CN105610946A - Docker technology based cloud jump server system - Google Patents
Docker technology based cloud jump server system Download PDFInfo
- Publication number
- CN105610946A CN105610946A CN201511021768.8A CN201511021768A CN105610946A CN 105610946 A CN105610946 A CN 105610946A CN 201511021768 A CN201511021768 A CN 201511021768A CN 105610946 A CN105610946 A CN 105610946A
- Authority
- CN
- China
- Prior art keywords
- docker
- springboard
- springboard machine
- machine
- main
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Abstract
The embodiment of the invention provides a docker technology based cloud jump server system. The docker technology based cloud jump server system comprises a central management module which deploys an operating environment of a docker container server for establishment of thedocker container server, establishes a docker container management module, sends an instruction of establishing a main docker jump server to the docker container management module when a preset condition is satisfied, and deploys the operating environment of the main docker jump server; the docker container management module which establishes and starts a corresponding main docker jump server when the instruction of establishing the main docker jump server is received and maps a port of the docker container server to an interactive service port of the main docker jump server; and the main docker jump server which adds servers requiring management, monitors and records access behaviors of a user for the servers which require management. According to the scheme, cost for deployment of a virtual jump server can be reduced.
Description
Technical field
The present invention relates to software technology field, particularly relate to a kind of cloud springboard machine system based on docker technologySystem.
Background technology
The security audit of server is mainly used in the various operation behaviors of supervisory user, and then audit serverSafety. The current audit hardware that has on the market a lot of springboard machines (fort machine) and so on is all for controlling useThe access rights at family, audit user's operation behavior, to reach the object of the operation that notes abnormalities in time, therebyEnsure the safety of server. And the price comparison costliness of a springboard machine causes enterprise to buy oneTwo springboard machines remove the inner all servers of management enterprise.
Along with the fast development of cloud computing and the maturation of Intel Virtualization Technology, enterprise also starts to dispose the privately owned of oneselfCloud reduces infrastructure cost. The deployment of privately owned cloud, causes enterprise servers quantity to explode, so, asWhat goes is managed a large amount of servers effectively, comprises user right access control, user behavior audit etc., justComparison distinct issues. If there is thousands of employees, station servers up to ten thousand, still use one or twoSpringboard machine goes management, and so safe O&M personnel's workload can increase greatly, the stability of its work qualityJust be difficult to be guaranteed with reliability, cloud springboard machine can address these problems preferably.
At present, the deployment of the virtual springboard machine in cloud springboard machine system is all based on system-level Intel Virtualization Technology, the such as Intel Virtualization Technology such as xen, vmware, the client of reruning on host system operates systemSystem. And the configuration of client operating system is that fixed allocation is good, that is to say that these Intel Virtualization Technologies areMeeting distributes the hardware resources such as independent and fixing CPU, internal memory, hard disk to virtual springboard machine. Due to realityThe number of servers that in application, each virtual springboard machine is managed is different with distributing position, and therefore, each is virtualThere is dramatic difference in the required hardware resource of springboard machine, is not identical, visible, existing cloud springboard machineSystem can cause the problem of the low and wasting of resources of hardware resource utilization, disposes the cost of virtual springboard machine veryHigh.
Summary of the invention
The embodiment of the invention discloses a kind of cloud springboard machine system based on docker technology, to improve hardware moneyThe utilization rate in source, solves the problem of the wasting of resources, reduces the cost of disposing virtual springboard machine. Concrete technical sideCase is as follows:
The embodiment of the invention discloses a kind of cloud springboard machine system based on docker technology, described system bagDraw together:
Central management module, for the running environment of disposing docker container server to build docker containerServer, and build docker Container Management module in described docker container server, by this dockerContainer Servers installed is upstate, and, in the time meeting predetermined condition, to belonging to upstateDocker Container Management module in docker container server sends the instruction that creates main docker springboard machine, andDispose this master at described docker Container Management module creation and after starting corresponding main docker springboard machineThe running environment of docker springboard machine;
Docker Container Management module, for jumping at the main docker of establishment that receives central management module transmissionWhen the instruction of plate machine, create and start corresponding main docker springboard machine, and by described docker container serviceThe port mapping of device, to the interactive service port of described main docker springboard machine, is passed through docker so that obtain userMain docker springboard machine described in the port access of container server;
Described main docker springboard machine, for adding the server that needs management, monitoring recording user are to instituteState the access behavior of the server that needs management, wherein, every station server is under the jurisdiction of unique main docker and jumpsPlate machine.
In a kind of specific implementation of the present invention, described docker Container Management module, also for:
In the time receiving establishment that central management module sends from the instruction of docker springboard machine, create and startAt least one being associated with described main docker springboard machine be from docker springboard machine, and by described docker containerThe port mapping of server is to the described interactive service port from docker springboard machine, so that user passes throughDescribed in the port access of docker container server from docker springboard machine;
Described central management module, also for: at described docker Container Management module creation and start correspondingFrom docker springboard machine, dispose this running environment from docker springboard machine;
Describedly be used for from docker springboard machine: meet the different user's in geographic location requirements for access, withMake user pass through described to access from docker springboard machine that the described main docker springboard machine of its association addsServer.
In a kind of specific implementation of the present invention, described central management module, also for:
Key information in described main docker springboard machine is synchronized to be associated all described jumps from dockerIn plate machine.
In a kind of specific implementation of the present invention, described central management module, also for:
Produce the task message of springboard machine, and port by described docker container server is by described taskMessage sends to corresponding described main docker springboard machine or from docker springboard machine;
Accordingly, described main docker springboard machine or from docker springboard machine, also for:
Receive and carry out described task message.
In a kind of specific implementation of the present invention, described central management module, also for:
Send and delete main docker springboard machine or delete the instruction from docker springboard machine;
Accordingly, described docker Container Management module, also for:
Receive described deletion main docker springboard machine or delete the instruction from docker springboard machine, and deleting correspondingMain docker springboard machine or from docker springboard machine.
