114726774A/en
Application granted granted Critical
Publication of CN114726774B publication Critical patent/CN114726774B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/58Association of routers
    • H04L45/586Association of routers of virtual routers

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a method for realizing a service chain of a cloud platform, wherein the cloud platform comprises a first data center and a second data center, interaction is realized between the first data center and the second data center through the service chain, and the method comprises the following steps: receiving a user instruction, creating a source network and a destination network according to the user instruction, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network; inquiring a network port of the acquisition service chain; transmitting the data packet to be transmitted from the first data center to a network port of a service chain through a source network; transmitting the received data packet to be transmitted from the network of the service chain to a second data center through a destination network, and generating response information by the second data center; the network of the service chain receives the response information and sends the response information to the first data center. The method and the device can reduce the creation of the network interface and improve the convenience and maintainability of the operation and maintenance of the cloud platform.

Description

Method and device for realizing service chain of cloud platform and cloud platform-based system
Technical Field
The present disclosure relates to the field of cloud computing, and in particular, to a method and an apparatus for implementing a service chain of a cloud platform, and a system based on the cloud platform.
Background
With the application of virtualization technology, there are more and more virtual machines in IT (Information Technology) environments, and the resulting cloud computing/cloud services can perform unified and efficient management on virtual machines in IT environments, which can provide available, convenient, on-demand network access, and enter a configurable computing resource sharing pool. OpenStack is used as a cloud service platform at present, and large enterprises and individuals actively participate in open source projects at present. Specifically, openStack is not only a community, but also an item and an open source software, which can provide open source software to establish public and private clouds; but also it can provide an operating platform or set of tools that deploy the cloud. Currently, when deploying an OpenStack cloud computing environment of a large-scale data center, an enterprise generally uses a software defined network (Software Defined Network, SDN) architecture as a network component of a cloud computing platform, virtualizes and effectively manages various network functions through the SDN, improves network quality of the whole cloud environment, provides rich functions, and is more flexible and powerful than a cloud environment of a traditional non-SDN network.
The service chain can provide flexible network service for users in cloud computing, virtual network function (Virtual Network Feature, VNF) virtual machines are defined as nodes in the middle of the service chain, the associated networks are connected in series or in parallel, and flow matching rules are defined on paths, so that the network function with high degree of freedom can be realized, and the requirements of different users are met. Currently, each cloud manufacturer defines a plurality of interfaces in a VNF virtual machine as an access port of a service chain, and uses a traffic direction technology to connect different virtual networks, so as to provide specific services for users. For example, chinese patent application CN201610998563.3 discloses a service chain policy implementation method and a service chain policy implementation system, which adopts the following scheme: firstly, generating a service chain instruction according to a new security policy issued by a security application, a subject and an object corresponding to the new security policy and security equipment corresponding to the new security policy, so that traffic of the object corresponding to the new security policy reaches a destination address after being processed by the security equipment; and then, detecting the strategy consistency according to the service chain instruction and issuing the corresponding flow entry to the target switch. As another example, chinese patent application CN201910911308.4 discloses an inter-network service chain, wherein a centralized controller builds a service chain across multiple networks between a Bare Machine Server (BMS) and a virtual executive or remote BMS, the controller builds a service chain between the BMS and the virtual executive or remote BMS using an ethernet virtual private network-virtual extensible local area network and an IP VPN such as BGP/multiprotocol label switching (BGP/MPLS) internet protocol virtual private network.
However, the service chain in existing cloud computing platforms mostly has the following problems: on one hand, the service chain usually needs two network interfaces, one is used as a data packet source to connect with a source virtual network, the other is connected with a destination virtual network, the original network is influenced, the original network resources are occupied, and the cloud platform resource management is complex; on the other hand, in the case of cascading service chains, multiple pairs of interfaces need to be created in a source service network and a destination service network, and routing configuration is complex, so that performance problems are caused in large-scale deployment. In the above cases, when a problem occurs in the data center, the fault recovery state is difficult to inquire, and professional commands need to be executed to inquire and configure to find the problem, so that the operation and maintenance are difficult to increase. Based on this, there is a need for improvements to existing cloud platform based service chaining schemes.
Disclosure of Invention
The purpose of the application is to realize and propose a service chain scheme based on a cloud platform, which can realize fault recovery, so as to improve the convenience and maintainability of a cloud platform system.
The purpose of the application is realized by adopting the following technical scheme:
in a first aspect, a method for implementing a service chain of a cloud platform is provided, the cloud platform includes a first data center and a second data center, interaction is implemented between the first data center and the second data center through the service chain, and the method includes: receiving a user instruction, creating a source network and a destination network according to the user instruction, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network; inquiring and acquiring a network port of a service chain, wherein the service chain is a single-arm service chain; transmitting the data packet to be transmitted from the first data center to a network port of a service chain through a source network; transmitting the received data packet to be transmitted from the network of the service chain to a second data center through a destination network, and generating response information by the second data center; and the network of the service chain receives the response information and sends the response information to the first data center.
In some alternative embodiments, the network IP address of the service chain is different from the source network IP address and the destination network IP address, the service chain includes a first functional service chain and a second functional service chain, and the first functional service chain and the second functional service chain are arranged in series.
In some alternative embodiments, the first functional service chain or the second functional service chain is a service chain based on network function virtualization.
In some alternative embodiments, the first data center or the second data center includes a computing node capable of executing a vruter agent process and a management control node capable of executing a concr ol route manager.
In some alternative embodiments, the vruter agent process includes: creating BGP protocol threads: in response to the local port change, notifying a control route management program of BGP protocol; waiting for the control route manager to return updated BGP routes to perform destination lookup of the data packets.
In some alternative embodiments, the vRouter agent process further includes creating a management service thread or creating a vRouter kernel thread.
In some alternative embodiments, the control routing manager includes a accept user instruction flow: receiving a user instruction, and sending the user instruction to a vRouter agent management unit of a computing node of the first data center or the second data center; waiting for the vRouter agent management unit to execute the corresponding function and receiving an execution result; and returning an execution result and sending the execution result to the user.
