CN117041339A - Communication deployment, connection and reconfigurable method of heterogeneous system message proxy - Google Patents
Communication deployment, connection and reconfigurable method of heterogeneous system message proxy Download PDFInfo
- Publication number
- CN117041339A CN117041339A CN202311073065.4A CN202311073065A CN117041339A CN 117041339 A CN117041339 A CN 117041339A CN 202311073065 A CN202311073065 A CN 202311073065A CN 117041339 A CN117041339 A CN 117041339A
- Authority
- CN
- China
- Prior art keywords
- message
- node
- message proxy
- resource
- token
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 238000004891 communication Methods 0.000 title claims abstract description 27
- 230000008569 process Effects 0.000 claims abstract description 12
- 238000009434 installation Methods 0.000 claims abstract description 5
- 238000012795 verification Methods 0.000 claims description 19
- 230000004044 response Effects 0.000 claims description 16
- 230000007246 mechanism Effects 0.000 claims description 11
- 238000007726 management method Methods 0.000 description 16
- 238000005516 engineering process Methods 0.000 description 4
- 230000006872 improvement Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The application discloses a communication deployment, connection and reconfiguration method of a heterogeneous system message proxy, which relates to the technical field of industrial Internet and comprises the steps of starting and initializing a message proxy node and a message proxy center node; the node acquires an allocated Token from the central node, and requests the central node to download a first resource with the Token, so as to acquire software and hardware configuration information of the node; submitting own software and hardware configuration information to the center, downloading a second resource, completing the installation and initialization of the second resource, establishing SSH connection between the message proxy node and the message proxy center, executing a script by the message proxy center node, and completing the configuration process of the message proxy node. The method solves the problems of troublesome deployment and configuration, large workload and high requirements on professional skills existing between heterogeneous systems of the industrial Internet platform and between heterogeneous components in the heterogeneous systems when deploying the message agents.
Description
Technical Field
The application relates to the technical field of industrial Internet, in particular to a communication deployment, connection and reconfiguration method of a heterogeneous system message proxy.
Background
The industrial internet (Industrial Internet) refers to a novel industrial technology for interconnecting physical devices, systems, networks and software to realize data acquisition, analysis, processing and application. In the industrial internet, on one hand, with the continuous progress of technology, new devices, new protocols and new standards are continuously introduced, and these conditions lead to different functions and requirements between new and old devices, and when integrated into an industrial internet platform, the isomerism of the system is generated; on the other hand, different devices, different systems need to work together and exchange data, but they may use different communication protocols or use different data formats, which also requires heterogeneous system architectures to achieve communication and interoperability between them; in addition, even though a new technology and a new device are widely adopted in an industrial internet platform, the old device is compatible and supported, and the integrated legacy system still in use is a conventional requirement, and the legacy system may not be directly compatible with the new technology, and a heterogeneous system architecture is required to bridge the gap and ensure the compatibility. One way to address the communication of heterogeneous systems with each other is to use Message Broker (Message Broker), which is a useful tool to facilitate communication between components of heterogeneous systems and between heterogeneous systems. However, due to the need to configure message routing, translation, and delivery mechanisms, message brokers often require relatively complex initial setup, and setting up message brokers involves configuring various components such as message queues, topics, subscriptions, and routing rules. In addition, message agents may require the installation and configuration of other software components or dependencies, and message agents often have their own specific configuration and management interfaces, requiring a high level of expertise for the practitioner to be able to effectively set up and manage, and also requiring the entire process to be safe and reliable. At present, the industry does not have a particularly good solution to the problem, and some automated operation tools such as Puppet, ansible and other software can only solve part of the problem, and many tasks still need to be completed manually by professional technicians, so that the workload is high and the requirements on professional skills are high.
Disclosure of Invention
The application aims to provide a heterogeneous system message agent which has the problems of troublesome deployment and configuration, large workload and high requirements on professional skills.
The application solves the problems by the following technical proposal:
a method of communication deployment, connection and reconfiguration of heterogeneous system message brokers, comprising:
step S100, the message proxy node and the message proxy center node are started and initialized;
step 200, the message proxy node acquires an allocated Token from the message proxy center node;
step S300, a message agent node carries Token to request a message agent center node to download a first resource, and after executing the first resource, software and hardware configuration information of the node is obtained;
step S400, the message proxy node carries Token to send HTTPS request to the message proxy center node, submits self software and hardware configuration information, and returns URL of the second resource to the message proxy node after the message proxy center node verifies that Token passes; the message proxy node carries Token request to download a second resource, the second resource is installed and initialized after the downloading is completed, and the second resource comprises SSH server software and related security configuration information which are suitable for the message proxy node;
and S500, the message proxy node establishes SSH connection with the message proxy center, and the message proxy center node executes the script to complete the configuration process of the message proxy node.
