KR20170101584A - Host server providing service for virtual desktop based on plurality of single root i/o virtualization(sr-iov) network card and operating method thereof - Google Patents

Host server providing service for virtual desktop based on plurality of single root i/o virtualization(sr-iov) network card and operating method thereof Download PDF

Info

Publication number
KR20170101584A
KR20170101584A KR1020160024305A KR20160024305A KR20170101584A KR 20170101584 A KR20170101584 A KR 20170101584A KR 1020160024305 A KR1020160024305 A KR 1020160024305A KR 20160024305 A KR20160024305 A KR 20160024305A KR 20170101584 A KR20170101584 A KR 20170101584A
Authority
KR
South Korea
Prior art keywords
traffic
policy
user
module
users
Prior art date
Application number
KR1020160024305A
Other languages
Korean (ko)
Inventor
최지혁
김대원
김선욱
오병택
오수철
김성운
김학영
Original Assignee
한국전자통신연구원
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한국전자통신연구원 filed Critical 한국전자통신연구원
Priority to KR1020160024305A priority Critical patent/KR20170101584A/en
Publication of KR20170101584A publication Critical patent/KR20170101584A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • G06F15/163Interprocessor communication
    • G06F15/173Interprocessor communication using an interconnection network, e.g. matrix, shuffle, pyramid, star, snowflake
    • G06F15/1735Network adapters, e.g. SCI, Myrinet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems 
    • H04L12/56Packet switching systems
    • H04L12/5601Transfer mode dependent, e.g. ATM
    • H04L2012/5678Traffic aspects, e.g. arbitration, load balancing, smoothing, buffer management

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A plurality of single root input / output virtualization network cards, a management module managing virtual desktops including agents collecting traffic of users, and a plurality of single root input / output virtualization network cards based on the amount of traffic of the collected users. There is provided a method of operating a host server and a host server including a load balancing module for allocating traffic of users for each of the output virtualization network cards.

Figure P1020160024305

Description

TECHNICAL FIELD [0001] The present invention relates to a method for operating a host server and a host server that provide services for a virtual desktop based on a plurality of single-route input / output virtualization network cards. BACKGROUND OF THE INVENTION < RTI ID = SR-IOV) NETWORK CARD AND OPERATING METHOD THEREOF}

The following embodiments are directed to a host server and a method of operating a host server that provide services for a virtual desktop based on a plurality of single root input / output virtualization network cards.

Desktop Virtualization is a technology that creates client space as a virtual space. By creating a virtual desktop environment with a user-specific operating system (OS) on a high-performance server, various clients can And the like.

According to one embodiment, a single server may be equipped with a plurality of single root I / O virtualization (SR-IOV) network cards to allow more users to use the virtual desktop service without degradation Environment can be provided.

According to one embodiment, effective QoS policies and security policies can be established through user traffic analysis.

According to an exemplary embodiment, a QoS policy and a security policy that are appropriate for a user are requested, thereby providing an optimized virtual desktop environment to a user.

According to one aspect, a host server includes a plurality of single root I / O virtualization (SR-IOV) network cards; A management module for managing virtual desktops including agents collecting traffic of users; And a load balancing module for allocating traffic of the users for each of the plurality of single root input / output virtualization network cards based on the amount of traffic of the collected users.

Wherein the load adjustment module receives all traffic amounts generated by users assigned virtual functions via the plurality of single route input / output virtualization network cards, and based on the amount of all traffic, It is possible to control the traffic of the users assigned to the root input / output virtualization network cards.

The load adjustment module may receive the amount of all traffic generated by the users from the agents of the virtual desktops.

The host server may further include a virtual switch for collecting traffic generated in the virtual desktops, receiving a policy determined based on the collected traffic, and applying the policy to the virtual desktops.

The host server may further include a policy module that analyzes the collected traffic and determines a policy for providing the optimized service to the users based on the analysis result.

Wherein the virtual switch comprises: a traffic collection module for collecting, from the agents of the virtual desktops, traffic generated in the virtual desktops and providing the collected traffic to the policy module; And a policy application module for applying the policy determined in the policy module to the virtual desktops.

The policy module analyzes the collected traffic and notifies information on services used by the users based on the analysis result.

The policy module may update and modify the policy by reflecting the requested policy from the users.

An analysis module for analyzing the collected traffic and reporting the analysis result to an administrator; A QoS module for determining a QoS policy for each of the users based on the analysis result and the request of the users; And a security module for setting a security policy for each of the users based on the analysis result and the request of the users.

The QoS module may analyze the collected traffic based on a signature analysis method and recommend a network bandwidth and a billing policy for the user based on the analysis result.

The traffic of the virtual desktops may include a unique number.

According to one aspect, a method of operating a host server includes, in response to a user's connection over the Internet, a single root input / output virtualization of any of a plurality of single root input / output virtualization network cards to a virtual desktop to which the user will connect Assigning a virtual function of the network card; Collecting traffic generated by the user through the agent of the virtual desktop; Determining whether the user is a target of a preset policy; And controlling the allocation of the traffic by applying the policy based on the determination result.

The collecting of the traffic may include measuring the amount of all traffic generated by the users assigned the virtual function through the plurality of single root input / output virtualization network cards.

The step of determining whether the user is a target of a preset policy may include determining whether the user is a target of applying a preset QoS policy or a security policy based on the information of the user.

The step of controlling the traffic allocation may include analyzing the traffic generated by the user if the user is determined to be a target of a preset policy. Transmitting traffic generated by the user to a virtual switch based on whether the traffic satisfies the predetermined policy as a result of the analysis; And allocating traffic sent to the virtual switch for each of the plurality of single root input / output virtualization network cards based on the measured amount of all traffic.

The operation method of the host server may further include the step of excluding transmission of the traffic if the traffic does not satisfy the policy.

Analyzing the traffic comprises: analyzing the traffic based on a signature analysis method; And recommending network bandwidth and billing policies for the users based on the analysis results.

The step of controlling the traffic allocation may include allocating the traffic generated by the user for each of the plurality of single route input / output virtualization network cards when it is determined that the user is not the application target of the preset policy .

The method comprising: receiving a requested policy from the users; And updating and modifying the policy for the users by reflecting the requested policy.

According to one embodiment, by mounting a plurality of single root input / output virtualization (SR-IOV) network cards in one server, one server can support one single root input / output virtualization (SR-IOV) network card Performance network I / O to a much larger number of users.

According to one embodiment, load balancing allows multiple, single-route input / output virtualization (SR-IOV) network cards (SR-IOV) Cards can be used.

According to one embodiment, statistical data of services that a user uses through a virtual desktop can be acquired by collecting and analyzing traffic through an agent installed in a user's virtual desktop.

In addition, according to one embodiment, based on statistical data of services used by a user through a virtual desktop, a QoS policy and a security policy desired by a user are established for each individual, thereby providing an optimized virtual desktop service to a user have.

1 is a block diagram of a host server providing a service for a virtual desktop according to an exemplary embodiment;
2 is a configuration diagram of a virtual switch and a policy module according to an embodiment;
3 is a flowchart illustrating an operation method of a host server according to an embodiment.
4 is a flow diagram illustrating a method for controlling traffic allocation in accordance with one embodiment.
5 is a flowchart illustrating an operation method of a host server according to another embodiment;

In the following, embodiments will be described in detail with reference to the accompanying drawings. Like reference symbols in the drawings denote like elements.

Various modifications may be made to the embodiments described below. It is to be understood that the embodiments described below are not intended to limit the embodiments, but include all modifications, equivalents, and alternatives to them.

The terms used in the examples are used only to illustrate specific embodiments and are not intended to limit the embodiments. The singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, the terms "comprises" or "having" and the like refer to the presence of stated features, integers, steps, operations, elements, components, or combinations thereof, But do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or combinations thereof.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this embodiment belongs. Terms such as those defined in commonly used dictionaries are to be interpreted as having a meaning consistent with the contextual meaning of the related art and are to be interpreted as either ideal or overly formal in the sense of the present application Do not.

In the following description of the present invention with reference to the accompanying drawings, the same components are denoted by the same reference numerals regardless of the reference numerals, and redundant explanations thereof will be omitted. In the following description of the embodiments, a detailed description of related arts will be omitted if it is determined that the gist of the embodiments may be unnecessarily blurred.

1 is a block diagram of a host server providing a service for a virtual desktop according to an embodiment. Referring to FIG. 1, a host server 100 according to an embodiment includes a plurality of single root I / O virtualization (SR-IOV) network cards 110, a hypervisor 120, a load balancing module 130, a management module 140, a virtual switch 150, a policy module 160 and virtual Desktops 170).

Single Root I / O Virtualization (SR-IOV) is a technique that allows the hardware (eg, pNIC) installed in a PCIe lane of a physical server to be physically (PCI-Passthrough) or virtual (SR-IOV) . A plurality of single root input / output virtualization (SR-IOV) network cards 110 may be understood as network cards providing such functionality. A plurality of single root input / output virtualization (SR-IOV) network cards 110 may provide single root input / output virtualization (SR-IOV) functionality based on PCI Express.

The hypervisor 120 can drive the plurality of virtual desktops 170 through the management module 140. [ In addition, the hypervisor 120 may perform scheduling to process I / Os accessing software-modeled virtual hardware resources. Generally, in a virtualization environment, since a plurality of users share one physical device, the role of the hypervisor 120 is important. However, when all of the I / Os occurring in the virtual desktops 170 pass through the hypervisor 120, if the hypervisor 120 is under load, the virtual desktop service can not be supported smoothly. To address this problem, single root input / output virtualization (SR-IOV) has been standardized. In one embodiment, single root input / output virtualization (SR-IOV) bypasses the hypervisor 120, thereby maximizing the performance of the virtual machine.

The load balancing module 130 is configured to determine the amount of traffic of the user (s) 50 collected by the user (s) 50 based on the amount of traffic of the user (s) Traffic can be allocated.

The load adjustment module 130 may be configured to distribute all the traffic volume generated by the user (s) 50 assigned the Virtual Function through the plurality of single root input / output virtualization network cards 110 to the virtual desktops 170 from the agents 175. [ The load adjustment module 130 may adjust the traffic of the user (s) 50 assigned to the plurality of single root input / output virtualization network cards 110 based on the amount of all traffic.

The host server may, for example, assign a plurality of single root input / output virtualization network cards 110 a first single root input / output virtualization network card to a first user connected to the virtual desktop. At this time, if the traffic (amount) of the first user is not satisfied by the virtual function of the first single-route input / output virtualization network card, the load adjustment module 130 may transmit the traffic of the first user to the second or third single You can adjust the load to be assigned to the virtual function of the root input / output virtualization network card.

The management module 140 may manage the virtual desktops 170. At this time, each of the virtual desktops may include an agent 175 that collects traffic of the user (s)

The virtual switch 150 may collect traffic generated in the virtual desktops 170. The virtual switch 150 may receive the policy determined based on the collected traffic and apply it to the virtual desktops 170. At this time, the traffic collected in the virtual switch 150 and used in each virtual desktop 170 may have a unique numbering.

The policy module 160 analyzes the traffic (of the virtual desktops 170) collected at the virtual switch 150 and provides a policy for providing the optimized service to the user (s) 50 You can decide. The traffic of the virtual desktops 170 may include a unique number.

The policy module 160 may analyze the collected traffic and notify information about the services used by the user (s) 50 based on the analysis results.

The policy module 160 may update and modify the policy by reflecting the requested policy from the user (s) The policy module 160 is a module that requires the intervention of the administrator 70 because the QoS policy and the security policy required by the user (s) 50 may be different and the charging policy may be different. To apply the policy. Here, the manager 70 may be understood to mean an administrator's computer or a management server.

The configuration and operation of the virtual switch 150 and the policy module 160 will be described with reference to FIG.

The host server 100 according to one embodiment may mount a plurality of single root input / output virtualization network cards 110 and may drive a plurality of virtual desktops 170 via the hypervisor 120. The user (s) 50 may access the host server 100 providing services for the virtual desktops 170 via the network 10, such as the Internet.

If a single root I / O virtualization network card supports multiple users, users who are not assigned virtual functions via a single root I / O virtualization network card will experience slower I / O experience. The host server 10 according to one embodiment assigns virtual functions to all users () 50 that connect to the host server via a plurality of single root input / output virtualization network cards 110, (S) 50 to utilize the virtual desktop service without a delay in speed.