In a second aspect, a device for implementing a service chain of a cloud platform is provided, where the cloud platform includes a first data center and a second data center, and interaction is implemented between the first data center and the second data center through the service chain, and the device includes: the command receiving module is used for receiving a command of a user, creating a source network and a destination network according to the command of the user, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network; the query module is used for querying and acquiring a network port of a service chain, wherein the service chain is a single-arm service chain; the data packet sending module is used for sending the data packet to be sent from the first data center to a network port of a service chain through a source network; and the response module is used for transmitting the received data packet to be transmitted from the network of the service chain to the second data center through the destination network, the second data center generates response information, the response information can be received by the network of the service chain, and the network of the service chain can transmit the response information to the first data center.
In a third aspect, a cloud platform-based system is provided, where the cloud platform includes a first data center and a second data center, and interaction is implemented between the first data center and the second data center through a service chain, and the system includes: the source network is used for being accessed by the first data center; the destination network is used for being accessed by the second data center; the service chain is used for realizing interaction between the first data center and the second data center, and the service chain is used for transmitting the data packet to be transmitted from the first data center to a network port of the service chain through a source network; the data processing system is used for sending the received data packet to be sent to a second data center through a destination network, and the second data center can generate response information; the method is used for receiving the response information and sending the response information to the first data center.
In some alternative embodiments, the network IP address of the service chain is different from the source network IP address and the destination network IP address.
In some alternative embodiments, the service chain includes a first functional service chain and a second functional service chain, the first functional service chain, the second functional service chain being NFV-based service chains, and the first functional service chain and the second functional service chain being arranged in series.
In some optional embodiments, the first data center or the second data center includes a vruter agent process module, where the vruter agent process module includes at least one of a management unit, a function unit, and a port db unit; the management unit is used for controlling the communication of a control management program on a computing node of the first data center or the second data center and responding to the instruction of a user; the functional unit comprises a preset function of a computing node of the first data center or the second data center; the port db unit is used for recording the port type of the virtual machine on the current vRouter node of the first data center or the second data center and the service chain rule of port binding.
In some optional embodiments, the first data center or the second data center further includes a control route manager module, where the control route manager module includes at least one of a user interface unit, a agent communication unit, a route calculation unit, and a BGP db unit; the user interface unit is used for receiving the instruction of the user, creating resources according to the instruction of the user and/or generating an operation and maintenance instruction; the agent communication unit is used for issuing the instruction of the user to the vRouter agent process module; the route calculation unit is used for carrying out route calculation according to the state reported by the vRouter agent of the current vRouter node; the BGP db unit is used for storing the route calculation result and recording the BGP route information calculated by the current control route management program.
In a fourth aspect, an electronic device is provided, where the electronic device includes a memory, a processor, and a hardware module for executing tasks, the memory storing a computer program, and the processor executing the computer program implements: receiving a user instruction, creating a source network and a destination network according to the user instruction, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network; inquiring and acquiring a network port of a service chain, wherein the service chain is a single-arm service chain; transmitting the data packet to be transmitted from the first data center to a network port of a service chain through a source network; transmitting the received data packet to be transmitted from the network of the service chain to a second data center through a destination network, and generating response information by the second data center; and the network of the service chain receives the response information and sends the response information to the first data center.
In a fifth aspect, a computer readable storage medium is presented, storing a computer program which, when executed by a processor, performs the steps of the method as before.
According to the embodiment of the invention, different data centers interact through the single-arm service chain, the single-arm service chain NFV does not need to be accessed into a network served by the service chain, compared with the existing service chain of a network structure with two ports, the creation of a network interface can be reduced, the occurrence of faults of the NFV is reduced, the influence on the existing virtual network can be reduced as much as possible, and the system is convenient to upgrade; the control route management program of the data center can provide interfaces for checking the cluster state and maintaining the cluster state of each vRouter agent node of the cloud environment for system operation and management personnel, and compared with the scheme that the fault problem can be found only by carrying out professional command query and configuration in the prior art, the method and the system can improve the convenience of operation and maintenance. Furthermore, compared with the double-arm service chain, the single-arm service chain can reduce generated BGP routing table items, reduce communication data of the BGP protocol, is suitable for large-scale service chain deployment, and can improve maintainability of a system.
Drawings
The present application is further described below with reference to the drawings and examples.
Fig. 1 is a schematic flow chart of a method for implementing a cloud platform service chain according to an embodiment of the present application;
FIG. 2 is a block diagram of a data center included in a cloud platform system according to an embodiment of the present application;
FIG. 3 is a block diagram of a control routing hypervisor module provided by an embodiment of the present application;
FIG. 4 is a flow chart of a control routing manager module according to an embodiment of the present application;
FIG. 5 is a flow chart of a vRouter agent update request performed by a control routing manager module according to an embodiment of the present application;
FIG. 6 is a block diagram of a vRouter agent process module according to one embodiment of the present application;
FIG. 7 is a schematic flow chart of a vRouter agent process according to an embodiment of the present application;
FIG. 8 is a schematic diagram of interaction between a first data center and a second data center through a service chain according to an embodiment of the present application;
FIG. 9 is a schematic diagram of interaction between a first data center and a second data center through a service chain according to another embodiment of the present application;
FIG. 10 is a block diagram of an apparatus for service chain implementation of a cloud platform according to an embodiment of the present application
Fig. 11 is a block diagram of an electronic device according to an embodiment of the present application;
FIG. 12 is a block diagram of a program product for implementing pipeline construction, provided by an embodiment of the present application.
The present teachings will be described in more detail below with reference to exemplary embodiments thereof as shown in the accompanying drawings. While the present teachings are described in connection with various embodiments and examples, the present teachings are not intended to be limited to these embodiments.
Detailed Description
The present teachings encompass various alternatives, modifications, and equivalents, as will be appreciated by those of skill in the art. Those of ordinary skill in the art having access to the teachings herein will recognize additional implementations, modifications, and embodiments, as well as other fields of use, which are within the scope of the present disclosure as described herein. Reference in the specification to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the teachings. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment. It should be understood that the various steps of the methods of the present teachings may be performed in any order and/or simultaneously so long as the teachings remain operable. Furthermore, it should be understood that the apparatus and methods of the present teachings may include any number or all of the described embodiments, so long as the teachings remain operable.
