CN110858821B

CN110858821B - Container communication method and device

Info

Publication number: CN110858821B
Application number: CN201810964750.9A
Authority: CN
Inventors: 高海峰
Original assignee: Alibaba Group Holding Ltd
Current assignee: Alibaba Group Holding Ltd
Priority date: 2018-08-23
Filing date: 2018-08-23
Publication date: 2022-01-07
Anticipated expiration: 2038-08-23
Also published as: CN110858821A

Abstract

The application discloses a container communication method, which is applied to a first virtual switch corresponding to a sender container and comprises the following steps: receiving a message from a sender container, wherein the message comprises an IP address of a receiver container; determining a first target IP address corresponding to the IP address of the receiver container based on a preset routing rule; and sending the message to the receiver container based on the first target IP address. Correspondingly, the application also discloses a container communication method, which is applied to a second virtual switch corresponding to the receiver container, and comprises the following steps: receiving a message from a sender container, wherein the message comprises an IP address of a receiver container; determining a second target IP address corresponding to the IP address of the receiver container based on a preset routing rule; and sending the message to the receiver container based on the second target IP address. By adopting the method, the communication between the sender container and the receiver container can be realized, and the use requirement is met.

Description

Container communication method and device

Technical Field

The present application relates to the field of computer technologies, and in particular, to a container communication method and apparatus.

Background

The container Docker is a technology for creating an independent software container by using a resource restriction and isolation function provided by a Linux (Linux is an operating system) kernel and a Linux kernel namespace. With container technology, developers can package applications and dependency packages into a portable container and then distribute them to any popular Linux machine.

The container Docker is favored by more and more development, testing, operation and maintenance personnel due to the characteristics of light weight, easy use, quick start and the like. For example, on a public cloud, a container application is often deployed on a virtual host for providing network and computing services, so as to implement the corresponding functions of the application.

Therefore, how to implement communication between containers deployed on the virtual host becomes a problem to be solved urgently.

Disclosure of Invention

The embodiment of the application provides a container communication method, which aims to realize communication between containers deployed on a virtual host.

The embodiment of the application adopts the following technical scheme:

in a first aspect, an embodiment of the present application provides a container communication method, which is applied to a first virtual switch corresponding to a sender container, where the method includes:

receiving a message from a sender container, wherein the message comprises an IP address of a receiver container;

determining a first target IP address corresponding to the IP address of the receiver container based on a preset routing rule;

and sending the message to the receiver container based on the first target IP address.

Preferably, in the method provided in the first aspect of the embodiment of the present application, before receiving the packet from the sender container, the method further includes:

receiving a first ARP request from the sender container, wherein the first ARP request comprises the IP address of the receiver container;

and returning a virtual switch MAC address to the sender container, so that the sender container sends the message to the first virtual switch based on the virtual switch MAC address and the receiver container IP address.

Preferably, in the method provided in the first aspect of the embodiment of the present application, after receiving the first ARP request from the sender container, the method further includes:

judging whether the IP address of the receiver container and the IP address of the sender container belong to different virtual hosts or not;

returning the MAC address of the virtual switch to the sender container, specifically:

and returning a virtual switch MAC address to the sender container under the condition that the IP address of the receiver container and the IP address of the sender container belong to different virtual hosts.

receiving a second ARP request from the sender container, wherein the second ARP request comprises a first bridge IP address of a first bridge, and the first bridge belongs to a first virtual host where the sender container is located;

Preferably, in the method provided in the first aspect of the embodiment of the present application, before determining, based on a preset routing rule, a first destination IP address corresponding to the recipient container IP address, the method further includes:

sending a first preset routing rule acquisition request to a control center;

and receiving a first preset routing rule returned by the control center, wherein the first preset routing rule comprises the corresponding relation between the receiver container IP address and the first target IP address.

Preferably, in the method provided in the first aspect of the embodiment of the present application, after receiving the packet from the sender container, before determining, based on a preset routing rule, a first destination IP address corresponding to the IP address of the receiver container, the method further includes:

sending a second preset routing rule obtaining request to a control center, wherein the second preset routing rule obtaining request comprises the IP address of the receiver container;

and receiving a second preset routing rule returned by the control center, wherein the second preset routing rule is the corresponding relation between the IP address of the receiver container and the first target IP address.

Preferably, in the method provided in the first aspect of the embodiment of the present application, the receiving a packet from a sender container specifically includes:

receiving a message from a sender container through a first virtual network interface, wherein the first virtual network interface belongs to a first virtual host where the sender container is located.

In a second aspect, an embodiment of the present application provides a container communication method, which is applied to a second virtual switch corresponding to a receiver container, where the method includes:

determining a second target IP address corresponding to the receiver container IP address based on a preset routing rule;

and sending the message to the receiver container based on the second target IP address.

Preferably, in the method provided in the second aspect of the embodiment of the present application, before determining, based on a preset routing rule, a second destination IP address corresponding to the recipient container IP address, the method further includes:

sending a third preset routing rule acquisition request to the control center;

and receiving a third preset routing rule returned by the control center, wherein the third preset routing rule comprises the corresponding relation between the receiver container IP address and the second target IP address.

Preferably, in the method provided in the second aspect of the embodiment of the present application, after receiving the packet from the sender container, before determining, based on a preset routing rule, a second destination IP address corresponding to the IP address of the receiver container, the method further includes:

sending a fourth preset routing rule obtaining request to a control center, wherein the fourth preset routing rule obtaining request comprises the IP address of the receiver container;

and receiving a fourth preset routing rule returned by the control center, wherein the fourth preset routing rule is the corresponding relation between the IP address of the receiver container and the second target IP address.

Preferably, in the method provided in the second aspect of the embodiment of the present invention, sending the packet to the receiver container based on the second destination IP address includes:

acquiring the MAC address of a second virtual host where the receiver container is located based on the second target IP address;

submitting the message to the second virtual host via a second virtual portal based on the MAC address of the second virtual host for the second virtual host to forward the message to the receiver container via a second bridge, wherein the second virtual portal and the second bridge belong to the second virtual host.

In a third aspect, an embodiment of the present application provides a container communication method, which is applied to a sender container, where the method includes:

triggering broadcast to send a first ARP request, wherein the first ARP request comprises the IP address of a receiver container under the condition that the IP addresses of the receiver container and a sender container are in the same network segment;

under the condition that the IP addresses of the sender container and the receiver container belong to different virtual hosts, receiving a virtual switch MAC address returned by a first virtual switch, wherein the first virtual switch corresponds to a first virtual host where the sender container is located;

and sending a message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, so that the first virtual switch sends the message to the receiver container based on a preset routing rule.

Preferably, in the method provided in the third aspect of the embodiment of the present invention, sending a packet to the first virtual switch based on the MAC address of the virtual switch and the IP address of the recipient container includes:

and sending the message to the first virtual switch through a first virtual network port based on the MAC address of the virtual switch and the IP address of the receiver container, wherein the first virtual network port belongs to the first virtual host.

In a fourth aspect, an embodiment of the present application provides a container communication method, which is applied to a sender container, where the method includes:

receiving a receiver container MAC address returned by the receiver container under the condition that the IP addresses of the sender container and the receiver container belong to the same virtual host;

and sending a message to the receiver container based on the receiver container MAC address and the receiver container IP address.

