CN109660381A - Distribution management method, device, server and storage medium - Google Patents
Distribution management method, device, server and storage medium Download PDFInfo
- Publication number
- CN109660381A CN109660381A CN201811253238.XA CN201811253238A CN109660381A CN 109660381 A CN109660381 A CN 109660381A CN 201811253238 A CN201811253238 A CN 201811253238A CN 109660381 A CN109660381 A CN 109660381A
- Authority
- CN
- China
- Prior art keywords
- server
- dependent
- primary server
- primary
- dependent server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 45
- 238000003860 storage Methods 0.000 title claims abstract description 29
- 238000009826 distribution Methods 0.000 title claims abstract description 24
- 230000001419 dependent effect Effects 0.000 claims abstract description 163
- 238000004891 communication Methods 0.000 claims abstract description 12
- 238000000034 method Methods 0.000 claims description 39
- 238000004590 computer program Methods 0.000 claims description 19
- 230000015654 memory Effects 0.000 claims description 19
- 230000005856 abnormality Effects 0.000 claims description 14
- 238000012545 processing Methods 0.000 claims description 12
- 230000002159 abnormal effect Effects 0.000 claims description 10
- 238000009434 installation Methods 0.000 claims description 3
- 238000004422 calculation algorithm Methods 0.000 description 22
- 230000006870 function Effects 0.000 description 20
- 230000005540 biological transmission Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 7
- 239000003795 chemical substances by application Substances 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000001360 synchronised effect Effects 0.000 description 4
- 238000012546 transfer Methods 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 3
- 241000282326 Felis catus Species 0.000 description 2
- 101000643431 Homo sapiens Protein phosphatase Slingshot homolog 2 Proteins 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000002674 ointment Substances 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
- H04L41/042—Network management architectures or arrangements comprising distributed management centres cooperatively managing the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
A kind of distribution management method, which comprises the communication connection that primary server is established and is subordinated between at least one dependent server of the primary server;The primary server establishes the trusting relationship between each dependent server;The primary server selects corresponding dependent server;The primary server receives operational order;And the primary server remotely controls corresponding dependent server according to the operational order and executes relevant operation.The present invention also provides a kind of distributed management device, server and storage mediums.The present invention realizes the primary server in distributed system as console, the dependent server for needing to operate can be selected on the primary server of distributed deployment, as long as inputting specified order on the primary server and selecting corresponding dependent server, it can complete corresponding operation, without logging in the dependent server, the multiple dependent server can be managed with portable.
Description
Technical field
The present invention relates to fields of communication technology, and in particular to a kind of distribution management method, device, server and storage are situated between
Matter.
Background technique
With the explosive growth of business datum amount, traditional client-server model can not adapt to big data ring
The application request of magnanimity under border.The distributed system based on Hadoop can be used to handle and analyze mass data at present.Institute
Stating Hadoop distributed system, file system is storage system in a distributed manner, using MapReduce as the distributed frame of computation model
Frame, the distributed cluster system being made of thousands of servers.
In the prior art, for distributed cluster system, the usual more a slave examples of master connection N, often
A slave is an individual server, and the server that all slave are disposed above is completely equivalent each other, but phase
It is mutually independent.But management is upper pretty troublesome, the service of slave at present starts, stops, restarting that require manual entry corresponding
Slave server, manually performing corresponding order can be only achieved purpose, and inefficiency is cumbersome.
Summary of the invention
In view of the foregoing, it is necessary to propose a kind of distribution management method, device, server and storage medium, it can be with
Portable manages multiple dependent servers.
The first aspect of the present invention provides a kind of distribution management method, which comprises
The communication connection that primary server is established and is subordinated between at least one dependent server of the primary server;
The primary server establishes the trusting relationship between each dependent server;
The primary server selects corresponding dependent server;
The primary server receives operational order;And
The primary server remotely controls corresponding dependent server according to the operational order and executes relevant operation.
Preferably, the step of trusting relationship that the primary server is established between each dependent server includes:
Collapse directories under active user's root in the primary server;
The private key file and public key file of the primary server are generated under the collapse directories;
The private key file is loaded on the primary server;
The public key file is copied to the dependent server;And
Log on to the dependent server, and the specific file by the public key file appending into the dependent server
End.
Preferably, this method further includes judging whether the private key file in the primary server loads success;
When private key file load is unsuccessful, the load abnormal prompt prestored and its corresponding abnormality processing side are inquired
Method corresponds to table;
Abnormality processing is carried out according to query result.
Preferably, the method also includes:
Judge in the dependent server with the presence or absence of the specific file;
When the specific file is not present in the dependent server, the specific file is established by command statement.
Preferably, the display equipment of the primary server includes a user interface, wherein the user interface
On show the dependent server that trusting relationship is established with the primary server.
Preferably, the operational order includes starting the dependent server, suspending described in the dependent server, closing
Copy or the upload of dependent server, the restarting dependent server and file.
Preferably, the primary server remotely controls corresponding dependent server by the Paramiko of installation.
The second aspect of the present invention provides a kind of distributed management device, and described device includes:
Module is established, primary server is established and be subordinated to logical between at least one dependent server of the primary server
Letter connection;
It is described to establish module, it is also used to the trusting relationship established between each dependent server;
Selecting module, for selecting corresponding dependent server;
Receiving module, for receiving operational order;And
Execution module executes relevant operation for remotely controlling corresponding dependent server according to the operational order.
The third aspect of the present invention provides a kind of server, and the server includes processor and memory, the processing
Device is for realizing the distribution management method when executing the computer program stored in the memory.
The fourth aspect of the present invention provides a kind of computer readable storage medium, deposits on the computer readable storage medium
Computer program is contained, the computer program realizes the distribution management method when being executed by processor.
Distribution management method, device, server and storage medium of the present invention, by establish primary server with from
Belong to the trusting relationship between at least one dependent server of the primary server, and by installing in primary server
Paramiko tool remotely controls at least one described dependent server.It realizes in the primary server conduct in distributed system
Platform is controlled, the dependent server for needing to operate can be selected on the primary server, is referred to as long as being inputted on the primary server
Fixed order and select corresponding dependent server, so that it may corresponding operation is completed, it, can be with without logging in the dependent server
Portable manages the multiple dependent server.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the flow chart for the distribution management method that the embodiment of the present invention one provides.
Fig. 2 is the functional block diagram of distributed management device provided by Embodiment 2 of the present invention.
Fig. 3 is the schematic diagram for the server that the embodiment of the present invention three provides.
The present invention that the following detailed description will be further explained with reference to the above drawings.
Specific embodiment
To better understand the objects, features and advantages of the present invention, with reference to the accompanying drawing and specific real
Applying example, the present invention will be described in detail.It should be noted that in the absence of conflict, the embodiment of the present invention and embodiment
In feature can be combined with each other.
In the following description, numerous specific details are set forth in order to facilitate a full understanding of the present invention, described embodiment is only
It is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill
Personnel's every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Unless otherwise defined, all technical and scientific terms used herein and belong to technical field of the invention
The normally understood meaning of technical staff is identical.Term as used herein in the specification of the present invention is intended merely to description tool
The purpose of the embodiment of body, it is not intended that in the limitation present invention.
Description and claims of this specification and term " first " in above-mentioned attached drawing, " second " and " third " etc. are
For distinguishing different objects, not for description particular order.In addition, term " includes " and their any deformations, it is intended that
Non-exclusive include in covering.Such as the process, method, system, product or equipment for containing a series of steps or units do not have
It is defined in listed step or unit, but optionally further comprising the step of not listing or unit, or optionally further comprising
For the intrinsic other step or units of these process, methods, product or equipment.
The distribution management method application of the embodiment of the present invention is in the server.The distributed management side of the embodiment of the present invention
Method can be executed by server.
The server for needing to carry out distribution management method, can directly integrate of the invention on the server
Distributed management function provided by method, or installation is for realizing the client of method of the invention.For another example, institute of the present invention
The method of offer can also operate in clothes in the form of Software Development Kit (Software Development Kit, SDK)
It is engaged in the equipment such as device, the interface of distributed management function, server or other equipment is provided in the form of SDK and are connect by what is provided
Distributed management function can be realized in mouth.
Embodiment one
Fig. 1 is the flow chart for the distribution management method that the embodiment of the present invention one provides.The stream according to different requirements,
Execution sequence in journey figure can change, and certain steps can be omitted.
Step S1, the communication that primary server is established and is subordinated between at least one dependent server of the primary server
Connection.
In the present embodiment, the primary server be subordinated to the primary server at least one dependent server it
Between use Master-Slave framework, the primary server be Master, at least one described dependent server be Slave.?
In the Master-Slave framework, only Master opens transmission connection (transportConnector), and Slave is not opened
Open the connection.So client can only be communicated with Master, communication connection can not be established with Slave.
The Master-Slave framework includes both of which, respectively " Shared nothing " mode and " Shared
Storage " mode.
" Shared nothing " mode is most simple most typical Master-Slave mode, in the mode
In, the primary server and dependent server have respective storage system respectively, do not share any data.The primary server will
Receive all instructions (such as message production with confirmation etc.) synchronize be sent to the dependent server.And in starting subordinate
Before server, need first to start the primary server.When the primary server is effective, the dependent server will not be created
Build any transmission connection, i.e., client cannot establish connection with the dependent server, but in the primary server and subordinate
TCP connection will be established between server, the TCP connection is used to execute data synchronous;It effectively fails in the primary server
When, the dependent server whether can adapter tube service be selectable.
Remote storage can be shared between primary server and dependent server in " Shared storage " mode
System (such as JDBC Storage, SAN distributed file system etc.).The mode allows to have multiple dependent servers in cluster
It coexists, because storing data shares (physics is shared) between salve and master, after master failure, slave is certainly
Dynamic adapter tube service, without carry out manually the duplications of data with it is synchronous, it is any additional without being carried out between master and slave
Data interaction.Because the data are at any time all visible slave after master storing data.
Between master and slave, determined by " the exclusive lock " or distributed exclusive lock (zookeeper) of shared file
The state of broker node and role obtain the broker node of lock permission as master, if master fails, it will
Lock permission is lost, then slaves will elect new master by lock competition, the broker node for not obtaining lock permission is made
For slave, and wait the release of lock (intermittence is attempted to obtain lock).
Step S2, the primary server establish the trusting relationship between each dependent server.
In the prior art, when client is using dependent server described in ssh command access or the client uses
When scp/sftp order copies data and file from the dependent server, it is first defeated in the dependent server to require user
Enter corresponding account and password, logs in the operation that could be executed access after the dependent server, copy data and file.It is described
Ssh is a kind of secure transfer protocol.
In the present embodiment, when the trusting relationship between the primary server and each dependent server is established
Afterwards, user can directly log in the dependent server by the primary server, without by the dependent server
Login password is inputted to log in the dependent server.In the present solution, by the primary server establish with it is each described from
Belong to the trusting relationship between server, it is convenient to omit the process of account and password is inputted in the dependent server.
Specifically, the method for the trusting relationship between the primary server foundation and each dependent server includes:
1) enter the collapse directories in the primary server under active user's root, e.g. .ssh;
2) private key and public key of the primary server are generated under the collapse directories.
It by using the trusting relationship that ssh order is established is carried out by way of rsa encryption.Encryption be divided into public key and
Private key two parts establish trusting relationship by the matching of public key and private key between the primary server and dependent server.
The mode of the rsa encryption includes RSA cryptographic algorithms and signature algorithm.RSA cryptographic algorithms include: KeyGen (close
Key generating algorithm), Encrypt (Encryption Algorithm) and Decrypt (decipherment algorithm).Wherein public key is for adding data
Close, private key is for being decrypted data.RSA signature algorithm includes: KeyGen (key schedule), Sign (signature algorithm)
With Verify (verification algorithm).In signature algorithm, private key is for signing to data, and public key is for testing signature
Card.
Specifically, by inputting ssh-keygen-t rsa order in input interface, the ssh-keygen generates key
Foundation for trusting relationship.Generating public/private key pair. can be shown at this time and prompts to generate
The storage path of public, private key file and filename, default are placed on path: defeated in/home/username/.ssh/id_rsa
Enter carriage return order, the input interface can be shown: Enter passphrase (empty for no passphrase);It is defeated again
Enter carriage return order, the input interface can be shown: Enter same passphrase again;Carriage return order is inputted again, it is described
Input interface can be shown: key fingerprint generated prompt, and provide the box figure of a rsa encryption agreement.This
When under .ssh catalogue ls, so that it may see generated private key file id_rsa and public key file id_rsa.pub.
3) private key file is loaded on the primary server.
Specifically, order still is executed under the .ssh catalogue: ssh-add id_rsa, if the input interface
Display: Identity added:id_rsa (id_rsa) indicates that the private key file loads successfully.
In the present embodiment, this method further includes judging whether the private key file in the primary server loads successfully
Step.
When private key file load is unsuccessful, the load abnormal prompt prestored and its corresponding abnormality processing side are inquired
Method corresponds to table, and carries out abnormality processing according to query result;
When the private key file loads successfully, step 4) is executed.
For example, the load abnormal prompt are as follows: could not open a connection to your
Authentication agent, corresponding abnormality eliminating method are as follows: execute order ssh-agent bash, execute life again later
Enable ssh-add id_rsa;When the load abnormal prompt are as follows: when id_rsa:No such file or directory, indicate
System can not find private key file id_rsa, corresponding abnormality eliminating method are as follows: check private key file whether more changed name, if
It is then accordingly to be changed to correct name.When the load abnormal prompt are as follows: Agent admitted failure to sign
Using the key indicates that the private key file does not load success, corresponding abnormality eliminating method are as follows: retry ssh-add.
4) the public key file is copied to the dependent server.
5) dependent server is logged on to by ssh, and by the public key file appending into the dependent server
Specific file end.Wherein, the specific file is authorized_keys file.
The specific file is under the collapse directories in the dependent server, if in the current dependent server
There is no the specific file under collapse directories, then needs first to establish the specific file.Can specifically command statement be inputted: cat
Id_rsa.pub > >~/.ssh/authorized_keys.
So far, it even if dependent server establishes above the trusting relationship of primary server, can have a try on primary server
It logs in dependent server with ssh mode to look at, this when if you do not need to input password, turns out trusting relationship and has built up
Succeed.
The foundation of trusting relationship between the primary server and each dependent server is technically in fact essential
On be a kind of Encryption Algorithm realization, the above process be RSA digital signature principle, and not encrypting and decrypting principle,
Either encryption and signature combine processing.Because when primary server wants not need password that affiliated service can be accessed
When device, the public key of primary server is needed to be placed in the believable file of dependent server, when the direct ssh of primary server from
When belonging to server, dependent server can send one section of random string, oneself private key of primary server to primary server
After encryption, retransmits and be back to dependent server.Dependent server is decrypted with the public key stored in advance, if it is successful, just demonstrate,proving
Bright primary server be it is believable, directly allow to log in, be no longer required for password.
Step S3, the primary server select corresponding dependent server.
In the present embodiment, the primary server includes a display equipment, and the display equipment includes a user's operation
Interface shows the dependent server that trusting relationship is established with the primary server on the user interface.The main clothes
Device be engaged in as console, can choose and which dependent server operated, for example, user selects to need in the user interface
The dependent server to be operated.
Step S4, the primary server receive operational order.
The operational order includes, but are not limited to start the dependent server, the pause dependent server, closing
The dependent server and the restarting dependent server.
The operational order further includes copy or the upload of file.
Step S5 remotely controls corresponding dependent server according to the operational order and executes relevant operation.
Wherein, Paramiko is installed, the primary server is remotely controlled by the Paramiko in the primary server
Make corresponding dependent server.The Paramiko is the module write with python language, it then follows SSH2 agreement, support with
The mode of encryption and certification, carries out the connection of remote server.Paramiko support Linux, Solaris, BSD, MacOS X,
The platforms such as Windows are connected to another platform from a platform by SSH.
Preferably, the primary server can also realize the primary server and dependent server by the Paramiko
Between file transmission.The Paramiko uploads by SCP or SFTP and downloads file.SCP (the Secure
Copy) it is the document copying method based on SSH agreement, text can be carried out between the primary server and remote slave server
Part copy.
The SFTP (Secret File Transfer Protocol) provides file accessing, transmission and management function
Network transmission agreement.The sftp can also realize many other functions, as remove, rename, chmod, chown,
Listdir, mkdir, rmdir, open, truncate, symlink, unlink etc..
For example, the primary server can connect after the primary server and the dependent server establish trusting relationship
The operational order for starting the dependent server is received, and the dependent server starting is remotely controlled by the Paramiko.
In conclusion distribution management method provided by the invention, which comprises primary server is established and is subordinated to
Communication connection between at least one dependent server of the primary server;The primary server is established and each subordinate
Trusting relationship between server;The primary server selects corresponding dependent server;The primary server receives operation and refers to
It enables;And the primary server remotely controls corresponding dependent server according to the operational order and executes relevant operation.Pass through
The trusting relationship between primary server and at least one dependent server for being subordinated to the primary server is established, and by main clothes
The paramiko tool installed in business device remotely controls at least one described dependent server.Realize the master in distributed system
Server can select the dependent server for needing to operate, as long as in the main clothes as console on the primary server
Input specified order on business device and select corresponding dependent server, so that it may complete corresponding operation, without log in this from
Belong to server, the multiple dependent server can be managed with portable.
The above is only a specific embodiment of the invention, but scope of protection of the present invention is not limited thereto, for
For those skilled in the art, without departing from the concept of the premise of the invention, improvement, but these can also be made
It all belongs to the scope of protection of the present invention.
Below with reference to the 2nd to 3 figure, respectively to the functional module and hardware of the server of the above-mentioned distribution management method of realization
Structure is introduced.
Embodiment two
Fig. 2 is the functional block diagram in distributed management device preferred embodiment of the present invention.
In some embodiments, the distributed management device 20 is run in primary server.The distributed management dress
Setting 20 may include multiple functional modules as composed by program code segments.Each program in the distributed management device 20
The program code of section can store in memory, and as performed by least one processor, (be detailed in Fig. 1 and its phase with execution
Close description) distributed management.
In the present embodiment, function of the distributed management device 20 according to performed by it can be divided into multiple function
It can module.The functional module may include: to establish module 201, selecting module 202, receiving module 203 and execution module 204.
The so-called module of the present invention, which refers to, a kind of performed by least one processor and can complete a system of fixed function
Column count machine program segment, storage is in memory.It in some embodiments, will be in subsequent implementation about the function of each module
It is described in detail in example.
Described at least one affiliated service established module 201 and establish and be subordinated to the primary server for primary server
Communication connection between device.
In the present embodiment, the primary server be subordinated to the primary server at least one dependent server it
Between use Master-Slave framework, the primary server be Master, at least one described dependent server be Slave.?
In the Master-Slave framework, only Master opens transmission connection (transportConnector), and Slave is not opened
Open the connection.So client can only be communicated with Master, communication connection can not be established with Slave.
The Master-Slave framework includes both of which, respectively " Shared nothing " mode and " Shared
Storage " mode.
" Shared nothing " mode is most simple most typical Master-Slave mode, in the mode
In, the primary server and dependent server have respective storage system respectively, do not share any data.The primary server will
Receive all instructions (such as message production with confirmation etc.) synchronize be sent to the dependent server.And in starting subordinate
Before server, need first to start the primary server.When the primary server is effective, the dependent server will not be created
Build any transmission connection, i.e., client cannot establish connection with the dependent server, but in the primary server and subordinate
TCP connection will be established between server, the TCP connection is used to execute data synchronous;It effectively fails in the primary server
When, the dependent server whether can adapter tube service be selectable.
Remote storage can be shared between primary server and dependent server in " Shared storage " mode
System (such as JDBC Storage, SAN distributed file system etc.).The mode allows to have multiple dependent servers in cluster
It coexists, because storing data shares (physics is shared) between salve and master, after master failure, slave is certainly
Dynamic adapter tube service, without carry out manually the duplications of data with it is synchronous, it is any additional without being carried out between master and slave
Data interaction.Because the data are at any time all visible slave after master storing data.
Between master and slave, determined by " the exclusive lock " or distributed exclusive lock (zookeeper) of shared file
The state of broker node and role obtain the broker node of lock permission as master, if master fails, it will
Lock permission is lost, then slaves will elect new master by lock competition, the broker node for not obtaining lock permission is made
For slave, and wait the release of lock (intermittence is attempted to obtain lock).
The trusting relationship established module 201 and be also used to establish between each dependent server.
In the prior art, when client is using dependent server described in ssh command access or the client uses
When scp/sftp order copies data and file from the dependent server, it is first defeated in the dependent server to require user
Enter corresponding account and password, logs in the operation that could be executed access after the dependent server, copy data and file.It is described
Ssh is a kind of secure transfer protocol.
In the present embodiment, when the trusting relationship between the primary server and each dependent server is established
Afterwards, user can directly log in the dependent server by the primary server, without by the dependent server
Login password is inputted to log in the dependent server.In the present solution, by the primary server establish with it is each described from
Belong to the trusting relationship between server, it is convenient to omit the process of account and password is inputted in the dependent server.
Specifically, the step of trusting relationship that the primary server is established between each dependent server includes:
1) enter the collapse directories in the primary server under active user's root, e.g. .ssh;
2) private key and public key of the primary server are generated under the collapse directories.
It by using the trusting relationship that ssh order is established is carried out by way of rsa encryption.Encryption be divided into public key and
Private key two parts establish trusting relationship by the matching of public key and private key between the primary server and dependent server.
The mode of the rsa encryption includes RSA cryptographic algorithms and signature algorithm.RSA cryptographic algorithms include: KeyGen (close
Key generating algorithm), Encrypt (Encryption Algorithm) and Decrypt (decipherment algorithm).Wherein public key is for adding data
Close, private key is for being decrypted data.RSA signature algorithm includes: KeyGen (key schedule), Sign (signature algorithm)
With Verify (verification algorithm).In signature algorithm, private key is for signing to data, and public key is for testing signature
Card.
Specifically, by inputting ssh-keygen-t rsa order in input interface, the ssh-keygen generates key
Foundation for trusting relationship.Generating public/private key pair. can be shown at this time and prompts to generate
The storage path of public, private key file and filename, default are placed on path: defeated in/home/username/.ssh/id_rsa
Enter carriage return order, the input interface can be shown: Enter passphrase (empty for no passphrase);It is defeated again
Enter carriage return order, the input interface can be shown: Enter same passphrase again;Carriage return order is inputted again, it is described
Input interface can be shown: key fingerprint generated prompt, and provide the box figure of a rsa encryption agreement.This
When under .ssh catalogue ls, so that it may see generated private key file id_rsa and public key file id_rsa.pub.
3) private key file is loaded on the primary server.
Specifically, order still is executed under the .ssh catalogue: ssh-add id_rsa, if the input interface
Display: Identity added:id_rsa (id_rsa) indicates that the private key file loads successfully.
In the present embodiment, the distributed management device 20 can also judge the private key file in the primary server
Whether load is successful.
When private key file load is unsuccessful, the load abnormal prompt prestored and its corresponding abnormality processing side are inquired
Method corresponds to table, and carries out abnormality processing according to query result;
When the private key file loads successfully, the public key file is copied to the dependent server.
For example, the load abnormal prompt are as follows: could not open a connection to your
Authentication agent, corresponding abnormality eliminating method are as follows: execute order ssh-agent bash, execute life again later
Enable ssh-add id_rsa;When the load abnormal prompt are as follows: when id_rsa:No such file or directory, indicate
System can not find private key file id_rsa, corresponding abnormality eliminating method are as follows: check private key file whether more changed name, if
It is then accordingly to be changed to correct name.When the load abnormal prompt are as follows: Agent admitted failure to sign
Using the key indicates that the private key file does not load success, corresponding abnormality eliminating method are as follows: retry ssh-add.
4) the public key file is copied to the dependent server.
5) dependent server is logged on to by ssh, and by the public key file appending into the dependent server
Specific file end.Wherein, the specific file is authorized_keys file.
The specific file is under the collapse directories in the dependent server, if in the current dependent server
There is no the specific file under collapse directories, then needs first to establish the specific file.Can specifically command statement be inputted: cat
Id_rsa.pub > >~/.ssh/authorized_keys.
So far, it even if dependent server establishes above the trusting relationship of primary server, can have a try on primary server
It logs in dependent server with ssh mode to look at, this when if you do not need to input password, turns out trusting relationship and has built up
Succeed.
The foundation of trusting relationship between the primary server and each dependent server is technically in fact essential
On be a kind of Encryption Algorithm realization, the above process be RSA digital signature principle, and not encrypting and decrypting principle,
Either encryption and signature combine processing.Because when primary server wants not need password that affiliated service can be accessed
When device, the public key of primary server is needed to be placed in the believable file of dependent server, when the direct ssh of primary server from
When belonging to server, dependent server can send one section of random string, oneself private key of primary server to primary server
After encryption, retransmits and be back to dependent server.Dependent server is decrypted with the public key stored in advance, if it is successful, just demonstrate,proving
Bright primary server be it is believable, directly allow to log in, be no longer required for password.
The selecting module 202 is for selecting corresponding dependent server.
In the present embodiment, the primary server includes a display equipment, and the display equipment includes a user's operation
Interface shows the dependent server that trusting relationship is established with the primary server on the user interface.The main clothes
Device be engaged in as console, can choose and which dependent server operated, for example, user selects to need in the user interface
The dependent server to be operated.
The receiving module 203 is for receiving operational order.
The operational order includes, but are not limited to start the dependent server, the pause dependent server, closing
The dependent server and the restarting dependent server.
The operational order further includes copy or the upload of file.
The execution module 204 is used to remotely control corresponding dependent server according to the operational order and executes related behaviour
Make.
Wherein, Paramiko is installed, the primary server is remotely controlled by the Paramiko in the primary server
Make corresponding dependent server.The Paramiko is the module write with python language, it then follows SSH2 agreement, support with
The mode of encryption and certification, carries out the connection of remote server.Paramiko support Linux, Solaris, BSD, MacOS X,
The platforms such as Windows are connected to another platform from a platform by SSH.
Preferably, the primary server can also realize the primary server and dependent server by the Paramiko
Between file transmission.The Paramiko uploads by SCP or SFTP and downloads file.SCP (the Secure
Copy) it is the document copying method based on SSH agreement, text can be carried out between the primary server and remote slave server
Part copy.
The SFTP (Secret File Transfer Protocol) provides file accessing, transmission and management function
Network transmission agreement.The sftp can also realize many other functions, as remove, rename, chmod, chown,
Listdir, mkdir, rmdir, open, truncate, symlink, unlink etc..
For example, the primary server can connect after the primary server and the dependent server establish trusting relationship
The operational order for starting the dependent server is received, and the dependent server starting is remotely controlled by the Paramiko.
In conclusion distributed management device 20 of the present invention, the distributed management device 20 includes establishing mould
Block 201, selecting module 202, receiving module 203 and execution module 204.It is described establish module 201 by primary server establish with
The communication connection being subordinated between at least one dependent server of the primary server;The module 201 of establishing is also used to build
Trusting relationship between vertical and each dependent server;The selecting module 202 is for selecting corresponding dependent server;
The receiving module 203 is for receiving operational order;And the execution module 204 according to the operational order for remotely controlling
It makes corresponding dependent server and executes relevant operation.By establish primary server be subordinated to the primary server at least one from
Belong to the trusting relationship between server, and the paramiko tool by installing in primary server remotely controls described at least one
A dependent server.The primary server in distributed system is realized as console, can be selected on the primary server
The dependent server for needing to operate, as long as inputting specified order on the primary server and selecting corresponding affiliated service
Device, so that it may complete corresponding operation, without logging in the dependent server, the multiple affiliated service can be managed with portable
Device.
The above-mentioned integrated unit realized in the form of software function module, can store and computer-readable deposit at one
In storage media.Above-mentioned software function module is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, double screen equipment or the network equipment etc.) or processor (processor) execute the present invention
The part of a embodiment the method.
Embodiment three
Fig. 3 is the schematic diagram for the server that the embodiment of the present invention three provides.
The server 3 includes: memory 31, at least one processor 32, is stored in the memory 31 and can be
The computer program 33 and at least one communication bus 34 run at least one described processor 32.
At least one described processor 32 realizes that above-mentioned distribution management method is implemented when executing the computer program 33
Step in example.
Illustratively, the computer program 33 can be divided into one or more module/units, it is one or
Multiple module/units are stored in the memory 31, and are executed by least one described processor 32, to complete this hair
It is bright.One or more of module/units can be the series of computation machine program instruction section that can complete specific function, described
Instruction segment is for describing implementation procedure of the computer program 33 in the server 3.
The server 3 can be mobile phone, tablet computer, personal digital assistant (Personal Digital
Assistant, PDA) etc. application program is installed equipment.It will be understood by those skilled in the art that the schematic diagram 3 is only
The example of server 3 does not constitute the restriction to server 3, may include than illustrating more or fewer components, or combination
Certain components or different components, for example, the server 3 can also include input-output equipment, it is network access equipment, total
Line etc..
At least one described processor 32 can be central processing unit (Central Processing Unit, CPU),
It can also be other general processors, digital signal processor (Digital Signal Processor, DSP), dedicated integrated
Circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..The processor 32 can be microprocessor or the processor 32 is also possible to any conventional place
Device etc. is managed, the processor 32 is the control centre of the server 3, utilizes various interfaces and the entire server 3 of connection
Various pieces.
The memory 31 can be used for storing the computer program 33 and/or module/unit, and the processor 32 passes through
Operation executes the computer program and/or module/unit being stored in the memory 31, and calls and be stored in memory
Data in 31 realize the various functions of the server 3.The memory 31 can mainly include storing program area and storage number
According to area, wherein storing program area can application program needed for storage program area, at least one function (for example sound plays function
Energy, image player function etc.) etc.;Storage data area, which can be stored, uses created data (such as audio number according to server 3
According to, phone directory etc.) etc..In addition, memory 31 may include high-speed random access memory, it can also include non-volatile memories
Device, such as hard disk, memory, plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure
Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other volatibility are solid
State memory device.
If the integrated module/unit of the server 3 is realized in the form of SFU software functional unit and as independent production
Product when selling or using, can store in a computer readable storage medium.Based on this understanding, the present invention realizes
All or part of the process in above-described embodiment method can also instruct relevant hardware to complete by computer program,
The computer program can be stored in a computer readable storage medium, and the computer program is being executed by processor
When, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the computer program includes computer program code, described
Computer program code can be source code form, object identification code form, executable file or certain intermediate forms etc..The meter
Calculation machine readable medium may include: can carry the computer program code any entity or device, recording medium, USB flash disk,
Mobile hard disk, magnetic disk, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory
Device (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It needs to illustrate
It is that the content that the computer-readable medium includes can be fitted according to the requirement made laws in jurisdiction with patent practice
When increase and decrease, such as in certain jurisdictions, according to legislation and patent practice, computer-readable medium does not include electric carrier wave letter
Number and telecommunication signal.
In several embodiments provided by the present invention, it should be understood that arriving, disclosed electronic equipment and method can be with
It realizes by another way.For example, electronic equipment embodiment described above is only schematical, for example, the list
The division of member, only a kind of logical function partition, there may be another division manner in actual implementation.
It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in same treatment unit
It is that each unit physically exists alone, can also be integrated in same unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds software function module.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie
In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter
From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power
Benefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claims
Variation is included in the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.This
Outside, it is clear that one word of " comprising " is not excluded for other units or, odd number is not excluded for plural number.The multiple units stated in system claims
Or device can also be implemented through software or hardware by a unit or device.The first, the second equal words are used to indicate name
Claim, and does not indicate any particular order.
Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference
Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention
Technical solution is modified or equivalent replacement, without departing from the spirit of the technical scheme of the invention range.
Claims (10)
1. a kind of distribution management method, which is characterized in that the described method includes:
The communication connection that primary server is established and is subordinated between at least one dependent server of the primary server;
The primary server establishes the trusting relationship between each dependent server;
The primary server selects corresponding dependent server;
The primary server receives operational order;And
The primary server remotely controls corresponding dependent server according to the operational order and executes relevant operation.
2. distribution management method as described in claim 1, which is characterized in that the primary server establish with it is each it is described from
Belong to server between trusting relationship the step of include:
Collapse directories under active user's root in the primary server;
The private key file and public key file of the primary server are generated under the collapse directories;
The private key file is loaded on the primary server;
The public key file is copied to the dependent server;And
Log on to the dependent server, and the specific file end by the public key file appending into the dependent server
Tail.
3. distribution management method as claimed in claim 2, which is characterized in that this method further includes judging the primary server
In private key file whether load success;
When private key file load is unsuccessful, the load abnormal prompt and its corresponding abnormality eliminating method pair prestored is inquired
Answer table;
Abnormality processing is carried out according to query result.
4. distribution management method as claimed in claim 2, which is characterized in that the method also includes:
Judge in the dependent server with the presence or absence of the specific file;
When the specific file is not present in the dependent server, the specific file is established by command statement.
5. distribution management method as described in claim 1, which is characterized in that the display equipment of the primary server includes one
User interface, wherein show the subordinate for establishing trusting relationship with the primary server on the user interface and take
Business device.
6. distribution management method as claimed in claim 5, which is characterized in that the operational order includes starting the subordinate
Server, closes the dependent server, the restarting dependent server and file at the pause dependent server
Copy uploads.
7. distribution management method as described in claim 1, which is characterized in that the primary server passes through installation
Paramiko remotely controls corresponding dependent server.
8. a kind of distributed management device, which is characterized in that described device includes:
Establish module, the communication link that primary server is established and is subordinated between at least one dependent server of the primary server
It connects;
It is described to establish module, it is also used to the trusting relationship established between each dependent server;
Selecting module, for selecting corresponding dependent server;
Receiving module, for receiving operational order;And
Execution module executes relevant operation for remotely controlling corresponding dependent server according to the operational order.
9. a kind of server, which is characterized in that the server includes processor and memory, and the processor is for executing institute
Distribution management method as claimed in any of claims 1 to 7 in one of claims is realized when stating the computer program stored in memory.
10. a kind of computer readable storage medium, computer program, feature are stored on the computer readable storage medium
It is, the computer program realizes distributed management as claimed in any of claims 1 to 7 in one of claims when being executed by processor
Method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811253238.XA CN109660381A (en) | 2018-10-25 | 2018-10-25 | Distribution management method, device, server and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811253238.XA CN109660381A (en) | 2018-10-25 | 2018-10-25 | Distribution management method, device, server and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109660381A true CN109660381A (en) | 2019-04-19 |
Family
ID=66110708
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811253238.XA Pending CN109660381A (en) | 2018-10-25 | 2018-10-25 | Distribution management method, device, server and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109660381A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111885200A (en) * | 2020-07-31 | 2020-11-03 | 中国工商银行股份有限公司 | Data transmission method, device, equipment and medium |
CN111885201A (en) * | 2020-07-31 | 2020-11-03 | 中国工商银行股份有限公司 | Data transmission method, device, equipment and medium |
CN114553877A (en) * | 2022-01-14 | 2022-05-27 | 天津天地伟业智能安全防范科技有限公司 | Network distributed server and resource allocation method thereof |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017162173A1 (en) * | 2016-03-22 | 2017-09-28 | 中兴通讯股份有限公司 | Method and device for establishing connection of cloud server cluster |
CN107689947A (en) * | 2016-08-05 | 2018-02-13 | 华为国际有限公司 | A kind of method and apparatus of data processing |
CN107741895A (en) * | 2017-11-06 | 2018-02-27 | 广州酷狗计算机科技有限公司 | Server management method, device and equipment |
-
2018
- 2018-10-25 CN CN201811253238.XA patent/CN109660381A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017162173A1 (en) * | 2016-03-22 | 2017-09-28 | 中兴通讯股份有限公司 | Method and device for establishing connection of cloud server cluster |
CN107689947A (en) * | 2016-08-05 | 2018-02-13 | 华为国际有限公司 | A kind of method and apparatus of data processing |
CN107741895A (en) * | 2017-11-06 | 2018-02-27 | 广州酷狗计算机科技有限公司 | Server management method, device and equipment |
Non-Patent Citations (1)
Title |
---|
幸运六叶草: "hadoop集群搭建的无密登陆(密钥)", 《CSDN》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111885200A (en) * | 2020-07-31 | 2020-11-03 | 中国工商银行股份有限公司 | Data transmission method, device, equipment and medium |
CN111885201A (en) * | 2020-07-31 | 2020-11-03 | 中国工商银行股份有限公司 | Data transmission method, device, equipment and medium |
CN111885201B (en) * | 2020-07-31 | 2022-11-08 | 中国工商银行股份有限公司 | Data transmission method, device, equipment and medium |
CN111885200B (en) * | 2020-07-31 | 2022-11-22 | 中国工商银行股份有限公司 | Data transmission method, device, equipment and medium |
CN114553877A (en) * | 2022-01-14 | 2022-05-27 | 天津天地伟业智能安全防范科技有限公司 | Network distributed server and resource allocation method thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111818032B (en) | Data processing method and device based on cloud platform and computer program | |
KR101977109B1 (en) | Large simultaneous digital signature service system based on hash function and method thereof | |
CN105027107B (en) | Migrate the computer implemented method and computing system of computing resource | |
IL296952A (en) | Nuts: flexible hierarchy object graphs | |
CN109379369A (en) | Single-point logging method, device, server and storage medium | |
CN110149316B (en) | Block chain publishing method and device | |
CN110730153A (en) | Account configuration method, device and system of cloud equipment and data processing method | |
CN105359491A (en) | User authentication in a cloud environment | |
CN112686668A (en) | Alliance chain cross-chain system and method | |
CN110601815B (en) | Block chain data processing method and equipment | |
US11367065B1 (en) | Distributed ledger system for electronic transactions | |
CN109660381A (en) | Distribution management method, device, server and storage medium | |
CN112804354B (en) | Method and device for data transmission across chains, computer equipment and storage medium | |
EP3720164A1 (en) | Message authentication method for communication network system, communication method and communication network system | |
CN111327426B (en) | Data sharing method and related device, equipment and system | |
CN106716968A (en) | Account management method, device and account management system | |
CN111881486B (en) | Multi-party data backup method, device and system based on block chain | |
CN107634989A (en) | A kind of cloud wallet construction method and server | |
CN113556393B (en) | Multi-type intermodal data exchange system and method based on block chain | |
CN114900534A (en) | Big data supervision method based on block chain technology | |
CN113449322A (en) | Data sharing method and device based on block chain, electronic equipment and readable medium | |
CN112488707A (en) | Service flow supervision method and system | |
CN111461718A (en) | Access method, device and system of block chain node | |
CN113051341A (en) | User data storage system and method based on multiple block chains | |
KR20210086074A (en) | Block Chain Management System To Build Block Chain Network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190419 |