The technical scheme can realize interaction between the user and the equipment, wherein the equipment comprises but is not limited to user equipment, network equipment or equipment formed by integrating the user equipment and the network equipment through a network. User devices include, but are not limited to, any mobile electronic product that can interact with a user, such as through a touch pad, for example: the mobile electronic product can adopt any operating system, such as an Android operating system, an iOS operating system and the like. The network device includes an electronic device capable of automatically performing numerical calculation and information processing according to a preset or stored instruction, and its hardware includes, but is not limited to, a microprocessor, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), a programmable logic device (Programmable Logic Device, PLD), a field programmable gate array (Field Programmable Gate Array, FPGA), a digital signal processor (Digital Signal Processor, DSP), an embedded device, and the like. Network devices include, but are not limited to, computers, network hosts, single network servers, multiple network server sets, or clouds of multiple servers; here, the Cloud is composed of a large number of computers or network servers based on Cloud Computing (Cloud Computing), which is a kind of distributed Computing, a virtual supercomputer composed of a group of loosely coupled computer sets. Including but not limited to the internet, wide area networks, metropolitan area networks, local area networks, VPN networks, wireless Ad Hoc networks (Ad Hoc networks), and the like. Preferably, the device may also be a program running on the user device, the network device, or a device formed by integrating the user device with the network device, the touch terminal, or the network device with the touch terminal through a network.
As previously described, the service chain in existing cloud computing platforms has the following drawbacks: the existing service chain generally needs two network interfaces, one is used as a data packet source to connect with a source virtual network, the other is connected with a destination virtual network, the original network is influenced, the original network resources are occupied, and the cloud platform resource management is complicated; and when the service chain is in cascade connection, a plurality of pairs of interfaces are required to be created in the source service network and the destination service network, the routing configuration is complex, and the performance problem is also caused in large-scale deployment. In the two service chain structures, when a data center has a problem, the fault recovery state is difficult to inquire, and professional commands are required to be executed to inquire and configure the problem so as to increase the operation and maintenance difficulty. The application provides an improved service chain for a cloud platform, which can improve the convenience and maintainability of a cloud platform system.
The present application will be further described with reference to the drawings and detailed description, which should be understood that, on the premise of no conflict, the following embodiments or technical features may be arbitrarily combined to form new embodiments.
As shown in fig. 1, a method for implementing a cloud platform service chain according to an embodiment of the present application includes steps S101 to S105. Wherein the cloud platform can comprise one or more data centers, and interaction between different data centers can be realized through a service chain. In this embodiment, the cloud platform is exemplified as including a first data center and a second data center.
Step S101, receiving a user instruction, creating a source network and a destination network according to the user instruction, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network.
In this embodiment, the cloud platform is a cloud environment formed based on an Openstack architecture, and Tungsten fabric SDN is a component of a network management control unit in the cloud computing platform, and can provide basic network services for Openstack. The user's instructions may be a combination of one or more of view instructions, run instructions, maintenance instructions, management instructions, and the like.
Optionally, the vrRouter agent program running on the cloud computing node and the control route management program running on the management control node can implement fault recovery of the cloud platform. All the vRouter agent programs on the running computing nodes of the data center contained in the cloud platform interact with the control service connection of the management control node. In this embodiment, a first data center includes a compute node and a management control node, wherein: the computing node can execute a vruter agent process, and the management control node can execute a control route manager. Similarly, the second data center also includes a compute node and a management control node.
For example, a vruter agent process may include: creating a BGP protocol thread; in response to the local port change, the BGP protocol notification is made to the control route manager and waits for the control route manager to return an updated BGP route to perform the destination lookup of the packet. Illustratively, the BGP (Border Gateway Protocol) protocol is a routing protocol of one autonomous system operating on a transmission control protocol (Transmission Control Protocol, TCP), primarily for exchanging routing information between different autonomous systems (autonomous system, AS). BGP is the only protocol used to handle networks like the internet, and is the only protocol that can properly handle multiple connections between unrelated routing domains, and reliability and stability in a large-scale environment are well guaranteed. The state of the BGP finite state machine may be a combination of one or more of Idle, connect, active, openSent, openConfirm and published.
Optionally, the vruter agent process further includes creating a management service thread or creating a vruter kernel thread.
Illustratively, the control route management program includes a process of accepting user instructions, specifically: receiving a user instruction, and sending the user instruction to a vRouter agent management unit of a computing node of the first data center and/or the second data center; waiting for completion of the result execution to receive an execution result; and returning an execution result and sending the execution result to the user.
Step S102, inquiring and acquiring a network port of a service chain, wherein the service chain is a single-arm service chain.
The network, the source network and the destination network of the service chain have corresponding IP addresses, respectively. In this embodiment, the network IP address of the service chain is different from the source network IP address and the destination network IP address. In particular, the service chain may include a first functional service chain and a second functional service chain, and the first functional service chain and the second functional service chain are disposed in series. The first functional service chain or the second functional service chain is a network function virtualization (network function virtualization, NFV) based service chain.
Optionally, each vruter agent process can record the port state of the NFV virtual machine on the current computing node. If the port state of the NFV virtual machine changes, the control service of the management control node is notified when the port state of the NFV virtual machine fails, and meanwhile the control service of the control node is received and sent to the BGP route of the control node, so that the directional service is provided for the traffic on the current computing node.
Step S103, the data packet to be sent is sent from the first data center to the network port of the service chain through the source network.
In this embodiment, the network port of the service chain NFV does not need to access the source virtual network or the destination virtual network, and the own service chain independent network is used independently, and the data traffic is automatically imported to the network interface of the service chain NFV through the vruter agent and under the control of BGP routing.
Step S104, the received data packet to be sent is sent from the network of the service chain to the second data center through the destination network, and the second data center generates response information.
In step S105, the network of the service chain receives the response information and sends the response information to the first data center.
The control service running on the management control node can be responsible for receiving the virtual machine port information reported by each computing node vruter agent, calculating related BGP routes and distributing the BGP routes to other computing nodes, and meanwhile, can communicate with the vruter agent on each computing node, i.e., communicate with the computing node, query the current state, execute an instruction of an operation/maintenance manager, and return related results.
In the embodiment of the application, the single-arm service chain NFV does not need to be accessed into a network served by the service chain, compared with the existing service chain of a network structure with two ports, the creation of a network interface can be reduced, the occurrence of the fault of the NFV is reduced, the influence on the existing virtual network can be reduced as much as possible, and the system is convenient to upgrade; the control route management program of the data center can provide interfaces for checking the cluster state and maintaining the cluster state of each vRouter agent node of the cloud environment for system operation and management personnel, and compared with the scheme that the fault problem can be found only by carrying out professional command query and configuration in the prior art, the method and the system can improve the convenience of operation and maintenance. Furthermore, compared with the double-arm service chain, the single-arm service chain can reduce generated BGP routing table items, reduce communication data of the BGP protocol, is suitable for large-scale service chain deployment, and can improve maintainability of a system.
