CN104717081A

CN104717081A - Gateway function realization method and device

Info

Publication number: CN104717081A
Application number: CN201310684671.XA
Authority: CN
Inventors: 刘军利
Original assignee: Hangzhou Huawei Digital Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2013-12-13
Filing date: 2013-12-13
Publication date: 2015-06-17
Anticipated expiration: 2033-12-13
Also published as: CN104717081B

Abstract

The embodiment of the invention provides a gateway function realization method and device and relates to the technical field of communications. Communication efficiency and communication stability between a virtual machine and a main engine can be improved. The method comprises the steps that a server receives a first request message sent by a management node, wherein the first request message carries a first routing message of a first gateway and a first detection rule of the first gateway, and the first request message is used for requesting the server to create the first gateway on a virtual switch in the server; the server obtains the first routing message and the first detection rule according to the first request message; the server generates a first routing rule and a second detection rule according to the first routing message and the first detection rule; the server achieves the functions of the first gateway through the virtual switch according to the first routing rule and the second detection rule.

Description

A kind of implementation method of gateway function and device

Technical field

The present invention relates to communication technical field, particularly relate to a kind of implementation method and device of gateway function.

Background technology

In virtualization system, the virtual machine in a subnet communicates by corresponding virtual gateway with between the main frame in another subnet, and wherein, main frame can comprise physical host and virtual machine.At present, virtualization system can comprise multiple server, and each server can run at least one virtual machine, and wherein, each virtual machine only belongs to the some subnets in this virtualization system.

In prior art, when an establishment subnet, also need the gateway that establishment one is corresponding with this subnet.Specifically can by certain server in virtualization system creates a virtual machine, and when adding this subnet, by the gateway configuration of this subnet on a virtual network interface, use this virtual machine independent interface as the upstream Interface of gateway simultaneously, and the routing iinformation received is generated routing rule, and this routing rule is configured on this virtual machine, namely realize gateway function on a virtual machine, the virtual machine that the virtual machine in this subnet on the Servers-all in this virtualization system all realizes gateway function by this communicates.

But, the above-mentioned method realizing gateway function, on the one hand, owing to being subject to the performance of the virtual machine forwarding data bag realizing gateway function and this realizes the restriction of the virtual machine bandwidth of gateway function, therefore cause the communication efficiency between source virtual machine and destination host lower, wherein, destination host can comprise target physical main frame and target virtual machine; On the other hand, if the server fail at gateway place, then all cannot proper communication by all virtual machines of this gateway communication, thus cause the interruption communicated between source virtual machine and destination host.

In prior art, when an establishment subnet, a server in virtualization system can create a virtual machine, and by the routing rule that configures this subnet on this virtual machine to realize gateway function.Thus the virtual machine in this subnet on Servers-all in this virtualization system can be communicated by this virtual machine realizing gateway function.

Wherein, gateway is when communicating between the network adopting different architecture or agreement, provides the facility of the Web-compatible such as Route Selection, exchanges data function.

Concrete, virtual machine in same subnet and between main frame, and virtual machine in different sub-network and when transmitting packet between main frame, source virtual machine need first by this Packet Generation to the switch on server, being sent to by switch realizes on the virtual machine of gateway function again, finally by switch, this packet is forwarded to destination host by this virtual machine realizing gateway function.Wherein, source virtual machine provides service by the first subnet, and destination host provides service by the second subnet, and namely source virtual machine belongs to the first subnet, and destination host belongs to the second subnet.Such as, when a server exists simultaneously the second subnet belonging to the virtual machine realizing gateway function corresponding to the first subnet belonging to source virtual machine and destination host corresponding realize the virtual machine of gateway function time, when transmitting packet between source virtual machine and destination host, source virtual machine need first by this Packet Generation to the switch on server, this Packet Generation realizes on the virtual machine of gateway function to corresponding with the first subnet belonging to source virtual machine by switch again, being forwarded to by this switch by this packet by the virtual machine realizing gateway function corresponding to this first subnet corresponding with the second subnet belonging to destination host realizes on the virtual machine of gateway function, and by this switch these data to be subcontracted by the virtual machine realizing gateway function corresponding to this second subnet and be forwarded to destination host.

Further, for example, to transmit packet between the virtual machine in different sub-network, as shown in Figure 1, in virtualization system, if the virtual machine 2 in server A in subnet 1 will communicate with the virtual machine 6 in subnet in server B 2, then can create the virtual machine 1 realizing gateway function on server, this gateway is the gateway 1 of subnet 1 correspondence, and server B creates the virtual machine 4 realizing gateway function, and this gateway is the gateway 2 of subnet 2 correspondence.In server A, virtual machine 2 in subnet 1 sends packet to virtual switch 1, this packet is sent to the virtual machine 1 realizing gateway 1 function by virtual switch 1, by virtual machine 1, this packet is forwarded to virtual switch 1 again, and this packet is forwarded to the upstream Interface of server A by virtual switch 1.In server B, server B receives this packet that the upstream Interface from server A sends, and this packet is forwarded to the virtual machine 4 realizing gateway 2 function by virtual switch 2, by virtual machine 4, this packet is forwarded to virtual switch 2 again, the last virtual machine 6 be forwarded to by virtual switch 2 again in subnet 2, to realize the communication between the virtual machine 6 in virtual machine 2 in server A in subnet 1 and server B in subnet 2.

Said method limits due to the bandwidth of the performance of forwarding data bag with the Microsoft Loopback Adapter of this virtual machine that are subject to this virtual machine, and the communication efficiency therefore between source virtual machine and destination host is lower; And if the server fail at this virtual machine place, then in virtualization system, all other main frames being undertaken communicating by this virtual machine all cannot carry out proper communication, thus cause the communication disruption between source virtual machine and destination host.

Main frame can comprise physical host and virtual machine, and in the embodiment of the present invention, take main frame as virtual machine instance, namely destination host is target virtual machine, is described in detail the implementation method of a kind of gateway function that the embodiment of the present invention provides.Be understandable that, when main frame is physical host, the implementation method of the gateway function when implementation method of a kind of gateway function that the embodiment of the present invention provides and main frame are virtual machine is similar, is no longer described.

Summary of the invention

Embodiments of the invention provide a kind of implementation method and device of gateway function, can improve the communication efficiency between virtual machine and main frame and communication stability.

For achieving the above object, embodiments of the invention adopt following technical scheme:

First aspect, embodiments of the invention provide a kind of implementation method of gateway function, comprising:

The first request message that server receiving management node sends, carry the first routing iinformation of the first gateway and the first detected rule of described first gateway in described first request message, described first request message is for asking the virtual switch of described server in described server creates described first gateway;

Described server, according to described first request message, obtains described first routing iinformation and described first detected rule;

Described server, according to described first routing iinformation and described first detected rule, generates the first routing rule and the second detected rule;

Described server, according to described first routing rule and described second detected rule, realizes the function of described first gateway by described virtual switch.

In the first possible implementation of first aspect, described server, according to described first routing iinformation and described first detected rule, generates the first routing rule and the second detected rule specifically comprises:

Described server, according to described first routing iinformation, generates described first routing rule corresponding with described first routing iinformation and the first Route Distinguisher;

Described first Route Distinguisher is added in described first detected rule by described server, to generate described second detected rule.

In conjunction with the first possible implementation of aforesaid first aspect or first aspect, in the implementation that the second is possible, described first gateway and described first routing rule are the gateway corresponding with the first subnet and routing rule,

Wherein, described server, according to described first routing rule and described second detected rule, is realized the method for the function of described first gateway, comprising by described virtual switch:

Described server receives by described virtual switch the packet that source virtual machine is sent to destination host, described packet comprises the address information of described source virtual machine and the address information of described destination host, wherein, described source virtual machine provides service by described first subnet, and described destination host provides service by the second subnet;

Described server, according to the address information of described source virtual machine, the address information of described destination host and described second detected rule, determines the mark of described first subnet and the mark of described second subnet;

If the mark of described first subnet is different from the mark of described second subnet, described server then according to described first routing rule, forwards described packet.

In conjunction with the implementation that the second of first aspect is possible, in the implementation that the third is possible, after described server determines the mark of described first subnet and the mark of described second subnet, described method also comprises:

If the mark of described first subnet is identical with the mark of described second subnet, described server then forwards described packet according to described second detected rule.

In conjunction with the third possible implementation of first aspect, in the 4th kind of possible implementation, the address information of described destination host comprises the internet protocol address of described destination host,

Wherein, if the mark of described first subnet is identical with the mark of described second subnet, before described server then to forward described packet according to described second detected rule, described method also comprises:

Described server, according to the IP address of described destination host, searches the MAC address of the described destination host corresponding with the IP address of described destination host in the first address mapping table corresponding with described source virtual machine;

If described server does not find the MAC Address of described destination host in described first address mapping table, described server then obtains the MAC Address of described destination host, and the MAC Address of described destination host is saved to described first address mapping table.

In conjunction with the 4th kind of possible implementation of first aspect, in the 5th kind of possible implementation, described server, according to described first routing rule, forwards described packet; Described server forwards described packet according to described second detected rule, specifically comprises:

Described server, according to described first routing rule/described second detected rule, the IP address of described destination host and the MAC Address of described destination host, forwards described packet.

Second aspect, embodiments of the invention also provide a kind of implementation method of gateway function, comprising:

When creating the first virtual machine in first server, management node searches the first routing rule and the second detected rule in described first server, and described first routing rule and described second detected rule are the rule of first gateway corresponding with described first virtual machine;

If described management node does not find described first routing rule and described second detected rule in described first server, described management node then sends the first request message to described first server, the first routing iinformation and the first detected rule is obtained according to described first request message to make described first server, and generate described first routing rule and described second detected rule according to described first routing iinformation and described first detected rule, and according to described first routing rule and described second detected rule, the function of described first gateway is realized by the virtual switch in described first server, wherein, described first routing iinformation and described first detected rule is carried in described first request message, described first request message creates described first gateway for asking described first server on described virtual switch.

In the first possible implementation of second aspect, when described first server there being virtual machine to be migrated, described virtual machine to be migrated is the virtual machine corresponding with described first gateway, and described method also comprises:

Described management node determines at least one second server in server cluster;

Described management node searches described first routing rule and described second detected rule at least one second server described;

If described management node finds described first routing rule and described second detected rule at least one second server described, described management node is then by extremely at least one second server described of the virtual machine (vm) migration described to be migrated in described first server.

In conjunction with the first possible implementation of second aspect, in the implementation that the second is possible, described management node is by after the virtual machine (vm) migration described to be migrated in described first server at least one second server described, and described method also comprises:

Described management node is determined whether described first server has and corresponding with described first gateway is not moved virtual machine;

If described management node is determined described first server does not move virtual machine without described, described management node then indicates described first server to delete described first routing rule and described second detected rule.

In the third possible implementation of second aspect, after described management node searches the first routing rule and the second detected rule in described first server, described method also comprises:

If described management node finds described first routing rule and described second detected rule in described first server, described management node then indicates described first server according to described first routing rule and described second detected rule, is realized the function of described first gateway by described virtual switch.

The third aspect, embodiments of the invention provide a kind of server, comprising:

Receiving element, for the first request message that receiving management node sends, carry the first routing iinformation of the first gateway and the first detected rule of described first gateway in described first request message, described first request message is for asking the virtual switch in described server to create described first gateway;

Acquiring unit, for described first request message received according to described receiving element, obtains described first routing iinformation and described first detected rule;

Generation unit, for described first routing iinformation that obtains according to described acquiring unit and described first detected rule, generates the first routing rule and the second detected rule;

Realize unit, for described first routing rule that generates according to described generation unit and described second detected rule, realized the function of described first gateway by described virtual switch.

In the first possible implementation of the third aspect,

Described generation unit, specifically for described first routing iinformation obtained according to described acquiring unit, generate described first routing rule corresponding with described first routing iinformation and the first Route Distinguisher, and described first Route Distinguisher is added in described first detected rule, to generate described second detected rule.

In conjunction with the first possible implementation of the aforesaid third aspect or the third aspect, in the implementation that the second is possible, described first gateway and described first routing rule are the gateway corresponding with the first subnet and routing rule,

Wherein, described server also comprises determining unit;

Described receiving element, also for receiving by described virtual switch the packet that source virtual machine is sent to destination host, described packet comprises the address information of described source virtual machine and the address information of described destination host, wherein, described source virtual machine provides service by described first subnet, and described destination host provides service by the second subnet;

Described determining unit, for described second detected rule that the address information of described source virtual machine, the address information of described destination host and the described generation unit that receive according to described receiving element generate, determine the mark of described first subnet and the mark of described second subnet;

Describedly realize unit, if the mark of described first subnet also determined for described determining unit is different from the mark of described second subnet, then according to described first routing rule that described generation unit generates, described packet is forwarded.

In conjunction with the implementation that the second of the third aspect is possible, in the implementation that the third is possible,

Describedly realize unit, after mark also for the mark and described second subnet of determining described first subnet in described determining unit, if the mark of described first subnet is identical with the mark of described second subnet, then described second detected rule generated according to described generation unit forwards described packet.

In conjunction with the third possible implementation of the third aspect, in the 4th kind of possible implementation,

The address information of described destination host comprises the IP address of described destination host, and wherein, described server also comprises searches unit and storage unit;

Describedly search unit, if the mark of described first subnet determined for described determining unit is identical with the mark of described second subnet, describedly realize before unit then to forward the described packet that described receiving element receives according to described second detected rule, according to the IP address of the described destination host that described receiving element receives, in first address mapping table corresponding with described source virtual machine, search the MAC Address of the described destination host corresponding with the IP address of described destination host;

Described acquiring unit, if also for described in search the MAC Address that unit does not find described destination host in described first address mapping table, then obtain the MAC Address of described destination host;

Described storage unit, the MAC Address for the described destination host obtained by described acquiring unit is saved to described first address mapping table.

In conjunction with the 4th kind of possible implementation of the third aspect, in the 5th kind of possible implementation,

Describedly realize unit, the IP address of described destination host obtained specifically for described first routing rule/described second detected rule generated according to described generation unit, described acquiring unit and the MAC Address of described destination host, forward the described packet that described receiving element receives.

Fourth aspect, embodiments of the invention also provide a kind of management node, comprising:

Search unit, for when creating the first virtual machine in first server, in described first server, search the first routing rule and the second detected rule, described first routing rule and described second detected rule are the rule of first gateway corresponding with described first virtual machine;

Transmitting element, if for described in search unit in described first server, do not find described first routing rule and described second detected rule, then send the first request message to described first server, the first routing iinformation and the first detected rule is obtained according to described first request message to make described first server, and generate described first routing rule and described second detected rule according to described first routing iinformation and described first detected rule, and according to described first routing rule and described second detected rule, the function of described first gateway is realized by the virtual switch in described first server, wherein, described first routing iinformation and described first detected rule is carried in described first request message, described first request message creates described first gateway for asking described first server on described virtual switch.

In the first possible implementation of fourth aspect, described management node also comprises determining unit and migration units;

Described determining unit, for when described first server there being virtual machine to be migrated, determines at least one second server in server cluster, and wherein, described virtual machine to be migrated is the virtual machine corresponding with described first gateway;

Describedly search unit, also for searching described first routing rule and described second detected rule at least one second server described in determining in described determining unit;

Migration units, if for described in search unit at least one second server described, find described first routing rule and described second detected rule, then by the virtual machine (vm) migration described to be migrated in described first server at least one second server described.

In conjunction with the first possible implementation of fourth aspect, in the implementation that the second is possible, described management node also comprises indicating member;

Described determining unit, also for described migration units by the virtual machine (vm) migration described to be migrated in described first server to after at least one second server described, determine whether described first server has and corresponding with described first gateway do not move virtual machine;

Described indicating member, if determine described first server does not move virtual machine without described for described determining unit, then indicates described first server to delete described first routing rule and described second detected rule.

In the third possible implementation of fourth aspect,

Described indicating member, if also for described in search unit in described first server, find described first routing rule and described second detected rule, then indicate described first server according to described first routing rule and described second detected rule, realized the function of described first gateway by described virtual switch.

5th aspect, what embodiments of the invention provided a kind of gateway function realizes system, comprising: at least one server as described in any one of claim 11-16, and the management node as described in any one of claim 17-20.

Embodiments of the invention provide a kind of implementation method and device of gateway function, by the first request message that server receiving management node sends, the first routing iinformation of the first gateway and the first detected rule of the first gateway is carried in this first request message, this first request message creates the first gateway on request server virtual switch in the server, and this server is according to the first request message, obtain the first routing iinformation and the first detected rule, and this server is according to the first routing iinformation and the first detected rule, generate the first routing rule and the second detected rule, finally this server is according to this first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch.Pass through the program, on the one hand because server generates the first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch, thus avoid in prior art the performance of virtual machine forwarding data bag and the restriction of this virtual machine bandwidth that realize gateway function, this improves the communication efficiency between virtual machine and main frame; On the other hand, the each server in virtualization system is applicable to due to the program, therefore, the gateway function corresponding with some subnets can be created on each server, thus when certain server fail in this subnet, other virtual machines in this subnet still can continue to communicate with main frame, and then improve the communication stability between virtual machine and main frame.