The application solves the problems of quick establishment and deployment of message agents among components of heterogeneous systems and among a plurality of heterogeneous systems, realizes quick connection of the heterogeneous components and the heterogeneous systems, and reconfigurability of the message agents, realizes automation of the whole process, realizes end-to-end process safety, simplifies complicated work of message agent configuration and deployment, and realizes efficiency improvement.
Further, the message broker central node comprises the following modules:
the configuration storage module is configured to store configuration information of the message proxy node and verify configuration formats and configuration data;
and a service module: configured to provide HTTPS, SSH communication services to a network;
authentication rights management module: configured to verify the identity and legitimacy of the message broker node, provide Token assignment and verification functions, and provide rights management and control functions for external nodes;
the initialization of the message proxy node means that after the message proxy node server is started, the network configuration is completed, and the HTTPS client can be operated to perform network access;
the initialization of the message proxy center node means that the message proxy center node server completes startup, and the configuration storage module, the service module and the authentication right management module are all operated.
Further, the step S200 specifically includes:
step S210, the message proxy node sends an HTTPS request to the message proxy center node and provides self-authorized confidential information;
step S220, the message proxy center verifies the confidential information, and returns a response message after verification, wherein the response message comprises Token distributed for the message proxy node.
Further, the self-authorized confidential information is a security mechanism pre-assigned by the message broker central node, and comprises certificate information, a device ID, a CPU instruction set architecture and an operating OS system version number.
Further, the Token contains the device ID of the message broker, the Token validity time, the Token access range and the digital signature.
Further, the step S300 specifically includes:
step S310, the message proxy node carries Token to send a request to the message proxy center node, wherein the request contains information of a first resource to be downloaded;
step S320, the message proxy center node verifies Token, and returns a redirection message after verification is passed, wherein the returned redirection message contains the URL of the first resource;
step S330, the message proxy node redirects to the resource service endpoint, the resource service endpoint verifies the Token carrying the Token request to download the first resource, and returns the data flow of the first resource after verification is passed until the message proxy node downloads;
step S340, the message proxy node executes the script of the first resource, scans the local software and hardware environment, and obtains the software and hardware configuration information of the message proxy node;
in step S350, the message broker node carries Token to send HTTPS request to the message broker central node, and submits its own software and hardware configuration information.
The software and hardware configuration information is locally summarized into a report file with a fixed format, and the format comprises Properties, JSON, YAML and INI.
Further, the step S400 specifically includes:
step S410, the message proxy center node verifies Token, generates an execution script according to the software and hardware configuration information, selects proper resources according to the software and hardware configuration information, generates a URL, and returns the URL to the message proxy node in a redirection message;
step S420, the message agency node redirects to a resource service endpoint, requests to download resources, and carries Token;
step S430, the resource service endpoint verifies Token, and returns the resource data stream after verification is passed until the message agent downloads;
step S440, the message proxy node completes the installation and initialization operation of the second resource locally, wherein the second resource comprises SSH server software and related security configuration suitable for the message proxy node.
Further, the step S500 specifically includes: the message proxy node sends ready message, the message proxy center node initiates SSH connection request, the message proxy node establishes SSH connection with the message proxy center, the message proxy center executes script, and the configuration process of the message proxy node is completed.
Further, the method further comprises step S600: after the message proxy node completes configuration and operation, the message proxy node automatically joins the message proxy cluster.
Compared with the prior art, the application has the following advantages:
(1) The method solves the problems of troublesome deployment and configuration, large workload and high requirements on professional skills existing between heterogeneous systems of the industrial Internet platform and between heterogeneous components in the heterogeneous systems when deploying the message agents.
(2) The application realizes the rapid establishment and deployment of the message proxy among the components of the heterogeneous systems and among a plurality of heterogeneous systems, the rapid connection of the heterogeneous components and the heterogeneous systems and the reconfigurable message proxy, the whole process realizes the automation, the end-to-end process safety is realized, the tedious work of the configuration and deployment of the message proxy is simplified, and the efficiency is improved.
Drawings
FIG. 1 is a flow chart of the present application;
fig. 2 is a schematic diagram of the module configuration of a message broker central node.