The cloud platform based system may include a plurality of data centers. Fig. 2 is a schematic diagram of a data center structure included in a system of a cloud platform according to an embodiment of the present application, where the data center may be a first data center or a second data center as described above. Of course, the first data center or the second data center has the same structural composition, and the first data center and the second data center can interact through a service chain. The client (C end in the figure) can realize data interaction with the data center of the cloud platform in a wired connection mode or a wireless connection mode. The administrator or user inputs the operation instruction, the maintenance instruction or the inquiry instruction through the client. In one embodiment, the administrator performs execution through a client login management program.
The data center of the system of the cloud platform comprises a computing node and a control node. The control node can be connected with the client and the computing node at the same time, and comprises a control route management program module which can execute a control route management program. The compute nodes may include a plurality of interconnected nodes. In this embodiment, the data center includes a computing node 1, a computing node 2, and a computing node 3, each of which includes a vRouter agent process module capable of running a vRouter agent program. Each computing node is provided with a control surface and a data surface, and the control surface is responsible for operation and maintenance, reporting states and receiving BGP routes; the data plane is responsible for network function virtualization (Network Functions Virtualization, NFV) packet forwarding. In this embodiment, the computing node 1, the computing node 2 and the computing node 3 are respectively and independently connected with the control node on the control plane, and data interaction can be realized between the data planes.
Fig. 3 is a control routing management module structure diagram of an embodiment of the present application, which includes a user interface unit 310, a agent communication unit 320, a route calculation unit 330, a first BGP db unit 340, a first BGP protocol unit 350, and so on. The user interface unit 310 is configured to receive an instruction of a user, create a resource according to the instruction of the user, and/or generate an operation and maintenance instruction. The agent communication unit 320 is configured to issue an instruction of a user to the vruter agent process module. The route calculation unit 330 is configured to perform route calculation according to a status reported by a vruter agent of a current vruter node. The first BGP db unit 340 is configured to store the route calculation result and record BGP route information calculated by the current control route manager. The first BGP protocol unit 305 contains message types, such as open, update, notification, keepalive or route-refresh, for BGP protocol portions.
In one embodiment, the user's instructions received by the user interface unit 310 may be create resources or may be operation and maintenance instructions. Illustratively, when a user creates a service chain rule, the following information needs to be provided:
key with a key Value of Description of the invention
Src Net1 Source network
Dst Net2 Destination network
Match Tcp/80 Matched packet type
To NFVport Port name of NFV
In one embodiment, the first BGP db unit 340 records BGP route information calculated by the current control route manager as follows:
key with a key Value of Description of the invention
Route_prefix 10.0.0.0/24 Destination network routing prefix
Proto 80/tcp Data packet protocol
Path Vrouter-agent2 Destination vruteagent name for transmission
Prio 1 Priority of routes
The control route management program can be divided into two parts, wherein one part is responsible for responding to a user instruction request, the other part is responsible for a vRouter agent update request, and the two parts can respectively and independently run. Wherein, the process responsible for responding to the user instruction request can comprise: accepting a user instruction flow: after the program is started, waiting for user instruction input; receiving a corresponding instruction and sending the corresponding instruction to a vRouter agent management unit of a corresponding node; waiting for the completion of the execution of the corresponding function by the vRouter agent management unit and receiving an execution result; and returning the execution result to the user. The control routing manager may only execute the request in response to the user instruction, or only execute the request in response to the vruter agent update, or both.
A flow chart of the control route management program module executing in response to a user instruction request is shown in fig. 4. Which includes steps S401-S403.
In step S401, the user 'S instruction is received through the user interface unit 310, and the user' S instruction is sent to the vruter agent process module of the computing node of the first data center. In this embodiment, the user's instructions can be parsed into instructions for management and operation, specifically:
instructions for Action
GetbgpNode1 Obtaining bgpdb table contents on Node1
GetportNode1 Acquiring port database content on Node1
Step S402, waiting for the vRouter agent process module to execute the corresponding function and receiving the execution result; wherein the corresponding function refers to a function corresponding to an instruction of a user.
Step S403, returning the execution result and sending the result to the user.
FIG. 5 is a flow chart of a vRouter agent update request performed by a control routing manager module, comprising:
step S501, monitoring a vRouter agent update request through the agent communication unit 320;
step S502, in response to monitoring the vRouter agent update request, calculating the BGP route through the route calculation unit 330, and updating the calculated BGP route to the first BGP db unit 340;
in step S503, the updated BGP route is returned to the vruter agent node through the BGP protocol in the first BGP protocol unit 350.
In one embodiment, the vruter agent (node) update request may include:
Firstly, reporting port data on a current node by a vRouter agent;
next, the route calculation unit 330 of the control route management program module calculates BGP routes according to the service chain rule of the port connection in the current environment and records the calculated BGP route results to the first BGP db unit 340; obtaining a vRouter agent node which each hop passes through and a port which has passed before according to the service chain rule and port data on the current node;
finally, all connected vrover agent nodes are synchronized by BGP protocol of the first BGP protocol unit 350, and the first BGP db unit 340 of the foregoing node is updated.
Fig. 6 is a diagram illustrating a vruter agent process module according to an embodiment of the present application, which includes a management unit 610, a function unit 620, a port db unit 630, and the like. The management unit 610 is used to control hypervisor communications on the computing nodes of the first data center or the second data center, and in response to instructions from a user. The function unit 620 includes a preset function of the computing node of the first data center or the second data center. The port db unit 630 is configured to record a port type of a virtual machine on a current vRouter node of the first data center or the second data center and a service chain rule of port binding. Further, the vrRouter agent process module may further include a second BGP db unit 640 and a second BGP protocol unit 650. Optionally, the second BGP db unit 640 may record BGP routing information on the current vruter node, and the BGP protocol included in the second BGP protocol unit 650 may be a standard library of a generic BGP communication protocol algorithm implemented in any programming language, which in this embodiment of the present application is not limited in type of BGP protocol.
In one embodiment, the management unit 610 is responsible for communicating with a control manager on the control node, invoking the function unit 620 to perform a preset function in response to an administrator/operation command, and returning the result after the preset function is self-running.
Illustratively, the inclusion of predefined node functions in functional unit 620 may include one or more of the following combinations:
1) Stopping or starting the current node vRouter service;
2) Configuring a current node vRouter service parameter;
3) The current vruter state is monitored and the ports in vruter are updated into port db unit 630.
4) The content in the second BGP db unit 640 is obtained currently BGP db.
5) Acquiring the content in the current port db unit 630;
6) Receiving BGP routes sent from the management unit 610, and updating the BGP routes to the second BGP db unit 640;
7) And receiving the data packet sent by the current node vRouter and carrying out path searching to the second BGP db unit 640.