Preferably, in the method provided in the fourth aspect of the embodiment of the present invention, sending a packet to the receiver container based on the receiver container MAC address and the receiver container IP address includes:

and sending a message to the receiver container through a first network bridge based on the receiver container MAC address and the receiver container IP address, wherein the first network bridge belongs to the same virtual host.

Preferably, in the method provided by the fourth aspect of the embodiment of the present application, the method further includes:

under the condition that the IP addresses of the sender container and the receiver container belong to the same virtual host, a virtual switch MAC address returned by a first virtual switch is also received, wherein the first virtual switch corresponds to the sender container;

under the condition of receiving the MAC address of the virtual switch in advance, sending a message to the receiver container based on the MAC address of the receiver container and the IP address of the receiver container;

under the condition of receiving the receiver container MAC address, sending a message to the first virtual switch based on the virtual switch MAC address and the receiver container IP address, so that the first virtual switch sends the message to the receiver container based on a preset routing rule.

In a fifth aspect, an embodiment of the present application provides a container communication method, which is applied to a sender container, where the method includes:

triggering broadcast to send a second ARP request, wherein the second ARP request comprises a first bridge IP address of a first bridge under the condition that IP addresses of a receiver container and a sender container are in different network segments, and the first bridge belongs to a first virtual host where the sender container is located;

receiving a target MAC address returned based on the second ARP request;

and sending a message to the receiver container based on the target MAC address, wherein the message contains the IP address of the receiver container.

Preferably, in the method provided by the fifth aspect of the embodiment of the present application, the receiving a target MAC address returned based on the second ARP request includes:

receiving a virtual switch MAC address returned by a first virtual switch based on the second ARP request, wherein the first virtual switch corresponds to the sender container;

and receiving the MAC address of the first bridge returned by the first bridge based on the second ARP request.

Preferably, in the method provided by the fifth aspect of the embodiment of the present application, in a case where the virtual switch MAC address is received in advance, the first bridge MAC address is determined as the target MAC address,

then based on the target MAC address, sending a message to the receiver container, including:

and sending the message to the first network bridge based on the MAC address of the first network bridge and the IP address of the receiver container, so that the first network bridge can forward the message to the receiver container.

Preferably, in the method provided by the fifth aspect of the embodiment of the present application, in a case where the first bridge MAC address is received first, the virtual switch MAC address is determined as the target MAC address,

and sending the message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, so that the first virtual switch forwards the message to the receiver container based on a preset routing rule.

In a sixth aspect, an embodiment of the present application provides a container communication apparatus, which is applied to a first virtual switch corresponding to a sender container, where the apparatus includes:

the first message receiving module is used for receiving a message from a sender container, wherein the message comprises an IP address of a receiver container;

the first target IP address determining module is used for determining a first target IP address corresponding to the IP address of the receiver container based on a preset routing rule;

and the first message sending module is used for sending the message to the receiver container based on the first target IP address.

In a seventh aspect, an embodiment of the present application provides a container communication apparatus, which is applied to a second virtual switch corresponding to a receiver container, where the apparatus includes:

the second message receiving module is used for receiving a message from a sender container, wherein the message comprises an IP address of a receiver container;

the second target IP address determining module is used for determining a second target IP address corresponding to the IP address of the receiver container based on a preset routing rule;

and the second message sending module is used for sending the message to the receiver container based on the second target IP address.

In an eighth aspect, an embodiment of the present application provides a container communication apparatus, which is applied to a sender container, where the apparatus includes:

the first request sending module is used for triggering broadcast sending of a first ARP request, wherein the first ARP request comprises an IP address of a receiver container under the condition that the IP addresses of the receiver container and a sender container are in the same network segment;

a first MAC address receiving module, configured to receive a MAC address of a virtual switch returned by a first virtual switch when IP addresses of the sender container and the receiver container belong to different virtual hosts, where the first virtual switch corresponds to a first virtual host where the sender container is located;

and the third message sending module is used for sending a message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, so that the first virtual switch sends the message to the receiver container based on a preset routing rule.

In a ninth aspect, an embodiment of the present application provides a container communication apparatus, which is applied to a sender container, where the apparatus includes:

the second request sending module is used for triggering broadcast sending of a first ARP request, wherein the first ARP request comprises an IP address of a receiver container under the condition that the IP addresses of the receiver container and a sender container are in the same network segment;

a second MAC address receiving module, configured to receive a receiver container MAC address returned by the receiver container when the IP addresses of the sender container and the receiver container belong to the same virtual host;

and the fourth message sending module is used for sending a message to the receiver container based on the receiver container MAC address and the receiver container IP address.

In a tenth aspect, an embodiment of the present application provides a container communication apparatus, which is applied to a sender container, where the apparatus includes:

a third request sending module, configured to trigger a broadcast to send a second ARP request, where the second ARP request includes a first bridge IP address of a first bridge when IP addresses of a receiver container and a sender container are in different network segments, and the first bridge belongs to a first vm where the sender container is located;

a third MAC address receiving module, configured to receive a target MAC address returned based on the second ARP request;

and a fifth message sending module, configured to send a message to the receiver container based on the target MAC address, where the message includes the IP address of the receiver container.

In an eleventh aspect, an embodiment of the present application provides an electronic device, including:

a processor; and

a memory arranged to store computer executable instructions that, when executed, cause the processor to:

In a twelfth aspect, embodiments of the present application provide a computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform operations of:

In a thirteenth aspect, an embodiment of the present application provides an electronic device, including:

a processor; and

In a fourteenth aspect, embodiments of the present application provide a computer-readable storage medium, where the computer-readable storage medium stores one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform operations of:

In a fifteenth aspect, an embodiment of the present application provides an electronic device, including:

a processor; and

In a sixteenth aspect, embodiments of the present application provide a computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform operations of:

In a seventeenth aspect, an embodiment of the present application provides an electronic device, including:

a processor; and

In an eighteenth aspect, embodiments of the present application provide a computer-readable storage medium storing one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform operations comprising:

In a nineteenth aspect, an embodiment of the present application provides an electronic device, including:

a processor; and

receiving a target MAC address returned based on the second ARP request;

In a twentieth aspect, embodiments of the present application provide a computer-readable storage medium storing one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform operations comprising:

receiving a target MAC address returned based on the second ARP request;

The embodiment of the application adopts at least one technical scheme which can achieve the following beneficial effects:

in this embodiment of the application, after receiving a message from a sender container, a first virtual switch corresponding to the sender container may determine, based on a preset routing rule, a first destination IP address corresponding to an IP address of a receiver container, and may further send the message to the receiver container based on the first destination IP address. Correspondingly, after receiving the message from the sender container, the second virtual switch corresponding to the receiver container may also determine, based on the preset routing rule, a second destination IP address corresponding to the IP address of the receiver container, and may further send the message to the receiver container based on the second destination IP address. Therefore, by adopting the scheme provided by the embodiment of the application, no matter how the IP addresses of the sender container and the receiver container are designed, the first virtual switch and the second virtual switch corresponding to the sender container can route the message from the sender container to the receiver container based on the preset routing rule, so that the communication between the sender container and the receiver container is realized, and the use requirement is met.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:

FIG. 1 is a schematic diagram of a system suitable for use with embodiments of the present application;

fig. 2 is a schematic flow chart of a container communication method according to an embodiment of the present disclosure;

fig. 3 is a schematic flow chart of a second container communication method according to an embodiment of the present application;

fig. 4 is a schematic structural diagram of a container communication device according to an embodiment of the present disclosure;

fig. 5 is a schematic structural diagram of a second container communication device provided in an embodiment of the present application;

fig. 6 is a schematic structural diagram of a third container communication device provided in an embodiment of the present application;

fig. 7 is a schematic structural diagram of a fourth container communication device provided in the embodiment of the present application;

fig. 8 is a schematic structural diagram of a fifth container communication device according to an embodiment of the present application;

fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

With the maturity and development of Cloud computing technology, Public Cloud (Public Cloud) platforms are also in force. On a public cloud, cloud manufacturers generally provide service resources such as networks and computing in a virtual host manner, and the public can obtain the resources through the networks.

Because the container Docker has the advantages of light weight, easy use, fast start, and the like, cloud manufacturers usually deploy various containers on the virtual host to implement functions of various applications.

In order to implement communication between containers, especially between containers running on different virtual hosts, there may be several approaches:

first, based on the Network Address Translation (NAT) technology, the access between containers is implemented by translating the IP Address of a container into the IP Address of the virtual host where the container is located through the NAT technology, and all containers on the virtual host are accessed through the IP Address of the virtual host.

In this way, the IP addresses outside the container pair are all the IP addresses of the virtual host where the container pair is located. At this time, if there are multiple applications on the virtual host that need to provide services to the outside through the same port, for example, multiple applications based on computer network technology (web application for short) all want to provide services to the outside through 80 ports, this approach will not meet the usage requirement.

Secondly, based on a tunnel technology, for example, a Vxlan (Virtual Extensible LAN) technology, an IP address of a container may be sent out as an inner layer message, and an IP address of a Virtual host where the container is located may be sent out as an outer layer message.

When the method is adopted to realize the container message receiving and sending on the virtual host, the resource overhead of the virtual host, such as the CPU overhead, is increased, and the relatively complex container network management capacity is also needed. Therefore, in the case where the virtual host resources are limited, it is difficult to satisfy the use demand.

Therefore, in order to implement communication between containers deployed on a virtual host, embodiments of the present application provide a container communication method.

Referring to fig. 1, a system to which the embodiment of the present invention is applied may include at least one host, for example, a host a and a host B in fig. 1, a gateway and a switch for implementing data interaction between the hosts, and a control center for controlling operation of the hosts and data interaction. It should be noted that the control center may be specifically a server, and may also be specifically a computer cluster for providing a server function.

In each host, one or more virtual hosts may be running, e.g., virtual host A1 and virtual host A2 running in host A, and virtual host B1 running in host B. It should be noted that the number of virtual hosts running in the host may be adjusted according to actual needs and actual computing capabilities of the host.

Each host machine further comprises a virtual switch for realizing data interaction among the virtual host machines in the host machine, and also for realizing data interaction between the virtual host machines and a control center, a gateway, a switch, other host machines and the like outside the host machine. For example, virtual switch a in host a, virtual switch B in host B.

In each virtual host, one or more containers may be deployed to implement the functionality of the corresponding application. For example, virtual host A1 has container A11 and container A12 running therein, virtual host A2 has container A21 and container A22 running therein, and virtual host B1 has container B11 and container B12 running therein. It should be noted that the containers running in the same virtual host may be of the same type or different types, and the selection of the container type and the number of the containers of each type may be adjusted according to the actual needs and the resource occupation conditions of the virtual host.

In each virtual host, bridge Docker0 and virtual portal eth0 may also be included, e.g., bridge a1 and virtual portal a1 in virtual host a1, bridge a2 and virtual portal a2 in virtual host a2, and bridge B1 and virtual portal B1 in virtual host B1. Wherein the bridge may be configured to act as a gateway in the case of a cross-network segment, establishing communication between containers. The virtual portal may be used to enable data interaction of the virtual host with external its virtual host or hosts.

The technical solutions provided by the embodiments of the present application are described in detail below from multiple angles with reference to the accompanying drawings.

Referring to fig. 2, an embodiment of the present application provides a container communication method, which is applied to a first virtual switch corresponding to a sender container. The first virtual switch corresponding to the sender container may be understood as a virtual switch corresponding to a virtual host in which the sender container is located, or may be understood as a virtual switch included in a host to which a virtual host in which the sender container is located belongs.

Taking the system shown in fig. 1 as an example, container a11 and container a12 are both deployed in virtual host a1, and virtual host a1 belongs to host a; meanwhile, container a21, container a22 are both deployed in virtual host a2, with virtual host a2 page homed to host a. Therefore, the virtual switches corresponding to container a11, container a12, container a21, and container a22 are all virtual switch a.

The container communication method illustrated in fig. 2 may specifically include the following steps:

s101: and receiving a message from a sender container, wherein the message comprises an IP address of a receiver container.

It can be understood that the message sent by the sender container to the receiver container includes an Internet Protocol Address (IP Address for short) of the receiver container, so as to indicate the receiver of the message. In addition, the message contains specific data content to be transmitted.

The first virtual switch receives the message from the sender container, which can be understood as that the sender container directly submits the message to the first virtual switch through the virtual network port; it can also be understood that the sender container submits the message to the bridge first, the bridge forwards the message through the virtual network port, and the message is submitted to the first virtual switch step by step. It is understood that the virtual portal and bridge described herein are both attributed to the virtual host on which the sender container resides. In any case, it can be considered that the first virtual switch receives the packet from the sender container via the first virtual port, where the first virtual port belongs to the first virtual host where the sender container is located.

It can be understood that the message received by the first virtual switch will contain the MAC address of the first virtual switch in addition to the receiver container IP address of the receiver container and the data content to be sent, so that the message can be sent to the first virtual switch to be received by the first virtual switch.

S103: and determining a first target IP address corresponding to the IP address of the receiver container based on a preset routing rule.

It can be understood that, after receiving the message from the sender container in step S101, the first virtual switch may parse the IP address of the receiver container included in the message to know to which IP address the sender container wishes to send the message.

On this basis, the first virtual switch may further determine a first target IP address corresponding to the recipient container IP address based on a preset routing rule. It should be noted that the first target IP address determined by the first virtual switch executing this step refers to an IP address corresponding to a next hop when the first virtual switch forwards the packet.

Taking the system shown in fig. 1 as an example, assuming that the container a21 is used as a receiver container and any one of the container a11, the container a21 and the container a22 is used as a sender container, the first virtual switch at this time is specifically the virtual switch a. When the first virtual switch needs to forward the packet to the container a21, the container a21 is deployed in the virtual host a2, and therefore the next hop for forwarding the packet by the virtual switch a is the virtual host a2. Therefore, the virtual switch a will embody the IP address of the virtual host a2 based on the first target IP address corresponding to the IP address of the container a21, which is determined by the preset routing rule.

Still taking the system shown in fig. 1 as an example, assuming that the container a21 is still used as the receiver container and the container B11 or the container B12 is used as the sender container, the first virtual switch at this time is specifically the virtual switch B. When the first virtual switch needs to forward the packet to the container a21, since the container a21 is deployed in the host a and the first virtual switch (specifically, the virtual switch B) is in the host B, the next hop for the virtual switch B to forward the packet is the host a. Therefore, the first target IP address corresponding to the IP address of container a21, which is determined by virtual switch B based on the preset routing rule, will be embodied as the IP address of host a.

Therefore, for the same receiver container IP address, the first target IP addresses determined by the virtual switches in different hosts based on the preset routing rule may be the same or different.

Optionally, the preset routing rule may be pre-stored in the virtual switch, or may be obtained from the control center.

Optionally, before determining the first target IP address corresponding to the recipient container IP address based on the preset routing rule, the first preset routing rule obtaining request may be sent to the control center, and then the first preset routing rule returned by the control center is received, so that the first target IP address corresponding to the recipient container IP address may be determined based on the first preset routing rule. It can be understood that the first preset routing rule returned by the control center includes a corresponding relationship between the recipient container IP address and the first destination IP address.

It should be noted that the virtual switch requests the control center to acquire the preset routing rule, which may be performed when the virtual switch is started, may periodically request to update the locally stored preset routing rule in time, or may be performed under a certain trigger condition. The method can request to obtain preset routing rules corresponding to containers running in all virtual hosts under the control center, and can also selectively obtain the preset routing rules corresponding to part of the containers. As long as the requirement of the virtual switch for message forwarding can be met.

For example, the virtual switch may send a second preset routing rule obtaining request to the control center after receiving the message from the sender container, where the second preset routing rule obtaining request includes a receiver container IP address, so as to obtain a preset routing rule corresponding to the receiver container IP address in the current message to the control center. Correspondingly, the control center returns the second preset routing rule after receiving the second preset routing rule obtaining request, namely the corresponding relation between the receiver container IP address and the first target IP address. In this process, it can be understood that the virtual switch parses the IP address of the recipient container, and then queries the corresponding target IP address from the control center, so as to forward the packet.

Compared with the mode of acquiring the preset routing rules of all containers or pre-storing the preset routing rules of all containers, the mode of acquiring the preset routing rules of all containers or querying the target IP address can reduce the transmission quantity of data and save network resources.

It should be noted that the preset routing rule stored in the control center may be configured in advance, or may be recorded when a new container is started in the virtual host and the control center allocates an IP address to the new container. Because the control center can record the information of the virtual host where the container is located, the host to which the virtual host belongs and the like, a preset routing rule can be established to reflect the corresponding relation between the IP address of the container and the IP address of the virtual host where the container is located and/or the IP address of the host, so that the virtual switch can acquire or inquire the IP address when needed.

It should be noted that, when the control center allocates an IP address to a new container, it may allocate the IP address randomly, and may consider the resource occupation situation of each network segment, so as to allocate network resources in a balanced manner. The virtual host, the host where the container is located, the type of application realized by the container and other factors can be considered, and the container deployed in the same virtual host is preferentially allocated with the IP address of the same network segment, or the containers with more frequent data interaction are allocated with the IP address of the same network segment, so that the communication link is shortened, and the network resources are saved.

S105: and sending the message to the receiver container based on the first target IP address.

It should be noted that, when the first virtual switch executes step S105 to send the message to the receiving container, there may be multiple cases, and the forwarding paths of the message will be different.

For example, if the second virtual host where the receiver container is located and the first virtual switch belong to the same host, the first target IP address is the IP address of the second virtual host. And after the message reaches the second virtual host, forwarding the message to a receiver container in the second virtual host through the virtual network port and the network bridge.

For another example, if the second virtual host to which the receiving container belongs and the first virtual switch belong to different hosts, the first target IP address is the IP address of the second host to which the second virtual host belongs. And after the message reaches the second host, the second virtual switch in the second host is used as the virtual switch corresponding to the receiver container, and a corresponding container communication method is executed to forward the message.

It should be noted that, in the specific process of sending the message to the receiver container based on the first target IP address, the MAC address of the main body (which may be the virtual host where the receiver container is located or the host to which the receiver container belongs) corresponding to the first target IP address may be obtained based on the first target IP address, and then the message from the sender container may be forwarded to the MAC address.

Referring to fig. 3, an embodiment of the present application further provides a container communication method, which is applied to a second virtual switch corresponding to a receiver container. The second virtual switch corresponding to the receiver container may be understood as a virtual switch corresponding to the virtual host in which the receiver container is located, or may be understood as a virtual switch included in a host to which the virtual host in which the receiver container is located belongs.

It should be noted that, if the receiver container and the sender container belong to the same host, the second virtual switch corresponding to the receiver container is physically the same as the first virtual switch corresponding to the sender container, and only plays different roles at different stages.

For example, assuming that the sender container is container a11 and the receiver container is container a22, the first virtual switch and the second virtual switch are both virtual switch a. It is understood that, in this case, the steps performed by the virtual switch a as the first virtual switch or the second virtual switch are the same, which is equivalent to the two processes being performed in combination, and therefore, the target IP address determined based on the preset routing rule is also often the same.

For another example, if the sender container is container a12 and the receiver container is container B11, the first virtual switch is virtual switch a and the second virtual switch is virtual switch B. It will be appreciated that in this case, virtual switch a receives the message sent by container a12 and determines where it should be forwarded; virtual switch B receives the message from container a12 forwarded via virtual switch a and determines where it should be forwarded. These are two different processes, which are performed by two different entities, and therefore, the target IP address determined based on the preset routing rule is often different.

The container communication method executed by the second virtual switch in fig. 3 may specifically include:

s201: and receiving a message from a sender container, wherein the message comprises an IP address of a receiver container.

It can be understood that if the second virtual switch is the same as the first virtual switch, step S201 and step S101 will also be executed in combination. The description relating to step S101 applies to step S201.

If the second virtual switch is different from the first virtual switch, the packet received by the second virtual switch may be a packet from the sender container forwarded by the first virtual switch, and more specifically, may be a packet forwarded by the first virtual switch to a switch other than the host to which the first virtual switch belongs, and forwarded by the switch to the second virtual switch.

S203: and determining a second target IP address corresponding to the IP address of the receiver container based on the preset routing rule.

It can be understood that if the second virtual switch is the same as the first virtual switch, step S203 and step S103 will also be executed in combination. The description relating to step S103 applies to step S203.

If the second virtual switch is different from the first virtual switch, the second virtual switch also determines a second target IP address based on the preset routing rule. It will be appreciated that the second target IP address determined at this time will be different from the first target IP address determined by the first virtual switch.

Taking the system shown in fig. 1 as an example, assuming that the container a21 is used as a receiver container and the container B11 or the container B12 is used as a sender container, the first virtual switch (in this case, the virtual switch B) specifies a first target IP address corresponding to the IP address of the container a21, which is determined based on a preset routing rule, as the IP address of the host a.

On this basis, after the second virtual switch (in this case, the virtual switch a specifically) receives the message forwarded by the first virtual switch from the sender container, the second virtual switch will also determine a second target IP address corresponding to the IP address of the container a21 based on the preset routing rule. It can be understood that, since the container a21 is deployed in the virtual host a2, starting from the virtual switch a, the next hop of sending the packet to the container a21 is the virtual host a2.

It should be further noted that the manner and the time for the second virtual switch to obtain the preset routing rule and the process for determining the second target IP address based on the preset routing rule are similar to those of the first virtual switch, and are not repeated here.

S205: and sending the message to the receiver container based on the second target IP address.

It can be understood that if the second virtual switch is the same as the first virtual switch, step S205 and step S105 will also be executed in combination. The description relating to step S105 applies to step S205.

If the second virtual switch is different from the first virtual switch, the first virtual switch forwards the packet to the second virtual switch based on the first target IP address (which may be specifically the IP address of the host to which the receiver container belongs as described above), and then the second virtual switch forwards the packet to the virtual host to which the receiver container belongs based on the second target IP address (which may be specifically the IP address of the virtual host to which the receiver container belongs), and the virtual host internally sends the packet to the receiver container.

Specifically, when sending a message to the receiver container based on the second target IP address, the MAC address of the second virtual host in which the receiver container is located may be obtained based on the second target IP address; and then submitting the message to the second virtual host through the second virtual network port based on the MAC address of the second virtual host, so that the second virtual host forwards the message to a receiver container through a second network bridge, wherein the second virtual network port and the second network bridge belong to the second virtual host.

It should be noted that, before the sender container sends a message, the sender container may send a physical Address information acquisition request (abbreviated as an ARP request) based on an Address Resolution Protocol ARP (Address Resolution Protocol) to obtain response information to the ARP request. Specifically, the response message includes a MAC address (referred to as a Media Access Control or Medium Access Control address, which may be translated into a Media Access Control, physical address, or hardware address) corresponding to a next hop when the sender container sends the message to the receiver container, so that the sender container can send the message based on the IP address of the receiver container and the MAC address of the next hop.

It can be understood that, for different situations of the network segments where the sender container and the receiver container are located and the virtual hosts, the manner in which the sender container sends the ARP request and the received response message will be different, and the path through which the sender container sends the packet to the receiver container will be different. The following will describe a specific procedure of the sender container and the receiver container in performing container communication, taking a combination of multiple cases as an example.

The first case is that the IP addresses of the receiver container and the sender container are in the same network segment.

For this situation, the sender container may trigger a broadcast to send out a first ARP request, where the first ARP request includes the IP address of the receiver container in a case where the IP addresses of the receiver container and the sender container are in the same network segment.

It can be understood that the sender container triggers and broadcasts to send the first ARP request (i.e. the physical address acquisition request), and may specifically be that the sender container triggers the TCP/IP protocol stack to send the first ARP request. The protocol stack judges whether the IP addresses of the receiver container and the sender container are in the same network segment, and if the IP addresses of the receiver container and the sender container are in the same network segment, the protocol stack sends a first ARP request to acquire the MAC address of the receiver container corresponding to the IP address of the receiver container. It will be appreciated that the first ARP request is also broadcast in the form of a message.

It can be understood that the sender container triggers the protocol stack to broadcast the first ARP request, which is received by each container in the virtual host where the sender container is located, the bridge in the virtual host, and the virtual switch corresponding to the sender container. Since the first ARP request includes the IP address of the receiver container, the received first ARP request is not responded by any of the container having an IP address different from that of the receiver container and the bridge in the virtual host.

If the sender container and the receiver container are deployed on different virtual hosts, the receiver container cannot receive the first ARP request and cannot respond to the first ARP request.

And if the sender container and the receiver container are deployed on the same virtual host, the receiver container can receive a first ARP request sent by the trigger broadcast of the sender container, respond to the ARP request and return the MAC address of the receiver container to the sender container. At this time, after receiving the receiver container MAC address returned by the receiver container, the sender container may send a message to the receiver container directly based on the receiver container IP address and the receiver container MAC address. Specifically, two-layer switching communication may be performed with the receiver container through the first bridge, where the first bridge belongs to the virtual host where the sender container and the receiver container are located.

It should be noted that, the virtual switch (denoted as the first virtual switch) corresponding to the sender container also receives the first ARP request sent by the sender container trigger broadcast. At this time, the first virtual switch may have a plurality of processing manners.

One way is that the first virtual switch makes no selection, unconditionally returns the virtual switch MAC address to the sender container. At this time, after receiving the MAC address of the virtual switch, the sender container sends a message to the first virtual switch further based on the MAC address of the virtual switch and the IP address of the receiver container. Further, after the first virtual switch receives the message, the corresponding container communication method can be executed, and how to send the message to the receiver container is determined based on the preset routing rule.

It can be understood that when the sender container and the receiver container are deployed on the same virtual host, the sender container may receive the receiver container MAC address returned by the receiver container and the virtual switch MAC address returned by the first virtual switch in sequence. Since the MAC address received first will be covered by the MAC address received later, the sender container will send the message based on the MAC address received later.

Specifically, under the condition of first receiving the MAC address of the virtual switch, the sender container sends a message to the receiver container based on the MAC address of the receiver container and the IP address of the receiver container; under the condition of firstly receiving the MAC address of the receiver container, the sender container sends a message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, so that the first virtual switch sends the message to the receiver container based on a preset routing rule.

Take the system shown in fig. 1 as an example. Assume the sender container is container a12, sender container IP address 192.168.100.11; assume that the recipient container is container a21 and the recipient container IP address is 192.168.100.12. It can be seen that the sender container a11 is in a different virtual host than the receiver container a12, and the IP addresses are on the same network segment.

It can be appreciated that since container a12 and container a21 belong to different virtual hosts, the first ARP request issued by the trigger broadcast of sender container a12 will not be forwarded to receiver container a 21. The virtual switch a receives the first ARP request and then responds to it, returning the virtual switch MAC address to the sender container a 12. On this basis, the sender container a12 may submit the message to virtual switch a based on the IP address of the receiver container a21 and the virtual switch MAC address. And forwarding the message to the receiver container by the virtual switch A based on a preset routing rule.

The system shown in fig. 1 is still used as an example. Assume the sender container is container a11, sender container IP address 192.168.100.10; assume that the recipient container is container a12 and the recipient container IP address is 192.168.100.11. It can be seen that the sender container a11 is in the same virtual host as the receiver container a12 and the IP addresses are on the same network segment.

Assuming that the virtual switch MAC address responded by the virtual switch a is back, the container a11 sends a message to the virtual switch a, the virtual switch a forwards the message back to the virtual host a1 based on a preset routing rule, and the virtual host a1 sends the message to the container a12 via the bridge, and the message passes through a transmission link of the container a 11-the virtual switch a-the virtual host a 1-the bridge-the container a 12. As can be seen, the transfer of the message from VM A1 back to VM A1 is lengthy.

In another aspect, the first virtual switch determines whether or not the receiver container IP address and the sender container IP address belong to different virtual hosts, based on the receiver container IP address included in the received first ARP request. And if the IP addresses of the sender container and the receiver container belong to the same virtual host, determining not to return the MAC address of the virtual switch to the sender container. At this time, the sender container will only receive the MAC address returned by the receiver container, and can send the message based on the IP address of the receiver container and the MAC address of the receiver container. In this way, the transmission link of the message will be shortened to: sender container-bridge-receiver container.

And if the first virtual switch judges that the IP addresses of the sender container and the receiver container belong to different virtual hosts, returning the MAC address of the virtual switch to the sender container so that the sender container sends a message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, and forwarding the message by the first virtual switch based on a preset routing rule to ensure normal communication between the containers.

More specifically, when the sender container sends a message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, the sender container may send the message to the first virtual switch via the first virtual network port based on the MAC address of the virtual switch and the IP address of the receiver container, and the first virtual network port belongs to the first virtual host.

It can be understood that the first virtual switch preferably performs response processing on the received first ARP request by using the second method, so as to avoid the problem of inconsistent access paths during communication between the sender container and the receiver container, and also avoid resource consumption caused by excessively long access paths.

The second case is that the IP addresses of the receiver container and the sender container are in different network segments.

For this situation, the sender container may trigger a broadcast to send out a second ARP request, where the second ARP request includes a first bridge IP address of the first bridge, and the first bridge belongs to the first vm where the sender container is located, when the IP addresses of the receiver container and the sender container are in different network segments.

It can be understood that the sender container triggers and broadcasts to send the second ARP request, and specifically, the sender container triggers the TCP/IP protocol stack to send the second ARP request. The protocol stack judges whether the IP addresses of the receiver container and the sender container are in the same network segment, and if the IP addresses of the receiver container and the sender container are in different network segments, the protocol stack sends a second ARP request to acquire a first network bridge MAC address corresponding to the first network bridge IP address. It will be appreciated that the second ARP request is also broadcast in the form of a message.

It can be understood that the sending container triggers the protocol stack to broadcast the second ARP request (i.e. the physical address acquisition request), which is also received by each container in the virtual host where the sending container is located, the bridge in the virtual host, and the virtual switch corresponding to the sending container. Since the second ARP request includes the IP address of the bridge, no other container on the vm will respond to the received second ARP request.

In this case, after receiving the second ARP request from the sender container, the first virtual switch where the sender container is located returns the virtual switch MAC address to the sender container, so that the sender container sends a packet to the first virtual switch based on the virtual switch MAC address and the receiver container IP address.

In addition, after receiving the second ARP request, the first bridge also returns the first bridge MAC address to the sender container, so that the sender container sends a packet to the first bridge based on the first bridge MAC address and the receiver container IP address.

Therefore, after sending the second ARP request, the sender container will receive the MAC address of the virtual switch returned by the first virtual switch based on the second ARP request, and will also receive the MAC address of the first bridge returned by the first bridge based on the second ARP request.

Specifically, when the MAC address of the virtual switch is received first, the MAC address of the first bridge is determined as the target MAC address, and then the packet is sent to the receiver container based on the target MAC address. Specifically, based on the MAC address of the first bridge and the IP address of the receiver container, a message is sent to the first bridge, so that the first bridge forwards the message to the receiver container.

Specifically, when the first bridge MAC address is received first, the virtual switch MAC address is determined to be the target MAC address, and then a packet is sent to the receiver container based on the target MAC address. Specifically, based on the MAC address of the virtual switch and the IP address of the receiver container, a message is sent to the first virtual switch, so that the first virtual switch forwards the message to the receiver container based on a preset routing rule.

It is understood that there may be many situations in a specific packet forwarding process, which will be illustrated below.

One is that the IP addresses of the receiver container and the sender container belong to the same virtual host. In this case, if the sender container receives the first bridge MAC address from the first bridge, the message will be sent to the first bridge; after receiving the message, the first bridge forwards the message according to the IP address of the receiver container carried in the message. If the sender container receives the MAC address of the virtual switch from the first virtual switch, the sender container sends a message to the first virtual switch; after receiving the message, the first virtual switch forwards the message to the virtual host again based on a preset routing rule, and the virtual host internally forwards the message to the receiver container.

Take the system shown in fig. 1 as an example. Assume the sender container is container a21, sender container IP address 192.168.100.12; assume that the recipient container is container a22 and the recipient container IP address is 192.168.200.11. After the sender container a21 issues the second ARP request, both bridge a2 and virtual switch a may respond to the ARP request.

If the sender container a21 receives the bridge MAC address returned by the bridge a2, it will send a message to the bridge a2 based on the bridge MAC address and the receiver container IP address. After the bridge a2 receives the message, because the IP address in the message is not its own, the message will be submitted to the receiving container a22 based on the IP access mechanism IP _ forward.

If the sender container a21 receives the virtual switch MAC address returned by the virtual switch a, it will send a message to the virtual switch a based on the virtual switch MAC address and the receiver container IP address. Based on the preset routing rule, the virtual switch a determines the IP address of the virtual host a2 as the first target IP address (in this case, the second target IP address is also the IP address of the virtual host a 2), so that the message is sent back to the virtual host a2 via the virtual port a2 and submitted to the recipient container a22 inside the virtual host a2.

Yet another case is where the IP addresses of the receiver container and the sender container belong to different virtual hosts. In this case, if the sender container receives the first bridge MAC address from the first bridge, the message will be sent to the first bridge; after receiving the message, the first network bridge forwards the message to the first virtual network port through a three-layer forwarding mechanism, and then submits the message downwards to the first virtual switch through the virtual network port, so that the first virtual switch can forward the message based on a preset routing rule after receiving the message. If the sender container receives the MAC address of the virtual switch from the first virtual switch, the message is sent to the first virtual switch through the first virtual network port by the two-layer switch; and after receiving the message, the first virtual switch forwards the message based on the preset routing rule.

Correspondingly, the virtual switch corresponding to the receiver container also forwards the packet from the first virtual switch (substantially from the sender container) to the receiver container based on the preset routing rule.

Take the system shown in fig. 1 as an example. Assume the sender container is container a22, sender container IP address 192.168.200.11; assume that the recipient container is container B12 and the recipient container IP address is 192.168.300.17. After the sender container a22 issues the second ARP request, both bridge a2 and virtual switch a may respond to the ARP request.

If the sender container a22 receives the bridge MAC address returned by the bridge a2, it will send a message to the bridge a2 based on the bridge MAC address and the receiver container IP address. After receiving the message, the bridge a2 sends the message to the virtual port a2 through a three-layer forwarding mechanism, sends the message to the virtual switch a through the virtual port a2, and forwards the message by the virtual switch a based on a preset routing rule.

If the sender container A22 receives the virtual switch MAC address returned by the virtual switch A, the virtual switch A sends a message to the virtual switch A through the virtual network port A2 based on the virtual switch MAC address and the receiver container IP address and based on a two-layer switching mechanism, and the virtual switch A forwards the message based on a preset routing rule.

The virtual switch a (which is the first virtual switch at this time) determines the IP address of the host B as the first target IP address based on the preset routing rule, so as to forward the packet to the host B through the switch. After receiving the packet, the virtual switch B in the host B (which is the second virtual switch at this time) determines the IP address of the virtual host B1 as the second target IP address based on the preset routing rule, and forwards the packet to the virtual host B1. Within hypervisor B1, the packet is forwarded via layer two forwarding to bridge B1, which submits the packet to recipient container B12 based on IP access mechanism IP _ forward.

By the scheme provided by the embodiment of the application, no matter how the IP addresses of the sender container and the receiver container are designed, no matter how the virtual host and the host to which the sender container and the receiver container belong, the message from the sender container can be routed to the receiver container based on the preset routing rule, so that the communication between the sender container and the receiver container is realized, and the use requirement is met.

Corresponding to the foregoing method embodiment, referring to fig. 4, an embodiment of the present application further provides a container communication apparatus, which is applied to a first virtual switch corresponding to a sender container, where the apparatus includes:

a first message receiving module 101, configured to receive a message from a sender container, where the message includes an IP address of a receiver container;

a first target IP address determining module 103, configured to determine, based on a preset routing rule, a first target IP address corresponding to a recipient container IP address;

the first message sending module 105 is configured to send a message to the receiver container based on the first destination IP address.

It can be understood that, the container communication apparatus described above can implement the steps of the container communication method executed by the first virtual switch provided in the foregoing embodiment, and the related explanations regarding the container communication method are applicable to the container communication apparatus, and are not described herein again.

Corresponding to the foregoing method embodiment, referring to fig. 5, an embodiment of the present application further provides a container communication apparatus, which is applied to a second virtual switch corresponding to a receiver container, where the apparatus includes:

a second message receiving module 201, configured to receive a message from a sender container, where the message includes an IP address of a receiver container;

a second destination IP address determining module 203, configured to determine, based on a preset routing rule, a second destination IP address corresponding to the recipient container IP address;

and a second message sending module 205, configured to send a message to the recipient container based on the second destination IP address.

It can be understood that, the container communication apparatus described above can implement the steps of the container communication method executed by the second virtual switch provided in the foregoing embodiment, and the related explanations regarding the container communication method are applicable to the container communication apparatus, and are not described herein again.

Corresponding to the foregoing method embodiment, referring to fig. 6, an embodiment of the present application further provides a container communication apparatus applied to a sender container, where the apparatus includes:

a first request sending module 301, configured to trigger a broadcast to send a first ARP request, where the first ARP request includes a receiver container IP address when IP addresses of the receiver container and the sender container are in the same network segment;

a first MAC address receiving module 303, configured to receive a MAC address of a virtual switch returned by a first virtual switch when IP addresses of a sender container and a receiver container belong to different virtual hosts, where the first virtual switch corresponds to a first virtual host where the sender container is located;

and a third message sending module 305, configured to send a message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the recipient container, so that the first virtual switch sends the message to the recipient container based on a preset routing rule.

It can be understood that the above-mentioned container communication apparatus can implement the steps related to the container communication method executed by the sender container provided in the foregoing embodiment, and the related explanations about the container communication method are applicable to the container communication apparatus, and are not described herein again.

Corresponding to the foregoing method embodiment, referring to fig. 7, an embodiment of the present application further provides a container communication apparatus applied to a sender container, where the apparatus includes:

a second request sending module 401, configured to trigger broadcast sending of a first ARP request, where the first ARP request includes an IP address of a receiver container when IP addresses of the receiver container and the sender container are in the same network segment;

a second MAC address receiving module 403, configured to receive a receiver container MAC address returned by the receiver container when the IP addresses of the sender container and the receiver container belong to the same virtual host;

a fourth message sending module 405, configured to send a message to the receiver container based on the receiver container MAC address and the receiver container IP address.

Corresponding to the foregoing method embodiment, referring to fig. 8, an embodiment of the present application further provides a container communication apparatus, applied to a sender container, where the apparatus includes:

a third request sending module 501, configured to trigger a broadcast to send a second ARP request, where the second ARP request includes a first bridge IP address of a first bridge when IP addresses of a receiver container and a sender container are in different network segments, and the first bridge belongs to a first vm where the sender container is located;

a third MAC address receiving module 503, configured to receive a target MAC address returned based on the second ARP request;

a fifth message sending module 505, configured to send a message to the receiver container based on the target MAC address, where the message includes an IP address of the receiver container.

Fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present application. Referring to fig. 9, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.

The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 9, but this does not indicate only one bus or one type of bus.

And the memory is used for storing programs. In particular, the program may include program code comprising computer operating instructions. The memory may include both memory and non-volatile storage and provides instructions and data to the processor.

Optionally, the processor reads a corresponding computer program from the non-volatile memory into the memory and then runs the computer program, and forms a container communication device on a logic level, where the container communication device is applied to the first virtual switch corresponding to the sender container. The processor is used for executing the program stored in the memory and is specifically used for executing the following operations:

Optionally, the processor reads a corresponding computer program from the non-volatile memory into the memory and then runs the computer program, and forms a container communication device on a logic level, where the container communication device is applied to a second virtual switch corresponding to the receiver container. The processor is used for executing the program stored in the memory and is specifically used for executing the following operations:

Optionally, the processor reads a corresponding computer program from the non-volatile memory into the memory and then runs the computer program to form a container communication device on a logic level, which is applied to the sender container. The processor is used for executing the program stored in the memory and is specifically used for executing the following operations:

receiving a target MAC address returned based on the second ARP request;

The method performed by the container communication device according to the embodiment disclosed in the present application may be applied to or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.

The electronic device may further execute the method executed by the container communication apparatus, and implement the functions of the container communication apparatus in the foregoing embodiments, which are not described herein again.

An embodiment of the present application further provides a computer-readable storage medium storing one or more programs, where the one or more programs include instructions, which, when executed by an electronic device including a plurality of application programs, enable the electronic device to perform the method performed by the container communication apparatus in the foregoing embodiments, and are specifically configured to perform:

receiving a target MAC address returned based on the second ARP request;

As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims

1. A container communication method is applied to a first virtual switch corresponding to a sender container, wherein the method comprises the following steps:

determining a first target IP address corresponding to the IP address of the receiver container based on a preset routing rule, wherein the preset routing rule reflects the corresponding relation between the IP address of the container and the IP address of the virtual host where the container is located and/or the IP address of the host to which the container belongs, and the first target IP address refers to the IP address corresponding to the next hop when the first virtual switch forwards the message;

2. The method of claim 1, wherein prior to receiving the message from the sender container, the method further comprises:

3. The method of claim 2, wherein after receiving a first ARP request from the sender container, the method further comprises:

4. The method of claim 1, wherein prior to receiving the message from the sender container, the method further comprises:

5. The method of claim 1, wherein prior to determining the first destination IP address corresponding to the recipient container IP address based on preset routing rules, the method further comprises:

sending a first preset routing rule acquisition request to a control center;

6. The method of claim 1, wherein after receiving the packet from the sender container, before determining the first destination IP address corresponding to the receiver container IP address based on a preset routing rule, the method further comprises:

7. The method according to any one of claims 1 to 6, wherein receiving the message from the sender container comprises:

8. A container communication method is applied to a second virtual switch corresponding to a receiver container, wherein the method comprises the following steps:

determining a second target IP address corresponding to the IP address of the receiver container based on a preset routing rule, wherein the preset routing rule reflects the corresponding relation between the IP address of the container and the IP address of the virtual host where the container is located and/or the IP address of the host to which the container belongs, and the second target IP address refers to the IP address corresponding to the next hop when the second virtual switch forwards the message;

9. The method of claim 8, wherein prior to determining a second destination IP address corresponding to the recipient container IP address based on preset routing rules, the method further comprises:

sending a third preset routing rule acquisition request to the control center;

10. The method of claim 8, wherein after receiving the packet from the sender container, before determining a second destination IP address corresponding to the receiver container IP address based on a preset routing rule, the method further comprises:

11. The method of claim 8, wherein sending the message to the recipient container based on the second destination IP address comprises:

12. A container communication method applied to a sender container, wherein the method comprises:

and sending a message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, so that the first virtual switch sends the message to the receiver container based on a preset routing rule, wherein the preset routing rule reflects the corresponding relation between the IP address of the container and the IP address of the virtual host where the container is located and/or the IP address of the host where the container is located.

13. The method of claim 12, wherein sending a message to the first virtual switch based on the virtual switch MAC address and the recipient container IP address comprises:

14. A container communication method applied to a sender container, wherein the method comprises:

under the condition that the IP addresses of the sender container and the receiver container belong to the same virtual host, receiving a receiver container MAC address returned by the receiver container, and receiving a virtual switch MAC address returned by a first virtual switch, wherein the first virtual switch corresponds to the sender container;

under the condition of receiving the receiver container MAC address, sending a message to the first virtual switch based on the virtual switch MAC address and the receiver container IP address, so that the first virtual switch sends the message to the receiver container based on a preset routing rule, wherein the preset routing rule reflects the corresponding relation between the IP address of the container and the IP address of the virtual host where the container is located and/or the IP address of the host where the container belongs.

15. The method of claim 14, wherein sending a message to the receiver container based on the receiver container MAC address and the receiver container IP address comprises:

16. A container communication method applied to a sender container, wherein the method comprises:

receiving a target MAC address returned based on the second ARP request;

based on the target MAC address, sending a message to the receiver container, wherein the message contains the IP address of the receiver container;

wherein receiving the target MAC address returned based on the second ARP request includes:

receiving a first bridge MAC address returned by the first bridge based on the second ARP request;

wherein, if the MAC address of the virtual switch is determined to be the target MAC address when the MAC address of the first bridge is received first, then sending a packet to the receiver container based on the target MAC address includes:

and sending the message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the receiver container, so that the first virtual switch forwards the message to the receiver container based on a preset routing rule, wherein the preset routing rule reflects the corresponding relation between the IP address of the container and the IP address of the virtual host where the container is located and/or the IP address of the host where the container is located.

17. The method of claim 16, wherein the first bridge MAC address is determined to be the target MAC address if the virtual switch MAC address was previously received,

18. A container communication apparatus applied to a first virtual switch corresponding to a sender container, wherein the apparatus comprises:

a first target IP address determining module, configured to determine, based on a preset routing rule, a first target IP address corresponding to the recipient container IP address, where the preset routing rule reflects a correspondence between an IP address of a container and an IP address of a virtual host where the container is located and/or an IP address of a host to which the container belongs, and the first target IP address refers to an IP address corresponding to a next hop when the first virtual switch forwards the packet;

19. A container communication apparatus applied to a second virtual switch corresponding to a receiver container, wherein the apparatus comprises:

a second target IP address determining module, configured to determine, based on a preset routing rule, a second target IP address corresponding to the recipient container IP address, where the preset routing rule reflects a correspondence between an IP address of a container and an IP address of a virtual host where the container is located and/or an IP address of a host to which the container belongs, and the second target IP address refers to an IP address corresponding to a next hop when the second virtual switch forwards the packet;

20. A container communication apparatus applied to a sender container, wherein the apparatus comprises:

and a third message sending module, configured to send, based on the MAC address of the virtual switch and the IP address of the recipient container, a message to the first virtual switch, so that the first virtual switch sends the message to the recipient container based on a preset routing rule, where the preset routing rule reflects a correspondence between an IP address of a container and an IP address of a virtual host in which the container is located and/or an IP address of a host to which the container belongs.

21. A container communication apparatus applied to a sender container, wherein the apparatus comprises:

a second MAC address receiving module, configured to receive a receiver container MAC address returned by the receiver container and receive a virtual switch MAC address returned by a first virtual switch when the IP addresses of the sender container and the receiver container belong to the same virtual host, where the first virtual switch corresponds to the sender container;

a fourth message sending module, configured to send a message to the receiver container based on the receiver container MAC address and the receiver container IP address when the virtual switch MAC address is received in advance; under the condition of receiving the receiver container MAC address, sending a message to the first virtual switch based on the virtual switch MAC address and the receiver container IP address, so that the first virtual switch sends the message to the receiver container based on a preset routing rule, wherein the preset routing rule reflects the corresponding relation between the IP address of the container and the IP address of the virtual host where the container is located and/or the IP address of the host where the container belongs.

22. A container communication apparatus applied to a sender container, wherein the apparatus comprises:

a fifth message sending module, configured to send a message to the receiver container based on the target MAC address, where the message includes the IP address of the receiver container;

the third MAC address receiving module is configured to receive a virtual switch MAC address returned by a first virtual switch based on the second ARP request, where the first virtual switch corresponds to the sender container;

the fifth message sending module is configured to send the message to the first virtual switch based on the MAC address of the virtual switch and the IP address of the recipient container, so that the first virtual switch forwards the message to the recipient container based on a preset routing rule, where the preset routing rule reflects a correspondence between an IP address of a container and an IP address of a virtual host in which the container is located and/or an IP address of a host to which the container belongs.

23. An electronic device, comprising:

a processor; and

determining a first target IP address corresponding to the IP address of the receiver container based on a preset routing rule, wherein the preset routing rule reflects a corresponding relation between the IP address of the container and the IP address of a virtual host where the container is located and/or the IP address of a host to which the container belongs, the first target IP address refers to the IP address corresponding to the next hop when a first virtual switch forwards the message, and the first virtual switch is a virtual switch corresponding to the sender container;

24. A computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to:

25. An electronic device, comprising:

a processor; and

determining a second target IP address corresponding to the IP address of the receiver container based on a preset routing rule, wherein the preset routing rule reflects a corresponding relation between the IP address of the container and the IP address of a virtual host where the container is located and/or the IP address of a host to which the container belongs, the second target IP address refers to the IP address corresponding to a next hop when a second virtual switch forwards the message, and the second virtual switch is the virtual switch corresponding to the receiver container;

26. A computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to:

27. An electronic device, comprising:

a processor; and

28. A computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to:

29. An electronic device, comprising:

a processor; and

30. A computer-readable storage medium storing one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to:

31. An electronic device, comprising:

a processor; and

receiving a target MAC address returned based on the second ARP request;

32. A computer-readable storage medium storing one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to:

receiving a target MAC address returned based on the second ARP request;