Detailed Description
The present application will be described in further detail with reference to examples, but embodiments of the present application are not limited thereto.
Examples:
referring to fig. 1 and 2, a method for communication deployment, connection and reconfiguration of heterogeneous system message proxies includes:
step 101: the message broker node and the message broker central node initiate and complete the initialization.
Message broker nodes refer to any type of server residing on the logical edge of a network, typically between a private network and the internet, typically using edge servers, but instead using general purpose servers or virtual machines. The message broker central node refers to a reservation server residing within or adjacent to the industrial internet platform, which is typically computationally intensive and is specifically prepared for the industrial internet to implement heterogeneous architecture.
The message proxy central node at least comprises the following modules:
1) And (3) a configuration storage module: and the configuration information of the message proxy node is stored, and the configuration format and the configuration data can be checked, so that the configuration formats such as Properties, JSON, YAML, INI are supported.
The configuration storage module is composed of a script library, a configuration library and a software library. Wherein:
the script library is a script file set which is constructed by classifying CPU instruction set architectures (comprising X64, X86, ARM64, MIPS, RISC-V and the like) and operating systems (comprising various versions of Windows, various versions of Windows Server, various versions of Linux multiple release versions and various versions of macOS).
The configuration library is a database for storing basic information and configuration information of the message-oriented proxy node, and provides a CRUD function.
The software library is a set of SSH Server software products which are constructed by classifying CPU instruction set architectures (comprising X64, X86, ARM64, MIPS, RISC-V and the like) and operating systems (comprising each version of Windows, each version of Windows Server, each version of Linux, each version of macOS) and are provided for the message proxy node, the SSH Server software products are subjected to adaptation selection according to the software and hardware configuration information of the message proxy node before being provided for the message proxy node, and after matching the proper versions, measures such as equipment ID, certificate mechanism and the like are added for safe customization and are provided for the message proxy node.
2) And a service module: the network-oriented provides HTTPS communication services, REST API service endpoints, and SSH client communications.
3) Authentication rights management module: the method can verify the identity and the validity of the message proxy node, provide Token allocation and verification functions, and provide rights management and control functions and certificate management functions for external nodes.
The initialization of the message proxy node means that after the message proxy node server is started, the basic network configuration is completed, and the HTTPS client can be operated to perform network access.
The initialization of the message proxy center node means that the message proxy center node server completes the startup, and the configuration storage module, the service module and the authentication right management module are all operated.
Step 102: the message broker node sends an HTTPS request to the message broker central node and provides self-authorised confidential information.
The self-authorizing confidential information is a security mechanism pre-assigned by the message broker central node. Such pre-assigned security mechanisms typically employ a certificate mechanism and digital signature to secure. The self-authorized confidential information at least comprises certificate information, device ID, CPU instruction set architecture, running OS system version number and the like.
For the message proxy center node, the pre-assigned security mechanism is implemented through an authentication rights management module, which includes a certificate management function, can add and delete certificates, and stores own certificates and certificates of a plurality of message proxies.
For the message proxy center node, each time a message proxy node needs to be newly added, the authentication rights management module distributes a certificate for the message proxy center node, sends the certificate to the Flash security disk together, and provides the certificate for the message proxy node to use.
Flash security disk is a hardware device, typically used to store sensitive data, and is a Flash drive that encrypts and decrypts data to ensure that only authorized users have access to it. Flash security disks can also be used to protect computers from malware and viruses.
The message broker central node typically also contains the functionality of a CA certificate authority to enable this in the absence of a CA certificate issuing node in the private network, and the CA certificate authority is contained in the authentication rights management module.
And for the message proxy node, the HTTPS request is sent to the message proxy center by inserting the Flash security disk.
For both parties of HTTPS communication, the data is encrypted by SSL/TLS protocol to protect the privacy and integrity of the data, certificates are used between both parties of HTTPS communication to verify each other's identity, and digital signatures are also used by both parties of communication to ensure that the data has not been tampered with.
Step 103: the message proxy center node verifies the confidential information, and returns a response message after verification.
The authentication rights management module of the message proxy center node verifies the authorized confidential information of the message proxy node, and returns response information after verification; and refusing the response if the verification fails.
Verifying confidential information involves two parts of work:
firstly, verifying whether the certificate and the digital signature of the message proxy node are correct;
secondly, verifying the device ID of the message proxy node, the CPU instruction set architecture and the running OS system version number, on one hand, recording the information in the system, and on the other hand, calling a configuration storage module for the information, and preparing proper script resources.
