CN108494607A - The design method and system of big double layer network framework based on container - Google Patents

The design method and system of big double layer network framework based on container Download PDF

Info

Publication number
CN108494607A
CN108494607A CN201810353256.9A CN201810353256A CN108494607A CN 108494607 A CN108494607 A CN 108494607A CN 201810353256 A CN201810353256 A CN 201810353256A CN 108494607 A CN108494607 A CN 108494607A
Authority
CN
China
Prior art keywords
network
container
interface card
physical
ovs
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810353256.9A
Other languages
Chinese (zh)
Other versions
CN108494607B (en
Inventor
孟宪宇
李军
禹睿博
梁伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cloud Home Network Technology Co Ltd
Original Assignee
Cloud Home Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cloud Home Network Technology Co Ltd filed Critical Cloud Home Network Technology Co Ltd
Priority to CN201810353256.9A priority Critical patent/CN108494607B/en
Publication of CN108494607A publication Critical patent/CN108494607A/en
Application granted granted Critical
Publication of CN108494607B publication Critical patent/CN108494607B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5041Network service management, e.g. ensuring proper service fulfilment according to agreements characterised by the time relationship between creation and deployment of a service

Abstract

The present invention provides the design methods and system of the big double layer network based on container, are related to virtual communication switching technology field, including:Ovs bridges are attached from different physical network cards, and the physical connection of network between container is established by the physical network card on different hosts;Based on physical connection, and by from pipe service acquisition mission bit stream, the network connection established between container and ovs bridges according to mission bit stream or new container is established.The present invention can improve the deployment efficiency of network, be conducive to the management and maintenance of equipment.

Description

The design method and system of big double layer network framework based on container
Technical field
The present invention relates to virtual communication switching technology fields, more particularly, to setting for the big double layer network framework based on container Count method and system.
Background technology
There is very long history with oriented Internet Architecture, with drastically expansion and the type of service of network size It enriches constantly, the structure and function of internet is also increasingly sophisticated, and major defect is to need a large amount of physical equipment, network management and control Difficulty increasingly increases, and network new function is difficult to rapid deployment, and autgmentability is easy to be limited by physical equipment, cannot use automatic Chemical industry tool is managed, and is unfavorable for the maintenance in later stage.It is combined with virtualization technologies such as docker (application container engine) When, traditional network cannot be satisfied the more and more flexible and changeable demand of business network, cannot make full use of the property of physical equipment Can, the advantage of the next resource isolation in NameSpace isolation strip of virtualization technology offer can not be provided.
Invention content
In view of this, the purpose of the present invention is to provide the design method of the big double layer network framework based on container and being System, to improve the deployment efficiency of network, is conducive to the management and maintenance of equipment.
In a first aspect, the design method of an embodiment of the present invention provides a kind of big double layer network based on container, wherein packet It includes:
Ovs bridges are attached from different physical network cards, and container is established by the physical network card on different hosts Between network physical connection;
Based on the physical connection, and by the way that from pipe service acquisition mission bit stream, container is established according to the mission bit stream New container is established in network connection between ovs bridges.
With reference to first aspect, an embodiment of the present invention provides the first possible embodiments of first aspect, wherein institute It includes outer net network interface card and Intranet network interface card to state physical network card, and ovs bridges are attached from different physical network cards, pass through different hosts On the physical network card establish the physical connection of network between container, including:
The ovs bridges are attached with the outer net network interface card and the Intranet network interface card respectively;
The physical connection that the outer net network interface card on different hosts passes through network Route establishment external container network communication;
The physical connection that the Intranet network interface card on different hosts passes through network communication between network Route establishment container.
With reference to first aspect, an embodiment of the present invention provides second of possible embodiments of first aspect, wherein base In the physical connection, and by from pipe service acquisition mission bit stream, according to the mission bit stream establish container and ovs bridges it Between network connection or establish new container, including:
Based on the physical connection, and by described from mission bit stream described in pipe service acquisition;
When the task type of the mission bit stream is to create the task of network, call pipework tools to the container IP address is added, calls ovs orders that will add logic interfacing in the ovs bridges, establishes the network between container and ovs bridges Connection;
When the task type of the mission bit stream is newly-built container and adds the task of network, docker API works are called Tool creates the new container, and the step of executing the network connection established between container and ovs bridges to the new container.
With reference to first aspect, an embodiment of the present invention provides the third possible embodiments of first aspect, wherein institute It includes application container and gateway container to state container, and the method further includes:
When establishing private network, in the first host, first network that the first ovs bridges send out the application container Data packet carries out rule match, and the legal first network data packet is sent to the first Intranet network interface card;
The first Intranet network interface card is route by network passes through second in the second host by the first network data packet Intranet network interface card is sent to the gateway container;
The gateway container is connected by the 2nd ovs bridges with the second outer net network interface card, and passes through the second outer net network interface card The first network data packet is sent to external network to communicate.
The third possible embodiment with reference to first aspect, an embodiment of the present invention provides the 4th kind of first aspect Possible embodiment, wherein the method further includes:
When establishing global network, in first host, the application container is by the first ovs bridges by Two network packets are sent to the first outer net network interface card and carry out routing communication, and by the first outer net network interface card by second net Network data packet is sent to external network and is communicated.
With reference to first aspect, an embodiment of the present invention provides the 5th kind of possible embodiments of first aspect, wherein institute The method of stating further includes:
It is accessed mutually by Intranet between the container.
The 5th kind of possible embodiment with reference to first aspect, an embodiment of the present invention provides the 6th kind of first aspect Possible embodiment, wherein it is accessed mutually by Intranet between the container, including:
When application container accesses to gateway container, data flow is sent to the first ovs bridges by the first Intranet network interface card, The data flow is sent to the 2nd ovs bridges where the gateway container by physical switches by the first ovs bridges, and second The data flow is sent to the second Intranet network interface card by ovs bridges, is realized and is accessed communication.
The 5th kind of possible embodiment with reference to first aspect, an embodiment of the present invention provides the 7th kind of first aspect Possible embodiment, wherein before by Intranet IP access mutually between the container, the method further includes:
Rule objects are defined between the container, generate intercommunication rule;
It is the format that can identify of OpenFlow agreements by the intercommunication rule transformation and is sent to virtual switch, so that The virtual switch carries out the isolation of network flow.
Second aspect, the embodiment of the present invention also provide a kind of design system of the big double layer network based on container, wherein packet Multiple main frames are included, the ovs bridges on each host are attached from container and different physical network cards respectively, and pass through different masters The physical network card on machine establishes the physical connection of network between container.
In conjunction with second aspect, an embodiment of the present invention provides the first possible embodiments of second aspect, wherein institute It includes gateway container and application container to state container.
The embodiment of the present invention brings following advantageous effect:
The design method and system of big double layer network framework provided by the invention based on container, including:Ovs bridges with not Same physical network card is attached, and the physical connection of network between container is established by the physical network card on different hosts;It is based on Physical connection, and by from pipe service acquisition mission bit stream, establishing the network between container and ovs bridges according to mission bit stream and connecting Connect or establish new container.The present invention can improve the deployment efficiency of network, be conducive to the management and maintenance of equipment.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification It obtains it is clear that understand through the implementation of the invention.The purpose of the present invention and other advantages are in specification, claims And specifically noted structure is realized and is obtained in attached drawing.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment cited below particularly, and coordinate Appended attached drawing, is described in detail below.
Description of the drawings
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art are briefly described, it should be apparent that, in being described below Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor It puts, other drawings may also be obtained based on these drawings.
Fig. 1 is the network topology model figure that the embodiment of the present invention one provides;
Fig. 2 is the design method flow chart of the big double layer network provided by Embodiment 2 of the present invention based on container;
Fig. 3 is network management framework schematic diagram provided by Embodiment 2 of the present invention;
Fig. 4 is network mode schematic diagram in container provided by Embodiment 2 of the present invention.
Icon:
The first hosts of 100-;110- the first Intranet network interface cards;120- application containers;The first ovs bridges of 130-;Outside 140- first Net network interface card;The second hosts of 200-;210- the second Intranet network interface cards;220- gateway containers;The 2nd ovs bridges of 230-;Outside 240- second Net network interface card;300- networks are route.
Specific implementation mode
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention Technical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather than Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise Lower obtained every other embodiment, shall fall within the protection scope of the present invention.
Currently, having had very long history with oriented Internet Architecture, with the drastically expansion of network size and business Type is enriched constantly, and the structure and function of internet is also increasingly sophisticated, and major defect is to need a large amount of physical equipment, net Network management and control difficulty increasingly increases, and network new function is difficult to rapid deployment, and autgmentability is easy to be limited by physical equipment, cannot make It is managed with automation tools, is unfavorable for the maintenance in later stage.It is traditional when being combined with virtualization technologies such as docker Network cannot be satisfied the more and more flexible and changeable demand of business network, cannot make full use of the performance of physical equipment, can not The advantage of the next resource isolation in NameSpace isolation strip of virtualization technology offer is provided.
Based on this, the design method and system of the big double layer network framework provided in an embodiment of the present invention based on container can To improve the deployment efficiency of network, be conducive to the management and maintenance of equipment.
For ease of understanding the present embodiment, first to big two layers of net based on container disclosed in the embodiment of the present invention The design system of network describes in detail.
Embodiment one:
Fig. 1 is the network topology model figure that the embodiment of the present invention one provides.
Architecture using open source software openvswitch as network communication between container simulates net using its software The function of network (SDN) builds the big double layer network based on container, as shown in Figure 1, the design department of the big double layer network based on container System includes multiple main frames, the first host 100 and the second host 200 as illustrated in the diagram;Include container, ovs nets in each host Bridge and two physical network cards, wherein container are divided into application container 120 and gateway container 220, are respectively arranged on the first host 100 On the second host 200.Ovs bridges on each host are attached from container and different physical network cards respectively;Also, no It is used to establish the physical connection of network between container with two physical network cards on host.Corresponding Physical Network on different hosts It is attached by network routing 300 between card.
Embodiment two:
Fig. 2 is the design method flow chart of the big double layer network provided by Embodiment 2 of the present invention based on container.
Design system based on the big double layer network based on container that above-described embodiment provides, network topology building method packet It includes and establishes network connection and carry out two aspect content of network management, as shown in Figure 2:
Step S01, ovs bridge is attached from different physical network cards, is established by the physical network card on different hosts The physical connection of network between container.
Step S02 is based on physical connection, and by the way that from pipe service acquisition mission bit stream, container is established according to mission bit stream New container is established in network connection between ovs bridges.
For step S01, referring to Fig.1, ovs bridges are attached with outer net network interface card and Intranet network interface card respectively;First host In 100, the first ovs bridges 130 are attached with the first outer net network interface card 140 and the first Intranet network interface card 110 respectively;Second host In 200, the 2nd ovs bridges 230 are attached with the second outer net network interface card 240 and the second Intranet network interface card 210 respectively.
Outer net network interface card on different hosts establishes the physical connection of external container network communication by network routing 300;That is, First outer net network interface card 140 and the second outer net network interface card 240 correspond to the network of external container.
Intranet network interface card on different hosts establishes the physical connection of network communication between container by network routing 300;That is, The physical connection of first Intranet network interface card 110 and the second Intranet network interface card 210 for network communication between capacitor network.
Based on network management framework shown in Fig. 3, the specific implementation process of step S02 includes:
Physical connection based on network topology structure, and by from the mission bit stream in pipe service acquisition message queue.From The task type of mission bit stream is analyzed in pipe service, when the task type of mission bit stream is to create the task of network, is adjusted With pipework tools give container add IP address, call ovs orders will add logic interfacing in ovs bridges, establish container and Network connection between ovs bridges.When the task type of mission bit stream is newly-built container and adds the task of network, call Docker API instrument creation new containers, and the step of network connection between container and ovs bridges is established to new container execution, Also, new container can be confirmed after being added to IP address into function Access Gateway container 220, and so far new container addition network is appointed Business executes completion.Here, the new container created is application container.
Every time during newly-built application container, a customized private network or publicly-owned net can be distributed to it Network.When establishing private network, in the first host 100, first network that the first ovs bridges 130 send out application container 120 Data packet carries out rule match, and legal first network data packet is sent to the first Intranet network interface card 110;First Intranet net First network data packet is sent to by card 110 by network routing 300 by the second Intranet network interface card 210 in the second host 200 Gateway container 220;Gateway container 220 is connected by the 2nd ovs bridges 230 with the second outer net network interface card 240, and passes through the second outer net First network data packet is sent to external network and communicated by network interface card 240.
When defining private network, network can be isolated using vlan, different users belongs to different vlan Under.
When establishing global network, in the first host 100, application container 120 is by the first ovs bridges 130 by second Network packet is sent to the first outer net network interface card 140 and carries out routing communication, and by the first outer net network interface card 140 by the second network number External network is sent to according to packet to be communicated.Second network packet is no longer needed to by gateway container 220.
In addition, the design method of the big double layer network based on container further includes:It is visited mutually by Intranet between container It asks.
Before mutual access, rule objects are defined between container, generate intercommunication rule, rule objects include mesh IP address, source IP address, target port and source port.After intercommunication rule is completed in definition, it is by intercommunication rule transformation Format that OpenFlow agreements can identify simultaneously is sent to virtual switch (openvswitch), so that virtual switch carries out The isolation of network flow.
Here in IP address management, sub-network division technology has been used, it can be with sets itself net by sub-network division user The size of the scale of network can facilitate user to establish the network environment for being suitble to oneself scale, to make full use of the bandwidth of network.
The network mode accessed mutually by Intranet between container is as shown in figure 4, when application container is to gateway container When accessing, in the first host, data flow is sent to the first ovs bridges of Intranet by the first Intranet network interface card (eth0) Data flow is sent to where gateway container by physical switches (Switch) by (veth0 and eth1), the first ovs bridges Data flow is sent to the second Intranet network interface card (eth0) by two ovs bridges (veth0 and eth1), the 2nd ovs bridges, realizes two appearances Access communication between device.
The embodiment of the present invention brings following advantageous effect:
The design method and system of big double layer network framework provided by the invention based on container, including:Ovs bridges with not Same physical network card is attached, and the physical connection of network between container is established by the physical network card on different hosts;It is based on Physical connection, and by from pipe service acquisition mission bit stream, establishing the network between container and ovs bridges according to mission bit stream and connecting Connect or establish new container.The present invention can improve the deployment efficiency of network, be conducive to the management and maintenance of equipment.
It should be noted that:Similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined, then it further need not be defined and explained in subsequent attached drawing in a attached drawing.
The embodiment of the present invention also provides a kind of electronic equipment, including memory, processor, and being stored in memory can locate The computer program that runs on reason device, processor realize that above-described embodiment provides when executing computer program based on the big of container The step of design method of double layer network.
The embodiment of the present invention also provides a kind of computer readable storage medium, and meter is stored on computer readable storage medium Calculation machine program executes the design side of the big double layer network based on container of above-described embodiment when computer program is run by processor The step of method.
In addition, in the description of the embodiment of the present invention unless specifically defined or limited otherwise, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can Can also be electrical connection to be mechanical connection;It can be directly connected, can also indirectly connected through an intermediary, Ke Yishi Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in invention.
In the description of the present invention, it should be noted that term "center", "upper", "lower", "left", "right", "vertical", The orientation or positional relationship of the instructions such as "horizontal", "inner", "outside" be based on the orientation or positional relationship shown in the drawings, merely to Convenient for the description present invention and simplify description, do not indicate or imply the indicated device or element must have a particular orientation, With specific azimuth configuration and operation, therefore it is not considered as limiting the invention.In addition, term " first ", " second ", " third " is used for description purposes only, and is not understood to indicate or imply relative importance.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed systems, devices and methods, it can be with It realizes by another way.The apparatus embodiments described above are merely exemplary, for example, the division of the unit, Only a kind of division of logic function, formula that in actual implementation, there may be another division manner, in another example, multiple units or component can To combine or be desirably integrated into another system, or some features can be ignored or not executed.Another point, it is shown or beg for The mutual coupling, direct-coupling or communication connection of opinion can be by some communication interfaces, device or unit it is indirect Coupling or communication connection can be electrical, machinery or other forms.
The unit illustrated as separating component may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme 's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in the executable non-volatile computer read/write memory medium of a processor.Based on this understanding, of the invention Technical solution substantially the part of the part that contributes to existing technology or the technical solution can be with software in other words The form of product embodies, which is stored in a storage medium, including some instructions use so that One computer equipment (can be personal computer, server or the network equipment etc.) executes each embodiment institute of the present invention State all or part of step of method.And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read- Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with Store the medium of program code.
Finally it should be noted that:Embodiment described above, only specific implementation mode of the invention, to illustrate the present invention Technical solution, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair It is bright to be described in detail, it will be understood by those of ordinary skill in the art that:Any one skilled in the art In the technical scope disclosed by the present invention, it can still modify to the technical solution recorded in previous embodiment or can be light It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make The essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover the protection in the present invention Within the scope of.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. a kind of design method of the big double layer network based on container, which is characterized in that including:
Ovs bridges are attached from different physical network cards, are established between container by the physical network card on different hosts The physical connection of network;
Based on the physical connection, and by the way that from pipe service acquisition mission bit stream, container and ovs are established according to the mission bit stream New container is established in network connection between bridge.
2. according to the method described in claim 1, it is characterized in that, the physical network card includes outer net network interface card and Intranet network interface card, Ovs bridges are attached from different physical network cards, and network between container is established by the physical network card on different hosts Physical connection, including:
The ovs bridges are attached with the outer net network interface card and the Intranet network interface card respectively;
The physical connection that the outer net network interface card on different hosts passes through network Route establishment external container network communication;
The physical connection that the Intranet network interface card on different hosts passes through network communication between network Route establishment container.
3. according to the method described in claim 1, it is characterized in that, be based on the physical connection, and by from pipe service acquisition Mission bit stream, the network connection established between container and ovs bridges according to the mission bit stream or establishes new container, including:
Based on the physical connection, and by described from mission bit stream described in pipe service acquisition;
When the task type of the mission bit stream is to create the task of network, pipework tools is called to be added to the container IP address calls ovs orders that will add logic interfacing in the ovs bridges, and the network established between container and ovs bridges connects It connects;
When the task type of the mission bit stream is newly-built container and adds the task of network, docker API tools wound is called Build the new container, and the step of network connection established between container and ovs bridges is executed to the new container.
4. described according to the method described in claim 1, it is characterized in that, the container includes application container and gateway container Method further includes:
When establishing private network, in the first host, first network data that the first ovs bridges send out the application container Packet carries out rule match, and the legal first network data packet is sent to the first Intranet network interface card;
The first Intranet network interface card is route by network passes through the second Intranet in the second host by the first network data packet Network interface card is sent to the gateway container;
The gateway container is connected by the 2nd ovs bridges with the second outer net network interface card, and by the second outer net network interface card by institute It states first network data packet and is sent to external network and communicated.
5. according to the method described in claim 4, it is characterized in that, the method further includes:
When establishing global network, in first host, the application container is by the first ovs bridges by the second net Network data packet is sent to the first outer net network interface card and carries out routing communication, and by the first outer net network interface card by the second network number External network is sent to according to packet to be communicated.
6. according to the method described in claim 1, it is characterized in that, the method further includes:
It is accessed mutually by Intranet between the container.
7. according to the method described in claim 6, it is characterized in that, being accessed mutually by Intranet between the container, packet It includes:
When application container accesses to gateway container, data flow is sent to the first ovs bridges by the first Intranet network interface card, and first The data flow is sent to the 2nd ovs bridges where the gateway container, the 2nd ovs by physical switches by ovs bridges The data flow is sent to the second Intranet network interface card by bridge, is realized and is accessed communication.
8. according to the method described in claim 6, it is characterized in that, being accessed mutually by Intranet IP between the container Before, the method further includes:
Rule objects are defined between the container, generate intercommunication rule;
It is the format that can identify of OpenFlow agreements by the intercommunication rule transformation and is sent to virtual switch, so that described Virtual switch carries out the isolation of network flow.
9. a kind of design system of the big double layer network based on container, which is characterized in that including multiple main frames, on each host Ovs bridges are attached from container and different physical network cards respectively, and are established by the physical network card on different hosts The physical connection of network between container.
10. system according to claim 9, which is characterized in that the container includes gateway container and application container.
CN201810353256.9A 2018-04-19 2018-04-19 Container-based design method and system for large two-layer network architecture Expired - Fee Related CN108494607B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810353256.9A CN108494607B (en) 2018-04-19 2018-04-19 Container-based design method and system for large two-layer network architecture

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810353256.9A CN108494607B (en) 2018-04-19 2018-04-19 Container-based design method and system for large two-layer network architecture

Publications (2)

Publication Number Publication Date
CN108494607A true CN108494607A (en) 2018-09-04
CN108494607B CN108494607B (en) 2021-11-02

Family

ID=63313606

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810353256.9A Expired - Fee Related CN108494607B (en) 2018-04-19 2018-04-19 Container-based design method and system for large two-layer network architecture

Country Status (1)

Country Link
CN (1) CN108494607B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109450768A (en) * 2018-11-01 2019-03-08 中国联合网络通信集团有限公司 The method of container interconnection and the system interconnected for container
CN110391993A (en) * 2019-07-12 2019-10-29 苏州浪潮智能科技有限公司 A kind of data processing method and system
CN111654559A (en) * 2020-05-29 2020-09-11 深圳前海微众银行股份有限公司 Container data transmission method and device
CN111786826A (en) * 2020-06-29 2020-10-16 杭州安恒信息技术股份有限公司 Industrial control equipment operation and maintenance auditing system, industrial control equipment operation and maintenance method and computer equipment
CN112887290A (en) * 2021-01-20 2021-06-01 深圳行云创新科技有限公司 Network security access control method based on kubernets
CN113765816A (en) * 2021-08-02 2021-12-07 阿里巴巴新加坡控股有限公司 Flow control method, system, equipment and medium based on service grid

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103647692A (en) * 2013-11-04 2014-03-19 北京奇虎科技有限公司 Network processing method, device and system
CN103812704A (en) * 2014-02-25 2014-05-21 国云科技股份有限公司 Public network IP (Internet Protocol) dynamic management method for virtual machine
CN104468746A (en) * 2014-11-23 2015-03-25 国云科技股份有限公司 Method for realizing distributed virtual networks applicable to cloud platform
CN105978781A (en) * 2016-06-28 2016-09-28 浪潮电子信息产业股份有限公司 Method and system for establishing network connection of Docker container, and client side
CN107579898A (en) * 2017-09-14 2018-01-12 快云信息科技有限公司 The method and its device of interconnected communication between one kind of multiple containers

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103647692A (en) * 2013-11-04 2014-03-19 北京奇虎科技有限公司 Network processing method, device and system
CN103812704A (en) * 2014-02-25 2014-05-21 国云科技股份有限公司 Public network IP (Internet Protocol) dynamic management method for virtual machine
CN104468746A (en) * 2014-11-23 2015-03-25 国云科技股份有限公司 Method for realizing distributed virtual networks applicable to cloud platform
CN105978781A (en) * 2016-06-28 2016-09-28 浪潮电子信息产业股份有限公司 Method and system for establishing network connection of Docker container, and client side
CN107579898A (en) * 2017-09-14 2018-01-12 快云信息科技有限公司 The method and its device of interconnected communication between one kind of multiple containers

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109450768A (en) * 2018-11-01 2019-03-08 中国联合网络通信集团有限公司 The method of container interconnection and the system interconnected for container
CN109450768B (en) * 2018-11-01 2021-06-01 中国联合网络通信集团有限公司 Method for interconnecting containers and system for interconnecting containers
CN110391993A (en) * 2019-07-12 2019-10-29 苏州浪潮智能科技有限公司 A kind of data processing method and system
CN111654559A (en) * 2020-05-29 2020-09-11 深圳前海微众银行股份有限公司 Container data transmission method and device
CN111654559B (en) * 2020-05-29 2023-04-07 深圳前海微众银行股份有限公司 Container data transmission method and device
CN111786826A (en) * 2020-06-29 2020-10-16 杭州安恒信息技术股份有限公司 Industrial control equipment operation and maintenance auditing system, industrial control equipment operation and maintenance method and computer equipment
CN112887290A (en) * 2021-01-20 2021-06-01 深圳行云创新科技有限公司 Network security access control method based on kubernets
CN112887290B (en) * 2021-01-20 2022-07-15 深圳行云创新科技有限公司 Network security access control method based on kubernets
CN113765816A (en) * 2021-08-02 2021-12-07 阿里巴巴新加坡控股有限公司 Flow control method, system, equipment and medium based on service grid
CN113765816B (en) * 2021-08-02 2023-12-15 阿里巴巴新加坡控股有限公司 Flow control method, system, equipment and medium based on service grid

Also Published As

Publication number Publication date
CN108494607B (en) 2021-11-02

Similar Documents

Publication Publication Date Title
US10797970B2 (en) Interactive hierarchical network chord diagram for application dependency mapping
CN108494607A (en) The design method and system of big double layer network framework based on container
EP3031174B1 (en) Hybrid network management
CN107147509B (en) Virtual private network service implementation method, device and communication system
US9088503B2 (en) Multi-tenant information processing system, management server, and configuration management method
CN108712286A (en) The determination method, apparatus and storage medium of network topology structure
Lu et al. Hybnet: Network manager for a hybrid network infrastructure
CN109076028A (en) Heterogeneous software defines the differential section in network environment
CN107438983A (en) Determine software defined network, storage and the physics and the compiler and method of virtual resource that calculate
CN109547349A (en) Flow managing method, device, terminal and storage medium based on virtual flow-line
WO2020248805A1 (en) Service chain orchestration method and apparatus, storage medium and electronic apparatus
CN108123818B (en) Simulation method for flexible and extensible fusion of virtual and actual networks
CN107005482A (en) For software defined network, storage and the compiler and method for calculating execution operation
CN104350467A (en) Elastic enforcement layer for cloud security using SDN
CN106953848B (en) Software defined network implementation method based on ForCES
CN107005471A (en) Universal Subscriber premises equipment
CN108123819B (en) Virtual-real network seamless fusion simulation method
JP6248938B2 (en) Communication system, virtual network management apparatus, virtual network management method and program
JP2013081053A (en) Virtual network logical topology configuration management method and management server
CN105282003B (en) Establish the method and system and tunnel control device and virtual switch in tunnel
US10944641B1 (en) Systems and methods for application traffic simulation using captured flows
CN106155264B (en) Manage the computer approach and computer system of the power consumption of storage subsystem
CN114363021A (en) Network shooting range system, virtual network implementation method and device of network shooting range system
WO2018010601A1 (en) Method and apparatus for configuring router
US9032063B2 (en) Dynamic port naming in a chassis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20211102

CF01 Termination of patent right due to non-payment of annual fee