In addition, the host server 100 according to an exemplary embodiment measures the amount of all traffic used by the user (s) 50 connected through the agents 175 of the virtual desktops 170, You can control the load so that the input / output virtualization network card does not load.

In one embodiment, the Virtual Desktop Infrastructure (VDI) network protocol is processed in hardware (e.g., a single root input / output virtualization network card) to reduce the CPU processing load on the virtualization server, Thereby improving the overall processing performance. In addition, offloading technologies that can reduce service latency and load balancing techniques that can evenly distribute network loads across multiple single-route input / So that more user (s) 50 can use the virtual desktop without degradation.

In one embodiment, rather than simply providing a high rate of I / O to multiple users (s) 50 through a plurality of single root input / output virtualization (SR-IOV) network cards 110, (S) 50 by analyzing the traffic collected through the agents of this virtual desktop.

Network virtualization is an environment in which multiple users have to share a network with limited resources according to the specification of a network card. In this environment, proper QoS policy is required for users to use the network fairly and efficiently, and various information must be monitored in order to use the QoS policy.

The most basic of monitoring is to analyze traffic. In one embodiment, a method of analyzing traffic includes, for example, a header-based analysis method for analyzing traffic using IP address and PORT information, a method for analyzing traffic using a payload of traffic A load analysis method, and finally, a statistics-based analysis method for analyzing traffic using the distance between packets and the position of an offset.

The policy module 160 analyzes the traffic generated by the user by applying various analysis methods, so that the manager 70 can establish an efficient QoS policy and a security policy. In addition, the administrator 70 can apply the QoS policy and the security policy desired by the user to the virtual desktop differently through the policy module 160. [ This allows the user 50 to be provided with an optimized virtual desktop environment.

2 is a configuration diagram of a virtual switch and a policy module according to an embodiment. Referring to FIG. 2, the structure of the virtual switch 150 and the policy module 160 is shown.

The virtual switch 150 may include a traffic collection module 210 and a policy application module 220. The traffic collection module 210 may collect the traffic generated in the virtual desktops from the agents of the virtual desktops and provide the collected traffic to the policy module 160. The policy application module 220 may apply the policy determined in the policy module 160 to the virtual desktops.

The policy module 160 may include an analysis module 230, a QoS module 240, and a security module 250. The analysis module 230 may analyze the traffic collected through the virtual switch 150 and report the analysis results to the manager.

The QoS module 240 may determine a QoS policy for each user based on the analysis result of the analysis module 230 and the demands of the users. The QoS module 240 may analyze the collected traffic based on, for example, the signature analysis method, and recommend a network bandwidth and billing policy for the user based on the analysis results.

The security module 250 can set a security policy for each user based on the analysis result of the analysis module 230 and the requests of the users.

The technology on which the policy is set up in the policy module 160 is traffic analysis technology. Traffic analysis techniques use signature-based analysis methods, and there may be various signature-based analysis methods as described above. The policy module 160 can analyze most of the traffic used by the user through this signature-based analysis method. For example, the policy module 160 notifies the user of the most used service once a month, for example, You can give.

For example, if the user 1 is a light user who mainly uses the office program and the Internet web surfing, the policy module 160 can recommend a charging policy corresponding thereto. Also, if the user 2 is much more likely to use torrent as well as office and web surfing, the policy module 160 determines that the user 2 has enough network bandwidth to use the torrent And can recommend the appropriate charging policy.

The policy module 160 can configure a virtual desktop optimized for a user by recognizing which program a user is using frequently for a predetermined period of time. In the case of a security-sensitive user, the policy module 160 may distinguish abnormal traffic such as malicious traffic or virus through traffic analysis to enhance security once more.

3 is a flowchart illustrating an operation method of a host server according to an exemplary embodiment of the present invention. Referring to FIG. 3, a host server according to one embodiment receives 310 a user's connection over the Internet and, in response, receives a plurality of single root I / O virtualization network cards The virtual function of any one single root input / output virtualization network card can be allocated (320).

