CN101908967B - Configuration method and system of Linux virtual server - Google Patents
Configuration method and system of Linux virtual server Download PDFInfo
- Publication number
- CN101908967B CN101908967B CN200910086114.1A CN200910086114A CN101908967B CN 101908967 B CN101908967 B CN 101908967B CN 200910086114 A CN200910086114 A CN 200910086114A CN 101908967 B CN101908967 B CN 101908967B
- Authority
- CN
- China
- Prior art keywords
- configuration
- authentication
- server
- direct
- virtual server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention relates to configuration method and system of a Linux virtual server, wherein the configuration system of the Linux virtual server comprises an LVS (Linux Virtual Server), a user interface module, an AAA (Authentication Authorization Accounting) client and an instruction translating module, wherein the user interface module is used for transmitting received configuration instruction information to the AAA client and then transmitting successfully authorized configuration instruction information to the instruction translation module when receiving an authorization result returned by the AAA client, wherein the authorization result represents that the configuration instruction information is successfully authorized; the AAA client is used for transmitting the configuration instruction information to an AAA server and then transmitting the authorization result returned by the AAA server to the user interface module; and the instruction translating module is used for translating a successfully authorized configuration instruction into an operation instruction supported by the LVS and executing or notifying the LVS to execute configuration operation corresponding to the operation instruction. The invention improves the convenience for users to maintain network systems containing the LVS.
Description
Technical field
The present invention relates to computer networking technology, particularly relate to a kind of Linux virtual server collocation method and system.
Background technology
Linux virtual server (Linux Virtual Server, abbreviation LVS) Clustering is a kind of load balance scheduling solution based on IP layer and content-based request distribution, one group of physical server can be formed to a virtual server cluster system with good scalability (Scalability), reliability (Reliability) and manageability (Manageability).LVS group system is transparent from architecture, and end user only feels a virtual server.Local area network (LAN) (local area network is called for short LAN) that can be by a high speed between physical server or the wide area network (Wide Area Network is called for short WAN) that is distributed in various places are connected; Being placed in LVS group system is load dispatch device foremost, and it is responsible for various service requests to be distributed to physical server below, allows whole cluster show as a virtual server of serving same IP address.
LVS can realize the function of the load balancing network equipment, but there is larger difference in the configuring management method of LVS and the general configuration method of the network equipment, the general configuration method of employing conventional network equipment cannot be realized the configuration management of LVS, for example: LVS revises self configuration by the mode of revised file, every modification is all based on one or more configuration files, therefore cannot carry out subscriber authorisation for individual event configuration; While increasing a LVS in LVS system, need on newly-increased LVS, add existing all user profile.And the network equipment is revised configuration information by order line conventionally, can carry out subscriber authorisation to individual event configuration, the newly-increased network equipment is without increasing user profile etc.
Known by above-mentioned analysis, in prior art there is larger difference in the collocation method of LVS and the general configuration method of the network equipment, for network operation work has brought inconvenience.
Summary of the invention
The invention provides a kind of collocation method and system of Linux virtual server, in order to improve user, safeguard the convenience of the network system that includes Linux virtual server.
The invention provides a kind of Linux virtual server configuration-system, comprise Linux virtual server, also comprise: Subscriber Interface Module SIM, authentication and authorization charging client and instruction translation module;
Described Subscriber Interface Module SIM is for sending to described authentication and authorization charging client by the configuration-direct information of reception; When receiving Authorization result that described authentication and authorization charging client returns and represent described configuration-direct information mandate success, to described instruction translation module, sends the successfully configuration-direct information of mandate;
Described authentication and authorization charging client sends to authentication and authorization charging server for the described configuration-direct information that described Subscriber Interface Module SIM is sent, and for described authentication and authorization charging server, described configuration-direct information is carried out to authorisation process; The Authorization result that described authentication and authorization charging server is returned sends to described Subscriber Interface Module SIM;
The configuration-direct that described instruction translation module is authorized for the described success that described Subscriber Interface Module SIM is sent is translated into the operational order that described Linux virtual server is supported, and carries out or notify described Linux virtual server to carry out and the corresponding configuration operation of described operational order.