In one embodiment, the port db unit 630 records the virtual machine port type on the current vruter node in real time, as well as the service chain rules for port binding. Exemplary port types are as follows:
port type Description of the invention
NFV Port for service chaining NFV
Compute Port for virtual machine in common virtual network
In one embodiment, the second BGP db unit 640 records BGP routing information on the current vruter node as follows:
key with a key Value of Description of the invention
Route_prefix 10.0.0.0/24 Destination network routing prefix
Proto 80/tcp Data packet protocol
Path Vrouter-agent2 Destination vruteagent name for transmission
Prio 1 Priority of routes
In one embodiment, when the vRouter agent process program of the vRouter agent process module is started, three threads, such as a management service thread, a vRouter kernel thread, and a BGP protocol thread, are created in parallel. The management service thread can respond to inquiry and/or management commands issued by a user, and the main purpose is to investigate and debug the problem; the vruter kernel thread is responsible for forwarding specific data bread, and notifies the local second BGP db unit 640 to update data when a data plane port changes or a new flow is generated; the BGP protocol thread is responsible for communicating with the BGP protocol portion of the control routing manager, responding to BGP messages, and updating data to BGP db units.
FIG. 7 is a schematic diagram of a vRouter agent process flow according to an embodiment of the present application, which mainly includes three parallel thread flows.
The corresponding management service thread flow comprises: step S711, creating a management service thread; step S712, waiting for the control node to issue a management command; in step S713, the relevant management function of the management unit 610 is called in response to the management command.
The flow corresponding to the vruter kernel thread includes: step S721, creating a vRouter kernel thread; step S722, waiting for the vruter kernel to notify the port and/or the data wrapper; step S723, requesting to update the local second BGP db unit 640 and transmitting data to the control route management node; in step S724, the data packet is sent to the destination according to the data packet query BGP db.
The flow corresponding to the BGP protocol thread includes: step S731, creating BGP protocol thread; step S732, waiting for control route management to send BGP protocol; in step S733, in response to the received BGP protocol and the update request of the second BGP db unit 640, BGP protocol contents of the second BGP db unit 640 are updated.
Optionally, the first data center accesses the source network, the second data center accesses the destination network, and interaction between the first data center and the second data center is realized through a service chain. The service chain firstly can transmit a data packet to be transmitted from a first data center to a network port of the service chain through a source network; then, the service chain sends the received data packet to be sent to a second data center through a destination network, and the second data center can generate response information; then, the service chain receives the response information; and finally, the service chain sends the response information to the first data center.
In one embodiment, a cloud platform is illustrated that includes a first data center and a second data center. As shown in fig. 8, in an embodiment of the present application, a schematic diagram of interaction between a first data center and a second data center through a service chain, and specific parameters are set as follows: at the vRouter agent node 1 (vRouter-agent 1 in FIG. 8), the first data center VM1 accesses the virtual network 1 (virtual net11 in FIG. 8), and the ip address is 10.0.0.1; at the vRouter agent node 2 (vRouter-agent 2 in FIG. 8), the second data center VM2 accesses the virtual network 2 (virtual net12 in FIG. 8), with ip address 20.0.0.1; in the vruter agent node 3 (vruter-agent 3 in fig. 8), the service chain is a single-arm service chain NFV and is set in the virtual network 3 (virtual net13 in fig. 8), the ip address is 30.0.0.1, and neither the virtual network 1 nor the virtual network 2 is accessed. Illustratively, the user creates the following service chain rules:
Src Dst Match To
10.0.0.0/24 20.0.0.0/24 Any 30.0.0.1
the simplest service chain created by the user is to pass through the single-arm service chain NFV (20.0.0.1) for the traffic from the virtual network 1 to the virtual network 2. The service chain rule is converted by a control route management program and finally sent to each vRouter agent node through a BGP protocol. Referring further to fig. 8, BGP tables on each vrRouter agent node of the cloud platform are arranged in a "route_prefix, proto, path, prio" format.
Corresponding to the interaction of the first data center and the second data center in the cloud platform through the service chain, the data flow analysis in the cloud platform may include:
a. the data packet (data packet to be sent) sent from the first data center VM1 to the second data center VM2 is searched in the BGP table of the net1 of the node vrometer-agent 1, and the path is 30.0.0.1/net 3/vrometer-agent 3, that is, the 30.0.0.1 interface on the net3 that needs to be sent to the vrometer-agent 3 is found, so as to determine the network card of the NFV 1.
b. After the single-arm service chain NFV receives the processing, the single-arm service chain NFV sends out from 30.0.0.1 and searches the BGP table on the net3 of the vrometer-agent 3, and path is net 2/vrometer-agent 2, that is, a net2 network that needs to be sent to the vrometer-agent 2.
c. The second data center VM2 is on net2, so that a message can be directly received and a response packet can be returned, and at this time, the BGP table of net2 corresponding to the node of the vrometer-agent 2 is searched, path is 30.0.0.1/net 3/vrometer-agent 3, and the response packet is sent to the 30.0.0.1 interface (network card of NFV 1) on net3 of the vrometer-agent 3.
d. And the single-arm service chain NFV receives the response message, searches the BGP table of net3 of the vRouter-agent 3 node, and sends the response data packet to VM1 of the vRouter-agent 1 node.
In this embodiment, the control routing hypervisor provides an interface for system operation and management personnel to view the cluster state of each of the vruter-agent nodes of the cloud environment and to maintain the cluster state. In the whole process, the NFV does not need to access the virtual network 1 of the first data center or the virtual network 2 of the second data center, and can realize a single-arm service chain by distributing BGP routes obtained by calculating a control route management program to different vruter agent nodes only through BGP routing protocols, so that the creation of network interfaces is reduced. And reduces NFV failure. The BGP routing technology is used for realizing the function of providing the service chain to the outside under the condition that the network card is not added in the service chain NFV, and the BGP routing technology has great convenience and maintainability. In addition, compared with a double-arm service chain, the single-arm service chain reduces generated BGP routing table items, reduces communication data of the BGP protocol, and is suitable for large-scale service chain deployment.
In one embodiment, the cloud platform is also illustrated as including a first data center and a second data center, except that multiple service chains are connected in series to form NFV. As shown in fig. 9, in another embodiment of the present application, a schematic diagram of serial interaction between a first data center and a second data center through a service chain is set as specific parameters: at the vRouter agent node 1 (vRouter-agent 1 in FIG. 9), the first data center VM1 accesses the virtual network 1 (virtual net11 in FIG. 9), and the ip address is 10.0.0.1; at the vruter agent node 2 (vruter-agent 2 in fig. 9), the second data center VM2 accesses the virtual network 2 (virtual net12 in fig. 9), and ip address is 20.0.0.1. In the vruter agent node 3 (vruter-agent 3 in fig. 9), the single-arm tandem service chain NFV1 is in the virtual network 3 (virtual net13 in fig. 9), the ip address is 30.0.0.1, and neither virtual network 1 nor virtual network 2 is accessed. Similarly, in the vruter agent node 4 (vruter-agent 4 in fig. 9), the single-arm tandem service chain NFV2 is in the virtual network 4 (virtual net14 in fig. 9), the ip address is 40.0.0.1, and neither the virtual network 1 nor the virtual network 2 is accessed. Corresponding to the aforementioned settings, the user at this time creates the following service chain rule.
Src Dst Match To
10.0.0.0/24 20.0.0.0/24 Tcp 30.0.0.1,40.0.0.1
Corresponding to fig. 9, the traffic of VM1 to VM2 needs to reach VM2 virtual machine through NFV1 and then NFV 2. In one embodiment, the data flow parsing process in the cloud platform includes the following steps.
I. The data packet sent from VM1 to VM2 is first searched in the BGP table of net 1 in vRouter-agent 1 for the port of NFV1, and is specifically path 30.0.0.1/net 3/vRouter-agent 3, and the port is sent to 30.0.0.1 interface in vRouter-agent 3 node net 3 network.
After the NFV1 receives the message processing, it sends out the port inquiring NFV2 from 30.0.0.1, at this time, searches BGP table of net 3 of the v router-agent 3, path is 40.0.0.1/net4/v router-agent 3, and sends it to 40.0.0.1 interface of net4 of node net4 of v router-agent 4.