The response information includes Token allocated to the message broker node. The Token is an access Token allocated by the authentication rights management module to the message agent, and comprises the contents of the device ID of the message agent, the effective time of the Token, the access range of the Token, the digital signature and the like.
Token tokens may be JWT, OAuth 2.0, SAML, openID Connect, API Key, refresh Token, etc.
If the verification fails, the response is rejected.
Step 104: the message proxy node continues to send HTTPS requests to the message proxy center node, and the request is sent with the Token just allocated. The request refers to the resource required by the message agency center node for downloading, so the request information contains the resource 1 information to be downloaded. The resource 1 is an executable script used for scanning the more comprehensive software and hardware configuration information of the message proxy node, and the resource 1 is a script file in a script library of a configuration storage module of the message proxy center node, and the script file is matched with the software and hardware configuration information of the message proxy node.
Step 105: the message proxy center node verifies Token, and checks the correctness, the integrity, the validity, the digital signature and the like of the Token, so that the authenticity and the validity of the Token are ensured. Verifying Token is done through Token management by the authentication rights management module.
In the method provided by the application, the verification modes of the Token are consistent, so that the follow-up description is omitted.
And returning a redirection message through the post-message proxy center node, wherein the returned redirection message contains the URL of the resource to be downloaded. More specifically, the message broker central node sends a special redirect response that contains a status code starting with 3 and a Location header that contains the redirected URL to the resource.
Step 106: the message proxy node redirects to the resource service endpoint of the message proxy center node, requests to download resources, and the request carries Token. The resource service endpoint is contained in a service module of the message proxy center node and provides services to the network in a REST API manner. The request contains information such as the file name and the file size to be downloaded.
Step 107: the resource service endpoint also verifies Token, after the Token passes the verification, the resource service endpoint generates a response header and a response body according to the information in the request in step 106, and returns the data in the response body to the client in the form of stream. After receiving the response, the message proxy node sets a downloading window according to the information in the response head, saves the data in the response body to the local file, and closes the connection after receiving all the data.
Step 108: the message proxy node locally runs the downloaded resource 1, namely the executable script, scans the local software and hardware environment and acquires the comprehensive configuration information of the node software and hardware. The obtained software and hardware configuration information is locally summarized into a report file with a fixed format, and the format of the report file can be Properties, JSON, YAML, INI and other configuration formats.
Step 109: the message proxy node continues to send HTTPS request to the message proxy center node, and submits the report file generated in the previous step to the configuration library of the message proxy center node configuration storage module, and the request also contains Token.
Step 110: and the message proxy center node verifies the reality and effectiveness of the Token, calls the configuration storage module for storing the configuration information of the software and hardware of the node after the verification is passed, selects proper resources in the configuration storage module according to the configuration information, generates a URL, and returns the URL to the message proxy node in a redirection message.
Step 111: the message broker node initiates a request for downloading the resource 2 to the resource service endpoint of the message broker central node, and the request also carries Token. The resource service endpoint is contained in a service module of the message proxy center node and provides services to the network in a REST API manner. The resource 2 requested to be downloaded here contains SSH server software and associated security configuration appropriate for the message broker node.
The SSH server software is dedicated custom software that can only run on the target node (designated message broker node). The SSH server software internally comprises a set of security mechanism, has binding relation with the device ID and the certificate of the target node, and cannot run once the detection fails.
More specifically, a sufficiently secure public/private key pair has been generated by the public/private key generator based on RSA4096 or RSA2048 and configured into SSH server software, and then restarted.
More specifically, the public key generated by the public/private key generator is written into the configuration of the SSH service network software, and the private key is stored in the configuration library of the configuration storage module of the message broker central node and is associated with the device ID of the message broker node.
Step 112: the resource service end point also needs to verify Token, returns the data flow of the resource after verification, and returns the data of the resource to the message proxy node in a streaming mode until the message proxy node finishes downloading.
Step 113: the message broker node completes the installation of the resource locally and starts the SSH service.
Step 114: the message broker node sends an HTTPS request to the message broker central node informing the other party that itself is ready.
Step 115: the message broker central node initiates a request for an SSH connection to the message broker node. Because the SSH server is custom software and is internally provided with a safe operation mechanism and a safe mechanism, the direct connection can be completed at one time.
Further, the message broker central node may log directly onto the SSH server of the message broker node via the SSH by means of a private key stored in a configuration repository of a configuration storage module of the message broker central node, thereby establishing a secure connection.
Step 116: the message proxy node establishes SSH connection with the message proxy center node, and the message proxy center node remotely executes the automation script to complete automatic configuration and realize configuration and operation of the message proxy.
Step 117: after the message proxy node finishes configuration and operation, the message proxy node can also automatically join in the message proxy cluster.
Furthermore, since the message Broker node and the message Broker central node can establish an SSH connection, for a message Broker node that has normally operated, the reconfiguration of the Broker can be implemented due to factors such as environmental adjustment, change of requirements, and the like.
In summary, compared with the prior art, the method and the device can solve the problems of quick establishment and deployment of the message proxy among components of the heterogeneous systems and among a plurality of heterogeneous systems, realize quick connection of the heterogeneous components and the heterogeneous systems, and reconfigure the message proxy, realize automation of the whole process, realize end-to-end process safety, simplify complicated work of message proxy configuration and deployment, and realize efficiency improvement.
Although the application has been described herein with reference to the above-described illustrative embodiments thereof, the foregoing embodiments are merely preferred embodiments of the present application, and it should be understood that the embodiments of the present application are not limited to the above-described embodiments, and that numerous other modifications and embodiments can be devised by those skilled in the art that will fall within the scope and spirit of the principles of this disclosure.
Claims (10)
1. A method of communication deployment, connection and reconfiguration of heterogeneous system message brokers, comprising:
step S100, the message proxy node and the message proxy center node are started and initialized;
step 200, the message proxy node acquires an allocated Token from the message proxy center node;
step S300, a message agent node carries Token to request a message agent center node to download a first resource, and after executing the first resource, software and hardware configuration information of the node is obtained;
step S400, the message proxy node carries Token to send HTTPS request to the message proxy center node, submits self software and hardware configuration information, and returns URL of the second resource to the message proxy node after the message proxy center node verifies that Token passes; the message proxy node carries Token request to download a second resource, the second resource is installed and initialized after the downloading is completed, and the second resource comprises SSH server software and related security configuration information which are suitable for the message proxy node;
and S500, the message proxy node establishes SSH connection with the message proxy center, and the message proxy center node executes the script to complete the configuration process of the message proxy node.
2. The method of communication deployment, connection and reconfiguration of heterogeneous system message proxies according to claim 1, wherein the message proxy center node comprises the following modules:
the configuration storage module is configured to store configuration information of the message proxy node and verify configuration formats and configuration data;
and a service module: configured to provide HTTPS, SSH communication services to a network;
authentication rights management module: configured to verify the identity and legitimacy of the message broker node, provide Token assignment and verification functions, and provide rights management and control functions for external nodes;
the initialization of the message proxy node means that after the message proxy node server is started, the network configuration is completed, and the HTTPS client can be operated to perform network access;
the initialization of the message proxy center node means that the message proxy center node server completes startup, and the configuration storage module, the service module and the authentication right management module are all operated.
3. The method for communication deployment, connection and reconfiguration of heterogeneous system message proxies according to claim 1, wherein said step S200 comprises:
step S210, the message proxy node sends an HTTPS request to the message proxy center node and provides self-authorized confidential information;
step S220, the message proxy center verifies the confidential information, and returns a response message after verification, wherein the response message comprises Token distributed for the message proxy node.
4. A method of communication deployment, connection and reconfiguration of heterogeneous system message proxies according to claim 3, wherein the self-authorizing secret information is a pre-assigned security mechanism of a message proxy center node, the self-authorizing secret information comprising credential information, device ID, CPU instruction set architecture and operating OS system version number.
5. A method of communication deployment, connection and reconfiguration of heterogeneous system message brokers according to claim 3, wherein the Token contains a device ID of the message broker, a Token validity time, a Token access scope and a digital signature.
6. The method for communication deployment, connection and reconfiguration of heterogeneous system message proxies according to claim 1, wherein said step S300 comprises in particular:
step S310, the message proxy node carries Token to send a request to the message proxy center node, wherein the request contains information of a first resource to be downloaded;
step S320, the message proxy center node verifies Token, and returns a redirection message after verification is passed, wherein the returned redirection message contains the URL of the first resource;
step S330, the message proxy node redirects to the resource service endpoint, the resource service endpoint verifies the Token carrying the Token request to download the first resource, and returns the data flow of the first resource after verification is passed until the message proxy node downloads;
step S340, the message proxy node executes the script of the first resource, scans the local software and hardware environment, and obtains the software and hardware configuration information of the message proxy node;
in step S350, the message broker node carries Token to send HTTPS request to the message broker central node, and submits its own software and hardware configuration information.