Accompanying drawing explanation

The schematic diagram being realized gateway function by virtual machine that Fig. 1 provides for prior art;

The flow chart one of the implementation method of a kind of gateway function that Fig. 2 provides for the embodiment of the present invention;

The schematic diagram being realized gateway function by virtual switch that Fig. 3 provides for the embodiment of the present invention;

The flowchart 2 of the implementation method of a kind of gateway function that Fig. 4 provides for the embodiment of the present invention;

The interaction figure one of the implementation method of a kind of gateway function that Fig. 5 provides for the embodiment of the present invention;

The interaction figure two of the implementation method of a kind of gateway function that Fig. 6 provides for the embodiment of the present invention;

The flow chart 3 of the implementation method of a kind of gateway function that Fig. 7 provides for the embodiment of the present invention;

The flow chart four of the implementation method of a kind of gateway function that Fig. 8 provides for the embodiment of the present invention;

The structural representation one of the server that Fig. 9 provides for the embodiment of the present invention;

The structural representation two of the server that Figure 10 provides for the embodiment of the present invention;

The structural representation three of the server that Figure 11 provides for the embodiment of the present invention;

The structural representation four of the server that Figure 12 provides for the embodiment of the present invention;

The structural representation one of the management node that Figure 13 provides for the embodiment of the present invention;

The structural representation two of the management node that Figure 14 provides for the embodiment of the present invention;

The structural representation three of the management node that Figure 15 provides for the embodiment of the present invention;

The structural representation five of the server that Figure 16 provides for the embodiment of the present invention;

The structural representation four of the management node that Figure 17 provides for the embodiment of the present invention;

The gateway function that Figure 18 provides for the embodiment of the present invention realize system block diagram.

Embodiment

Below in conjunction with accompanying drawing, the implementation method of a kind of gateway function that embodiments of the invention provide and device are described in detail.

Embodiment one

Embodiments of the invention provide a kind of implementation method of gateway function, and as shown in Figure 2, the method is the implementation method of the gateway function of server side, and the method can comprise:

The first request message that S101, server receiving management node send, carry the first routing iinformation of the first gateway and the first detected rule of this first gateway in this first request message, this first request message creates the first gateway on the virtual switch of request server in this server.

Management node is in virtualization system, the node of network resource administration and virtual resource etc.Management node can comprise network resource management unit and virtual resource administrative unit.Management node can multiple servers in managing virtual system, management node carries out Resource Allocation in Networks and virtual resource allocation to the plurality of server, and and the plurality of server between mutually carry out issuing and receiving of data, thus realize virtual network and virtual resource scheduling interlock.

Gateway can, to realize network interconnection in network layer, be the most complicated network interconnection apparatus, network interconnection.Gateway both may be used for wide area network interconnection, also may be used for local area network interconnection.Using different communication protocol, data format or language, even during the diverse two kinds of systems of architecture, gateway is repacked the information received, with the demand of adaptation to end system.

In the interconnection network be made up of router and main frame, there are some interfaces of separately main frame and router, these interfaces make network be divided into the network of several separation, and can connect independently network endpoint by these interfaces.These each network endpoints independently in network endpoint are a subnet in this system.

Further, during user's planning network, network can be divided into a lot of subnet, the division of subnet is by using IP(Internet Protocol, the agreement interconnected between network) former network to serve as subnet address, thus is divided into some subnets by some main frame positions of address.During user's subnet division, along with increasing of main frame position is used in subnet address, the number of subnet increases thereupon, and the available host position in each subnet is reduced gradually.

In the embodiment of the present invention, above-mentioned main frame position can be expressed as virtual seat in the plane.

It should be noted that, in virtualization system, the virtual machine in a subnet can be communicated with the virtual machine in another subnet by the gateway corresponding with this subnet.When first virtual machine in establishment subnet, server creates the gateway corresponding with this subnet by virtual switch.

The implementation method of the gateway function that embodiments of the invention provide realizes gateway function in virtualized environment, therefore the virtual gateway that can realize gateway function that the gateway created in the embodiment of the present invention refers to.Wherein, virtual gateway is in virtualization system, and user is the module that can realize gateway function that the subnet in this virtualization system distributes.

It should be noted that as shown in Figure 3, on one server, can have one or more virtual switch, this virtual switch machine testing and its virtual port carry out the virtual machine that logic is connected, so that packet is transmitted to virtual machine.In the invention process, in virtualization system, the virtual switch used is distributed virtual switch, this distributed virtual switch is there is in each server managed with management node, thus make the virtual machine on server when moving across multiple server, can guarantee that its network configuration is consistent.

In the embodiment of the present invention, when creating first virtual machine in a subnet on one server, need to create the gateway corresponding with this subnet on that server, to realize the communication between this first virtual machine and other virtual machines.As shown in Figure 3, in the implementation method of the gateway function that the embodiment of the present invention provides, each server can create the gateway corresponding with the subnet belonging to the virtual machine on server.For example, server A comprises virtual machine 1, the virtual machine 2 in subnet 1, the virtual machine 3 in subnet 2, virtual switch 1 and the gateway 1 corresponding with subnet 1 in the subnet 1 that runs on server and the gateway 2 corresponding with subnet 2.Server B is included in virtual machine 5, the virtual machine 4 in subnet 2, the virtual machine 6 in subnet 2, virtual switch 2 and the gateway 1 corresponding with subnet 1 in subnet 1 that server B is run and the gateway 2 corresponding with subnet 2.Like this, in virtualization system, server A in server cluster and server B can respectively by the gateways on respective virtual switch, carry out the communication between virtual machine, and when server A breaks down, the communication of the virtual machine that server B is run can not be affected, thus the communication stability between the communication efficiency that improve between virtual machine and virtual machine.

The first request message that server receiving management node sends, and virtual switch in this server creates the first gateway, wherein, in this first request message, include the first routing iinformation of the first gateway and the first detected rule of this first gateway.

It should be noted that, routing iinformation is that user inputs for configuring the first gateway, the routing iinformation of this first gateway is determined by after the first virtual gateway, the down hop of route, the first detected rule of this first gateway can comprise the address information of source virtual machine, the address information of target virtual machine, the mark etc. of subnet.

S102, server, according to this first request message, obtain the first routing iinformation and the first detected rule.

After server receives the first request message, server according to this first request message, can obtain the first routing iinformation and the first detected rule.

Concrete, carry the first routing iinformation and the first detected rule due in the first request message that server receives, therefore server from this first request message, can obtain the first routing iinformation and the first detected rule.

S103, server, according to the first routing iinformation and the first detected rule, generate the first routing rule and the second detected rule.

After server obtains the first routing iinformation and the first detected rule, server according to this first routing iinformation and the first detected rule, can generate the first routing rule and the second detected rule.

In the embodiment of the present invention, server realizes gateway function by the first routing rule and the second detected rule on virtual switch.

It should be noted that, server is according to this first routing iinformation and the first detected rule, and the detailed step generating the first routing rule and the second detected rule will be described in subsequent embodiment.

S104, server, according to the first routing rule and the second detected rule, realize the function of the first gateway by virtual switch.

After server generates the first routing rule and the second detected rule, server according to the first routing rule and the second detected rule, can realize the function of the first gateway by virtual switch.

It should be noted that, when source virtual machine need communicate with target virtual machine, namely, when source virtual machine need send packet to target virtual machine, suppose that the first gateway is the gateway corresponding with source virtual machine, source virtual machine sends this packet to target virtual machine by this first gateway.Concrete, server can detect the subnet information of the subnet information of the first subnet belonging to source virtual machine and the second subnet belonging to target virtual machine respectively according to the second detected rule generated, and in this second detected rule, find the Route Distinguisher corresponding with the subnet information of the subnet information of the first subnet and the second subnet, thus server can according to this Route Distinguisher, find first routing rule corresponding with the first gateway, to determine the access path between source virtual machine and target virtual machine, and then server can according to this access path found, the packet sent by source virtual machine is through the first gateway forwards, finally be sent to target virtual machine, thus realize the function of the first gateway.

In the embodiment of the present invention, by virtual switch in the server creates the first gateway, to realize the function of the first gateway on virtual machine switch.Wherein, first gateway can corresponding many first routing rules, when source virtual machine need send packet to target virtual machine, if preserved the first routing rule between this source virtual machine and target virtual machine in the first gateway corresponding with the first subnet belonging to source virtual machine, the first gateway that the Packet Generation that then source virtual machine can directly send according to this first routing rule by server extremely creates on virtual switch, and pass through the second detected rule and first routing rule of upper preservation in this first gateway, select the access path between source virtual machine and target virtual machine, and forward this packet to target virtual machine according to this access path.

Embodiments of the invention also provide a kind of implementation method of gateway function, and as shown in Figure 4, the method is the implementation method of the gateway function of management node side, and the method can comprise:

S201, when creating the first virtual machine in first server, management node searches the first routing rule and the second detected rule in this first server, and this first routing rule and this second detected rule are the rule of first gateway corresponding with the first virtual machine.

When creating the first virtual machine in first server, management node searches the first routing rule and the second detected rule in this first server, and this first routing rule and this second detected rule are the rule of first gateway corresponding with the first virtual machine.

Be understandable that, when creating the first virtual machine in first server, management node first can judge whether there is first gateway corresponding with the first subnet belonging to this first virtual machine in this first server, to determine whether to create this first gateway in this first server.The implementation method of the gateway function provided due to embodiments of the invention realizes gateway function in virtualized environment, therefore the virtual gateway that can realize gateway function that the gateway created in the embodiment of the present invention refers to, therefore, server realizes the function of the first gateway by the rule of first gateway corresponding with the first virtual machine on virtual switch, and namely the first routing rule and this second detected rule constitute the first gateway.

S202, if this management node does not find the first routing rule and the second detected rule in first server, this management node then sends the first request message to first server, the first routing iinformation and the first detected rule is obtained according to the first request message to make this first server, and generate the first routing rule and the second detected rule according to this first routing iinformation and this first detected rule, and according to this first routing rule and this second detected rule, the function of the first gateway is realized by the virtual switch in first server, wherein, the first routing iinformation and the first detected rule is carried in first request message, this first request message creates the first gateway for asking first server on virtual switch.

Management node searches the first routing rule and the second detected rule in this first server, if this management node does not find the first routing rule and the second detected rule in first server, namely this management node does not find the first gateway in this first server, this management node then sends the first request message to first server, the first routing iinformation and the first detected rule is obtained with the first request message making this first server can send according to management node, and make server can generate the first routing rule and the second detected rule according to this first routing iinformation and this first detected rule, and make server can according to this first routing rule and this second detected rule, the function of the first gateway is realized by the virtual switch in first server.Wherein, carry the first routing iinformation and the first detected rule in the first request message, this first request message creates the first gateway for asking first server on virtual switch.

It should be noted that, carry the first routing iinformation and the first detected rule due in the first request message that management node sends, therefore server from this first request message of management node transmission, can obtain the first routing iinformation and the first detected rule.

Wherein, routing iinformation is that user inputs for configuring the first gateway, the routing iinformation of this first gateway is the routing information that the first gateway carries out forwarding, and the first detected rule of this first gateway can comprise address information, the address information of target virtual machine, the mark etc. of subnet of source virtual machine.

Embodiments of the invention provide a kind of implementation method of gateway function, by the first request message that server receiving management node sends, the first routing iinformation of the first gateway and the first detected rule of the first gateway is carried in this first request message, this first request message creates the first gateway on request server virtual switch in the server, and this server is according to the first request message, obtain the first routing iinformation and the first detected rule, and this server is according to the first routing iinformation and the first detected rule, generate the first routing rule and the second detected rule, finally this server is according to this first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch.Pass through the program, on the one hand because server generates the first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch, thus avoid in prior art the performance of virtual machine forwarding data bag and the restriction of this virtual machine bandwidth that realize gateway function, this improves the communication efficiency between virtual machine and main frame; On the other hand, the each server in virtualization system is applicable to due to the program, therefore, the gateway function corresponding with some subnets can be created on each server, thus when certain server fail in this subnet, other virtual machines in this subnet still can continue to communicate with main frame, and then improve the communication stability between virtual machine and main frame.

Embodiment two

Embodiments of the invention provide a kind of implementation method of gateway function, and as shown in Figure 5, the method is the implementation method of the gateway function of server side, and the method can comprise:

S301, when creating the first virtual machine in first server, management node searches the first routing rule and the second detected rule in this first server, and the first routing rule and the second detected rule are the rule of first gateway corresponding with this first virtual machine.

Especially, first server be management node by scheduling of resource, in virtualized environment, a server of selection.Concrete, certain virtual machine which server created in certain subnet is decided by scheduling of resource by management node.

It should be noted that, in virtualization system, the virtual machine in subnet can be communicated with the virtual machine in another subnet by the gateway corresponding with this subnet.When first virtual machine in establishment subnet, management node searches on this server whether have the gateway corresponding with this subnet, when management node does not find the gateway corresponding with this subnet on that server, server can create the gateway corresponding with this subnet on its virtual switch.

Further, during user's planning network, network can be divided into a lot of subnet, the division of subnet is that subnet address is served as in the some main frame positions by using IP address, thus former network is divided into some subnets.During user's subnet division, along with increasing of main frame position is used in subnet address, the number of subnet increases thereupon, and the available host position in each subnet is reduced gradually.

Be understandable that, when creating the first virtual machine in first server, management node first can judge whether there is first gateway corresponding with the first subnet belonging to this first virtual machine in this first server, to determine whether to create this first gateway in this first server.The implementation method of the gateway function provided due to embodiments of the invention realizes gateway function in virtualized environment, therefore the virtual gateway that can realize gateway function that the gateway created in the embodiment of the present invention refers to, namely server realizes the function of the first gateway by the rule of first gateway corresponding with the first virtual machine on virtual switch, namely realizes the function of the first gateway by the first routing rule on virtual switch and the second detected rule.

Wherein, virtual gateway is in virtualization system, and user is the module that can realize gateway function that the subnet in this virtualization system distributes.

If this management node of S302 does not find the first routing rule and the second detected rule in this first server, this management node then sends the first request message to first server, wherein, carry the first routing iinformation and the first detected rule in this first request message, this first request message creates the first gateway for asking first server on virtual switch.

Management node searches the first routing rule and the second detected rule in this first server, if this management node does not find the first routing rule and the second detected rule in first server, namely this management node does not find the first gateway in this first server, this management node then sends the first request message to first server, wherein, carry the first routing iinformation and the first detected rule in first request message, this first request message creates the first gateway for asking first server on virtual switch.

It should be noted that, carry the first routing iinformation and the first detected rule due in the first request message that management node sends, therefore first server from this first request message of management node transmission, can obtain the first routing iinformation and the first detected rule.

It should be noted that on one server, can have one or more virtual switch, this virtual switch machine testing and its virtual port carry out the virtual machine that logic is connected, so that packet is transmitted to virtual machine.In the invention process, in virtualization system, the virtual switch used is distributed virtual switch, this distributed virtual switch is there is in each server managed with management node, thus make the virtual machine on server when moving across multiple server, can guarantee that its network configuration is consistent.

S303, first server, according to this first request message, obtain the first routing iinformation and the first detected rule.

After first server receives the first request message of management node transmission, first server can according to this first request message, virtual switch creates the first gateway, wherein, the first routing iinformation of the first gateway and the first detected rule of this first gateway is included in this first request message.

After first server receives the first request message, first server according to this first request message, can obtain the first routing iinformation and the first detected rule.

Concrete, carry the first routing iinformation and the first detected rule due in the first request message that first server receives, therefore first server from this first request message, can obtain the first routing iinformation and the first detected rule.

S304, first server, according to the first routing iinformation, generate first routing rule corresponding with this first routing iinformation and the first Route Distinguisher.

First server obtains from after the first routing iinformation of management node and the first detected rule, and first server can generate the first routing rule and the first Route Distinguisher according to this first routing iinformation.

Optionally, the first Route Distinguisher can represent with " routing table 1 " or " route table1 ", also can represent that the mark of the first routing rule represents with other.

First Route Distinguisher is added in the first detected rule by S305, first server, generates the second detected rule.

After first server generates the first Route Distinguisher, this first Route Distinguisher is also added in this first detected rule by first server, generates the second detected rule.

S306, first server, according to the first routing rule and the second detected rule, realize the function of the first gateway by virtual switch.

After first server generates the first routing rule and the second detected rule, first server according to the first routing rule and the second detected rule, can realize the function of the first gateway by virtual switch.

It should be noted that, when source virtual machine need communicate with target virtual machine, namely, when source virtual machine need send packet to target virtual machine, suppose that the first gateway is the gateway corresponding with source virtual machine, source virtual machine sends this packet to target virtual machine by this first gateway.Concrete, first server can find the subnet information of the subnet information of the first subnet belonging to source virtual machine and the second subnet belonging to target virtual machine respectively according to the second detected rule generated, and in this second detected rule, find the Route Distinguisher corresponding with the subnet information of the subnet information of the first subnet and the second subnet, thus first server can according to this Route Distinguisher, find first routing rule corresponding with the first gateway, to determine the access path between source virtual machine and target virtual machine, and then first server can according to this access path found, the packet sent by source virtual machine is through the first gateway forwards, finally be sent to target virtual machine, thus achieve the function of the first gateway.

It should be noted that, as shown in Figure 6, after S301, the implementation method of the gateway function that the embodiment of the present invention provides also comprises:

If S307 management node finds the first routing rule and the second detected rule in first server, this management node then indicates first server according to the first routing rule and the second detected rule, is realized the function of the first gateway by virtual switch.

Management node searches the first routing rule and the second detected rule in this first server, if this management node finds the first routing rule and the second detected rule in first server, namely this management node finds the first gateway in this first server, this management node then indicates first server according to the first routing rule and the second detected rule, is realized the function of the first gateway by virtual switch.

Further, as shown in Figure 7, if the first gateway and the first routing rule are the gateway corresponding with the first subnet and routing rule, first server is then according to the first routing rule and the second detected rule, and the method being realized the function of the first gateway by virtual switch can be comprised:

S401, first server receive by virtual switch the packet that source virtual machine is sent to target virtual machine, this packet comprises the address information of source virtual machine and the address information of target virtual machine, wherein, this source virtual machine provides service by the first subnet, and this target virtual machine provides service by the second subnet.

It should be noted that, when the source virtual machine that first server is run communicates with target virtual machine, first server receives the packet sent by source virtual machine by virtual switch, and is gone out by the first gateway forwards corresponding with the first subnet belonging to source virtual machine by this packet.

First server receives by virtual switch the packet that source virtual machine is sent to target virtual machine, the address information of source virtual machine and the address information of target virtual machine can be comprised in this packet, wherein, this source virtual machine provides service by the first subnet, this target virtual machine provides service by the second subnet, namely source virtual machine belongs to the first subnet, and target virtual machine belongs to the second subnet.

Especially, when the source virtual machine of first server sends data to target virtual machine, one piece of data by data sectional, and is packaged into the packet with IP head by first server, data is sent with the form of packet.

Concrete, due to different network systems and equipment, the form as the elementary cell of the data of the transmission such as Ethernet, the packet switching network is different, therefore, can not intercom mutually between different network systems and equipment.And the protocol software that IP agreement is made up of software program, it can convert " IP packet " form to by unified for various difference " frame ", and this conversion can make all computers can realize mutual communication on the internet.

Further, packet is a kind of form of packet switching, namely the data sectional that equipment sends is broken into " bag ", then sends.Due to each " bag " (grouping) that break into is sent as one " independently message ", therefore, be called " packet ".IP has the function of grouping packing and set assembling, each packet has header and these two parts of message, the targetedly required content such as location information in header, to make each packet can arrive destination exactly through different paths, and reconfigure the data being reduced into original transmission in destination.Wherein, by adding IP head respectively to the header portion of each packet after above-mentioned data sectional, forming IP packet to make these packets.

S402, first server, according to the address information of source virtual machine, the address information of target virtual machine and the second detected rule, determine the mark of the first subnet and the mark of the second subnet.

After first server is sent to the packet of target virtual machine by virtual switch reception source virtual machine, first server can obtain the address information of source virtual machine, the address information of target virtual machine from this packet, and according to the address information of source virtual machine, the address information of target virtual machine and the second detected rule, determine the mark of the first subnet and the mark of the second subnet.

It should be noted that, the address information of address information and target virtual machine that first server obtains source virtual machine from above-mentioned packet is respectively the IP address of source virtual machine and the IP address of target virtual machine.

It should be noted that, the mark of the first subnet and the mark being designated the subnet that can characterize belonging to virtual machine of the second subnet, this mark can be figure notation, and can be also word marking or alphabetic flag etc., the present invention be restricted.

Concrete, the IP address of source virtual machine, the IP address of target virtual machine are mated with the source IP ground in the second detected rule, target ip address, thus are determined the mark of the mark of the first subnet belonging to source virtual machine and the second subnet belonging to target virtual machine by first server respectively.

If the mark of S403 first subnet is different from the mark of the second subnet, first server then according to the IP address of the first routing rule, target virtual machine, forwards packet.

After first server determines the mark of the first subnet and the mark of the second subnet, if the mark of the first subnet is different from the mark of the second subnet, first server then according to the IP address of the first routing rule, target virtual machine, forwards packet and forwards packet.

It should be noted that, as shown in table 1, be the head Field Options in the second detected rule, this Field Options comprises the mark of Route Distinguisher, source MAC, destination-mac address, source IP address, target ip address and subnet, wherein, source IP address is for representing the IP address of source virtual machine; Target ip address is for representing the IP address of target virtual machine.Concrete, first server can check the mark of subnet corresponding respectively with it in the second detected rule according to the IP address of the IP address of source virtual machine and target virtual machine, i.e. the mark of the first subnet and the mark of the second subnet.

Table 1

Wherein, MAC(Media Access Control, media interviews control) address or be called hardware address, be used to the position of define grid equipment.In OSI7 layer protocol, third layer network layer is responsible for IP address, and second layer data link layer is then responsible for MAC Address.A main frame has an IP address, and each network site has the MAC Address that is specific to it.

Concrete, if the mark of the first subnet is different from the mark of the second subnet, first server is then according to first Route Distinguisher corresponding with source virtual machine in the second detected rule, first routing rule corresponding with this first Route Distinguisher is found again by this first Route Distinguisher, and first server is then according to the first routing rule, forwards packet.

Further, first server according to the second detected rule, can abandon packet.

In the embodiment of the present invention, source MAC is the MAC Address of source virtual machine, and source IP address is the IP address of source virtual machine, and destination-mac address is the MAC Address of the first gateway, and target ip address is the IP address of target virtual machine.Because source virtual machine will by first gateway corresponding with the subnet belonging to source virtual machine, therefore, destination-mac address is the MAC Address of this first gateway.Concrete, further part is in the present embodiment described in detail by the acquisition methods of the MAC Address of the first gateway.

Exemplary, suppose that the IP address of source virtual machine is A, the IP address of target virtual machine is B, as shown in table 2, for source virtual machine and target virtual machine distinguish the second corresponding detected rule, as can be seen from Table 2, the first subnet belonging to source virtual machine be designated 1, the second subnet belonging to target virtual machine be designated 2, because 1 and 2 is marks of different subnets, therefore, the mark of the first subnet is different from the mark of the second subnet, now, first server can find the first routing rule according to the first Route Distinguisher in the second detected rule-route 1, first server is again according to the MAC Address of the first routing rule and the first gateway, above-mentioned packet is forwarded.Wherein, the first routing rule is as shown in table 3, and table 3 is first routing rule corresponding with route 1.

Table 2

Table 3

It should be noted that, when first server forwards above-mentioned packet by the first routing rule, be by the MAC Address of the first gateway by this Packet Generation to target virtual machine.Concrete, first server first obtains the response to this packet from the first routing rule shown in table 3, namely forwards.

In the embodiment of the present invention, the subnet of targeted subnet belonging to target virtual machine, target port is the communication interface of the server at target virtual machine place, and source IP address is the IP address of source virtual machine, and gateway is first gateway corresponding with the first subnet belonging to source virtual machine.

If the mark of S404 first subnet is identical with the mark of the second subnet, first server, then according to the IP address of target virtual machine, searches the MAC Address of this target virtual machine corresponding with the IP address of this target virtual machine in the first address mapping table corresponding with source virtual machine.

It should be noted that, address mapping table is the corresponding relation between the IP address of virtual machine and the MAC Address of virtual machine, an address mapping table is had in each virtual machine, wherein, first mapping table is the corresponding relation between the IP address of the source virtual machine that first server is run and the MAC of this source virtual machine, and carries out the corresponding relation between the IP address of other virtual machines communicated and the MAC Address of these other virtual machines with this source virtual machine.

Be understandable that, because IP address is in the third layer-network layer of OSI7 layer protocol, MAC Address is in the second layer-data link layer of OSI7 layer protocol, and virtual switch carries out the forwarding of packet by MAC Address, therefore, when the virtual machine in first server source sends packet to target virtual machine, will first through the forwarding of virtual switch, the IP address of target virtual machine is obtained from this packet, and in the first address mapping table, the MAC Address of target virtual machine is searched according to the IP address of this target virtual machine, to be carried out the forwarding of this packet by virtual switch, namely first server can according to the IP address of target virtual machine, the MAC Address of this target virtual machine corresponding with the IP address of this target virtual machine is searched in the first address mapping table corresponding with source virtual machine.

After first server determines the mark of the first subnet and the mark of the second subnet, first server, then according to the IP address of target virtual machine, searches the MAC Address of this target virtual machine corresponding with the IP address of this target virtual machine in the first address mapping table corresponding with source virtual machine.

If S405 first server does not find the MAC Address of target virtual machine in this first address mapping table, first server then obtains the MAC Address of this target virtual machine, and the MAC Address of this target virtual machine is saved to this first address mapping table.

If the mark of the first subnet is identical with the mark of the second subnet, first server is then according to the IP address of target virtual machine, search the MAC Address of this target virtual machine corresponding with the IP address of this target virtual machine in the first address mapping table corresponding with source virtual machine after, if first server does not find the MAC Address of target virtual machine in this first address mapping table, first server then obtains the MAC Address of this target virtual machine, and the MAC Address of this target virtual machine is saved in this first address mapping table.

Concrete, first server can according to the IP address of target virtual machine, the MAC Address of this target virtual machine corresponding with the IP address of this target virtual machine is searched in the first address mapping table corresponding with source virtual machine, if first server does not find the MAC Address of this target virtual machine in this first address mapping table, source virtual machine then sends ARP (Address ResolutionProtocol, address resolution protocol) request is to target virtual machine, and this ARP carries the IP address of target virtual machine in asking.Like this, this ARP that all virtual machines in virtualization system all can receive source virtual machine transmission asks, this destination virtual chance is only had to provide arp reply under normal conditions, carry the MAC Address of target virtual machine in this arp reply, thus the MAC Address of this target virtual machine is returned to this source virtual machine by arp reply by target virtual machine.After source virtual machine obtains arp reply, the MAC Address of target virtual machine is put into the arp cache of source virtual machine, namely in the first address mapping table, so that use next time.Concrete, when source virtual machine receives arp reply time, will upgrade its first address mapping table, by the IP address of this target virtual machine in this arp reply and the MAC Address corresponding stored of this target virtual machine in the first address mapping table.

Wherein, ARP agreement is the TCP(Transmission ControlProtocol obtaining physical address, transmission control protocol)/IP agreement.ARP request when the IP address of carrying target virtual machine is broadcast to after on network, this destination virtual chance receives this ARP and asks, and ask according to this ARP to generate the arp reply carrying the MAC Address of target virtual machine, and by sending this arp reply to source virtual machine, and the MAC Address of this target virtual machine is sent to this source virtual machine.

Exemplary, suppose that virtual machine A need send packet to virtual machine B, virtual machine A and virtual machine B then can perform following six steps respectively successively:

(1), first virtual machine A can check the address mapping table of virtual machine A, looks into the MAC Address seeing if there is virtual machine B.

(2) if virtual machine A does not find the MAC Address of virtual machine B in the address mapping table of virtual machine A, virtual machine A then can ask to Web broadcast ARP, to ask the MAC Address of virtual machine B.Wherein, the target ip address that this ARP carries in asking is the IP address of virtual machine B, destination-mac address is the MAC Address (i.e. FF-FF-FF-FF-FF-FF) of broadcast frame, and source IP address and source MAC are the IP address of virtual machine A and the MAC Address of virtual machine A.

(3), after virtual switch receives this ARP request, find that this ARP request is a broadcast frame, therefore, this ARP request can be transmitted to all virtual machines from non-reception total interface.

(4), after virtual machine B receives this ARP request, whether the IP address proofreading during this ARP asks the target virtual machine carried is identical with the IP address of virtual machine B, if the IP address that virtual machine B proofreads during this ARP asks the target virtual machine carried is identical with the IP address of virtual machine B, virtual machine B then sends an arp reply to virtual machine A, wherein carry the MAC Address of virtual machine B in this arp reply, and the MAC Address correspondence of the IP address of virtual machine A and virtual machine A is saved in the address mapping table of virtual machine B by virtual machine B.

(5), virtual machine A receive virtual machine B send arp reply after, virtual machine A obtains the MAC Address of virtual machine B from this arp reply, and in the address mapping table of virtual machine A the IP address of corresponding record virtual machine B and the MAC Address of virtual machine B.

(6), after virtual machine A gets the MAC Address of virtual machine B, virtual machine A can according to the MAC Address of virtual machine B, by the Packet Generation to virtual machine B to be sent for virtual machine A to virtual machine B.

It should be noted that, in same subnet, the method that the method for the MAC Address of the first gateway that source virtual machine acquisition is corresponding with this subnet and virtual machine A obtain the MAC Address of virtual machine B is consistent.

S406, the first server IP address according to the second detected rule, target virtual machine and the MAC Address of target virtual machine, forward packet.

If the mark of the first subnet is identical with the mark of the second subnet, and after the MAC Address of first server acquisition target virtual machine, first server then according to the IP address of the second detected rule, target virtual machine and the MAC Address of target virtual machine, forwards packet.

It should be noted that, the present invention does not limit the execution sequence of S403 and S404-S405-S406, and namely the present invention first can perform S403, then performs S404-S405-S406, also first can perform S404-S405-S406, then perform S403.

Further, when first server there being virtual machine to be migrated, this virtual machine to be migrated is the virtual machine corresponding with the first gateway, and as shown in Figure 8, the implementation method of gateway function also comprises:

S501, management node determine at least one second server in server cluster.

It should be noted that, the Servers-all in management node management server cluster.

When first server there being virtual machine to be migrated, management node determines at least one server in its server cluster managed.

Wherein, this at least one second server destination server that will migrate to for the virtual machine to be migrated in first server.

Further, management node can select the server of at least one underloading in server cluster, and using as this at least one second server, this is owing to only having the server of underloading could provide resource for this virtual machine to be migrated.At least one second server that concrete management node is selected can set according to actual conditions, and the present invention is not restricted.

Be understandable that, when management node need by the virtual machine (vm) migration to be migrated in first server at least one second server time, management node can select at least one server in server cluster, using as this at least one second server.Because the virtual machine to be migrated in first server can have multiple, the plurality of virtual machine to be migrated can migrate to a second server, also can migrate to multiple second server, and therefore, management node need determine at least one second server.

S502, management node search the first routing rule and the second detected rule at least one second server.

After management node determines at least one second server in server cluster, management node searches the first routing rule and the second detected rule in its at least one second server determined.

Be understandable that, management node is determined after the virtual machine (vm) migration to be migrated in first server to second server, if make this virtual machine to be migrated communicate with other virtual machines, then first needing to check whether this at least one second server has the first gateway, namely management node searches the first routing rule and the second detected rule on this at least one second server.

If S503 management node finds the first routing rule and the second detected rule at least one second server, this management node then by the virtual machine (vm) migration to be migrated in first server to this at least one second server.

After management node searches the first routing rule and the second detected rule at least one second server, if management node finds the first routing rule and the second detected rule at least one second server, namely this at least one second server has the first gateway, this management node then by the virtual machine (vm) migration to be migrated in first server to this at least one second server.

Be understandable that, after management node searches the first routing rule and the second detected rule at least one second server, if management node finds the first routing rule and the second detected rule at least one second server, management node can directly by the virtual machine (vm) migration to be migrated in first server to this at least one second server, just can directly communicate with other virtual machines after namely on this virtual machine (vm) migration to be migrated to this at least one second server.

Further, if management node finds the first routing rule and the second detected rule at least one second server, this management node then indicates this at least one second server according to this first routing rule and this second detected rule, is realized the function of the first gateway by virtual switch.Concrete implementation procedure explains in the previous section of the present embodiment, repeats no more herein.

Further, if management node does not find the first routing rule and the second detected rule at least one second server, this management node then sends the first request message at least one second server, this at least one second server generates this first routing rule and the second detected rule according to the first request message, and is realized the function of the first gateway by virtual switch.Concrete, the method that at least one second server realizes the first gateway function is identical with the method realizing the first gateway function in first server, repeats no more herein.

Whether S504, management node determination first server have and corresponding with the first gateway does not move virtual machine.

Management node, by after the virtual machine (vm) migration to be migrated in first server to this at least one second server, whether management node determination first server also has and corresponding with the first gateway does not move virtual machine.

It should be noted that, management node is by after the virtual machine (vm) migration to be migrated in first server to this at least one second server, management node corresponding with the first gateway can not move virtual machine by whether the mode determination first server of searching also has, thus determines whether this first gateway to be deleted.

If without not moving virtual machine in S505 management node determination first server, this management node then indicates this first server to delete the first routing rule and the second detected rule.

Whether management node determination first server has corresponding with the first gateway do not move virtual machine after, if without not moving virtual machine in management node determination first server, this management node then indicates this first server to delete the first routing rule and the second detected rule.

Be understandable that, if without not moving virtual machine in management node determination first server, namely in first server, do not carry out by the first gateway the virtual machine communicated, this management node then can indicate this first server to delete the first routing rule and the second detected rule, namely the first gateway in first server is deleted, thus discharge the resource that this first gateway takies, like this, the resource that this first server discharges can separately use it for anything else by management node, to realize the Appropriate application of resource.

Further, if management node determination first server does not move virtual machine, this management node does not then process, can continue according to this first routing rule and this second detected rule to make first server, the function of the first gateway is realized, not moving virtual machine and can continue through this first gateway and communicate namely in first server by virtual switch.

Embodiment three

As shown in Figure 9, embodiments of the invention provide a kind of server 1, the implementation method of the gateway function of the server side provided corresponding to the embodiment of the present invention, and this server 1 can comprise:

Receiving element 10, for the first request message that receiving management node sends, carry the first routing iinformation of the first gateway and the first detected rule of described first gateway in described first request message, described first request message is for asking the virtual switch in described server to create described first gateway.

Acquiring unit 11, for described first request message received according to described receiving element 10, obtains described first routing iinformation and described first detected rule.

Generation unit 12, for described first routing iinformation that obtains according to described acquiring unit 11 and described first detected rule, generates the first routing rule and the second detected rule.

Realize unit 13, for described first routing rule that generates according to described generation unit 12 and described second detected rule, realized the function of described first gateway by described virtual switch.

Optionally, described generation unit 12, specifically for described first routing iinformation obtained according to described acquiring unit 11, generate described first routing rule corresponding with described first routing iinformation and the first Route Distinguisher, and described first Route Distinguisher is added in described first detected rule, to generate described second detected rule.

Optionally, described first gateway and described first routing rule are the gateway corresponding with the first subnet and routing rule,

Wherein, as shown in Figure 10, described server 1 also comprises determining unit 14;

Described receiving element 10, also for receiving by described virtual switch the packet that source virtual machine is sent to target virtual machine, described packet comprises the address information of described source virtual machine and the address information of described target virtual machine, wherein, described source virtual machine provides service by described first subnet, and described target virtual machine provides service by the second subnet.

Described determining unit 14, for described second detected rule that the address information of described source virtual machine, the address information of described target virtual machine and the described generation unit 12 that receive according to described receiving element 10 generate, determine the mark of described first subnet and the mark of described second subnet.

Describedly realize unit 13, if the mark of described first subnet also determined for described determining unit 14 is different from the mark of described second subnet, then according to described first routing rule that described generation unit 12 generates, described packet is forwarded.

Optionally, describedly realize unit 13, after also determining the mark of described first subnet and the mark of described second subnet for described determining unit 14, if the mark of described first subnet is identical with the mark of described second subnet, then described second detected rule generated according to described generation unit 12 forwards described packet.

Optionally, as shown in figure 11, the address information of described target virtual machine comprises the IP address of described target virtual machine, and wherein, described server 1 also comprises searches unit 15 and storage unit 16.

Describedly search unit 15, if the mark of described first subnet determined for described determining unit 14 is identical with the mark of described second subnet, describedly realize before unit 13 to forward the described packet that described receiving element 10 receives according to described second detected rule, according to the IP address of the described target virtual machine that described receiving element 10 receives, in first address mapping table corresponding with described source virtual machine, search the MAC Address of the described target virtual machine corresponding with the IP address of described target virtual machine.

Described acquiring unit 11, if also for described in search the MAC Address that unit 15 does not find described target virtual machine in described first address mapping table, then obtain the MAC Address of described target virtual machine.

Described storage unit 16, the MAC Address for the described target virtual machine obtained by described acquiring unit 11 is saved to described first address mapping table.

Optionally, as shown in figure 12, describedly realize unit 13, the IP address of described target virtual machine obtained specifically for described first routing rule/described second detected rule according to described generation unit 12 generation, described acquiring unit 11 and the MAC Address of described target virtual machine, forward the described packet that described receiving element 10 receives.

Embodiments of the invention provide a kind of server, by the first request message that server receiving management node sends, the first routing iinformation of the first gateway and the first detected rule of the first gateway is carried in this first request message, this first request message creates the first gateway on request server virtual switch in the server, and this server is according to the first request message, obtain the first routing iinformation and the first detected rule, and this server is according to the first routing iinformation and the first detected rule, generate the first routing rule and the second detected rule, finally this server is according to this first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch.Pass through the program, on the one hand because server generates the first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch, thus avoid in prior art the performance of virtual machine forwarding data bag and the restriction of this virtual machine bandwidth that realize gateway function, this improves the communication efficiency between virtual machine and main frame; On the other hand, the each server in virtualization system is applicable to due to the program, therefore, the gateway function corresponding with some subnets can be created on each server, thus when certain server fail in this subnet, other virtual machines in this subnet still can continue to communicate with main frame, and then improve the communication stability between virtual machine and main frame.

As shown in figure 13, embodiments of the invention provide a kind of management node 2, the implementation method of the gateway function of the management node side provided corresponding to the embodiment of the present invention, and this management node 2 can comprise:

Search unit 20, for when creating the first virtual machine in first server, in described first server, search the first routing rule and the second detected rule, described first routing rule and described second detected rule are the rule of first gateway corresponding with described first virtual machine.

Transmitting element 21, if for described in search unit 20 in described first server, do not find described first routing rule and described second detected rule, then send the first request message to described first server, the first routing iinformation and the first detected rule is obtained according to described first request message to make described first server, and generate described first routing rule and described second detected rule according to described first routing iinformation and described first detected rule, and according to described first routing rule and described second detected rule, the function of described first gateway is realized by the virtual switch in described first server, wherein, described first routing iinformation and described first detected rule is carried in described first request message, described first request message creates described first gateway for asking described first server on described virtual switch.

Optionally, as shown in figure 14, described management node 2 also comprises determining unit 22 and migration units 23.

Described determining unit 22, for when described first server there being virtual machine to be migrated, determines at least one second server in server cluster, and wherein, described virtual machine to be migrated is the virtual machine corresponding with described first gateway.

Describedly search unit 20, also for searching described first routing rule and described second detected rule at least one second server described in determining in described determining unit 22.

Migration units 23, if for described in search unit 20 at least one second server described, find described first routing rule and described second detected rule, then by the virtual machine (vm) migration described to be migrated in described first server at least one second server described.

Optionally, as shown in figure 15, described management node 2 also comprises indicating member 24.

Described determining unit 22, also for described migration units 23 by the virtual machine (vm) migration described to be migrated in described first server to after at least one second server described, determine whether described first server has and corresponding with described first gateway do not move virtual machine.

Described indicating member 24, if determine described first server does not move virtual machine without described for described determining unit 22, then indicates described first server to delete described first routing rule and described second detected rule.

Optionally, described indicating member 24, also search after unit 20 searches the first routing rule and the second detected rule in described first server for described, if described in search unit 20 in described first server, find described first routing rule and described second detected rule, then indicate described first server according to described first routing rule and described second detected rule, realized the function of described first gateway by described virtual switch.

Embodiments of the invention provide a kind of management node, when creating the first virtual machine in first server, management node searches the first routing rule and the second detected rule in this first server, this first routing rule and this second detected rule are the rule of first gateway corresponding with the first virtual machine, if and in first server, do not find the first routing rule and the second detected rule, this management node then sends the first request message to first server, the first routing iinformation and the first detected rule is obtained according to the first request message to make this first server, and generate the first routing rule and the second detected rule according to the first routing iinformation and the first detected rule, and according to the first routing rule and the second detected rule, the function of the first gateway is realized by the virtual switch in this first server, wherein, the first routing iinformation and the first detected rule is carried in first request message, this first request message creates the first gateway for asking first server on virtual switch.Pass through the program, on the one hand because server generates the first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch, thus avoid in prior art the performance of virtual machine forwarding data bag and the restriction of this virtual machine bandwidth that realize gateway function, this improves the communication efficiency between virtual machine and main frame; On the other hand, the each server in virtualization system is applicable to due to the program, therefore, the gateway function corresponding with some subnets can be created on each server, thus when certain server fail in this subnet, other virtual machines in this subnet still can continue to communicate with main frame, and then improve the communication stability between virtual machine and main frame.

Embodiment four

As shown in figure 16, embodiments of the invention provide a kind of server, and this server can comprise: processor 30, memory 31, system bus 32 and communication port 33, wherein,

Processor 30, connected by system bus 32 between memory 31 and communication port 33 and complete mutual communication.

Processor 30 may be monokaryon or multinuclear CPU, or is specific integrated circuit, or for being configured to the one or more integrated circuits implementing the embodiment of the present invention.

Memory 31 can be high-speed RAM memory, also can be nonvolatile memory (non-volatile memory), such as at least one magnetic disc store.

Memory 31 is for the execution instruction of storage server.Concrete, software program and software code can be comprised in the execution instruction of server.

Communication port 33 can be used for receiving or sending data.

Concrete, described processor 30 can be used for the first request message sent from described communication port 33 receiving management node by described system bus 32, the first routing iinformation of the first gateway and the first detected rule of described first gateway is carried in described first request message, described first request message is for asking the virtual switch in described server to create described first gateway, and according to described first request message, obtain described first routing iinformation and described first detected rule, and according to described first routing iinformation and described first detected rule, generate the first routing rule and the second detected rule, last according to described first routing rule and described second detected rule, the function of described first gateway is realized by described virtual switch, described memory 31 can be used for storing the software code of the first routing iinformation of the first gateway from described communication port 33 reception and the software code of the first detected rule of the first gateway, and first routing rule software code and the software code of the second detected rule, and Control Server completes the software program of said process, thus make described processor 30 by performing the described software program of storage in upper described memory 31 and calling corresponding software code, complete said process.

Optionally, described processor 30, specifically for according to described first routing iinformation, generates described first routing rule corresponding with described first routing iinformation and the first Route Distinguisher, and described first Route Distinguisher is added in described first detected rule, to generate described second detected rule.

Optionally, described first gateway and described first routing rule are the gateway corresponding with the first subnet and routing rule, wherein, described processor 30, also for receiving by described virtual switch the packet that source virtual machine is sent to target virtual machine, described packet comprises the address information of described source virtual machine and the address information of described target virtual machine, wherein, described source virtual machine provides service by described first subnet, described target virtual machine provides service by the second subnet, and according to the address information of described source virtual machine, the address information of described target virtual machine and described second detected rule, determine the mark of described first subnet and the mark of described second subnet, if and the mark of described first subnet is different from the mark of described second subnet, then according to described first routing rule, described packet is forwarded.

Optionally, described processor 30, after mark also for the mark and described second subnet of determining described first subnet, if the mark of described first subnet is identical with the mark of described second subnet, then according to described second detected rule, described packet is forwarded.

Optionally, the address information of described target virtual machine comprises the IP address of described target virtual machine, wherein, described processor 30, if the mark also for described first subnet is identical with the mark of described second subnet, before then according to described second detected rule described packet being forwarded, according to the IP address of described target virtual machine, the MAC Address of the described target virtual machine corresponding with the IP address of described target virtual machine is searched in the first address mapping table corresponding with described source virtual machine, if and in described first address mapping table, do not find the MAC Address of described target virtual machine, then obtain the MAC Address of described target virtual machine, and the MAC Address of described target virtual machine is saved to described first address mapping table.

Optionally, described processor 30, also specifically for according to described first routing rule/described second detected rule, the IP address of described target virtual machine and the MAC Address of described target virtual machine, forwards described packet.

As shown in figure 17, embodiments of the invention provide a kind of management node, and this management node can comprise: processor 40, memory 41, system bus 42 and communication port 43, wherein,

Processor 40, connected by system bus 42 between memory 41 and communication port 43 and complete mutual communication.

Processor 40 may be monokaryon or multinuclear CPU, or is specific integrated circuit, or for being configured to the one or more integrated circuits implementing the embodiment of the present invention.

Memory 41 can be high-speed RAM memory, also can be nonvolatile memory (non-volatile memory), such as at least one magnetic disc store.

Memory 41 is for the execution instruction of storage administration node.Concrete, software program and software code can be comprised in the execution instruction of management node.

Communication port 43 can be used for receiving or sending data.

Concrete, described processor 40 can be used for when creating the first virtual machine in first server, the first routing rule and the second detected rule is searched in described first server, described first routing rule and described second detected rule are the rule of first gateway corresponding with described first virtual machine, if and in described first server, do not find described first routing rule and described second detected rule, then send the first request message to described first server, the first routing iinformation and the first detected rule is obtained according to described first request message to make described first server, and generate described first routing rule and described second detected rule according to described first routing iinformation and described first detected rule, and according to described first routing rule and described second detected rule, the function of described first gateway is realized by the virtual switch in described first server, wherein, described first routing iinformation and described first detected rule is carried in described first request message, described first request message creates described first gateway for asking described first server on described virtual switch, described memory 41 can be used for storing the software code of the first routing iinformation from described communication port 43 transmission and the software code of the first detected rule, and control and management node completes the software program of said process, thus make described processor 40 by performing the described software program of storage in upper described memory 41 and calling corresponding software code, complete said process.

Optionally, described processor 40, also for when described first server there being virtual machine to be migrated, at least one second server is determined in server cluster, wherein, described virtual machine to be migrated is the virtual machine corresponding with described first gateway, and at least one second server described, search described first routing rule and described second detected rule, and at least one second server described, find described first routing rule and described second detected rule, then by extremely at least one second server described of the virtual machine (vm) migration described to be migrated in described first server.

Optionally, described processor 40, also for by the virtual machine (vm) migration described to be migrated in described first server to after at least one second server described, determine whether described first server has and corresponding with described first gateway do not move virtual machine, if and determine described first server does not move virtual machine without described, then indicate described first server to delete described first routing rule and described second detected rule.

Optionally, described processor 40, also for after search the first routing rule and the second detected rule in described first server, if find described first routing rule and described second detected rule in described first server, then indicate described first server according to described first routing rule and described second detected rule, realized the function of described first gateway by described virtual switch.

Embodiments of the invention provide a kind of management node, when creating the first virtual machine in first server, management node searches the first routing rule and the second detected rule in this first server, this first routing rule and this second detected rule are the rule of first gateway corresponding with the first virtual machine, if and in first server, do not find the first routing rule and the second detected rule, management node then sends the first request message to first server, the first routing iinformation and the first detected rule is obtained according to the first request message to make this first server, and generate the first routing rule and the second detected rule according to the first routing iinformation and the first detected rule, and according to the first routing rule and the second detected rule, the function of the first gateway is realized by the virtual switch in this first server, wherein, the first routing iinformation and the first detected rule is carried in first request message, this first request message creates the first gateway for asking first server on virtual switch.Pass through the program, on the one hand because server generates the first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch, thus avoid in prior art the performance of virtual machine forwarding data bag and the restriction of this virtual machine bandwidth that realize gateway function, this improves the communication efficiency between virtual machine and main frame; On the other hand, the each server in virtualization system is applicable to due to the program, therefore, the gateway function corresponding with some subnets can be created on each server, thus when certain server fail in this subnet, other virtual machines in this subnet still can continue to communicate with main frame, and then improve the communication stability between virtual machine and main frame.

As shown in figure 18, what the embodiment of the present invention also provided a kind of gateway function realizes system, the system that realizes of this gateway function can comprise at least one server as described in any one of claim 11-16, and the management node as described in any one of claim 17-20.This at least one server is a server cluster, and management node manages each server in this server cluster, and this management node is connected with each server in server cluster respectively.Wherein, for the server of in server cluster, the first request message that server receiving management node sends, the first routing iinformation of the first gateway and the first detected rule of the first gateway is carried in this first request message, this first request message creates the first gateway on request server virtual switch in the server, and this server is according to the first request message, obtain the first routing iinformation and the first detected rule, and this server is according to the first routing iinformation and the first detected rule, generate the first routing rule and the second detected rule, finally this server is according to this first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch.The gateway function that the embodiment of the present invention provides realize system, on the one hand because server generates the first routing rule and this second detected rule, the function of the first gateway is realized by virtual switch, thus avoid in prior art the performance of virtual machine forwarding data bag and the restriction of this virtual machine bandwidth that realize gateway function, this improves the communication efficiency between virtual machine and main frame; On the other hand, the each server in server cluster is applicable to due to the program, therefore, the gateway function corresponding with some subnets can be created on each server, thus when certain server fail in this subnet, other virtual machines in this subnet still can continue to communicate with main frame, and then improve the communication stability between virtual machine and main frame.

Those skilled in the art can be well understood to, for convenience and simplicity of description, only be illustrated with the division of above-mentioned each functional module, in practical application, can distribute as required and by above-mentioned functions and be completed by different functional modules, internal structure by device is divided into different functional modules, to complete all or part of function described above.The system of foregoing description, the specific works process of device and unit, with reference to the corresponding process in preceding method embodiment, can not repeat them here.

In several embodiments that the application provides, should be understood that, disclosed system, apparatus and method, can realize by another way.Such as, device embodiment described above is only schematic, such as, the division of described module or unit, be only a kind of logic function to divide, actual can have other dividing mode when realizing, such as multiple unit or assembly can in conjunction with or another system can be integrated into, or some features can be ignored, or do not perform.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be by some interfaces, and the indirect coupling of device or unit or communication connection can be electrical, machinery or other form.

The described unit illustrated as separating component or can may not be and physically separates, and the parts as unit display can be or may not be physical location, namely can be positioned at a place, or also can be distributed in multiple network element.Some or all of unit wherein can be selected according to the actual needs to realize the object of the present embodiment scheme.

In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, also can be that the independent physics of unit exists, also can two or more unit in a unit integrated.Above-mentioned integrated unit both can adopt the form of hardware to realize, and the form of SFU software functional unit also can be adopted to realize.

If described integrated unit using the form of SFU software functional unit realize and as independently production marketing or use time, can be stored in a computer read/write memory medium.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words or all or part of of this technical scheme can embody with the form of software product, this computer software product is stored in a storage medium, comprising some instructions in order to make a computer equipment (can be personal computer, server, or the network equipment etc.) or processor (processor) perform all or part of step of method described in each embodiment of the present invention.And aforesaid storage medium comprises: USB flash disk, portable hard drive, read-only memory (ROM, Read-OnlyMemory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. various can be program code stored medium.

The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; change can be expected easily or replace, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should described be as the criterion with the protection range of claim.

Claims

1. an implementation method for gateway function, is characterized in that, comprising:

2. the implementation method of gateway function according to claim 1, is characterized in that, described server, according to described first routing iinformation and described first detected rule, generates the first routing rule and the second detected rule specifically comprises:

3. the implementation method of gateway function according to claim 1 and 2, is characterized in that, described first gateway and described first routing rule are the gateway corresponding with the first subnet and routing rule,

4. the implementation method of gateway function according to claim 3, is characterized in that, after described server determines the mark of described first subnet and the mark of described second subnet, described method also comprises:

5. the implementation method of gateway function according to claim 4, is characterized in that, the address information of described destination host comprises the internet protocol address of described destination host,

6. the implementation method of gateway function according to claim 5, is characterized in that, described server, according to described first routing rule, forwards described packet; Described server forwards described packet according to described second detected rule, specifically comprises:

7. an implementation method for gateway function, is characterized in that, comprising:

8. the implementation method of gateway function according to claim 7, is characterized in that, when described first server there being virtual machine to be migrated, described virtual machine to be migrated is the virtual machine corresponding with described first gateway, and described method also comprises:

9. the implementation method of gateway function according to claim 8, is characterized in that, described management node is by after the virtual machine (vm) migration described to be migrated in described first server at least one second server described, and described method also comprises:

10. the implementation method of gateway function according to claim 7, is characterized in that, after described management node searches the first routing rule and the second detected rule in described first server, described method also comprises:

11. 1 kinds of servers, is characterized in that, comprising:

12. servers according to claim 1, is characterized in that,

13. servers according to claim 11 or 12, it is characterized in that, described first gateway and described first routing rule are the gateway corresponding with the first subnet and routing rule,

Wherein, described server also comprises determining unit;

14. servers according to claim 13, is characterized in that,

15. servers according to claim 14, is characterized in that, the address information of described destination host comprises the IP address of described destination host,

Wherein, described server also comprises and searches unit and storage unit;

16. servers according to claim 15, is characterized in that,

17. 1 kinds of management nodes, is characterized in that, comprising:

18. management nodes according to claim 17, is characterized in that, described management node also comprises determining unit and migration units;

19. management nodes according to claim 18, is characterized in that, described management node also comprises indicating member;

20. management nodes according to claim 17, is characterized in that,

21. 1 kinds of gateway functions realize system, it is characterized in that, comprising:

At least one server as described in any one of claim 11-16, and the management node as described in any one of claim 17-20.