The present invention also provides a kind of Linux virtual server collocation method, comprising:
Receive configuration-direct information;
The configuration-direct information of described reception is sent to authentication and authorization charging server, for described authentication and authorization charging server, described configuration-direct information is carried out to authorisation process;
The configuration-direct that success is authorized is translated into the operational order that Linux virtual server is supported, and described Linux virtual server is carried out and the corresponding configuration operation of described operational order.
The present invention can bring the configuration management of Linux virtual server in the management system of standard network device into, adopt the general configuration method of similar standard network device to be managed for configuration Linux virtual server, thereby improved user, as network management personnel includes the property easy to maintenance of the network system of Linux virtual server, and improved internet security.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
The LVS configuration-system structure chart that Fig. 1 provides for first embodiment of the invention;
The LVS collocation method flow chart that Fig. 2 provides for second embodiment of the invention;
The LVS collocation method Signalling exchange figure that Fig. 3 provides for third embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
The LVS configuration-system structure chart that Fig. 1 provides for first embodiment of the invention.As shown in Figure 1, the present embodiment LVS configuration-system comprises: LVS11, Subscriber Interface Module SIM 12, authentication and authorization charging (Authentication Authorization Accounting is called for short AAA) client (being AAA client 13) and instruction translation module 14; Subscriber Interface Module SIM 12 is connected with instruction translation module 14 with AAA client 13 respectively, and instruction translation module 14 is connected with LVS11.
LVS11 adopts IP load-balancing technique and content-based request distribution technology to realize load balancing.It should be noted that, in the present invention, the concrete structure of LVS is unrestricted, as: LVS11 can comprise load dispatch device (load balancer), server pools (server pool) and share storage (shared storage) district.Load dispatch device is the front-end processor of whole cluster to outside, is responsible for user's request to send on one group of physical server and carry out, and user thinks that service is from an IP address (can be referred to as virtual ip address).Server pools is one group of physical server of really carrying out user's request.Shared memory provides a shared memory block for server pools, thereby makes server pools have identical content, and identical service can be provided.In LVS, load dispatch device is balancedly transferred to user request on different physical servers and is carried out, and automatic shield falls the fault of server, thereby one group of physical server is formed to high performance, a high available virtual server.The structure of whole LVS is transparent for user.
Subscriber Interface Module SIM 12 is for sending to AAA client 13 by the configuration-direct information of reception; When receiving Authorization result that AAA client 13 returns and represent configuration-direct information mandate (Authorization) success, to instruction translation module 14, sends the successfully configuration-direct information of mandate.
On the basis of technique scheme, in order further to introduce user authentication mechanism at LVS configuration-system, also can expand the function of Subscriber Interface Module SIM 12 and AAA client 13:
Subscriber Interface Module SIM 12 is also for sending to AAA client 13 by the subscriber identity information of reception; When the Authorization result receiving represents subscriber identity information authentication (Authentication) success, the configuration-direct information to 13 transmissions of AAA client with the corresponding user's transmission of subscriber identity information of success identity.
Analysis by technique scheme is visible, and Subscriber Interface Module SIM 12 provides the interface mutual with LVS configuration-system for user, and user can input for configuring the configuration-direct of LVS by Subscriber Interface Module SIM 12; Further, Subscriber Interface Module SIM 12 also can be used as the entrance that user is carried out to authentication processing, mandate and charging, and Subscriber Interface Module SIM 12 only has the configuration-direct information that the corresponding user of the subscriber identity information of success identity is inputted to carry out subsequent treatment; And configuration-direct mandate success, the configuration-direct that Subscriber Interface Module SIM 12 just can be authorized success sends to instruction translation module 14, makes it to carry out instruction translation and carries out corresponding configuration operation.
In order realizing, user's login of LVS to be controlled, and/or the configuration-direct of user's input to be carried out to fine granularity and authorize, LVS can be brought in network equipment user unified management system.The present embodiment by setting up AAA client in LVS configuration-system, make the LVS configuration-system can be mutual with aaa server by AAA client, to complete the processing such as mandate to the configuration-direct information of the authentication processing of user's identity information and/or user's input.