The host server can collect traffic generated by the user through the agent of the virtual desktop (330). At this time, the host server can measure the amount of all traffic generated by users assigned virtual functions via a plurality of single root input / output virtualization network cards.

The host server may determine whether the user is a target for applying a preset policy (340). The host server can determine whether the user is a target for applying a preset QoS policy or a security policy based on the user's information such as the ID and port of the user, for example.

If it is determined in step 340 that the user is not the target of applying the policy, the host server may control the allocation of traffic without applying the policy (360). The host server can directly allocate traffic generated by the user by applying a plurality of single route input / output virtualization network cards without applying the policy.

If it is determined in step 340 that the user is a target of applying the policy, the host server may control the allocation of traffic by applying a preset policy (350). A method by which the host server controls the allocation of traffic will be described with reference to FIG.

4 is a flow diagram illustrating a method for controlling traffic allocation in accordance with one embodiment. Referring to FIG. 4, in operation 340, the host server may analyze the traffic generated by the user when it is determined that the user is a target of the preset policy (410). The host server may analyze the traffic based on, for example, the signature analysis method. The host server may also recommend network bandwidth and billing policies for users based on the results of the traffic analysis.

As a result of the analysis in step 410, the host server may determine whether the traffic satisfies a preset policy (420). If the traffic does not satisfy the policy at step 420, the host server may not transmit traffic, i.e., not transmit traffic at step 450. According to an embodiment, the host server may receive the requested policy from the users and may update and modify the policy for the user by reflecting the requested policy.

If the traffic satisfies the predetermined policy at step 420, the host server may transmit the traffic generated by the user to the virtual switch (430).

The host server may allocate 440 the traffic sent to the virtual switch for each of a plurality of single root input / output virtualization network cards based on the amount of all traffic measured in step 330 previously.

5 is a flowchart illustrating a method of operating a host server according to another embodiment of the present invention. Referring to FIG. 5, the operation of the host server when a user accesses a host server providing a service for a virtual desktop according to an embodiment is shown.

A user may access the host server with his or her virtual desktop via the Internet (510).

The host server assigns the virtual function of the single root input / output virtualization network card to be used by the virtual desktop to the virtual desktop to which the user will connect (520). In operation 520, a user who has been allocated a virtual function can access various services using his / her virtual desktop in operation 530.

The host server may collect (540) all (network) traffic generated by the user through the virtual desktop agent. At this time, the host server can also measure traffic usage.

The host server may collect the traffic used by the user, for example, through the traffic collection module of the virtual switch (550).

The host server may determine whether the user is a target of applying the QoS policy or the security policy before analyzing the collected traffic (560). As a result of the determination in step 560, if the user is not a target to which the policy is applied, the host server can directly transmit the traffic to the load control module.

If it is determined in step 560 that the user is a target of applying the policy, the host server may apply the policy after checking QoS policy or security policy requested by the user through traffic analysis (step 570).

In step 570, the host server may send traffic generated by the user to the traffic analysis module to analyze the traffic. As a result of the analysis, if the traffic generated by the user is traffic that is in violation of the policy, the host server can exclude the traffic from the transmission to the virtual switch and transmit only the traffic that is not infringed to the virtual switch.

Based on the amount of traffic the user has used, the host server may allocate traffic 580 so that the load can be distributed to a single root input / output virtualization network card. The traffic sent to the virtual switch can be sent to the load balancing module. In this case, the load balancing module can perform balancing so that traffic can be evenly distributed among the network cards through the traffic monitoring in order to prevent the traffic concentration to one single root input / output virtual network card.

The apparatus described above may be implemented as a hardware component, a software component, and / or a combination of hardware components and software components. For example, the apparatus and components described in the embodiments may be implemented within a computer system, such as, for example, a processor, controller, arithmetic logic unit (ALU), digital signal processor, microcomputer, field programmable array (FPA) A programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. The processing device may also access, store, manipulate, process, and generate data in response to execution of the software. For ease of understanding, the processing apparatus may be described as being used singly, but those skilled in the art will recognize that the processing apparatus may have a plurality of processing elements and / As shown in FIG. For example, the processing apparatus may comprise a plurality of processors or one processor and one controller. Other processing configurations are also possible, such as a parallel processor.

The software may include a computer program, code, instructions, or a combination of one or more of the foregoing, and may be configured to configure the processing device to operate as desired or to process it collectively or collectively Device can be commanded. The software and / or data may be in the form of any type of machine, component, physical device, virtual equipment, computer storage media, or device , Or may be permanently or temporarily embodied in a transmitted signal wave. The software may be distributed over a networked computer system and stored or executed in a distributed manner. The software and data may be stored on one or more computer readable recording media.

The method according to an embodiment may be implemented in the form of a program command that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions to be recorded on the medium may be those specially designed and configured for the embodiments or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Magneto-optical media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments. For example, it is to be understood that the techniques described may be performed in a different order than the described methods, and / or that components of the described systems, structures, devices, circuits, Lt; / RTI > or equivalents, even if it is replaced or replaced.

Therefore, other implementations, other embodiments, and equivalents to the claims are also within the scope of the following claims.

Claims (20)

A plurality of single root I / O virtualization (SR-IOV) network cards;
A management module for managing virtual desktops including agents collecting traffic of users; And
A load balancing module for allocating traffic of the users for each of the plurality of single root input / output virtualization network cards based on the amount of traffic of the collected users;
And a host server. The method according to claim 1,
The load adjustment module
Receiving all amount of traffic generated by users assigned virtual functions via the plurality of single root input / output virtualization network cards, and based on the total amount of traffic, generating a plurality of single root input / And adjusts traffic of the users assigned to the network cards. 3. The method of claim 2,
The load adjustment module
And receives from the agents of the virtual desktops an amount of all traffic generated by the users. The method according to claim 1,
A virtual switch for collecting traffic generated in the virtual desktops, receiving a policy determined based on the collected traffic, and applying the policy to the virtual desktops
Further comprising: 5. The method of claim 4,
A policy module for analyzing the collected traffic and determining a policy for providing a service for the users based on the analysis result,
Further comprising: 6. The method of claim 5,
The virtual switch
A traffic collection module for collecting traffic generated from the virtual desktops by the virtual desktops and providing the collected traffic to the policy module; And
A policy application module for applying the policy determined in the policy module to the virtual desktops
And a host server. 6. The method of claim 5,
The policy module
Analyzes the collected traffic, and notifies information on services used by the users based on the analysis result. 6. The method of claim 5,
The policy module
And updates and modifies the policy by reflecting the policy requested from the users. 6. The method of claim 5,
The policy module
An analysis module for analyzing the collected traffic and reporting the analysis result to an administrator;
A QoS module for determining a QoS policy for each of the users based on the analysis result and the request of the users; And
A security module for setting a security policy for each user based on the analysis result and the request of the users,
The host server comprising: 10. The method of claim 9,
The QoS module
Analyzing the collected traffic based on a signature analysis method, and recommending a network bandwidth and a billing policy for a user based on the analysis result. The method according to claim 1,
Wherein the traffic of the virtual desktops comprises a unique number. Assigning a virtual function of a single root input / output virtualization network card of any one of a plurality of single root input / output virtualization network cards to a virtual desktop to which the user will connect, in response to a user's connection over the Internet;
Collecting traffic generated by the user through the agent of the virtual desktop;
Determining whether the user is a target of a preset policy; And
And controlling the allocation of the traffic by applying the policy based on the determination result
Lt; / RTI > 13. The method of claim 12,
The step of collecting the traffic
Measuring the amount of all traffic generated by users assigned the virtual function through the plurality of single route input / output virtualization network cards
Lt; / RTI > 13. The method of claim 12,
Wherein the step of determining whether the user is an application target of a preset policy
Determining whether the user is a target for applying a preset QoS policy or a security policy based on the information of the user
Lt; / RTI > 14. The method of claim 13,
The step of controlling the allocation of the traffic
Analyzing the traffic generated by the user if the user is determined to be a target of the preset policy;
Transmitting traffic generated by the user to a virtual switch based on whether the traffic satisfies the predetermined policy as a result of the analysis; And
Allocating traffic sent to the virtual switch for each of the plurality of single root input / output virtualization network cards based on the measured total amount of traffic
Lt; / RTI > 16. The method of claim 15,
If the traffic does not satisfy the policy, excluding transmission of the traffic
Lt; RTI ID = 0.0 > 1, < / RTI > 16. The method of claim 15,
The step of analyzing the traffic
Analyzing the traffic based on a signature analysis method; And
Based on the analysis result, recommending a network bandwidth and a billing policy for the users
Lt; / RTI > 13. The method of claim 12,
The step of controlling the allocation of the traffic
And allocating traffic generated by the user for each of the plurality of single route input / output virtualization network cards when it is determined that the user is not the application target of the preset policy
Lt; / RTI > 13. The method of claim 12,
Receiving a requested policy from the user; And
Updating and modifying the policy for the user by reflecting the requested policy
Lt; RTI ID = 0.0 > 1, < / RTI > A computer-readable recording medium having recorded thereon a program for executing the method according to any one of claims 12 to 19.
KR1020160024305A 2016-02-29 2016-02-29 Host server providing service for virtual desktop based on plurality of single root i/o virtualization(sr-iov) network card and operating method thereof KR20170101584A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160024305A KR20170101584A (en) 2016-02-29 2016-02-29 Host server providing service for virtual desktop based on plurality of single root i/o virtualization(sr-iov) network card and operating method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160024305A KR20170101584A (en) 2016-02-29 2016-02-29 Host server providing service for virtual desktop based on plurality of single root i/o virtualization(sr-iov) network card and operating method thereof

Publications (1)

Publication Number Publication Date
KR20170101584A true KR20170101584A (en) 2017-09-06

Family

ID=59925259

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160024305A KR20170101584A (en) 2016-02-29 2016-02-29 Host server providing service for virtual desktop based on plurality of single root i/o virtualization(sr-iov) network card and operating method thereof

Country Status (1)

Country Link
KR (1) KR20170101584A (en)

Similar Documents

Publication Publication Date Title
US10848397B1 (en) System and method for enforcing compliance with subscription requirements for cyber-attack detection service
US10318467B2 (en) Preventing input/output (I/O) traffic overloading of an interconnect channel in a distributed data storage system
US11178254B2 (en) Chaining virtual network function services via remote memory sharing
US8276139B2 (en) Provisioning virtual machine placement
US7721292B2 (en) System for adjusting resource allocation to a logical partition based on rate of page swaps and utilization by changing a boot configuration file
US8863138B2 (en) Application service performance in cloud computing
US9678785B1 (en) Virtual machine resource allocation based on user feedback
US20170046205A1 (en) Controlling virtual machine density and placement distribution in a converged infrastructure resource pool
EP3070633B1 (en) Network interface devices with remote storage control
EP3206125A1 (en) Resource management method, host, and endpoint
US20110302287A1 (en) Quality of service control
US9111046B2 (en) Implementing capacity and user-based resource allocation for a shared adapter in a virtualized system
KR102433765B1 (en) Apparatus and method for managing computing resources in network function virtualization system
US10171349B2 (en) Packet forwarding for quality of service delivery
US10681154B2 (en) Gateway device allowing multiple infrastructural services to access multiple IoT devices
KR102020049B1 (en) Switch and method for supporting QOS of Multi-Tenant Cloud Service and System having the same switch
KR102020046B1 (en) Apparatus and Method for managing flow in server virtualization environment, Method for applying QoS
US10277503B2 (en) Cross-domain service request placement in a software defined environment (SDE)
Wu et al. iShare: Balancing I/O performance isolation and disk I/O efficiency in virtualized environments
KR20170101584A (en) Host server providing service for virtual desktop based on plurality of single root i/o virtualization(sr-iov) network card and operating method thereof
US10630554B1 (en) Input/output (I/O) performance of hosts through bi-directional bandwidth feedback optimization
JP2022087808A (en) Method, system and computer program of notifying endpoint of storage area network congestion
US20240028375A1 (en) Control plane lifecycle management with dpu devices
KR102145183B1 (en) Device and Method for Data Transmission and QoS Guarantee of Virtual Machines in Multicore-based Network Interface Card
Ousterhout Achieving high CPU efficiency and low tail latency in datacenters