7. The method of communication deployment, connection, and reconfiguration of heterogeneous system message brokers of claim 6, wherein the software and hardware configuration information is locally aggregated into a report file in a fixed format, the format comprising Properties, JSON, YAML and INI.
8. The method for communication deployment, connection and reconfiguration of heterogeneous system message proxies according to claim 1, wherein said step S400 comprises:
step S410, the message proxy center node verifies Token, generates an execution script according to the software and hardware configuration information, selects proper resources according to the software and hardware configuration information, generates a URL, and returns the URL to the message proxy node in a redirection message;
step S420, the message agency node redirects to a resource service endpoint, requests to download resources, and carries Token;
step S430, the resource service endpoint verifies Token, and returns the resource data stream after verification is passed until the message agent downloads;
step S440, the message proxy node completes the installation and initialization operation of the second resource locally, wherein the second resource comprises SSH server software and related security configuration suitable for the message proxy node.
9. The method for communication deployment, connection and reconfiguration of heterogeneous system message proxies according to claim 1, wherein said step S500 comprises: the message proxy node sends ready message, the message proxy center node initiates SSH connection request, the message proxy node establishes SSH connection with the message proxy center, the message proxy center executes script, and the configuration process of the message proxy node is completed.
10. The method of communication deployment, connection and reconfiguration of heterogeneous system message proxies according to claim 1, further comprising step S600: after the message proxy node completes configuration and operation, the message proxy node automatically joins the message proxy cluster.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311073065.4A CN117041339A (en) | 2023-08-24 | 2023-08-24 | Communication deployment, connection and reconfigurable method of heterogeneous system message proxy |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311073065.4A CN117041339A (en) | 2023-08-24 | 2023-08-24 | Communication deployment, connection and reconfigurable method of heterogeneous system message proxy |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117041339A true CN117041339A (en) | 2023-11-10 |
Family
ID=88635295
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311073065.4A Pending CN117041339A (en) | 2023-08-24 | 2023-08-24 | Communication deployment, connection and reconfigurable method of heterogeneous system message proxy |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117041339A (en) |
-
2023
- 2023-08-24 CN CN202311073065.4A patent/CN117041339A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7316347B2 (en) | Systems and methods for providing an interface for blockchain cloud services | |
| US10701060B2 (en) | Public key infrastructure exchange using netconf for Openflow enabled switches | |
| US20160366233A1 (en) | Private Cloud as a service | |
| JP4734592B2 (en) | Method and system for providing secure access to private network by client redirection | |
| US10129241B2 (en) | Hypervisor agnostic bidirectional secure channel for guest agent transport | |
| US8914787B2 (en) | Registering software management component types in a managed network | |
| US11700262B2 (en) | System and method to securely execute datacenter management operations remotely | |
| EP2432186A1 (en) | File uploading realization method and system for web application | |
| US10645172B1 (en) | Socket tunneling connections in a service provider environment | |
| US10148621B2 (en) | Provisioning proxy for provisioning data on hardware resources | |
| WO2021061419A1 (en) | Template-based onboarding of internet-connectible devices | |
| US20230344800A1 (en) | Client Browser to Endpoint Peer to Peer Redirection from Cloud Control Pane | |
| CN117041339A (en) | Communication deployment, connection and reconfigurable method of heterogeneous system message proxy | |
| US20190297072A1 (en) | System and method for authentication in a public cloud | |
| EP3987391B1 (en) | Method and system for service image deployment in a cloud computing system based on distributed ledger technology | |
| EP3688588B1 (en) | Receiving a data object at a device | |
| US11943124B2 (en) | Data center asset remote workload execution via a connectivity management workload orchestration operation | |
| US11843604B2 (en) | Cloud identity integration for cloud-based management of on-premises devices | |
| US12003963B2 (en) | Mobile provisioning of a data center asset in a data center connectivity management environment | |
| US11924045B2 (en) | Connectivity management system client inventory and configuration operation for interconnected connectivity management clients | |
| US20230354019A1 (en) | Mobile Provisioning of a Data Center Asset in a Data Center Connectivity Management Environment | |
| US20240040001A1 (en) | Connectivity Management System Client and Host Aware Extensions for Non-Embedded Use Cases | |
| Kiss et al. | D7. 4-FINAL BULK DEPLOYMENT TOOL | |
| CN112398881A (en) | Data receiving and storing method, system, medium and device | |
| CN113228555A (en) | Method, system and apparatus for unified security configuration management |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |