Invention content
It is an object of the invention to propose a kind of user's machine resources extracting integral method, can solve utilize at present
Idle machines resource is come the problem of building cloud platform.
In order to achieve the above object, the technical solution adopted in the present invention is as follows:
A kind of user's machine resources extracting integral method, includes the following steps:
Client creates first layer virtual machine, the first layer virtual machine and resource pipe according to the physical resource being pre-selected
Reason center carries out network connection, so that the resource management center gets the virtual resource information of the first layer virtual machine;
Resource management center asks to combine all virtual resource information in corresponding first layer according to networking input by user
Second layer virtual machine is created on virtual machine, and multiple second layer virtual machine configurations are formed into a Virtual Local Area Network, same void
The multiple second layer virtual machines intended in local area network are in communication with each other.
Preferably, the physical resource includes CPU, memory, bandwidth and hard disk.
Preferably, the virtual resource information includes virtual cpu, virtual memory, virtual bandwidth and virtual hard disk.
Preferably, the virtual operating system of the first layer is Linux, Windows, Unix, Mac OS, Android OS
In one kind.
Preferably, first layer virtual machine is encrypted in resource management center.
Preferably, the internetwork connection mode of first layer virtual machine and resource management center is using one in NAT, VPN, IPOP
Kind.
The present invention also proposes a kind of user's machine resources extracting integral system, including following device:
First creating device is set on client, for creating first layer virtual machine according to the physical resource being pre-selected,
The first layer virtual machine carries out network connection with resource management center, so that the resource management center gets described first
The virtual resource information of layer virtual machine;
Second creating device is set on resource management center, for being asked to combine all void according to networking input by user
Intend resource information and second layer virtual machine is created on corresponding first layer virtual machine, and multiple second layer virtual machine configurations are formed
One Virtual Local Area Network, multiple second layer virtual machines in same Virtual Local Area Network are in communication with each other.
Preferably, resource management center is additionally operable to that first layer virtual machine is encrypted.
The present invention has the advantages that:
It can will disperse to extract and integrate with user's machine resources of internet, be put down for the cloud of provider server
Platform is built, and cost is built so as to reduce cloud platform.
Specific embodiment
In the following, with reference to attached drawing and specific embodiment, the present invention is described further.
As shown in Figure 1, a kind of user's machine resources extracting integral method, includes the following steps:
Step S1, client (being dispersed in the user's machine of internet everywhere) is created according to the physical resource being pre-selected
First layer virtual machine, the first layer virtual machine carries out network connection with resource management center, so that the resource management center
Get the virtual resource information of the first layer virtual machine.The physical resource includes CPU, memory, bandwidth and hard disk etc., example
Such as, user selects the moneys such as corresponding CPU, memory, bandwidth and hard disk according to the hardware configuration of oneself client according to resource ratio
Source.According to physical resource fictionalize come first layer virtual machine, corresponding virtual resource is just likewise supplied with, including virtual cpu, void
Intend memory, virtual bandwidth and virtual hard disk etc..Since resource management center needs to control first layer virtual machine,
First layer virtual machine needs to be attached by network and resource management center, and connection mode can be in NAT, VPN, IPOP
It is a kind of.The operating system of the first layer virtual machine of establishment can be Linux, Windows, Unix, Mac OS, Android OS
Deng.
Step S2, in order to ensure the safety of data and confidentiality, resource management center adds first layer virtual machine
Close processing, to prevent the owner of client from easily accessing first layer virtual machine.
This is because machine resources are not to concentrate on a data center, and entire internet is distributed across, is
Ensure the safety of data, the transmission of data is encrypted in resource management center, and data transmission is based on SSL, ensureing
The safety of data transmission on internet, utilizes data confidentiality technology, it can be ensured that in transmission process of the data on network not
It can be intercepted and eavesdrop the safety for ensureing data and integrality.The present embodiment can also equally carry out virtual machine image simultaneously
Cryptographic operation so as to which the owner for ensureing physical machine will not have the permission for arbitrarily checking the data in virtual machine, ensures number
According to safety and crypticity.
Step S3, the networking request that resource management center is inputted according to user's (can be provider server) combines all
Virtual resource information creates second layer virtual machine on corresponding first layer virtual machine, and by multiple second layer virtual machine configuration shapes
Into a Virtual Local Area Network, multiple second layer virtual machines in same Virtual Local Area Network are in communication with each other.Thus may be used
According to the demand of user, cloud platform is built using the slack resources that client shares out, so as to mitigate provider server
Buy the burden of physical server.
It should be noted that step S2 can also just be performed when second layer virtual machine is created.
In addition, in general, a first layer virtual machine is created in same client, it is virtual in same first layer
A second layer virtual machine is created on machine, but under conditions of physical resource and virtual resource allow, in same client
Multiple first layer virtual machines can also be created, same first layer virtual machine can also create multiple second layer virtual machines.
The present embodiment also proposes a kind of user's machine resources extracting integral system, including following device:
First creating device is set on client, for creating first layer virtual machine according to the physical resource being pre-selected,
The first layer virtual machine carries out network connection with resource management center, so that the resource management center gets described first
The virtual resource information of layer virtual machine;
Encryption device is set on resource management center, for first layer virtual machine to be encrypted;
Second creating device is set on resource management center, for being asked to combine all void according to networking input by user
Intend resource information and second layer virtual machine is created on corresponding first layer virtual machine, and multiple second layer virtual machine configurations are formed
One Virtual Local Area Network, multiple second layer virtual machines in same Virtual Local Area Network are in communication with each other.
In order to facilitate the understanding of the present invention, it is described in detail with reference to specific application scenarios.
User's operation client logs on to resource management center by authentication, and master die is downloaded from resource management center
Plate/mirror image, configuration file, virtualization software etc. form installation kit, perform installation kit, and selection needs the physical resource virtualized,
First layer virtual machine (KVM/Vmware etc.) is created on the client, meanwhile, resource management center communicates with first layer virtual machine,
And the information such as IP address, internetwork connection mode, serve port, virtual resource for recording client ip and first layer virtual machine.
Provider server logging resource administrative center, it is defeated to resource management center according to the demand of the cloud platform of deployment
Enter networking request, resource management center is according to networking request and virtual resource information, it is possible to select suitable first layer virtual
Machine creates second layer virtual machine, to complete building for cloud platform.
The present embodiment is the premise based on nested virtualization technology for the extraction of machine resources, virtual by first layer
Machine, the machine resources of user are just extracted, and can be used for the operating system software installed, and virtual management and control are soft
Part, carries out network legal power control, and resource management center can be managed this part resource.And in the base of first layer virtual machine
The virtual machine of the second layer created on plinth is then that can provide practical IAAS or PAAS services.
All it is to support for the mainstreams such as nested virtualization, KVM, Vmware virtualization technology, this is a kind of very convenient
Extraction resource method, and more ensure that the safety of system.Due to can finally be provided to the IAAS or PAAS of user
The resources of virtual machine of service is the virtual machine of the second layer, so can prevent physical resource owner from entering virtual machine easily, is protected
It has demonstrate,proved system and data is more safe.
Another benefit that nested virtualization is brought is the control that resource management center possesses first layer virtual machine completely,
That is resource management center can also install different control softwares, such as installing pipe according to different first layer virtual machines
Module is managed, other first layer virtual machines can be controlled by being mounted with the first layer virtual machine of management module.In resource management
The heart can also install first layer virtual machine other service softwares, for example, installation provides a variety of work(such as virtualization, network, storage
The service of energy.
It needs to log on to resource management center by certification when user wants and builds a cloud platform, be similarly to
The network architecture of SDN, the network between first layer virtual machine and client is using the form of bridge joint, first layer virtual machine and second
It is also using the pattern of bridge joint between layer virtual machine, externally all network access is all that enter first layer by client virtual
Machine, then second layer virtual machine internal is entered by first layer virtual machine, the then forwarding of final network packet is to pass through physics
Machine carries out.Resource management center installs a routing management module on first layer virtual machine, this routing management module pipe
Reason is the same as the routing iinformation of all first layer virtual machines under network, the forwarding of the network packet of all disengaging first layer virtual machines
All it is managed by routing module.In this way, the only application establishment second layer on applicable first layer virtual machine that user is concerned about
Virtual machine, the configuration of network can automatically be gone to complete by routing module.
Resource management center chooses one or more first layer virtual robot arms into a Virtual Local Area Network as needed
(vnet), it is identified (OAID is a special unique character string, for mark one tenant network) by OAID.Resource management
Center sends and updates the IP information and location information of other first layer virtual machines to each first layer virtual machine of vnet, is in
The first layer virtual machine of same vnet can be in communication with each other.First layer virtual machine each in this way and it is equipped with the of management module
A vnet is formed between one layer of virtual machine (VManger), VManger can be in vnet according to resource usage policy, load balancing
Strategy sends instruction to first layer virtual machine and creates container (Container) or guest virtual machine (Virtual
), Machine the container (Container) or guest virtual machine (Virtual Machine) can provide IAAS/PAAS clothes
Business, can dispose and run client-side program.
The present embodiment has the advantage that:
The idle machine resources of dispersion can be combined, uniformly control, realize on resource management center
The integration of resource, avoids the waste of resource.
Provider server directly can create container (container) or virtual machine using these machine resources
(virtual machine), and cloud platform is built, without purchasing a large amount of server resource, cost is greatly saved.
Node virtual machine is created on physical node, node virtual machine uses linux system, program assembly, network
Connection mode oneself can realize and control, the problems such as shielding the operating system complexity and user right of physical node.
The access of first layer virtual machine is very convenient, can realize quick dynamic access and exit.
It realizes and obtains machine resources on demand, it is not necessary to a large amount of fund is just spent to purchase machine before cloud platform is built, and
Be can dynamic access first layer virtual machine again when needed, obtain machine resources.
For those skilled in the art, technical solution that can be as described above and design are made other each
Kind is corresponding to be changed and deforms, and all these change and deform the protection model that should all belong to the claims in the present invention
Within enclosing.