In a kind of specific implementation of the present invention, described central management module, also for:
Whether monitor all main docker springboard machines normally works within the scope of Preset Time;
While being judged as NO, abnormal main docker springboard machine of working within the scope of Preset Time is labeled asFailure state, and check this main docker springboard machine that is marked as failure state whether have be associated fromDocker springboard machine regular event, if so,
What this was normally worked is set to main docker springboard machine from docker springboard machine, and to described dockerContainer Management module sends the instruction creating from docker springboard machine, otherwise,
Send the instruction that creates main docker springboard machine to described docker Container Management module;
Accordingly, described docker Container Management module, also for:
Receive the instruction of described establishment from docker springboard machine, create and start accordingly from docker springboard machine,By the user profile in the described main docker springboard machine that is labeled as failure state be synchronized to new establishment fromIn docker springboard machine;
Receive the instruction of the main docker springboard of described establishment machine, create and start corresponding main docker springboard machine,User profile in the described main docker springboard machine that is labeled as failure state is synchronized to the master of new establishmentIn docker springboard machine.
In a kind of specific implementation of the present invention, described central management module, also for:
Monitor and allly whether normally work within the scope of Preset Time from docker springboard machine;
While being judged as NO, by abnormal being labeled as from docker springboard machine of working within the scope of Preset TimeFailure state, and send the instruction creating from docker springboard machine to described docker Container Management module;
Accordingly, described docker Container Management module, also for:
Receive the instruction of described establishment from docker springboard machine, create and start accordingly from docker springboard machine,By the described user's letter from the associated main docker springboard machine of docker springboard machine that is labeled as failure stateBreath be synchronized to new establishment from docker springboard machine.
In a kind of specific implementation of the present invention, described central management module, specifically for:
At described docker Container Management module creation and start described main docker springboard machine or jump from dockerAfter plate machine, adopt the main docker springboard machine that creates described in fabric remote deployment or the fortune from docker springboard machineRow environment.
In a kind of specific implementation of the present invention, described central management module, also for:
Obtain the upgrading main docker springboard machine of appointment or from the instruction of docker springboard machine, adopt fabric long-rangeDispose described appointment main docker springboard machine or the running environment from docker springboard machine.
In a kind of specific implementation of the present invention, described central management module, also for:
To all main docker springboard machines with regularly enter from key information and the database information of docker springboard machineRow backup, and backup file is stored in corresponding cloud dish.
In a kind of specific implementation of the present invention, described main docker springboard machine and from docker springboard machine,Also for:
Local daily record is synchronized to central database, and wherein, described local daily record is for logging in daily record and user behaviourDo daily record, described central database is the central database corresponding with described system.
In a kind of specific implementation of the present invention, described main docker springboard machine, also for:
Whether regularly detection there is the corresponding version updating bag of described main docker springboard machine;
If existed,
Download described version updating bag, and upgrade described main docker springboard machine in predetermined point of time;
Described from docker springboard machine, also for:
Whether regularly detection exists described from the corresponding version updating bag of docker springboard machine;
If existed,
Download described version updating bag, and upgrade described from docker springboard machine in predetermined point of time.
In a kind of specific implementation of the present invention, described system also comprises:
Interactive module, for receiving management personnel to described main docker springboard machine or from docker springboard machineSupervisory instruction, and to corresponding main docker springboard machine or from docker springboard machine carry out and supervisory instructionCorresponding bookkeeping, and/or, for receiving user to described main docker springboard machine or from dockerThe query statement of springboard machine, and carry out and look into corresponding main docker springboard machine or from docker springboard machineAsk the corresponding query manipulation of instruction.
A kind of cloud springboard machine system based on docker technology that the embodiment of the present invention provides, comprises that docker holdsDevice builds module, central management module, docker Container Management module and docker springboard machine, utilizes light weightThe docker Intel Virtualization Technology of level, docker Container Management module receives the establishment that central management module is sentAfter the instruction of docker springboard machine, can create accordingly multiple docker springboard machines, all docker springboardsThe resource such as calculating, storage of machine share host hardware, can realize sharing of hardware resource, significantly improves moneySource utilization rate, avoids the wasting of resources, reduces the cost of disposing virtual springboard machine.
Brief description of the drawings
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, below will be to implementingIn example or description of the Prior Art, the accompanying drawing of required use is briefly described, and apparently, the following describesIn accompanying drawing be only some embodiments of the present invention, for those of ordinary skill in the art, do not payingGo out under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 shows for the structure of a kind of cloud springboard machine system based on docker technology that the embodiment of the present invention providesIntention;
Another knot of a kind of cloud springboard machine system based on docker technology that Fig. 2 provides for the embodiment of the present inventionStructure schematic diagram;
The application of a kind of cloud springboard machine system based on docker technology that Fig. 3 provides for the embodiment of the present invention is realThe operation principle schematic diagram of example.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clearlyChu, intactly description, obviously, described embodiment is only the present invention's part embodiment, instead ofWhole embodiment. Based on the embodiment in the present invention, those of ordinary skill in the art are not making creationThe every other embodiment obtaining under property work prerequisite, belongs to the scope of protection of the invention.
As shown in Figure 1, the embodiment of the present invention provides a kind of cloud springboard machine system based on docker technology,This system comprises: central management module 101, docker Container Management module 102, main docker springboard machine103。
Wherein, central management module 101, for the running environment of disposing docker container server to buildDocker container server, and build docker Container Management module in described docker container server,Be upstate by this docker container Servers installed, and, in the time meeting predetermined condition, can to belonging toSend and create main docker springboard by the docker Container Management module in the docker container server of stateThe instruction of machine, and at described docker Container Management module creation and start corresponding main docker springboard machineThe running environment of this main docker springboard machine of rear deployment.
It should be noted that, according to practical application needs, can build the service of one or more docker containerDevice, and in each docker container server, build corresponding docker Container Management module, this is allReasonably.
Wherein, docker Container Management module 102, for the establishment receiving central management module transmissionWhen the instruction of main docker springboard machine, create and start corresponding main docker springboard machine, and will described inThe port mapping of docker container server is to the interactive service port of described main docker springboard machine, to makeUser is by main docker springboard machine described in the port access of docker container server.
It should be noted that, according to practical application needs, can according to receive central management module sendCreate the instruction of main docker springboard machine, in a docker container server, create and start one orMultiple main docker springboard machines also can create and start one in different docker container serversOr multiple main docker springboard machines, this is all rational.
Wherein, described main docker springboard machine 103, for adding the server that needs management, monitors and remembersEmploy the access behavior of family to the described server that needs management, wherein, every station server is under the jurisdiction of uniqueMain docker springboard machine.
It should be noted that, a main docker springboard machine can add many servers that need management, butThat, for avoiding managerial confusion, every station server can only be under the jurisdiction of unique main docker springboard machine, Bu NengtongTime add many main docker springboard machines to.
It is emphasized that described main springboard machine 103 monitoring recording user are to the described service that needs managementThe specific implementation of the access behavior of device can adopt springboard machine monitoring of the prior art recording userThe specific implementation implementation of the access behavior of the server to needs management.
A kind of cloud springboard machine system based on docker technology that the embodiment of the present invention provides, comprises that docker holdsDevice builds module, central management module, docker Container Management module and docker springboard machine, utilizes light weightThe docker Intel Virtualization Technology of level, docker Container Management module receives the establishment that central management module is sentAfter the instruction of docker springboard machine, can create accordingly multiple docker springboard machines, all docker springboardsThe resource such as calculating, storage of machine share host hardware, can realize sharing of hardware resource, significantly improves moneySource utilization rate, avoids the wasting of resources, reduces the cost of disposing virtual springboard machine.
Further, in the better implementation of one of the present invention, this docker Container Management module 102,Can also be used for:
In the time receiving establishment that central management module 101 sends from the instruction of docker springboard machine, create and openMoving at least one being associated with described main docker springboard machine be from docker springboard machine, and by described dockerThe port mapping of container server is to the described interactive service port from docker springboard machine, so that user passes throughDescribed in the port access of docker container server from docker springboard machine;
Accordingly, this central management module 101, can also be used for: at this docker Container Management module creationAnd this running environment from docker springboard machine is disposed in startup accordingly from docker springboard machine;
Wherein, be describedly used for from docker springboard machine: the access need that meet the different user in geographic locationAsk, so that obtain user by described described main docker springboard machine of accessing its association from docker springboard machineThe server adding.
Demand emphasizes, described from springboard machine can monitor and recording user to associated main springboard machine instituteThe access behavior of the server adding, and, from the specific implementation side of springboard machine monitoring record access behaviorFormula can adopt the access of springboard machine monitoring of the prior art the server of recording user to needs managementThe specific implementation implementation of behavior.
For example, user, can be in Beijing and Liang Ge city, Shanghai respectively in Beijing and Liang Ge city, ShanghaiDocker container server in create respectively and start be associated with this main docker springboard machine fromDocker springboard machine, the user of Pekinese can by the docker of Pekinese container server create and start fromDocker springboard machine is accessed the server that this main docker springboard machine adds, and the user in Shanghai can be by upperSea docker container server create and start access this main docker springboard machine from docker springboard machineThe server adding, can improve access speed like this, reduces the processing pressure of main docker springboard machine.
Further, in the better implementation of one of the present invention, create and start described fromAfter docker springboard machine, central management module 101 can also be used for: close by this main docker springboard machineKey information is synchronized to be associated all from docker springboard machine, so that all from docker springboard machineKey information in key information and this main docker springboard machine is consistent, and reaches highly reliable object.
Further, in the better implementation of one of the present invention, above-mentioned central management module 101,Can also be used for:
Produce the task message of springboard machine, and by the port of described docker container server, this task is disappearedBreath sends to corresponding main docker springboard machine or from docker springboard machine. For example, this task message canThink: add or delete server message, interpolation or delete user right message, cipher key distribution message, whenSo be not limited to this.
Corresponding main docker springboard machine or from docker springboard machine, also for: receive and carry out described taskMessage.
Further, this central management module 101, in the better implementation of one of the present invention, alsoCan be for:
Not needing a certain main docker springboard machine or a certain during from docker springboard machine, to docker container tubeReason module 102 sends deletes main docker springboard machine or deletes the instruction from docker springboard machine;
Accordingly, docker Container Management module 102, can also be used for:
Receive this deletion main docker springboard machine or delete the instruction from docker springboard machine, and delete correspondingMain docker springboard machine or from docker springboard machine.
Further, in the better implementation of one of the present invention, above-mentioned central management module 101 alsoCan be for:
Whether monitor all main docker springboard machines normally works within the scope of Preset Time;
While being judged as NO, abnormal main docker springboard machine of working within the scope of Preset Time is labeled asFailure state, and check this main docker springboard machine that is marked as failure state whether have be associated fromDocker springboard machine regular event, if so,
What this was normally worked is set to main docker springboard machine from docker springboard machine, and to described dockerContainer Management module sends the instruction creating from docker springboard machine, otherwise,
Send to above-mentioned docker Container Management module 102 instruction that creates main docker springboard machine;
Accordingly, this docker Container Management module 102, also for:
Receive the instruction of above-mentioned establishment from docker springboard machine, create and start accordingly from docker springboard machine,By the user profile in the above-mentioned main docker springboard machine that is labeled as failure state be synchronized to new establishment fromIn docker springboard machine;
Receive the instruction of the main docker springboard of above-mentioned establishment machine, create and start corresponding main docker springboard machine,User profile in the above-mentioned main docker springboard machine that is labeled as failure state is synchronized to the master of new establishmentIn docker springboard machine.
Wherein, above-mentioned Preset Time scope can be defined according to actual needs by user, for example, and 1 hour, 2Hour, 5 hours etc.; Determine whether described main docker springboard machine normally works, can by whether checking itKeep heartbeat, the existing mode such as whether can normally connect and determine, be not specifically limited at this.
It should be noted that, check whether this main docker springboard machine that is marked as failure state is associatedFrom docker springboard machine regular event time, the main docker that priority check and this are marked as failure state jumpsPlate machine place same docker Container Management server be associated from docker springboard machine, be more conducive to like thisThe quick solution of fault.
Further, in the better implementation of one of the present invention, above-mentioned central management module 101 alsoCan be for:
Monitor and allly whether normally work within the scope of Preset Time from docker springboard machine;
While being judged as NO, by abnormal being labeled as from docker springboard machine of working within the scope of Preset TimeFailure state, and send to above-mentioned docker Container Management module 102 instruction creating from docker springboard machine;
Accordingly, this docker Container Management module 102, can also be used for:
Receive the instruction of above-mentioned establishment from docker springboard machine, create and start accordingly from docker springboardMachine, by above-mentioned be labeled as failure state from the associated main docker springboard machine of docker springboard machineUser profile be synchronized to new establishment from docker springboard machine.
Wherein, above-mentioned Preset Time scope can be defined according to actual needs by user, for example, and 1 hour, 2Hour, 5 hours etc.; Determine whether described main docker springboard machine normally works, can by whether checking itKeep heartbeat, the existing mode such as whether can normally connect and determine, be not specifically limited at this.
Further, in the better implementation of one of the present invention, at above-mentioned docker Container Management mouldPiece 102 creates and starts described main docker springboard machine or from docker springboard machine, central management module 101Adopt the main docker springboard machine of fabric remote deployment establishment or the running environment from docker springboard machine.
Further, in the better implementation of one of the present invention, central management module 101 is all rightBe used for: obtain the upgrading main docker springboard machine of appointment or from the instruction of docker springboard machine, adopt fabric far awayJourney is disposed this appointment main docker springboard machine or the running environment from docker springboard machine, upgrades.
Further, in the better implementation of one of the present invention, central management module 101 is all rightTo all main docker springboard machines with regularly carry out standby from key information and the database information of docker springboard machinePart, and backup file is stored in corresponding cloud dish, prevent loss of data.
In addition, above-mentioned main docker springboard machine and can also being used for from docker springboard machine:
Local daily record is synchronized to central database, with the local daily record of store and management. Wherein, described this localityDaily record is for logging in daily record and User operation log, and described central database is the central number corresponding with described systemAccording to storehouse.
Further, described main docker springboard machine, also for:
Whether regularly detection there is the corresponding version updating bag of this main docker springboard machine;
If existed,
Download this version updating bag, and upgrade this main docker springboard machine in predetermined point of time;
Described from docker springboard machine, also for:
Whether regularly detection exists this from the corresponding version updating bag of docker springboard machine;
If existed,
Download this version updating bag, and upgrade and be somebody's turn to do from docker springboard machine in predetermined point of time.
Wherein, described predetermined point of time can be predefined random time point, for example, in each WednesdayNoon 12:00 etc. Can realize so regular active upgrading.
It should be noted that a kind of cloud springboard machine system based on docker technology that the embodiment of the present invention providesSystem, as shown in Figure 2, can also comprise: interactive module 104.
This interactive module 104 can be for: receiving management personnel to above-mentioned main docker springboard machine or fromThe supervisory instruction of docker springboard machine, and to corresponding main docker springboard machine or hold from docker springboard machineRow and the corresponding bookkeeping of supervisory instruction, and/or, for receiving user to above-mentioned main docker springboardMachine or from the query statement of docker springboard machine, and to corresponding main docker springboard machine or jump from dockerPlate machine is carried out and the corresponding query manipulation of query statement.
Concrete, administrative staff can by this interactive module 104 to above-mentioned main docker springboard machine or fromDocker springboard machine manages operation, for example, and user right operation, cipher key operation, system maintenance etc.;User can be by the information such as login daily record, Operation Log of interactive module 104 inquiries oneself.
Further, this interactive module 104 can also be used for: receive docker Container Management module 102The information such as IP information, port mapping sending, and these information are deposited in central database, to preventLoss of data, ensures data information security. Can also be used for: provide application programming interfaces, so that above-mentioned masterDocker springboard machine and can local daily record being synchronized to by these application programming interfaces from docker springboard machineCentral database.
Further, this interactive module 104 can also be used for depositing above-mentioned version updating bag, above-mentioned masterDocker springboard machine or from docker springboard machine, can regularly detect in this interactive module 104 whether have instituteState from the corresponding version updating bag of docker springboard machine, and carry out the corresponding operation of upgrading.
Below in conjunction with concrete application example, the one that the embodiment of the present invention is provided is based on docker technologyCloud springboard machine system be introduced.
As shown in Figure 3, a kind of cloud springboard machine system based on docker technology, can comprise:
Central management module, belongs to the docker Container Management module 1 of docker container server 1 and belongs toIn the docker Container Management module 1 of docker container server 2, by docker Container Management module 1The main docker springboard machine 01 creating and from docker springboard machine 01-1, by docker Container Management mouldMain docker springboard machine 02 that piece 2 creates, from docker springboard machine 02-1 and with main docker springboardMachine 01 is associated from docker springboard machine 01-2, server 01, clothes that main docker springboard machine 01 is responsibleBusiness device 02 and server 03, server 04 and server 05 that main docker springboard machine 02 is responsible, andInteractive module.
The operation principle of this cloud springboard machine system is:
Central management module is disposed the operation ring of docker container server 1 and docker container server 2Border, and in docker container server 1, build docker Container Management module 1, at docker containerIn server 2, build docker Container Management module 2, docker container server 1 and 2 is set to canWith state, and, according to actual needs, send and create main docker to docker Container Management module 1Springboard machine 01 and from the instruction of docker springboard machine 01-1, sends to docker Container Management module 2Create main docker springboard machine 02, from docker springboard machine 02-1 and with main docker springboard machine 01 phaseThe associated instruction from docker springboard machine 01-2.
Docker Container Management module 1, in the time receiving the above-mentioned establishment instruction of central management module transmission, is createdBuild and start main docker springboard machine 01 and from docker springboard machine 01-1, docker Container Management module2 in the time receiving the above-mentioned establishment instruction that central management module sends, and creates and start main docker springboard machine02, be associated from docker springboard machine from docker springboard machine 02-1 and with main docker springboard machine 0101-2, and by the port mapping of docker container server 1 to main docker springboard machine 01 and from dockerThe interactive service port of springboard machine 01-1, arrives main docker by the port mapping of docker container server 2Springboard machine 02, be associated from docker from docker springboard machine 02-1 and with main docker springboard machine 01The interactive service port of springboard machine 01-2. Central management module dispose above-mentioned all main docker springboard machines andAll running environment from docker springboard machine.
Main docker springboard machine 01 adds the server 01, server 02 and the server 03 that need management,Monitoring the access behavior of recording user to server 01, server 02 and server 03, main dockerSpringboard machine 02 adds the server 04 and the server 05 that need management, and monitoring recording user are to server04 and the access behavior of server 05.
Creating and starting from docker springboard machine 01-1, from docker springboard machine 02-1 with from dockerAfter springboard machine 01-2, central management module by the key information in main docker springboard machine 01 be synchronized to fromDocker springboard machine 01-1 and from docker springboard machine 01-2, close by main docker springboard machine 02Key information is synchronized to from docker springboard machine 02-1, so that all key informations from docker springboard machineBe consistent with the key information in corresponding main docker springboard machine, reach highly reliable object.
Central management module can also produce the task message of springboard machine, and for example, central management module is passed throughThe task that the port of docker container server 1 sends deletion server 01 to main docker springboard machine 01 disappearsBreath, corresponding, main docker springboard machine 01 receives after this task message, deletes server 01.
Not needing a certain main docker springboard machine or a certain during from docker springboard machine, central management moduleCan send and delete main docker springboard machine or delete from docker springboard machine to docker Container Management moduleInstruction. For example, while needing to delete from docker springboard machine 01-2, central management module is to docker Container ManagementModule 2 sends the instruction of deleting from docker springboard machine 01-2, and corresponding, docker Container Management module 2 receivesThis instruction, and delete from docker springboard machine 01-2.
In the optional implementation of one of the present invention, central management module can also be used for:
Whether monitor all main docker springboard machines normally works within the scope of Preset Time;
Suppose, judge within the scope of Preset Time, the abnormal work of main docker springboard machine 01, will leadDocker springboard machine 01 is labeled as failure state, and check that main docker springboard machine 01 is associated from dockerWhether regular event of springboard machine 01-1, if so,
What this was normally worked is set to main docker springboard machine 01 from docker springboard machine 01-1, and to dockerContainer Management module 1 sends the instruction creating from docker springboard machine 01-1, otherwise,
Send to above-mentioned docker Container Management module 1 instruction that creates main docker springboard machine 01;
Wherein, above-mentioned Preset Time scope can be defined according to actual needs by user, for example, and 1 hour, 2Hour, 5 hours etc.; Determine whether main docker springboard machine 01 normally works, can be by checking whether it protectsExisting mode is determined to hold heartbeat, whether can normally connect etc., is not specifically limited at this.
It should be noted that, check whether this main docker springboard machine 01 that is marked as failure state has relevantConnection from docker springboard machine regular event time, priority check and the main docker springboard machine 01 same docker in placeContainer Management server 1 from docker springboard machine 01-1, be more conducive to like this quick solution of fault.
Accordingly, docker Container Management module 1, also for:
Receive the instruction of above-mentioned establishment from docker springboard machine 01-1, create and start from docker springboard machine01-1, by be labeled as user profile in the main docker springboard machine 01 of failure state be synchronized to new establishment fromIn docker springboard machine 01-1;
Receive the instruction of the main docker springboard of above-mentioned establishment machine 01, create and start main docker springboard machine 01,To be labeled as user profile in the main docker springboard machine 01 of failure state and be synchronized to the main docker of new establishmentIn springboard machine 01.
In the better implementation of one of the present invention, above-mentioned central management module can also be used for:
Monitor and allly whether normally work within the scope of Preset Time from docker springboard machine;
Suppose, judge within the scope of Preset Time, from the abnormal work of docker springboard machine 02-1, will be fromDocker springboard machine 02-1 is labeled as failure state, and to docker Container Management module 2 send create fromThe instruction of docker springboard machine 02-1;
Wherein, above-mentioned Preset Time scope can be defined according to actual needs by user, for example, and 1 hour, 2Hour, 5 hours etc.; Determine whether described main docker springboard machine normally works, can by whether checking itKeep heartbeat, the existing mode such as whether can normally connect and determine, be not specifically limited at this.
Accordingly, docker Container Management module 2, can also be used for:
Receive the instruction of above-mentioned establishment from docker springboard machine 02-1, create and start from docker springboard machine02-1, by be labeled as failure state from the associated main docker springboard machine 02 of docker springboard machine 02-1In user profile be synchronized to new establishment from docker springboard machine 02-1.
Concrete, create and start in above-mentioned docker Container Management module 1 or docker Container Management module 2Corresponding main docker springboard machine or from docker springboard machine, central management module adopts fabric remote deploymentThe main docker springboard machine creating or from the running environment of docker springboard machine.
Further, central management module can also be used for: obtain upgrading specify main docker springboard machine or fromAfter the instruction of docker springboard machine, adopt fabric remote deployment this appointment main docker springboard machine or from dockerThe running environment of springboard machine, upgrades. For example, obtain the upgrading that administrative staff send by interactive moduleAfter the instruction of main docker springboard machine 02, adopt the movement environment of the main docker springboard of fabric remote deployment machine 02,It is upgraded.
Further, central management module can also be to main docker springboard machine 01 and from docker springboardMachine 01-1, main docker springboard machine 02, from docker springboard machine 02-1 and close from docker springboard machine 01-2Key information and database information regularly back up, and backup file is stored in corresponding cloud dish, prevent numberAccording to loss.
In addition, main docker springboard machine 01 and from docker springboard machine 01-1, main docker springboard machine 02, fromDocker springboard machine 02-1 and can be for from docker springboard machine 01-2:
The application programming interfaces that provide by interactive module, are synchronized to central database by local daily record, to depositStore up and manage local daily record. Wherein, described local daily record is for logging in daily record and User operation log, described inCentre database is the central database corresponding with described system.
Further, above-mentioned main docker springboard machine 01 and from docker springboard machine 01-1, main docker springboardMachine 02, from docker springboard machine 02-1 and all right from docker springboard machine 01-2: regularly detect interactive moduleIn whether there is corresponding version updating bag separately; If existed, download this version updating bag, and in advanceFix time and a little upgrade, wherein, described predetermined point of time can be predefined random time point, exampleAs 12:00 etc. at each noon on Wednesday. Can realize so regular active upgrading.
Above-mentioned interactive module, specifically can be for: receiving management personnel are to above-mentioned main docker springboard machine 01And from docker springboard machine 01-1, main docker springboard machine 02, from docker springboard machine 02-1 andFrom the supervisory instruction of docker springboard machine 01-2, and to corresponding main docker springboard machine or jump from dockerPlate machine is carried out and the corresponding bookkeeping of supervisory instruction, and/or, for receiving user to above-mentioned main dockerSpringboard machine 01 and from docker springboard machine 01-1, main docker springboard machine 02, from docker springboard machine02-1 and from the query statement of docker springboard machine 01-2, and to corresponding main docker springboard machine or fromDocker springboard machine is carried out and the corresponding query manipulation of query statement.
Concrete, administrative staff can by this interactive module to above-mentioned main docker springboard machine 01 and fromDocker springboard machine 01-1, main docker springboard machine 02, from docker springboard machine 02-1 and from dockerSpringboard machine 01-2 manages operation, for example, and user right operation, cipher key operation, system maintenance etc.;User can inquire about by interactive module the information such as login daily record, Operation Log of oneself.
Further, this interactive module can also be used for: receive docker Container Management module 1 and dockerThe information such as IP information, port mapping that Container Management module 2 sends, and deposit these information in central numberIn storehouse, to prevent loss of data, ensure data information security.
A kind of cloud springboard machine system based on docker technology that the embodiment of the present invention provides, comprises that docker holdsDevice builds module, central management module, docker Container Management module and docker springboard machine, utilizes light weightThe docker Intel Virtualization Technology of level, docker Container Management module receives the establishment that central management module is sentAfter the instruction of docker springboard machine, can create accordingly multiple docker springboard machines, all docker springboardsThe resource such as calculating, storage of machine share host hardware, can realize sharing of hardware resource, significantly improves moneySource utilization rate, avoids the wasting of resources, reduces the cost of disposing virtual springboard machine.
It should be noted that, in this article, the relational terms such as the first and second grades be only used for byEntity or operation and another entity or operating space separate, and not necessarily require or imply theseBetween entity or operation, there is relation or the order of any this reality. And term " comprises ", " bagContaining " or its any other variant be intended to contain comprising of nonexcludability, thereby make to comprise a series of key elementsProcess, method, article or equipment not only comprise those key elements, but also comprise and clearly not listingOther key elements, or be also included as the intrinsic key element of this process, method, article or equipment. ?In the absence of more restrictions, the key element being limited by statement " comprising ... ", and be not precluded within bagDraw together in process, method, article or the equipment of described key element and also have other identical element.
One of ordinary skill in the art will appreciate that all or part of step realizing in above-mentioned embodiment isCan carry out the hardware that instruction is relevant by program and complete, described program can be stored in embodied on computer readableIn storage medium, the alleged storage medium obtaining here, as: ROM/RAM, magnetic disc, CD etc.
The foregoing is only preferred embodiment of the present invention, be not intended to limit protection model of the present inventionEnclose. All any amendments of doing within the spirit and principles in the present invention, be equal to replacement, improvement etc., all bagBe contained in protection scope of the present invention.
Claims (13)
1. the cloud springboard machine system based on docker technology, is characterized in that, described system comprises:
Central management module, for the running environment of disposing docker container server to build docker containerServer, and build docker Container Management module in described docker container server, by this dockerContainer Servers installed is upstate, and, in the time meeting predetermined condition, to belonging to upstateDocker Container Management module in docker container server sends the instruction that creates main docker springboard machine, andDispose this master at described docker Container Management module creation and after starting corresponding main docker springboard machineThe running environment of docker springboard machine;
Docker Container Management module, for jumping at the main docker of establishment that receives central management module transmissionWhen the instruction of plate machine, create and start corresponding main docker springboard machine, and by described docker container serviceThe port mapping of device, to the interactive service port of described main docker springboard machine, is passed through docker so that obtain userMain docker springboard machine described in the port access of container server;
Described main docker springboard machine, for adding the server that needs management, monitoring recording user are to instituteState the access behavior of the server that needs management, wherein, every station server is under the jurisdiction of unique main docker and jumpsPlate machine.
2. the system as claimed in claim 1, is characterized in that, described docker Container Management module, alsoBe used for:
In the time receiving establishment that central management module sends from the instruction of docker springboard machine, create and startAt least one being associated with described main docker springboard machine be from docker springboard machine, and by described docker containerThe port mapping of server is to the described interactive service port from docker springboard machine, so that user passes throughDescribed in the port access of docker container server from docker springboard machine;
Described central management module, also for: at described docker Container Management module creation and start correspondingFrom docker springboard machine, dispose this running environment from docker springboard machine;
Describedly be used for from docker springboard machine: meet the different user's in geographic location requirements for access, withMake user pass through described to access from docker springboard machine that the described main docker springboard machine of its association addsServer.
3. system as claimed in claim 2, is characterized in that, described central management module, also for:
Key information in described main docker springboard machine is synchronized to be associated all described jumps from dockerIn plate machine.
4. system as claimed in claim 2, is characterized in that, described central management module, also for:
Produce the task message of springboard machine, and port by described docker container server is by described taskMessage sends to corresponding described main docker springboard machine or from docker springboard machine;
Accordingly, described main docker springboard machine or from docker springboard machine, also for:
Receive and carry out described task message.
5. system as claimed in claim 2, is characterized in that, described central management module, also for:
Send and delete main docker springboard machine or delete the instruction from docker springboard machine;
Accordingly, described docker Container Management module, also for:
Receive described deletion main docker springboard machine or delete the instruction from docker springboard machine, and deleting correspondingMain docker springboard machine or from docker springboard machine.
6. system as claimed in claim 2, is characterized in that, described central management module, also for:
Whether monitor all main docker springboard machines normally works within the scope of Preset Time;
While being judged as NO, abnormal main docker springboard machine of working within the scope of Preset Time is labeled asFailure state, and check this main docker springboard machine that is marked as failure state whether have be associated fromDocker springboard machine regular event, if so,
What this was normally worked is set to main docker springboard machine from docker springboard machine, and to described dockerContainer Management module sends the instruction creating from docker springboard machine, otherwise,
Send the instruction that creates main docker springboard machine to described docker Container Management module;
Accordingly, described docker Container Management module, also for:
Receive the instruction of described establishment from docker springboard machine, create and start accordingly from docker springboard machine,By the user profile in the described main docker springboard machine that is labeled as failure state be synchronized to new establishment fromIn docker springboard machine;
Receive the instruction of the main docker springboard of described establishment machine, create and start corresponding main docker springboard machine,User profile in the described main docker springboard machine that is labeled as failure state is synchronized to the master of new establishmentIn docker springboard machine.
7. system as claimed in claim 6, is characterized in that, described central management module, also for:
Monitor and allly whether normally work within the scope of Preset Time from docker springboard machine;
While being judged as NO, by abnormal being labeled as from docker springboard machine of working within the scope of Preset TimeFailure state, and send the instruction creating from docker springboard machine to described docker Container Management module;
Accordingly, described docker Container Management module, also for:
Receive the instruction of described establishment from docker springboard machine, create and start accordingly from docker springboard machine,By the described user's letter from the associated main docker springboard machine of docker springboard machine that is labeled as failure stateBreath be synchronized to new establishment from docker springboard machine.
8. the system as described in claim 2-7 any one, is characterized in that, described central management module,Specifically for:
At described docker Container Management module creation and start described main docker springboard machine or jump from dockerAfter plate machine, adopt the main docker springboard machine that creates described in fabric remote deployment or the fortune from docker springboard machineRow environment.
9. system as claimed in claim 8, is characterized in that, described central management module, also for:
Obtain the upgrading main docker springboard machine of appointment or from the instruction of docker springboard machine, adopt fabric long-rangeDispose described appointment main docker springboard machine or the running environment from docker springboard machine.
10. system as claimed in claim 8, is characterized in that, described central management module, also for:
To all main docker springboard machines with regularly enter from key information and the database information of docker springboard machineRow backup, and backup file is stored in corresponding cloud dish.
11. systems as claimed in claim 8, is characterized in that, described main docker springboard machine and from dockerSpringboard machine, also for:
Local daily record is synchronized to central database, and wherein, described local daily record is for logging in daily record and user behaviourDo daily record, described central database is the central database corresponding with described system.
12. systems as claimed in claim 8, is characterized in that, described main docker springboard machine, also for:
Whether regularly detection there is the corresponding version updating bag of described main docker springboard machine;
If existed,
Download described version updating bag, and upgrade described main docker springboard machine in predetermined point of time;
Described from docker springboard machine, also for:
Whether regularly detection exists described from the corresponding version updating bag of docker springboard machine;
If existed,
Download described version updating bag, and upgrade described from docker springboard machine in predetermined point of time.
13. systems as claimed in claim 8, is characterized in that, described system also comprises:
Interactive module, for receiving management personnel to described main docker springboard machine or from docker springboard machineSupervisory instruction, and to corresponding main docker springboard machine or right with supervisory instruction institute from the execution of docker springboard machineThe bookkeeping of answering, and/or, for receiving user to described main docker springboard machine or from docker springboard machineQuery statement, and to corresponding main docker springboard machine or from docker springboard machine carry out with query statement instituteCorresponding query manipulation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511021768.8A CN105610946B (en) | 2015-12-30 | 2015-12-30 | A kind of cloud springboard machine system based on docker technologies |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511021768.8A CN105610946B (en) | 2015-12-30 | 2015-12-30 | A kind of cloud springboard machine system based on docker technologies |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105610946A true CN105610946A (en) | 2016-05-25 |
| CN105610946B CN105610946B (en) | 2018-08-03 |
Family
ID=55990480
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201511021768.8A Active CN105610946B (en) | 2015-12-30 | 2015-12-30 | A kind of cloud springboard machine system based on docker technologies |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105610946B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106911816A (en) * | 2017-02-22 | 2017-06-30 | 郑州云海信息技术有限公司 | The setting system and springboard machine of a kind of port forwarding |
| CN107608763A (en) * | 2017-09-26 | 2018-01-19 | 中国科学院声学研究所 | A kind of method for entering Docker container operations by Web browser |
| CN109819053A (en) * | 2019-03-11 | 2019-05-28 | 携程旅游信息技术(上海)有限公司 | Applied to the springboard machine system and its control method under mixing cloud environment |
| CN111343004A (en) * | 2020-02-11 | 2020-06-26 | 苏宁金融科技(南京)有限公司 | Docker-based Fabric network remote deployment method, device and system |
| CN111639314A (en) * | 2020-05-15 | 2020-09-08 | 京东数字科技控股有限公司 | Container login system, method, server and storage medium |
| CN113765871A (en) * | 2020-09-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Fortress management method and device |
| CN114979108A (en) * | 2022-05-05 | 2022-08-30 | 北京精一强远科技有限公司 | System, method, equipment and medium for remote assistance and safety audit |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060041547A1 (en) * | 2004-08-17 | 2006-02-23 | Robert Karch | Business intelligence monitoring tool |
| CN101471926A (en) * | 2007-12-24 | 2009-07-01 | 北京启明星辰信息技术股份有限公司 | Method and system for defining network behavior auditing access rule |
| CN104486346A (en) * | 2014-12-19 | 2015-04-01 | 北京奇艺世纪科技有限公司 | Stepping stone system |
| CN105119913A (en) * | 2015-08-13 | 2015-12-02 | 东南大学 | Web server architecture based on Docker and interactive method between modules |
-
2015
- 2015-12-30 CN CN201511021768.8A patent/CN105610946B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060041547A1 (en) * | 2004-08-17 | 2006-02-23 | Robert Karch | Business intelligence monitoring tool |
| CN101471926A (en) * | 2007-12-24 | 2009-07-01 | 北京启明星辰信息技术股份有限公司 | Method and system for defining network behavior auditing access rule |
| CN104486346A (en) * | 2014-12-19 | 2015-04-01 | 北京奇艺世纪科技有限公司 | Stepping stone system |
| CN105119913A (en) * | 2015-08-13 | 2015-12-02 | 东南大学 | Web server architecture based on Docker and interactive method between modules |
Non-Patent Citations (1)
| Title |
|---|
| 刘瑞成: "基于GateOne软件的堡垒机应用研究", 《金融科技时代》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106911816A (en) * | 2017-02-22 | 2017-06-30 | 郑州云海信息技术有限公司 | The setting system and springboard machine of a kind of port forwarding |
| CN107608763A (en) * | 2017-09-26 | 2018-01-19 | 中国科学院声学研究所 | A kind of method for entering Docker container operations by Web browser |
| CN109819053A (en) * | 2019-03-11 | 2019-05-28 | 携程旅游信息技术(上海)有限公司 | Applied to the springboard machine system and its control method under mixing cloud environment |
| CN109819053B (en) * | 2019-03-11 | 2021-07-30 | 携程旅游信息技术(上海)有限公司 | Springboard machine system applied to mixed cloud environment and control method thereof |
| CN111343004A (en) * | 2020-02-11 | 2020-06-26 | 苏宁金融科技(南京)有限公司 | Docker-based Fabric network remote deployment method, device and system |
| CN111639314A (en) * | 2020-05-15 | 2020-09-08 | 京东数字科技控股有限公司 | Container login system, method, server and storage medium |
| CN111639314B (en) * | 2020-05-15 | 2024-01-12 | 京东科技控股股份有限公司 | Container login system, method, server and storage medium |
| CN113765871A (en) * | 2020-09-09 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Fortress management method and device |
| CN113765871B (en) * | 2020-09-09 | 2023-08-04 | 北京沃东天骏信息技术有限公司 | Method and device for managing fort machine |
| CN114979108A (en) * | 2022-05-05 | 2022-08-30 | 北京精一强远科技有限公司 | System, method, equipment and medium for remote assistance and safety audit |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105610946B (en) | 2018-08-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105610946A (en) | Docker technology based cloud jump server system | |
| CN106020930B (en) | A kind of application management method and system based on application container | |
| US10292044B2 (en) | Apparatus for end-user transparent utilization of computational, storage, and network capacity of mobile devices, and associated methods | |
| CN102571906B (en) | High availability of machines during patching | |
| CN102103518B (en) | System for managing resources in virtual environment and implementation method thereof | |
| US8321549B2 (en) | Action execution management for service configuration items | |
| CN104360878B (en) | A kind of method and device of application software deployment | |
| CN103024022B (en) | A kind of managing and control system of virtual machine application service and method | |
| WO2023142054A1 (en) | Container microservice-oriented performance monitoring and alarm method and alarm system | |
| CN104463492A (en) | Operation management method of electric power system cloud simulation platform | |
| US8346856B2 (en) | Client environment creation system, client environment creation method, client environment creation program and storage medium | |
| CN102681899A (en) | Virtual computing resource dynamic management system of cloud computing service platform | |
| CN102571905A (en) | Managing networks and machines for an online service | |
| CN112667362B (en) | Method and system for deploying Kubernetes virtual machine cluster on Kubernetes | |
| CN114666333B (en) | Control method for cloud computing resource scheduling problem based on multi-tenant theory | |
| CN111027921A (en) | Business processing method and device, electronic equipment and storage medium | |
| US11544052B2 (en) | Tenant declarative deployments with release staggering | |
| CN102523101A (en) | Machine manager service fabric | |
| CN102638566A (en) | BLOG system running method based on cloud storage | |
| CN113259447B (en) | Cloud platform deployment method and device, electronic equipment and storage medium | |
| CN104252485A (en) | Database management platform | |
| CN104717233A (en) | Database deployment method and device | |
| CN105635311A (en) | Method for synchronizing resource pool information in cloud management platform | |
| CN112417051A (en) | Container arrangement engine resource management method and device, readable medium and electronic equipment | |
| CN106502797A (en) | A kind of group system and the dispositions method of group system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |