CN105847257A - Clustered computer network system and method for resource distribution and configuration - Google Patents

Clustered computer network system and method for resource distribution and configuration Download PDF

Info

Publication number
CN105847257A
CN105847257A CN201610178584.0A CN201610178584A CN105847257A CN 105847257 A CN105847257 A CN 105847257A CN 201610178584 A CN201610178584 A CN 201610178584A CN 105847257 A CN105847257 A CN 105847257A
Authority
CN
China
Prior art keywords
client
virtual machine
computer network
address
resource distribution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610178584.0A
Other languages
Chinese (zh)
Inventor
麦克·麦扎里克
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201610178584.0A priority Critical patent/CN105847257A/en
Publication of CN105847257A publication Critical patent/CN105847257A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/131Protocols for games, networked simulations or virtual reality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses

Abstract

The invention discloses a clustered computer network system and method for resource distribution and configuration. In the embodiment, a series of initialization and maintenance virtual local area networks (VLAN) are loaded on a clustering computer system to replace a conventional data center. A physical network includes a management local area network (MLAN) and a plurality of client VLANs nested on the top layer VLAN, wherein the MLAN has at least one physical or virtual firewall, each client VLAN has a virtual firewall and a lot of physical hardware machine and virtual cluster set system maintenance. The client VLAN serves as a normal subnet to be displayed to users. A network administrator can create, change, move and delete virtual resources loaded by dynamic and remote client VLANs.

Description

A kind of computer network system and method distributed for resource and configure cluster
Technical field
The present invention relates to the system and method for a kind of computer network, specifically a kind of resource that is used for is distributed and configuration cluster Computer network system and method.
Background technology
Running any application program on the computer systems, resource distribution is necessary.Resource distribution is the available money of distribution Source is various uses.When user opens any program, this will be considered a process, and it allows for running computer, therefore Need to distribute certain resource.This resource can to the data in the internal memory of computer, equipment interface relief area, one or Multiple files or one section of access of required disposal ability.
Increase and fast-developing computer technology and different types of computer network, the requirement of quick resource distribution More and more higher, therefore have been described above different ways in market and carry out Resources allocation, Dynamic Resource Allocation for Multimedia is also such money One of source method of salary distribution.Cloud computing technology allows business client upper and lower resource service condition dynamically to extend based on demand, many The expansion income of cloud model passes through multiplexing from resource virtualizing technique.This system utilizes Intel Virtualization Technology to distribute dynamically Data center resource based on application demand and support green calculate by the number of servers used in optimizing in advance Technology discloses.
Metropolitan Area Network (MAN) (MAN) is that an inter-client is even greater than LAN in a geographic area or regional coverage (LAN) computer resource in the region but less than wide area network (WAN) contained.Virtual for user-isolated entrance in MLAN system LAN or VLAN.Additionally, another VLAN can accommodate more user the most in the art it is known that therefore in packaging V LAN, The use of VLAN is increasing the most day by day.
Summary of the invention
It is an object of the invention to provide a kind of computer network system and method distributed and configure cluster for resource, With the problem solving to propose in above-mentioned background technology.
For achieving the above object, the present invention provides following technical scheme:
A kind of computer network method distributed for resource and configure cluster, management LAN is loaded in the computer network of cluster Network, management local netting gear body method includes:
(1) from multiple process nodes of multiple process nodes, configure multiple virtual machine and management LAN;
(2) receive the distribution multiple virtual machines from the configuration of multiple process nodes, distribute multiple process node grouping based on each Process function and the architecture of node;
(3) receive data source, then need to start list and the client of virtual machine, empty including creating a client local IP access Intend network (VLAN);
(4) map physical server and the process virtual equipment of node to, had access to physics at physical server Server runs;
(5) on the network outside network run virtual machine be initially the virtual machine number according to the virtual machine in list at least certain A little nodes processed;
(6) be connected at least one client firewall and rule added at least one virtual machine, with provide client with Client firewall has access to the web interface of MLAN and is associated.
As the further method of the present invention: in management LAN, from virtual machine, process node according to relevant to virtual machine The server mask list of connection starts the number of virtual machine.
As the further method of the present invention: in management LAN, receive sign display CPU usage information and internal memory uses The reception of amount information processes node, and based on CPU utilization rate information and internal memory usage amount information, it is ensured that processing, node is equal The CPU usage of even distribution and the processing of node that process of internal memory service condition start following virtual machine on node.
As the further method of the present invention: in management LAN, creating ethernet device does not has IP address and routing iinformation Associate at least one virtual machine, in order to the physical server being associated with virtual machine not can be appreciated that or responds in incoming packet Hold.
As the further method of the present invention: in management LAN, by control station and virtual screen information router to client Fire wall.
As the further method of the present invention: in management LAN, described establishment customer VLAN also includes: by IP address and Subnet number assignment is to client;Client-side vlan is distributed in first subnet address;Associated firewall function and offer are configured to The network packet of client is delivered to the gateway of client firewall client.
As the further method of the present invention: in management LAN, the subnet of another address is distributed as MLAN;From visitor Family end passes through second address, so that virtual machine to add to the VLAN client reception instruction of client.
As the further method of the present invention: in management LAN, a respective MAC Address maps each IP ground Location;Client firewall stores the IP address to MAC address of mapping to create DHCP table;Visitor is distributed in one IP address Family end fire wall is the MAC Address according to DHCP table association.
As the further method of the present invention: in management LAN, a MAC Address is distributed to corresponding client;Choosing The virtual machine template image initial template image selected, virtual machine adds the list of virtual machine to.
As the further method of the present invention: in management LAN, creating empty VLAN is not client firewall and fire prevention The external traffic distribution that wall is associated with the Internet resources shared of selected client, adds virtual port to client and prevents Wall with flues be the client firewall being associated according to the network address and from send and receive data shared resource.
As the further method of the present invention: management LAN in, wherein client firewall form further another prevent Wall with flues is by client and comprise under predefined rule, to reach at least one Internet resources shared or another visitor The most editable second fire wall of family end VLAN.
A kind of computer network system distributed for resource and configure cluster, management LAN is loaded in the computer of cluster Network, management local netting gear system system includes:
(1) configuration of multiple process nodes carries one or more virtual machine;One management LAN (MLAN) is configured;
(2) receiving multiple process nodal information, the plurality of process node prepares to carry the instruction of multiple virtual machines;
(3) multiple process node function based on each process node and framework group are distributed;
(4) receive data source and need the list of the virtual machine started;
(5) it is mapped to virtual unit with a physical server being associated in described process node, the net outside network The physical server operated on virtual machine on network accesses this physical server;
(6) at least some processes being initially according to virtual machine numbers multiple in list of virtual machine of node;
(7) be connected at least one client computer fire wall and rule added at least one virtual machine, with provide client with Client firewall accesses web interface MLAN and is associated.
As the further system of the present invention: in management LAN, server interface is associated with virtual machine, and by virtual Machine is assigned to one and processes node group, and wherein MLAN configures further and processes node group on virtual machine is according to server mask List starts the number of virtual machine.
As the further system of the present invention: in management LAN, receive CPU and use information and internal memory service condition item of information Process node;Use information based on CPU and memorizer use information processing node to start virtual machine in the future, to guarantee Process node cpu utilization rate and memorizer utilization rate and be uniformly distributed through processing node.
As the further system of the present invention: management LAN in, create do not have IP address ethernet device and with extremely A few virtual machine is associated so that the physical server being associated with virtual machine not can be appreciated that or incoming content response route letter Breath.
As the further system of the present invention: in management LAN, route control station and virtual screen information are prevented to client Wall with flues.
As the further system of the present invention: in management LAN, distribute multiple IP address and subnet to client;By first Client-side vlan association fire wall is distributed in individual subnet address;The network packet providing gateway to be configured to client is sent to The Fire-walled Client of client.
As the further system of the present invention: in management LAN, second address of distribution subnet MLAN;Receive from client One client instructing the VLAN adding client via the second address at virtual machine to.
As the further system of the present invention: in management LAN, each IP address is mapped to corresponding MAC Address;Set up DHCP table in the mapping of client firewall storage IP address to MAC address;The MAC Address that distribution is associated according to DHCP table IP address in the fire wall of client.
As the further system of the present invention: in management LAN, a MAC Address is distributed to corresponding client;Choosing In the template image of the virtual machine selected one;Initialize template image;Virtual machine adds the list of virtual machine to.
As the further system of the present invention: in management LAN, create and be not assigned to client firewall and client choosing Select the external flow sky VLAN between the fire wall that shared Internet resources are associated;Virtual port adds basis and visitor to Client computer fire wall in the network address list that the fire wall of family end is associated;Send and receive data from shared resource.
As the further system of the present invention: in management LAN, the fire wall of wherein said client also includes compiling Volume the second Fire-walled Client and comprise predefined rule to reach in shared Internet resources or another customer VLAN At least one.
Compared with prior art, the invention has the beneficial effects as follows:
The distribution of a kind of resource and the configuration computer network system of cluster and method are provided, initialize and a series of void such as maintenance Intend local area net carried in the computer system of cluster, to replace traditional data center.Each client-side vlan comprises virtual Fire wall, and substantial amounts of physical hardware machine and virtual machine cluster system maintenance.Client-side vlan is as normal subnet Display to the user that.
Accompanying drawing explanation
Fig. 1 is in the display system, is the hardware system used by the present embodiment according to subject matter;
Fig. 2 is that communication uses single or multiple ports and resource fire wall with shared resource, embodies according to current subject matter Editable client firewall private, non-;
Fig. 3 is an overall phylogenetic relationship figure and vlan topology problem;
In figure: 101a-101f be the cheap memory node of multiple redundant array, 102a-102c be multiple nonredundancy storage joint Point, 103a-103g be multiple process node, 104a-104g be that multiple network connects, 105a-105b is multiple network switch, 2310a-2310b and 2330a-2330b be VLAN client, 2206a-2206b be virtual switch, 2202-2205a and 2202-2205b be residential area, 3050 be switch, 3317a-3317b be switch ports themselves, 3318a-3318b be individual client VLAN, 3316a-3316b be personal firewalls, 3311a-3311b be client firewall, 3312-3315 and 3312-3315a/ B is residential area.
Detailed description of the invention
Below in conjunction with the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Based in the present invention Embodiment, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, all Belong to the scope of protection of the invention.
Embodiment 1
Refer to Fig. 1, include memory node (attack) 101a-101f of multiple redundant array an enforcement system 100, many Individual nonredundancy memory node 102a-102c, multiple process node 103a-103g, multiple network connect 104a-104g and multiple Network switch 105a-105b. memory node 101a-101f is the high-level storage of redundancy.Each node is mirrored dividing of redundancy Cloth is failure tolerant file system.Memory node 101a and 101b is a pair of, 101c and 101d is a pair of, and 101e and 101f is a pair of.Nonredundancy memory node 102a-102c is by comprising the most different disc drivers and not having cross-server Redundancy is the redundancy that customer need supplements safety.Each process node 103a-103g comprises 2,4,8 or more double process Device.It is that 6 cluster 1 Gbps Ethernets connect or 2 cluster 4 × 2.5 Gbps infinite bandwidths connect that network connects 104a-104g. In other embodiments, network connects the 104 more or less of connections of possible use and uses other agreements.The network switch 105a Ethernet switch is a switch or any other switch depends on that what protocol network connects 104 uses;Network is handed over The 105b that changes planes is probably switch for the Ethernet switch etc. outside communication network.
Embodiment 2
Refer to Fig. 2, use single port and non-editedable to be shared resource fire prevention by the communication of the shared resource of client Wall 2331b is disclosed.Client-side vlan 2310a and 2310b is the VLAN of typical client, it is also possible to have multiple VLAN, Shown Fig. 2,2310a and 2130a, 2310b and 2330b.The resource fire wall 2311a shared has the money that a port snooping is incoming Source is asked.Connecting is substantially one " virtual switch ", is labeled as 2206a and 2206b, and screening washer is based on incoming Ip Communication.Using " virtual switch ", client-side vlan 2310a and 2310b can reach the money shared that they specify Source, lives in 2202a-2205a and 2202b-2205b.
Embodiment 3
Referring to Fig. 3, display is shared resource and is embodied the process of the present invention as first-selection.Virtual gateway switching is marked as 3100 Being connected to another switch 3050,3050 switches comprise port 3317a and 3317b.VLAN 3300 is intended for management LAN or MLAN, comprise fire wall 3101 by the storage top VLAN of server initiation.MLAN 0 (VLAN in systems 3300) it is responsible for initializing, configuring and safeguard all customer VLAN, and the physical network in shared resource network and system Fire wall 3101 is that mirror image is repeatedly mentioned and as fire wall cluster in certain embodiments, firewall cluster be dispersed in several soon Multiple process nodes of route.Top layers VLAN 3300 comprises multiple client-side vlan 3310, has the fire wall of oneself 3311.It by being simply model at the element number shown in Fig. 3 or can understand that purpose correlation technique has common skill People understands, must not limit the protection domain of the present invention where formula in office.Such as, each top layers VLAN may comprise up to 255 Customer VLAN.On startup, each memory node contacts other memory nodes each, Boot Server and management control station 3102 The start-up course of managing firewall 3101.
Initially managing firewall 3101 or managing firewall cluster have been turned on, if virtual firewall route MLAN 3100 Memory node will need initially to run the process of startup managing firewall cluster, and this does not hinder MLAN3100 hardware firewall, But embodying in first-selection needs only server to provide, with to server, the basic structure that redundancy is identical with availability with switch Fire wall and router high availability in virtual environment can be given.In the embodiment of this first-selection, one group of storage server is permissible Start the copy of the redundancy of firewall/router 3101.Each example of fire wall will have identical MAC Address and any company The VLAN distribution of the ethernet port connect.
When adding a new client, they provide unique subnet of outside ip address number and its network.Each The static allocation of possible IP subnet gives a MAC address that may maybe can not use.Create customer VLAN 3310 Client-side vlan fire wall 3311 is distributed to first address of subnet.Fire wall comprises fire wall initialization and is saved in The mapping of the MAC address registered in advance of IPs, in order to IP is referred to as during the increase of machine creating DHCP table.Authorize this Client is configured to the network packet transmission of client and directly passes through IPSEC tunnel gateway to virtual firewall 3311 3100.Additionally, all of external transportation network packet is sent directly to the virtual firewall 3311 of client.Virtual firewall 3311 have a port to be connected to outside port 3317 receives external traffic by the network switch 3050, is equivalent to network exchange 3050. traffic are from shown in the dotted line in figure 3 of the individual VLAN 3310 by IPSEC tunnel client end to client.Empty Intending fire wall 3311 has a port to be connected to its individual client VLAN 3318 and in certain embodiments, optionally further Port is used for being connected to share resource 3319, as those are included in VLAN 3200 or at another client-side vlan.
Last subnet address is designated as managing control station 3102.Management control station 3102 is connected to main fire wall 3101 MLAN 3100, and, in certain embodiments, reach the client firewall by optional port.Therefrom, visitor Family end can be checked network settings and add machine 3312-3315.Client can create and the client being remotely responsible for them VLAN is by the virtual machine on management control station 3102.Client is to be added by 253 virtual machines, and virtual machine may be Any kind of machine, such as the web server of Windows or Linux, IP voice server etc..Select a machine Distribute MAC address this machine corresponding from the template image of memory node from client firewall 3311, specifically depend on Store after initialization in storage system type, customer selecting (redundant storage node or nonredundancy memory node).From that In, management control station 3102 machine adds the machine needing to run to list.Inquiry needs the next process of running of task Node dispensation machines.If it is the First machine run in the customer VLAN that is special, its startup one is virtual Port of intercepting be this VLAN.Once virtual machine is connected to VLAN, and its MAC address seen by fire wall, and it is prewired that it is composed it The IP address put is from DHCP table.
Client can be shared between its customer VLAN 3202-3205 of resource or at a shared resource network etc. Resource VLAN3200.In certain embodiments, these resources just can be arranged its client firewall 3311 by client Optional port is connected to the IP of selected shared resource and connects.Create as between the port of two fire walls in " dummy line " both sides Build the VLAN of sky.Rule is to arrange to process new traffic on fire wall two ends.VLAN bis-side on the client, fire wall 3311 Dynamically virtual port is added in itself and mapped port in client firewall 3311 network address list.If client wants Multiple optional port can be added from the resource-sharing of multiple positions.In the case, fire wall must enter in temporary close Row configuration.
The communication using the shared resource of the fire wall of the resource of multiple ports share is disclosed.There is a single port The upper resource fire wall 3201 shared is that each incoming connecting is attempted using resource 3202-3205 shared from client-side vlan Standby embodiment, firewall rule is the design of each single port.
Second fire wall, the VLAN of personal firewalls 3316 is comprised a first-selected each client embodying the present invention 3310.Private fire wall 3316 is not to be comprised predefined rule by client-side editing, to reach to share resource VLAN It is connected to the subnet of client and manages control station 3102 physical machine in 3200 or at another client-side vlan, VNC.Make May insure that user will not change unintentionally with this non-editable personal firewalls hinders the route of whole system route to advise Then.
It is obvious to a person skilled in the art that the invention is not restricted to the details of above-mentioned one exemplary embodiment, Er Qie In the case of the spirit or essential attributes of the present invention, it is possible to realize the present invention in other specific forms.Therefore, no matter From the point of view of which point, all should regard embodiment as exemplary, and be nonrestrictive, the scope of the present invention is by appended power Profit requires rather than described above limits, it is intended that all by fall in the implication of equivalency and scope of claim Change is included in the present invention.
Although moreover, it will be appreciated that this specification is been described by according to embodiment, but the most each embodiment only wraps Containing an independent technical scheme, this narrating mode of description is only that for clarity sake those skilled in the art should Description can also be formed those skilled in the art through appropriately combined as an entirety, the technical scheme in each embodiment May be appreciated other embodiments.

Claims (22)

1. the method for the computer network being used for resource distribution and configuration cluster, it is characterised in that management LAN is loaded in The computer network of cluster, management local netting gear body method includes:
(1) from multiple process nodes of multiple process nodes, configure multiple virtual machine and management LAN;
(2) receive the distribution multiple virtual machines from the configuration of multiple process nodes, distribute multiple process node grouping based on each Process function and the architecture of node;
(3) receive data source, then need to start list and the client of virtual machine, empty including creating a client local IP access Intend network (VLAN);
(4) map physical server and the process virtual equipment of node to, allow physical server have access to physics clothes Business device runs;
(5) on the network outside network run virtual machine be initially the virtual machine number according to the virtual machine in list at least certain A little nodes processed;
(6) be connected at least one client firewall and rule added at least one virtual machine, with provide client with Client firewall has access to the web interface of MLAN and is associated.
The most according to claim 1 a kind of for resource distribution with the method for computer network of configuration cluster, its feature It is, in management LAN, from virtual machine, processes node start according in the server mask list being associated with virtual machine The number of virtual machine.
The most according to claim 1 a kind of for resource distribution with the method for computer network of configuration cluster, its feature Being, in management LAN, the reception receiving sign display CPU usage information and internal memory usage amount information processes node, and Based on CPU utilization rate information and internal memory usage amount information, it is ensured that processing the equally distributed CPU usage of node and internal memory The processing of node that process of service condition starts following virtual machine on node.
The most according to claim 1 a kind of for resource distribution with the method for computer network of configuration cluster, its feature Being, in management LAN, creating ethernet device does not has IP address to associate at least one virtual machine with routing iinformation, in order to The physical server that virtual machine is associated not can be appreciated that or responds the content of incoming packet.
5., according to a kind of described in claim 1 or 4 for resource distribution with the method for computer network of configuration cluster, it is special Levy and be, in management LAN, by control station and virtual screen information router to client firewall.
The most according to claim 1 a kind of for resource distribution with the method for computer network of configuration cluster, its feature Being, in management LAN, described establishment customer VLAN also includes: by IP address and subnet number assignment to client;By Client-side vlan is distributed in one subnet address;Associated firewall function and offer are configured to the network packet of client and are delivered to visitor The gateway of family end Fire-walled Client.
The most according to claim 6 a kind of for resource distribution with the method for computer network of configuration cluster, its feature It is, in management LAN, the subnet of another address is distributed as MLAN;From client by second address, to incite somebody to action Virtual machine adds the VLAN client of client to and receives instruction.
The most according to claim 7 a kind of for resource distribution with the method for computer network of configuration cluster, its feature It is, in management LAN, a respective MAC Address maps each IP address;Client firewall stores and reflects The IP address to MAC address penetrated is to create DHCP table;It is to close according to DHCP table that one IP address is distributed to client firewall The MAC Address of connection.
The most according to claim 8 a kind of for resource distribution with the method for computer network of configuration cluster, its feature It is, in management LAN, a MAC Address is distributed to corresponding client;The virtual machine template image initial selected Template image, virtual machine adds the list of virtual machine to.
The most according to claim 1 a kind of for resource distribution with the method for computer network of configuration cluster, its feature Being, in management LAN, creating empty VLAN is not client firewall and fire wall and the sharing of selected client The external traffic distribution that Internet resources are associated, it is to be associated according to the network address that virtual port adds to client firewall Client firewall and from send and receive data shared resource.
11. is according to claim 1 a kind of for resource distribution with the method for computer network of configuration cluster, its feature Being, in management LAN, wherein client firewall forms another fire wall further is by client and comprising Under predefined rule, to reach at least one Internet resources or the most editable the second of another client-side vlan shared Individual fire wall.
12. 1 kinds for resource distribution and the system of the computer network of configuration cluster, it is characterised in that management LAN is loaded in The computer network of cluster, management local netting gear system system is:
(1) configuration of multiple process nodes carries one or more virtual machine;One management LAN (MLAN) is configured;
(2) receiving multiple process nodal information, the plurality of process node prepares to carry the instruction of multiple virtual machines;
(3) multiple process node function based on each process node and framework group are distributed;
(4) receive data source and need the list of the virtual machine started;
(5) it is mapped to virtual unit with a physical server being associated in described process node, the net outside network The physical server operated on virtual machine on network accesses this physical server;
(6) at least some processes being initially according to virtual machine numbers multiple in list of virtual machine of node;
(7) be connected at least one client computer fire wall and rule added at least one virtual machine, with provide client with Client firewall accesses web interface MLAN and is associated.
13. is according to claim 12 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levying and be, in management LAN, server interface is associated with virtual machine, and virtual machine is assigned to a process node Group, wherein MLAN configures further and processes node group on virtual machine is according to the number starting virtual machine in server mask list Mesh.
14. is according to claim 12 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levy and be, in management LAN, receive CPU and use information and the process node of internal memory service condition item of information;Based on CPU make Information processing node is used to start virtual machine in the future with information and memorizer, to guarantee processing node cpu utilization rate and depositing Reservoir utilization rate is uniformly distributed through processing node.
15. is according to claim 12 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levy and be, management LAN in, create do not have IP address ethernet device and with at least one virtual machine be associated so that The physical server being associated with virtual machine not can be appreciated that or incoming content response routing iinformation.
16. is according to claim 15 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levying and be, in management LAN, route control station and virtual screen information are to client firewall.
17. is according to claim 12 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levy and be, in management LAN, distribute multiple IP address and subnet to client;Client is distributed in first subnet address VLAN association fire wall;The network packet providing gateway to be configured to client is sent to the Fire-walled Client of client.
18. is according to claim 17 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levy and be, in management LAN, second address of distribution subnet MLAN;Receive an instruction from client to exist via the second address Virtual machine adds the client of the VLAN of client to.
19. is according to claim 17 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levying and be, in management LAN, each IP address is mapped to corresponding MAC Address;Set up on client firewall storage IP ground Location is to the DHCP table of the mapping of MAC Address;The IP address of the MAC Address that distribution is associated according to DHCP table is to the fire prevention of client In wall one.
20. is according to claim 17 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levy and be, in management LAN, a MAC Address is distributed to corresponding client;The Prototype drawing of the virtual machine selected In Xiang one;Initialize template image;Virtual machine adds the list of virtual machine to.
21. is according to claim 12 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levy and be, in management LAN, create and be not assigned to client firewall and client one shared Internet resources phase of selection External flow sky VLAN between the fire wall of association;Virtual port adds to according to the net being associated with the fire wall of client Client computer fire wall in network address table;Send and receive data from shared resource.
22. is according to claim 12 a kind of for resource distribution with the system of computer network of configuration cluster, and it is special Levy and be, management LAN in, the fire wall of wherein said client also include the most editable second Fire-walled Client and Comprise predefined rule to reach at least one in shared Internet resources or another customer VLAN.
CN201610178584.0A 2016-03-25 2016-03-25 Clustered computer network system and method for resource distribution and configuration Pending CN105847257A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610178584.0A CN105847257A (en) 2016-03-25 2016-03-25 Clustered computer network system and method for resource distribution and configuration

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610178584.0A CN105847257A (en) 2016-03-25 2016-03-25 Clustered computer network system and method for resource distribution and configuration

Publications (1)

Publication Number Publication Date
CN105847257A true CN105847257A (en) 2016-08-10

Family

ID=56583478

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610178584.0A Pending CN105847257A (en) 2016-03-25 2016-03-25 Clustered computer network system and method for resource distribution and configuration

Country Status (1)

Country Link
CN (1) CN105847257A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107579963A (en) * 2017-08-24 2018-01-12 南京南瑞集团公司 A kind of high performance firewall cluster
CN108989388A (en) * 2018-06-08 2018-12-11 河海大学常州校区 A kind of long-range valve control system and method based on OneNet platform
CN109976870A (en) * 2017-12-28 2019-07-05 中国移动通信集团重庆有限公司 Creation method, device, equipment and the medium of virtual machine

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107579963A (en) * 2017-08-24 2018-01-12 南京南瑞集团公司 A kind of high performance firewall cluster
CN109976870A (en) * 2017-12-28 2019-07-05 中国移动通信集团重庆有限公司 Creation method, device, equipment and the medium of virtual machine
CN108989388A (en) * 2018-06-08 2018-12-11 河海大学常州校区 A kind of long-range valve control system and method based on OneNet platform
CN108989388B (en) * 2018-06-08 2021-03-05 河海大学常州校区 Remote valve control system and method based on OneNet platform

Similar Documents

Publication Publication Date Title
US11063819B2 (en) Managing use of alternative intermediate destination computing nodes for provided computer networks
US9282055B2 (en) System and method for initializing and maintaining a series of virtual local area networks contained in a clustered computer system
US10601705B2 (en) Failover of centralized routers in public cloud logical networks
US10375015B2 (en) Methods and system for allocating an IP address for an instance in a network function virtualization (NFV) system
US9641450B1 (en) Resource placement templates for virtual networks
CN111095880B (en) Method, device, system and readable medium for public cloud logical network
US7792125B2 (en) System for dynamic provisioning for secure, scalable, and extensible networked computer environments
CN109040276B (en) Method and device for constructing cloud platform, computer storage medium and terminal
US20190173757A1 (en) High availability for stateful services in public cloud logical networks
EP1323037A2 (en) Method and apparatus for controlling an extensible computing system
CN105554015A (en) Management network and method for multi-tenant container cloud computing system
CN108111383A (en) A kind of cross-domain container virtual network construction method based on SDN
TW201008177A (en) Selectively re-mapping a network topology
CN110932907B (en) Linux container network configuration method and network system
US10277420B2 (en) System and method for providing private instances of shared resources using VxLAN
CN109445912A (en) A kind of configuration method of virtual machine, configuration system and SDN controller
CN105847257A (en) Clustered computer network system and method for resource distribution and configuration
CA2919182A1 (en) System and method for initializing and maintaining a series of virtual local area networks contained in a clustered computer system
WO2002069175A1 (en) Management tool anf graphical interface for control of an open internet protocol services platform
AU2016201484A1 (en) System and method for resource allocation and configuration in cluster computing network
JP2005100194A (en) Server device multiply belonging to two or more user closed network
Luevano et al. The Healthcare Simulation Technology Specialist and Information Technology
Lushta Active Directory Infrastructure Design and Network Topology Design for StarCom Software Developer Company
KR20150006575A (en) System for direct connection between clouds
Hicks et al. Configure DirectAccess Load Balancing

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160810