In technique scheme, instruction translation module 14 can further comprise: memory cell 141 and translation unit 142 and dispensing unit 143.
Dispensing unit 143 can be used for LVS11 to carry out and the corresponding configuration operation of upper operational order, or dispensing unit 143 can be used for operational order to send to LVS11, for LVS11, carries out and the corresponding configuration operation of aforesaid operations instruction.
The present embodiment by providing the user interface of similar network equipment in LVS configuration-system by introducing Subscriber Interface Module SIM, by introducing AAA client, provide aaa protocol support for authenticating user identification and/or configuration-direct authorisation process, and instruction translation module is carried out corresponding configuration operation according to the configuration-direct of success mandate to LVS or notice LVS carries out corresponding configuration operation by introducing, therefore, the present embodiment can be brought the configuration management of LVS in the management system of standard network device into, adopt the general configuration method of similar standard network device to be managed for configuration LVS, thereby improved user, as network management personnel includes the property easy to maintenance of the network system of LVS, and improved internet security.
The LVS collocation method flow chart that Fig. 2 provides for second embodiment of the invention.As shown in Figure 2, the present embodiment LVS collocation method comprises:
The subject of implementation of the present embodiment can be the configuration-system for LVS is managed for configuration, its main purpose is that existing LVS " encapsulation " is become to standard network device, make LVS after " encapsulation " there is the interface with user interactions, support aaa protocol, and provide the interpretative function between the operational order that configuration-direct that user inputs and LVS support, thereby improved user, as network management personnel includes the property easy to maintenance of the network system of LVS, and improved internet security.
Illustrate: the demons of supposing to be integrated with in LVS user's state, as: Keepalived program, this program is for improving the robustness of LVS, provide the health examination of each physical server in the server pools that LVS comprises, and the load balance scheduler comprising for LVS provides and combats a natural disaster fault tolerance etc.The configuration information of Keepalived program is kept in configuration file, as: the configuration information of Keepalived program is kept in configuration file "/etc/keepalived/keepalived.conf ", the configuration information that configuration file is preserved can comprise: the time interval information of health examination, the required parameter of VRRP priority supervisor self-operating, the LVS parameters such as address that also can comprise in addition, physical server in LVS corresponding to Virtual Service address, Virtual Service.
Inventor finds in realizing process of the present invention, the configuring management method that prior art is integrated with the LVS of Keepalived program comprises that user logins LVS, operation Keepalived program, use editing machine to revise configuration file "/etc/keepalived/keepalived.conf ", preserve afterwards amended configuration file and indicate keepalived program to reload amended configuration file.As can be seen here, prior art is the manual modification carrying out based on configuration file for the modification of LVS configuration parameter, cannot authorize individual event configuration, also cannot realize the retouching operation based on user's configuration-direct, there is larger difference with the general configuration method of the existing standard network equipment, give user, as network management personnel carries out network operation, bring larger inconvenience.Due to the method configuration LVS providing based on the present embodiment, the configuration management of LVS can be brought in the management system of standard network device, adopt the general configuration method of similar standard network device to be managed for configuration LVS, thereby can realize individual event configuration is authorized; While increasing LVS newly in network system, on newly-increased LVS also without increasing user profile, but can realize user by the user profile on aaa server, operate, thereby improved the convenience of the network capacity extension, below with reference to Fig. 3, to being integrated with the collocation method of the LVS of Keepalived program, be elaborated.
The LVS collocation method Signalling exchange figure that Fig. 3 provides for third embodiment of the invention.The present embodiment LVS configuration-system can be shown in Figure 1 system.As shown in Figure 3, the present embodiment LVS collocation method comprises:
Step 31, client send login (Login) request to Subscriber Interface Module SIM, in this logging request, carry subscriber identity information.
User can use client, as followed the client of safety shell protocol (ssh) or TCP/IP terminal emulation protocol (telnet) on communication mode, be connected to the configuration-system to LVS, Subscriber Interface Module SIM to LVS configuration-system sends logging request, in this logging request, carry subscriber identity information, this subscriber identity information can comprise username and password etc.