After nfv2 accepts the processing message, it sends out a port of querying VM1 from 40.0.0.1, and searches BGP table of net4 of the v router-agent 3, and path is net 2/v router-agent2, and sends the path to node net 2 of v router-agent 2.
And IV, the VM2 receives the message and returns a response packet. Because VM2 is on net 2, it is possible to search BGP table of net 2 of the vRouter-agent2, path is 40.0.0.1/net4/vRouter-agent 3, and send the response packet to 40.0.0.1 interface on net4 of vRouter-agent 3, i.e. network card of NFV 2.
NFV2 receives the response message, searches BGP table of net 4 of the v router-agent 3, path is 30.0.0.1/net 3/v router-agent 3, and sends the data packet to NFV1.
Nfv1 receives the response message, searches BGP table of net 3 of the v router-agent 3, path is net1/v router-agent 1, and vm1 receives the response message.
In the embodiment of the application, the plurality of NFV service chains are connected in series without accessing the virtual network 1 and the virtual network 2, so that the service chain service scene is greatly improved, the existing virtual machine and network are not affected, and the purpose can be achieved only by using an additional network. In addition, the single-arm service chain NFV does not access the existing network by using an additional network, has little influence on the existing virtual network, and is convenient for system upgrading.
On the basis of the foregoing method, the embodiment of the present application further provides a device for implementing a service chain of a cloud platform, where the cloud platform includes a first data center and a second data center, and interaction is implemented between the first data center and the second data center through the service chain, and the device includes a command receiving module 1010, a query module 1020, a data packet sending module 1030, and a response module 1040. The command receiving module 1010 is configured to receive a command of a user, create a source network and a destination network according to the command of the user, where the first data center includes a data packet to be sent and accesses the source network, and the second data center accesses the destination network. The query module 1020 is configured to query a network port for obtaining a service chain, where the service chain is a single-arm service chain. The data packet sending module 1030 is configured to send a data packet to be sent from the first data center to a network port of the service chain via the source network. The reply module 1040 is configured to send the received data packet to be sent from the network of the service chain to the second data center via the destination network, and the second data center generates reply information, where the reply information can be received by the network of the service chain, and the network of the service chain can send the reply information to the first data center.
Optionally, the network IP address of the service chain is different from the source network IP address and the destination network IP address, the service chain includes a first functional service chain and a second functional service chain, and the first functional service chain and the second functional service chain are set in series.
Optionally, the first functional service chain or the second functional service chain is a network function virtualization (network function virtualization, NFV) based service chain.
Optionally, the first data center or the second data center includes a computing node and a management control node, where the computing node is capable of executing a vruter agent process, and the management control node is capable of executing a control route management program. Illustratively, the vRouter agent process may include creating a BGP protocol thread, creating a management service thread, or creating a vRouter kernel thread.
In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above described device embodiments are only illustrative, e.g. the division of the units is only one logical function division, and there may be other divisions in practice, such as: multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. In addition, the various components shown or discussed may be coupled or directly coupled or communicatively coupled to each other via some interface, whether indirectly coupled or communicatively coupled to devices or units, whether electrically, mechanically, or otherwise.
The units described as separate units may or may not be physically separate, and units displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units; some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may be separately used as one unit, or two or more units may be integrated in one unit; the integrated units may be implemented in hardware or in hardware plus software functional units.
Referring to fig. 11, an embodiment of the present application also provides an electronic device 200, the electronic device 200 including at least one memory 210, at least one processor 220, and a bus 230 connecting different platform systems.
Memory 210 may include readable media in the form of volatile memory, such as Random Access Memory (RAM) 211 and/or cache memory 212, and may further include Read Only Memory (ROM) 213.
The memory 210 also stores a computer program executable by the processor 220 to cause the processor 220 to perform: receiving an instruction of a user, creating a source network and a destination network according to the instruction of the user, wherein a first data center comprises a data packet to be sent and is accessed to the source network, and a second data center is accessed to the destination network; inquiring and acquiring a network port of a service chain, wherein the service chain is a single-arm service chain; transmitting the data packet to be transmitted from the first data center to a network port of a service chain through a source network; transmitting the received data packet to be transmitted from the network of the service chain to a second data center through a destination network, and generating response information by the second data center; and the network of the service chain receives the response information and sends the response information to the first data center.
Memory 210 may also include a program/utility 214 having a set (at least one) of program modules 215, such program modules 215 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment. Accordingly, the processor 220 may execute the computer programs described above, as well as the program/utility 214.
Bus 230 may be a local bus representing one or more of several types of bus structures including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or using any of a variety of bus architectures.
The electronic device 200 may also communicate with one or more external devices 240, such as a keyboard, pointing device, bluetooth device, etc., as well as one or more devices capable of interacting with the electronic device 200 and/or with any device (e.g., router, modem, etc.) that enables the electronic device 200 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 250. Also, the electronic device 200 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through a network adapter 260. Network adapter 260 may communicate with other modules of electronic device 200 via bus 230. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 200, including, but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, data backup storage platforms, and the like.
Fig. 12 shows a program product 300 provided by the present embodiment for implementing the above method, which may employ a portable compact disc read-only memory (CD-ROM) and comprise program code, and may be run on a terminal device, such as a personal computer: receiving an instruction of a user, creating a source network and a destination network according to the instruction of the user, wherein a first data center comprises a data packet to be sent and is accessed to the source network, and a second data center is accessed to the destination network; inquiring and acquiring a network port of a service chain, wherein the service chain is a single-arm service chain; transmitting the data packet to be transmitted from the first data center to a network port of a service chain through a source network; transmitting the received data packet to be transmitted from the network of the service chain to a second data center through a destination network, and generating response information by the second data center; the method comprises the steps of,
the network of the service chain receives the response information and sends the response information to the first data center.
The program product 300 of the present application is not limited thereto, and in the present application, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. Program product 300 may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a data signal propagated in baseband or as part of a carrier wave, with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable storage medium may also be any readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing. Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
The present application describes functional improvements and uses of the present application from the viewpoints of purpose, performance, progress and novelty, etc., which are pointed out in the patent laws, the above description and drawings are merely preferred embodiments of the present application, and not limitations of the present application, and therefore all equivalents and modifications of the structures, devices, features, etc. of the present application are intended to be within the scope of protection of the present application.

Claims (13)

1. A method for service chaining implementation of a cloud platform, the cloud platform comprising a first data center and a second data center, interaction between the first data center and the second data center being implemented through the service chaining, the method comprising:
receiving an instruction of a user, creating a source network and a destination network according to the instruction of the user, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network;
inquiring and acquiring a network port of the service chain, wherein the service chain is a single-arm service chain;
transmitting the data packet to be transmitted from the first data center to a network port of the service chain through the source network;
Transmitting the received data packet to be transmitted from the network of the service chain to the second data center through the destination network, and generating response information by the second data center; the method comprises the steps of,
the network of the service chain receives the response information and sends the response information to the first data center;
the first data center or the second data center comprises a computing node and a management control node, wherein the computing node can execute a vRouter agent process, and the management control node can execute a control route management program;
the vRouter agent process comprises: creating BGP protocol threads: responsive to a local port change; notifying BGP protocol to a control route management program; waiting for the control route manager to return updated BGP routes to perform destination lookup of the data packets.
2. The method for service chaining implementation of a cloud platform of claim 1, wherein a network IP address of the service chaining is different from the source network IP address and the destination network IP address, wherein the service chaining includes a first functional service chaining and a second functional service chaining, and wherein the first functional service chaining and the second functional service chaining are arranged in series.
3. The method for service chaining implementation of cloud platforms of claim 2, wherein the first or second functional service chaining is a network function virtualization (network function virtualization, NFV) based service chaining.
4. The method for service chaining implementation of a cloud platform of claim 1, wherein the vruter agent process further comprises creating a management service thread or creating a vruter kernel thread.
5. A service chaining implementation method for a cloud platform according to any of the claims 1 to 3 wherein the control routing manager comprises accepting a user instruction flow:
receiving a user instruction, and sending the user instruction to a vRouter agent management unit of a computing node of the first data center or the second data center;
waiting for the vRouter agent management unit to execute the corresponding function and receiving an execution result;
and returning an execution result and sending the execution result to the user.
6. An apparatus for service chain implementation of a cloud platform, the cloud platform including a first data center and a second data center, interaction between the first data center and the second data center being implemented through a service chain, the apparatus comprising:
The command receiving module is used for receiving a command of a user, creating a source network and a destination network according to the command of the user, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network;
the query module is used for querying and acquiring a network port of the service chain, wherein the service chain is a single-arm service chain;
the data packet sending module is used for sending the data packet to be sent from the first data center to the network port of the service chain through the source network;
the response module is used for sending the received data packet to be sent from the network of the service chain to the second data center through the target network, the second data center generates response information, the response information can be received by the network of the service chain, and the network of the service chain can send the response information to the first data center;
the first data center or the second data center comprises a computing node and a management control node, wherein the computing node can execute a vRouter agent process, and the management control node can execute a control route management program;
The vRouter agent process comprises: creating BGP protocol threads: responsive to a local port change; notifying BGP protocol to a control route management program; waiting for the control route manager to return updated BGP routes to perform destination lookup of the data packets.
7. A cloud platform based system, the cloud platform including a first data center and a second data center, the first data center and the second data center implementing interaction through a service chain, the system comprising:
a source network for the first data center to access;
a destination network for the second data center to access;
a single-arm service chain for realizing interaction between the first data center and the second data center, wherein the service chain is used for transmitting a data packet to be transmitted from the first data center to a network port of the service chain through the source network; the data packet to be sent is used for sending the received data packet to be sent to the second data center through the destination network, and the second data center can generate response information; the method comprises the steps of receiving response information and sending the response information to the first data center;
The first data center or the second data center comprises a computing node and a management control node, wherein the computing node can execute a vRouter agent process, and the management control node can execute a control route management program;
the vRouter agent process comprises: creating BGP protocol threads: responsive to a local port change; notifying BGP protocol to a control route management program; waiting for the control route manager to return updated BGP routes to perform destination lookup of the data packets.
8. The cloud platform based system of claim 7, wherein a network IP address of said service chain is different from said source network IP address and said destination network IP address.
9. The cloud platform based system of claim 8, wherein said service chain comprises a first functional service chain and a second functional service chain, said first functional service chain, said second functional service chain being NFV based service chains, and said first functional service chain and said second functional service chain being arranged in series.
10. The cloud platform based system of claim 7, wherein said first data center or second data center comprises a vruter agent process module comprising at least one of a management unit, a function unit, a port db unit;
The management unit is used for controlling the communication of a control management program on a computing node of the first data center or the second data center and responding to instructions of a user;
the functional unit comprises a preset function of a computing node of the first data center or the second data center;
the port db unit is configured to record a port type of a virtual machine on a current vRouter node of the first data center or the second data center and a service chain rule of port binding.
11. The cloud platform based system of claim 10, wherein said first data center or second data center further comprises a control route manager module, said control route manager module comprising at least one of a user interface unit, a agent communication unit, a route calculation unit, a BGP db unit;
the user interface unit is used for receiving a user instruction, creating resources according to the user instruction and/or generating an operation and maintenance instruction;
the agent communication unit is used for issuing the instruction of the user to the vRouter agent process module;
the route calculation unit is used for carrying out route calculation according to the state reported by the vRouter agent of the current vRouter node;
The BGP db unit is used for storing a route calculation result and recording BGP route information calculated by the current control route management program.
12. An electronic device comprising a memory, a processor and a hardware module for performing tasks, the memory storing a computer program, the processor implementing the steps of the method according to any of claims 1-5 when the computer program is executed.
13. A computer readable storage medium storing a computer program which, when executed by a processor, performs the steps of the method according to any one of claims 1-5.
CN202210367519.8A 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system Active CN114726774B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210367519.8A CN114726774B (en) 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210367519.8A CN114726774B (en) 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system

Publications (2)

Publication Number Publication Date
CN114726774A CN114726774A (en) 2022-07-08
CN114726774B true CN114726774B (en) 2023-06-23

Family

ID=82242419

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210367519.8A Active CN114726774B (en) 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system

Country Status (1)

Country Link
CN (1) CN114726774B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115174474B (en) * 2022-09-08 2022-12-02 浙江九州云信息科技有限公司 SRv 6-based SFC implementation method and device in private cloud

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9413634B2 (en) * 2014-01-10 2016-08-09 Juniper Networks, Inc. Dynamic end-to-end network path setup across multiple network layers with network service chaining
CN107819663B (en) * 2017-11-27 2020-06-16 锐捷网络股份有限公司 Method and device for realizing virtual network function service chain
US10965592B2 (en) * 2019-05-31 2021-03-30 Juniper Networks, Inc. Inter-network service chaining
US20210266255A1 (en) * 2020-02-24 2021-08-26 Cisco Technology, Inc. Vrf segregation for shared services in multi-fabric cloud networks

Also Published As

Publication number Publication date
CN114726774A (en) 2022-07-08

Similar Documents

Publication Publication Date Title
US11588708B1 (en) Inter-application workload network traffic monitoring and visuailization
CN110830357B (en) Multi-cloud virtual computing environment provisioning using advanced topology description
US11943117B2 (en) Virtualization infrastructure underlay network performance measurement and monitoring
US20210243163A1 (en) Intent-based policy generation for virtual networks
CN111355604B (en) System and method for user customization and automation operations on software defined networks
JP6162194B2 (en) Chassis controller to convert universal flow
JP5718198B2 (en) Network management system and apparatus
CN114726774B (en) Method and device for realizing service chain of cloud platform and cloud platform-based system
CN112968879B (en) Method and equipment for realizing firewall management
Talhar et al. An adaptive approach for controller placement problem in software defined networks
EP4187867A1 (en) Fast, predictable, dynamic route failover in software-defined networks
US11444836B1 (en) Multiple clusters managed by software-defined network (SDN) controller
Xiong et al. Architecture Design of SDN Operating System Based on Linux Kernel
JP2024503599A (en) Synchronization of communication channel state information for highly available flows
Vemuri Policy Carry-Over for Mobility in Software Defined Networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20230601

Address after: Room 1602, No. 6, Financial Third Street, Wuxi Economic Development Zone, Jiangsu Province, 214,000

Applicant after: Anchao cloud Software Co.,Ltd.

Address before: Room 1601, no.6, financial Third Street, Wuxi Economic Development Zone, Jiangsu Province, 214000

Applicant before: Jiangsu Anchao cloud Software Co.,Ltd.

GR01 Patent grant
GR01 Patent grant