Step 32, Subscriber Interface Module SIM send logging request to AAA client, in this logging request, carry subscriber identity information.
Subscriber Interface Module SIM is after receiving the logging request of client transmission, obtain the subscriber identity information in this logging request, subscriber identity information is carried in logging request and sends to AAA client, for asking AAA client to carry out authentication processing to the subscriber identity information of this logging request.
Step 33, AAA client send authentication (Authentication) request to aaa server, and this authentication request comprises subscriber identity information.
AAA client is resolved the logging request receiving, obtain the subscriber identity information carrying in this logging request, and the subscriber identity information of acquisition is packaged into and follows the authentication request that AAA realizes agreement, as follow terminal access controller access control system (Terminal Access ControllerAccess-Control System Plus, abbreviation TACACS+) authentication request of agreement, authentication request is sent to aaa server, for the subscriber identity information of asking aaa server to comprise this authentication request, carry out authentication processing.
The subscriber identity information that step 34, aaa server comprise authentication request carries out authentication processing, and authentication result is sent to AAA client.
Pre-stored on aaa server have validated user information.When aaa server receives the authentication request of AAA client transmission, user identity authentication request being comprised according to pre-stored validated user identity information carries out authentication processing, as username and password is carried out to validity authentication, and authentication result is packaged into and follows the packet that AAA realizes agreement, as the Packet Generation of following TACACS+ agreement is to AAA client.When if authentication result shows this subscriber identity information authentication success, the authentication result that aaa server sends to AAA client can comprise: the announcement information logining successfully, or the authority information that has of user etc.When if authentication result shows this subscriber identity information authentification failure, the authentication result that aaa server sends to AAA client can comprise: the announcement information of login failure etc.
The authentication result that step 35, AAA client aaa server send, and will receive authentication result and send to Subscriber Interface Module SIM; This authentication result is carried in login return messages and sends to Subscriber Interface Module SIM.
AAA client sends aaa server follows the packet that AAA realizes agreement and resolves, and obtains the authentication result that this packet comprises, and authentication result is sent to Subscriber Interface Module SIM.
Step 36, Subscriber Interface Module SIM send and the corresponding information of authentication result to client, and the corresponding information of this authentication result is carried in login return messages and sends to client.
When if authentication result shows subscriber identity information authentification failure, the information that Subscriber Interface Module SIM sends to client can be " login failure "; Under this situation, Subscriber Interface Module SIM refusal provides service to this user, process ends.
When if authentication result shows subscriber identity information authentication success, the information that Subscriber Interface Module SIM sends to client can be " logining successfully "; Under this situation, Subscriber Interface Module SIM is waited for the configuration-direct information of user based on client input, performs step 37.
Step 37, client send instruction (Command) to Subscriber Interface Module SIM and carry out request, and this instruction is carried out request and comprised that user wishes the configuration-direct information of carrying out.
User can wish self that the configuration-direct Information encapsulation of carrying out is in instruction execution request, and this instruction execution request is sent to Subscriber Interface Module SIM by client.
Step 38, Subscriber Interface Module SIM send authorization by instruction request to AAA client, and in this authorization by instruction request, user wishes the configuration-direct information of carrying out.
Subscriber Interface Module SIM is carried out after request in the instruction that receives client transmission, obtain this instruction and carry out the configuration-direct information in request, configuration-direct information is carried in authorization by instruction request and sends to AAA client, for asking AAA client to carry out authorisation process to the configuration-direct information of this authorization by instruction request.
Step 39, AAA client send authorization by instruction (Authorization) request to aaa server, and this authorization by instruction request comprises that user wishes the configuration-direct information of carrying out.
AAA client is resolved the authorization by instruction request receiving, obtain the configuration-direct information of carrying in this authorization by instruction request, and the configuration-direct Information encapsulation of acquisition is become to follow the authorization by instruction request that AAA realizes agreement, as follow the authorization by instruction request of TACACS+ agreement, authorization by instruction request is sent to aaa server, for the configuration-direct information of asking aaa server to comprise this authorization by instruction request, carry out authorisation process.
Step 310, the aaa server configuration-direct information that request comprises to authorization by instruction is carried out authorisation process, and Authorization result is sent to AAA client; This Authorization result is carried in and in authorization by instruction return messages, sends to AAA client.
The pre-stored valid instruction information that has Keepalived program to support on aaa server.When aaa server receives the authorization by instruction request of AAA client transmission, according to the pre-stored valid instruction information configuration-direct information that request comprises to authorization by instruction, carry out authorisation process, and Authorization result is packaged into and follows the packet that AAA realizes agreement, as the Packet Generation of following TACACS+ agreement is to AAA client.If when Authorization result shows this configuration-direct information mandate success, the Authorization result that aaa server sends to AAA client can comprise: the successful announcement information of authorization by instruction etc.When if Authorization result shows this configuration-direct information authorization failure, the Authorization result that aaa server sends to AAA client can comprise: the announcement information of authorization by instruction failure etc.
The Authorization result that step 311, AAA client aaa server send, and will receive Authorization result and send to Subscriber Interface Module SIM; Authorization result is carried in and in authorization by instruction return messages, sends to user's receiver module.
AAA client sends aaa server follows the packet that AAA realizes agreement and resolves, and obtains the Authorization result that this packet comprises, and Authorization result is sent to Subscriber Interface Module SIM.
Step 312, Subscriber Interface Module SIM receive Authorization result, according to Authorization result, carry out respective handling; For example: if when authentication result shows configuration-direct information mandate success, Subscriber Interface Module SIM sends instruction to instruction translation module and resolves the request of execution, and this instruction is resolved the request of execution and comprised the configuration-direct information of successfully authorizing, and performs step 313; When if authentication result shows configuration-direct information authorization failure, Subscriber Interface Module SIM generates and the corresponding information of authorization failure information, send to client refusal to carry out this instruction, afterwards, Subscriber Interface Module SIM can wait for that user inputs next configuration-direct.When Subscriber Interface Module SIM receives the new configuration-direct of user's input, can be to this new configuration-direct repeated execution of steps 37~step 312 (Fig. 3 is not shown).
The request of execution is resolved in the instruction that step 313, instruction translation module parses Subscriber Interface Module SIM send, if successfully resolved, can obtain configuration-direct information, and the configuration-direct that parsing is obtained is translated into the operation instruction information that LVS supports, to LVS, send fill order, be used to indicate LVS execution and move accordingly with operational order, perform step 314.If the failure of instruction translation module parses, sends and resolve failed announcement information to Subscriber Interface Module SIM, by Subscriber Interface Module SIM, by resolving failed result, notified to user (Fig. 3 is not shown).
Step 314, LVS carry out with the operational order receiving and move accordingly, and execution result is sent to instruction translation module.
Can pre-stored legal configuration-direct in instruction translation module and the operational order supported of Keepalived program between mapping relations, according to these mapping relations, the configuration-direct that success is authorized, be that valid instruction is translated into corresponding operational order, and LVS is carried out and the corresponding configuration operation of operational order.
Illustrate one: the configuration-direct that instruction translation module receives is " deleting Virtual Service XXX instruction ", instruction translation module is according to pre-stored mapping relations, this configuration-direct is translated into corresponding operational order, as " deleting in Keepalived application configuration file one section of content about Virtual Service XXX ", the operational order after translation is sent to LVS.LVS calls Keepalived application configuration file according to this operational order, and deletes in this configuration file the corresponding contents about Virtual Service XXX.After corresponding contents about Virtual Service XXX in LVS deletion Keepalived application configuration file, the execution result that deletion is completed sends to instruction translation module.
Illustrate two: the mapping relations example between the operational order that the legal configuration-direct of storing in instruction translation module and LVS support can be as shown in table 1:
Mapping relations example between the legal configuration-direct of table 1 and operational order
| Valid instruction title | Function | Parameter | Operational order (action) |
| Rename | Name(X,Y) | X=A,Y=B | X is revised as to Y |
In table 1, suppose that a certain validated user through aaa server success identity valid instruction input and that successfully authorize through aaa server is for the instruction that renames " Name (X; Y) ", X is for representing the current title of a certain physical server of LVS, if current title X is " A "; Operational order corresponding to the instruction " Name (X, Y) " that renames is " X is revised as to Y ", and being about to current name modifications that is called the physical server of X is Y, if the title Y after change is " B ".
The configuration-direct that instruction translation module receives is " renaming ", instruction translation module is according to the mapping relations shown in table 1, this configuration-direct is translated into the corresponding operating instruction that LVS supports, as " the title X of a certain physical server is revised as to Y ", operational order after translation is sent to LVS so that LVS carries out and the corresponding configuration operation of this aforesaid operations instruction, or instruction translation module can be carried out and the corresponding configuration operation of aforesaid operations instruction LVS.
Due to the configuration information of LVS can record profile on, therefore, can to LVS configuration information, modify by LVS self or by instruction translation module.The configuration information of situation revise to(for) LVS self, LVS can call Keepalived application configuration file according to this operational order, and revises in this configuration file the title about this physical server.In LVS change Keepalived application configuration file, after the title of respective physical server, the execution result having renamed is sent to instruction translation module.The situation of LVS configuration information being modified for instruction translation module, is equivalent to instruction translation module accesses LVS, and calls the Keepalived application configuration file on LVS, changes in this configuration file the title about this physical server.
Step 315, instruction translation module send to Subscriber Interface Module SIM by execution result, and this execution result is carried in instruction parsing execution return messages and sends to Subscriber Interface Module SIM.
Step 316, Subscriber Interface Module SIM feed back to client by the execution result of reception with readable form.
Known by above-mentioned analysis, the present embodiment can adopt the collocation method that is similar to standard network device, for the LVS that is integrated with Keepalived program, is managed for configuration, and tool has the following advantages:
(1) unified interface shape: with the user interface of the consistent form of standard network device, be conducive to reduce the cost that network management personnel carries out network operation;
(2) user management easily: introduce aaa authentication mechanism, all set up user without every station server, only need to create user in aaa server side;
(3) shirtsleeve operation: based on instruction, realize the configuration of LVS, reduce the complexity of configuration operation, and misoperation probability;
(4) introduced the licensing scheme of instruction: introduce aaa authentication, other is authorized to realize user instruction level, is conducive to improve the fail safe of operation;
(5) flexibility of service: through " encapsulation " to LVS, improved the flexibility of service routine, although the present embodiment be take the collocation method of the integrated Keepalived program of LVS as example explanation LVS, but it will be appreciated by those skilled in the art that, technical solution of the present invention is also applicable to be integrated with the LVS of other service routines, now, only need the mapping relations between operational order that the legal configuration-direct stored in corresponding modify instruction translation module and new service routine support, implementation is very flexible and completely transparent to user.
One of ordinary skill in the art will appreciate that: accompanying drawing is the schematic diagram of an embodiment, the module in accompanying drawing or flow process might not be that enforcement the present invention is necessary.
One of ordinary skill in the art will appreciate that: the module in the device in embodiment can be described and be distributed in the device of embodiment according to embodiment, also can carry out respective change and be arranged in the one or more devices that are different from the present embodiment.The module of above-described embodiment can be merged into a module, also can further split into a plurality of submodules.
The invention described above embodiment sequence number, just to describing, does not represent the quality of embodiment.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can complete by the relevant hardware of program command, aforesaid program can be stored in a computer read/write memory medium, this program, when carrying out, is carried out the step that comprises said method embodiment; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
Finally it should be noted that: above embodiment only, in order to technical scheme of the present invention to be described, is not intended to limit; Although the present invention is had been described in detail with reference to previous embodiment, those of ordinary skill in the art is to be understood that: its technical scheme that still can record previous embodiment is modified, or part technical characterictic is wherein equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution depart from the spirit and scope of embodiment of the present invention technical scheme.
Claims (7)
1. a Linux virtual server configuration-system, comprises Linux virtual server, it is characterized in that, also comprises: Subscriber Interface Module SIM, authentication and authorization charging client and instruction translation module;
Described Subscriber Interface Module SIM, for receiving the configuration-direct information of user's input, sends to described authentication and authorization charging client by the configuration-direct information of reception; When receiving Authorization result that described authentication and authorization charging client returns and represent described configuration-direct information mandate success, to described instruction translation module, sends the successfully configuration-direct information of mandate;
Described authentication and authorization charging client sends to authentication and authorization charging server for the described configuration-direct information that described Subscriber Interface Module SIM is sent, and for described authentication and authorization charging server, described configuration-direct information is carried out to authorisation process; The Authorization result that described authentication and authorization charging server is returned sends to described Subscriber Interface Module SIM;
The configuration-direct that described instruction translation module is authorized for the described success that described Subscriber Interface Module SIM is sent is translated into the operational order that described Linux virtual server is supported, and carries out or notify described Linux virtual server to carry out and the corresponding configuration operation of described operational order.
2. Linux virtual server configuration-system according to claim 1, is characterized in that,
Described Subscriber Interface Module SIM is also for sending to the subscriber identity information of reception described authentication and authorization charging client; When the authentication result receiving represents the subscriber identity information authentication success of described reception, to described authentication and authorization charging client, send the configuration-direct information of described reception;
Described authentication and authorization charging client sends to authentication and authorization charging server for the described subscriber identity information that described Subscriber Interface Module SIM is sent, and for described authentication and authorization charging server, described subscriber identity information is carried out to authentication processing.
3. Linux virtual server configuration-system according to claim 1, is characterized in that, described instruction translation module comprises:
Memory cell, for storing the mapping relations between legal configuration-direct and the operational order of described Linux virtual server support;
Translation unit, for according to the described mapping relations of described cell stores, translates into corresponding described operational order by the configuration-direct of success mandate;
Dispensing unit, for described Linux virtual server is carried out and the corresponding configuration operation of described operational order, or, for described operational order being sent to described Linux virtual server, for described Linux virtual server, carry out and the corresponding configuration operation of described operational order.
4. a Linux virtual server collocation method, is characterized in that, comprising:
Receive the configuration-direct information of user's input;
The configuration-direct information of described reception is sent to authentication and authorization charging server, for described authentication and authorization charging server, described configuration-direct information is carried out to authorisation process;
The configuration-direct that success is authorized is translated into the operational order that Linux virtual server is supported, and described Linux virtual server is carried out and the corresponding configuration operation of described operational order.
5. Linux virtual server collocation method according to claim 4, is characterized in that, before the configuration-direct information of described reception is sent to authentication and authorization charging server, also comprises:
Receive subscriber identity information;
The subscriber identity information of described reception is sent to authentication and authorization charging server, for described authentication and authorization charging server, described subscriber identity information is carried out to authentication processing.
6. Linux virtual server collocation method according to claim 5, is characterized in that, the configuration-direct information of described reception is sent to authentication and authorization charging server, comprising:
When the subscriber identity information success identity of described reception, the configuration-direct information of described reception is sent to authentication and authorization charging server.
7. Linux virtual server collocation method according to claim 4, is characterized in that, the described configuration-direct that success is authorized is translated into the operational order that described Linux virtual server is supported, comprising:
According to the mapping relations between the configuration-direct of setting up in advance and the operational order of described Linux virtual server support, the configuration-direct that described success is authorized is translated into corresponding described operational order.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910086114.1A CN101908967B (en) | 2009-06-02 | 2009-06-02 | Configuration method and system of Linux virtual server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910086114.1A CN101908967B (en) | 2009-06-02 | 2009-06-02 | Configuration method and system of Linux virtual server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101908967A CN101908967A (en) | 2010-12-08 |
| CN101908967B true CN101908967B (en) | 2014-02-19 |
Family
ID=43264294
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910086114.1A Active CN101908967B (en) | 2009-06-02 | 2009-06-02 | Configuration method and system of Linux virtual server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101908967B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104993950B (en) * | 2012-10-30 | 2019-03-05 | 北京奇虎科技有限公司 | Virtual server O&M method and operation management system |
| CN102932178B (en) * | 2012-10-30 | 2016-07-13 | 北京奇虎科技有限公司 | A kind of method realizing LVS automatization O&M and a kind of operation management equipment |
| CN102970375A (en) * | 2012-12-05 | 2013-03-13 | 曙光信息产业(北京)有限公司 | Cluster configuration method and device |
| CN104660570A (en) * | 2013-11-22 | 2015-05-27 | 华耀(中国)科技有限公司 | Extensible AAA communication system and method |
| TWI746361B (en) * | 2019-05-22 | 2021-11-11 | 華南商業銀行股份有限公司 | Inspection and correction system of server's configuration based on hash algorithm and method thereof |
| TWI715047B (en) * | 2019-05-22 | 2021-01-01 | 華南商業銀行股份有限公司 | Inspection and correction system of server's configuration and method of inspecting and correcting server's configuration |
| TWI752813B (en) * | 2019-05-22 | 2022-01-11 | 華南商業銀行股份有限公司 | Inspection and correction system of server's configuration based on touch operation and method thereof |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1455551A (en) * | 2003-05-28 | 2003-11-12 | 东华大学 | Wideband network connecting-in intelligent control system and method |
| CN1555162A (en) * | 2003-12-24 | 2004-12-15 | 中兴通讯股份有限公司 | Control device and method for realizing broad band connecting server multiple business united interface |
| CN101183315A (en) * | 2007-12-10 | 2008-05-21 | 华中科技大学 | Paralleling multi-processor virtual machine system |
-
2009
- 2009-06-02 CN CN200910086114.1A patent/CN101908967B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1455551A (en) * | 2003-05-28 | 2003-11-12 | 东华大学 | Wideband network connecting-in intelligent control system and method |
| CN1555162A (en) * | 2003-12-24 | 2004-12-15 | 中兴通讯股份有限公司 | Control device and method for realizing broad band connecting server multiple business united interface |
| CN101183315A (en) * | 2007-12-10 | 2008-05-21 | 华中科技大学 | Paralleling multi-processor virtual machine system |
Non-Patent Citations (2)
| Title |
|---|
| JP特开2007-72539A 2007.03.22 |
| 吴进,刘雁飞.使用NAT实现Linux虚拟服务器.《西安邮电学院学报》.2003,第8卷(第3期),46-49. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101908967A (en) | 2010-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101908967B (en) | Configuration method and system of Linux virtual server | |
| CN103384237B (en) | Method for sharing IaaS cloud account, shared platform and network device | |
| US20190207812A1 (en) | Hybrid cloud network configuration management | |
| US11283805B2 (en) | Cloud device account configuration method, apparatus and system, and data processing method | |
| EP2706700A1 (en) | Computer account management system and implementation method thereof | |
| US9491183B1 (en) | Geographic location-based policy | |
| CN104243154A (en) | Server user authority centralized control system and server use authority centralized control method | |
| CN103475726B (en) | A kind of virtual desktop management, server and client side | |
| CN110401655A (en) | Access control right management system based on user and role | |
| CN110602216B (en) | Method and device for using single account by multiple terminals, cloud server and storage medium | |
| CN110049048B (en) | Data access method, equipment and readable medium for government affair public service | |
| CN108718337B (en) | Website account login, verification and verification information processing method, device and system | |
| CN101729541B (en) | Method and system for accessing resources of multi-service platform | |
| CN105160269A (en) | Method and apparatus for accessing data in Docker container | |
| CN106844111B (en) | Access method of cloud storage network file system | |
| CN110417863A (en) | Generate method and apparatus, identity authentication method and the device of identity code | |
| CN109359449B (en) | Authentication method, device, server and storage medium based on micro service | |
| CN103188332B (en) | A kind of remote desktop access control management method, equipment and system | |
| CN112019543A (en) | Multi-tenant permission system based on BRAC model | |
| CN105337967A (en) | Method and system for achieving target server logging by user and central server | |
| CN108390886A (en) | Educate big data secure access control system | |
| CN105100068A (en) | System and method for realizing single sign-on | |
| CN107645474B (en) | Method and device for logging in open platform | |
| CN104639421A (en) | Instant communication information processing method and instant communication information processing system based on intelligent television | |
| CN111092870A (en) | Unified authentication method for multiple high-performance computing clusters |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |