CN111221619B - Method, device and equipment for opening and arranging business - Google Patents
Method, device and equipment for opening and arranging business Download PDFInfo
- Publication number
- CN111221619B CN111221619B CN201811425055.1A CN201811425055A CN111221619B CN 111221619 B CN111221619 B CN 111221619B CN 201811425055 A CN201811425055 A CN 201811425055A CN 111221619 B CN111221619 B CN 111221619B
- Authority
- CN
- China
- Prior art keywords
- network element
- target network
- vnfm
- service
- nfvo
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0896—Bandwidth or capacity management, i.e. automatically increasing or decreasing capacities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the application provides a method, a device and equipment for opening and arranging a service, wherein the method comprises the following steps: and the NFVO calls the SDN controller and the VIM to deliver the creation target network element, and the VIM completes the arrangement and deployment of the NFV virtualization security network element through the linkage with the autonomous VNM. And the SDN controller automatically guides the traffic to the corresponding NFV virtualization safety network element according to the information feedback of the VIM, automatically finishes guiding the traffic of the designated tenant through the linkage of the NFV virtualization product through the SDN controller, and connects the NFV virtualization product in the virtual machine network in series. The method can realize the automatic deployment of the corresponding virtualized network element and the integral arrangement and unified management of the VNF service running on the virtualized network element, increase the operation and maintenance response speed and increase the network service expansion capability while reducing the operation and maintenance difficulty.
Description
Technical Field
The present application belongs to the technical field of data services, and in particular, relates to a method, an apparatus, a device, and a computer storage medium for service provisioning and arrangement.
Background
Currently, in order to completely migrate the entire architecture of a traditional network to a virtualized environment, the industry proposes the concept of network function virtualization (network function virtualization, NFV). Through the NFV architecture, various network functions of the conventional network can be virtualized, and no special hardware is required for supporting, but a general-purpose X86 server is used for supporting. When the service is regulated, a brand new hardware device is not required to be purchased for each service, and only an existing, idle or temporarily called general X86 server from other services is required to be allocated to make temporary or permanent hardware resources so as to facilitate quick response to network service regulation.
Meanwhile, after all network functions are virtualized, network services can be quickly changed and responded according to requirements under the condition of hardware permission, and no matter the requirements are temporary or permanent, the responses and the adjustments (the responses and the adjustments can be deployed or deleted by a certain virtual network function (virtual network feature, VNF) or a virtualized network element of an NFVI layer can be opened or cancelled) can be completed from a far end in tens of minutes or even a few minutes without depending on the debugging of field personnel.
In view of this, according to a large number of construction requirements and existing situations, in combination with the requirements of subsequent network service development, NFV virtualized products are deployed in a cloud environment, and a security protection service is provided for each service system of a data center, so that automatic opening of a plurality of network services becomes a focus of network management.
Disclosure of Invention
The embodiment of the application provides a method, a device, equipment and a computer storage medium for service opening and arrangement, wherein the NFVO is used for carrying out management configuration, the NFVO calls SDN control and VIM, a creation target network element is issued, and the VIM can realize automatic arrangement of a corresponding virtualized network element and integral arrangement and unified management of VNF service running on the virtualized network element through linkage with an autonomous VNFM, thereby reducing operation and maintenance difficulty, increasing operation and maintenance response speed and increasing network service expansion capability.
In a first aspect, an embodiment of the present application provides a method for service provisioning, where the method may include: the network function virtualization orchestrator NFVO invokes a software defined network SDN controller in a cross-virtualization infrastructure management VIM, sending a message to the virtualized network function manager VNFM to create a target network element;
the NFVO receives state information of a target network element fed back by the VNFM, wherein the state information of the target network element is determined by the VNFM according to information of the target network element and information in a virtual resource pool;
The NFVO issues SDN drainage instructions to the SDN controller according to the state information of the target network element, so that the SDN controller can execute the SDN drainage instructions through the switch to finish service opening on the target network element.
In the scheme, when a service or tenant demands an NFV virtualized security network element, the NFVO is used for management configuration, the NFVO calls an SDN controller and a VIM, a creation target network element is issued, and the VIM completes arrangement and deployment of the NFV virtualized security network element through linkage with an autonomous VNM. And the SDN controller automatically guides the traffic to the corresponding NFV virtualization safety network element according to the information feedback of the VIM, automatically finishes guiding the traffic of the designated tenant through the linkage of the NFV virtualization product through the SDN controller, and connects the NFV virtualization product in the virtual machine network in series. The method can realize the automatic deployment of the corresponding virtualized network element and the integral arrangement and unified management of the VNF service running on the virtualized network element, increase the operation and maintenance response speed and increase the network service expansion capability while reducing the operation and maintenance difficulty.
In one possible implementation manner, the service of opening operation on the "target network element" includes: firewall vFW traffic or network defense intrusion detection vIPS traffic.
Because, in the deployed NFV virtualized product, for each service system of the data center to provide a security protection service, automatic operation and arrangement of VNF network elements based on services is realized.
In another possible implementation manner, in the step of the above-mentioned "the network function virtualization orchestrator NFVO invokes the software defined network SDN controller in the cross-virtualization infrastructure management VIM, sending a message for creating the target network element to the virtualized network function manager VNFM" may specifically include:
the NFVO determines a message for creating a target network element through a first interface of an OpenStack standard in the SDN;
the NFVO calls a standard plug-in corresponding to the first interface, and sends a message for creating a target network element to a specific virtual network element manager S-VNFM in the VNFM.
Because the NFV virtualization product can implement automated deployment, deployment creation is completed using the OpenStack standard API interface (i.e., the first interface), without the need for a custom interface.
In still another possible implementation manner, in the step of "the NFVO receives the status information of the target network element fed back by the VNFM" described above, the method specifically may include:
S-VNFM determines the state information of the target network element according to the information of the created target network element and the information in the virtual resource pool;
The NFVO receives the state information of the S-VNFM feedback target network element.
In yet another possible implementation manner, the "network function virtualization orchestrator NFVO" may include: at least one of a cloud management platform or a management application for performing the method of service provisioning of any of the first aspects.
Because the scheme adopts a decoupling mode (namely, the hardware and the software have no direct binding relation, the software also have no strong binding relation, corresponding software or hardware can be purchased along with business development and actual demands, and other virtualized network elements can be integrated according to the demands without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualized products are combined by multiple manufacturers, and have no coupling relation. The network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The method can personalize the service of different physical areas and user groups, and the service scale can be quickly and conveniently stretched.
In conclusion, the method realizes unified management of the network and the NFV virtualized network element by interfacing with the cloud management platform or the management APP, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capacity.
In a second aspect, an embodiment of the present application provides a method for service orchestration, where the method may include:
the Network Function Virtualization Orchestrator (NFVO) receives an instruction to create a router on a cloud management platform running in the NFVO;
the NFVO creates a plurality of first main and standby routers with firewall vFW service and a plurality of second main and standby routers with network defense intrusion detection vIPS service according to an instruction for creating the virtual router and triggering OpenStack in a software defined network SDN controller;
the NFVO receives a first message, the first message comprising: the method comprises the steps that a Virtualized Network Function Manager (VNFM) carries out first configuration information configured for a first master and slave router and second configuration information configured for a second master and slave router;
when the instruction for creating the virtual router fails, the NFVO deletes the first primary and second primary and secondary routers, and triggers the VNFM to delete the first configuration information and the second configuration information.
In the scheme, on network positions of some larger services/tenants, the NFV virtualized network elements are required to support high performance, automatic arrangement of the high-performance NFV virtualized network elements is realized so as to meet service requirements, when the high-throughput NFV virtualized network elements are required, an administrator establishes the virtualized network elements through autonomous VNFM after deploying the high-performance network elements through cloud management platform or management APP operation, the virtualized network elements can be directly subjected to automatic deployment, initialization of basic configuration is realized, and the cloud management platform or management APP is notified to modify SDN drainage rules. When the demand is changed or reduced, the configuration and the number of the NFV virtualized network elements can be modified or deleted through the operation of the NFVO on the VIM, so that the automation arrangement based on the service or the tenant can be realized, and the high reliability can be ensured.
In a third aspect, an embodiment of the present application provides a device for service provisioning, where the device may include:
the processing module is used for calling the software defined network SDN module in the control module and sending a message for creating the target network element to the management module;
the processing module is also used for receiving the state information of the target network element fed back by the management module, wherein the state information of the target network element is determined by the management module according to the information of the created target network element and the information in the virtual resource pool;
the processing module is further configured to issue an SDN drainage instruction to the SDN module according to the state information of the target network element, so that the SDN module executes the SDN drainage instruction through the switch, and service opening on the target network element is completed.
In the scheme, when the NFV virtualized security network element is required by a service or tenant, management configuration is carried out through the processing module, the SDN module and the control module are called by the processing module, the creation target network element is issued, and the control module completes arrangement and deployment of the NFV virtualized security network element through linkage with the autonomous management module. And the SDN module automatically guides the flow to the corresponding NFV virtualization safety network element according to the information feedback of the control module, automatically finishes the flow guiding of the appointed tenant through the linkage of the NFV virtualization product through the SDN module, and connects the NFV virtualization product in the virtual machine network in series. The method can realize the automatic deployment of the corresponding virtualized network element and the integral arrangement and unified management of the VNF service running on the virtualized network element, increase the operation and maintenance response speed and increase the network service expansion capability while reducing the operation and maintenance difficulty.
In one possible implementation manner, the service of opening operation on the "target network element" includes: firewall vFW traffic or network defense intrusion detection vIPS traffic.
Because, in the deployed NFV virtualized product, for each service system of the data center to provide a security protection service, automatic operation and arrangement of VNF network elements based on services is realized.
In another possible embodiment, the "processing module" described above is specifically used for:
determining a message for creating a target network element through a first interface of an OpenStack standard in an SDN module;
and calling a standard plug-in corresponding to the first interface, and sending a message for creating the target network element to a specific virtual network element module S-VNFM in the management module.
Because the NFV virtualization product can implement automated deployment, deployment creation is completed using the OpenStack standard API interface (i.e., the first interface), without the need for a custom interface.
In a further possible embodiment, the "processing module" described above is specifically for:
the S-VNFM module determines the state information of the target network element according to the information of the created target network element and the information in the virtual resource pool;
the processing module is specifically configured to receive status information of the target network element fed back by the S-VNFM module.
In still another possible implementation manner, the "processing module" may include at least one of a cloud management platform or a management application, for performing a method for service provisioning according to any of the first aspects.
Because the scheme adopts a decoupling mode (namely, the hardware and the software have no direct binding relation, the software also have no strong binding relation, corresponding software or hardware can be purchased along with business development and actual demands, and other virtualized network elements can be integrated according to the demands without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualized products are combined by multiple manufacturers, and have no coupling relation. The network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The method can personalize the service of different physical areas and user groups, and the service scale can be quickly and conveniently stretched.
In conclusion, the method realizes unified management of the network and the NFV virtualized network element by interfacing with the cloud management platform or the management APP, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capacity.
In a fourth aspect, an embodiment of the present application provides a service orchestration device, where the device may include:
the processing module is used for receiving an instruction of creating a router on the cloud management platform running in the processing module;
the processing module is further used for creating a plurality of first main and standby routers with firewall vFW service and a plurality of second main and standby routers with network defense intrusion detection vIPS service according to the instruction for creating the virtual router and triggering OpenStack in the software defined network SDN module;
the processing module is further configured to receive a first message, the first message including: the management module is used for configuring first configuration information of the first main and standby router and second configuration information of the second main and standby router;
when the instruction for creating the virtual router fails, the processing module is further used for deleting the first main router and the second standby router, and triggering the management module to delete the first configuration information and the second configuration information.
In the scheme, on network positions of some larger services/tenants, the NFV virtualized network elements are required to support high performance, automatic arrangement of the high-performance NFV virtualized network elements is realized so as to meet service requirements, when the high-throughput NFV virtualized network elements are required, an administrator establishes the virtualized network elements through an autonomous management module after deploying the high-performance network elements through cloud management platform or management APP operation, the virtualized network elements can be directly subjected to automatic deployment, the initialization of basic configuration is realized, and the cloud management platform or management APP is notified to modify SDN drainage rules. When the demand is changed or reduced, the configuration and the number of the NFV virtualized network elements can be modified or deleted through the operation of the processing module on the control module, so that the automation arrangement based on the service or the tenant can be realized, and the high reliability can be ensured.
In a fifth aspect, an embodiment of the present application provides a service opening and orchestration device, the device comprising a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements a method for service provisioning and orchestration according to any of the first aspect or the second aspect.
In the scheme, the NFV virtualization network element is deployed based on the open source virtualization platform, and automatic deployment is realized: the NFV virtualization network element is deployed on an open source virtualization platform OpenStack, and uses an X86 server (namely, a service opening and arranging device) to carry out hardware bearing, and all software and hardware are decoupled without special hardware; the plug-in of OpenStack is replaced by the plug-in, and the plug-in is in butt joint with an interface of an OpenStack standard component (NOVA & Neutron) through own VNM, so that automatic deployment of corresponding virtualized network elements can be realized. Because all the standard X86 building servers are used as bearing hardware, no special hardware purchase exists, and the existing servers can be used for deployment, so that the hardware purchase cost is reduced; when the service changes, the hardware can be used for other service systems, so that the utilization rate of the hardware is increased.
In a sixth aspect, embodiments of the present application provide a computer readable storage medium comprising instructions which, when run on a computer, cause the computer to perform the method of any one of the first or second aspects.
In a seventh aspect, embodiments of the present application provide a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of any of the first or second aspects.
Drawings
In order to more clearly illustrate the technical solution of the embodiments of the present application, the drawings that are needed to be used in the embodiments of the present application will be briefly described, and it is possible for a person skilled in the art to obtain other drawings according to these drawings without inventive effort.
FIG. 1 is a schematic diagram of a management architecture after network function virtualization;
FIG. 2 is a schematic diagram of an architecture of an NFV management orchestration provided by one embodiment of the present application;
fig. 3 is a schematic flow chart of a service opening method according to an embodiment of the present application;
fig. 4 is a schematic logic structure diagram of an NFV service provisioning method according to an embodiment of the present application;
FIG. 5 is a flow chart of a business arrangement method according to an embodiment of the present application;
FIG. 6 is a first interface schematic diagram of a business arrangement method according to an embodiment of the present application;
FIG. 7 is a second interface schematic diagram of a business arrangement method according to an embodiment of the present application;
FIG. 8 is a third interface schematic diagram of a business arrangement method according to an embodiment of the present application;
FIG. 9 is a fourth interface schematic diagram of a business arrangement method according to an embodiment of the present application;
FIG. 10 is a fifth interface diagram of a business arrangement method according to an embodiment of the present application;
FIG. 11 is a sixth interface schematic diagram of a business arrangement method according to an embodiment of the present application;
FIG. 12 is a schematic diagram of a seventh interface of a business arrangement method according to an embodiment of the present application;
FIG. 13 is a schematic diagram of an eighth interface of a business arrangement method according to an embodiment of the present application;
FIG. 14 is a schematic illustration of a ninth interface of a business orchestration method according to one embodiment of the present application;
FIG. 15 is a tenth interface schematic diagram of a business arrangement method according to an embodiment of the present application;
FIG. 16 is an eleventh interface schematic of a business arrangement method according to an embodiment of the present application;
FIG. 17 is a twelfth interface diagram of a business arrangement method according to an embodiment of the present application;
fig. 18 is a schematic structural diagram of a service opening device according to an embodiment of the present application;
fig. 19 is a schematic structural diagram of a service arrangement device according to an embodiment of the present application;
Fig. 20 is a schematic structural diagram of a service opening and arrangement device according to an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application will be described in detail below, and in order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described in further detail below with reference to the accompanying drawings and the detailed embodiments. It should be understood that the specific embodiments described herein are merely configured to illustrate the application and are not configured to limit the application. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the application by showing examples of the application.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
First, in order to facilitate understanding of the content related to the present application, a technical architecture applied to the present solution will be explained with reference to fig. 1, and in a virtualized environment, an existing network function will be implemented on a virtual network function VNF, which may be regarded as an application layer of the VNF. Each VNF may implement different network functions depending on the specific application configuration. The architecture diagram and interfaces of the NFV management orchestration (NFV Management and Orchestration, NFV-MANO) involved are shown in fig. 1, where the network function virtualization orchestrator (Network Functions Virtualization Orchestrator, NFVO) is responsible for the functions of lifecycle management of network services, network function virtualization infrastructure (Network Functions Virtualization Infrastructure, NFVI) resource scheduling across virtualization infrastructure management (Virtualised Infrastructure Manager, VIM), etc., the virtualized network function management (VNF Manager, VNFM) is responsible for the lifecycle management of VNF instances, each of which is assumed to have an associated VNFM, the VIM is responsible for controlling and managing NFVI computation, storage and network resources.
In particular, the key to the present application is mainly on NFV management orchestration, so the detailed description is made in connection with fig. 2.
FIG. 2 is a schematic diagram of an architecture of an NFV management orchestration according to one embodiment of the present application.
Specifically, as shown in fig. 2, in the NFV-MANO, unified management operation is performed by calling a cloud management platform/management APP in the network function virtualization orchestrator NFVO. The NFV provider provides a self-Virtualized Network Function Manager (VNFM), a plug-in and a product supporting a certain VNF network element, the self-virtualized network function manager is responsible for the life cycle management of the VNF network element, performs operations such as creation, deletion and modification of the VNF network element, and is in butt joint with a standard component of OpenStack; and simultaneously, a REST API interface is provided for docking. OpenStack is responsible for managing virtual resource management of the VIM layer across the virtualization infrastructure, and provides OpenStack standard APIs, providing relevant information interfacing of VNF network elements.
The specific virtual network element manager S-VNFM and plug-ins (e.g., hillstone plug in) in the VNFM, and the firewall vww and the network defense intrusion detection vpps in the resource pool provide delivery modules for NFV. Virtual desktops (horizons), nova & neutron in VNFM and ovs/sr-lov in resource pool are universal standard modules. Cloud management platform or management Application (APP) in NFVO, SDN manager in VIM, switch (e.g., virtual or physical) and VNFM are modules delivered for third parties.
Wherein the method comprises the steps of
In the following, in an application scenario of fig. 2, a detailed description is made of a service provisioning method according to an embodiment of the present application with reference to fig. 3.
Fig. 3 is a flow chart of a service opening method according to an embodiment of the present application.
As shown in fig. 3, specific method steps may include S310-S330:
s310: the network function virtualization orchestrator NFVO invokes a software defined network SDN controller in a cross-virtualization infrastructure management VIM, sending a message to the virtualized network function manager VNFM to create the target network element.
Specifically, the NFVO determines, through a first interface of an OpenStack standard in the SDN, a message for creating a target network element;
the NFVO calls a standard plug-in corresponding to the first interface, and sends a message for creating a target network element to a specific virtual network element manager S-VNFM in the VNFM.
S320: the NFVO receives state information of a target network element fed back by the VNFM, where the state information of the target network element is determined by the VNFM according to a message for creating the target network element and information in the virtual resource pool.
Specifically, the S-VNFM determines the state information of the target network element according to the information in the virtual resource pool and the information of the message for creating the target network element;
the NFVO receives the state information of the S-VNFM feedback target network element.
S330: the NFVO issues SDN drainage instructions to the SDN controller according to the state information of the target network element, so that the SDN controller can execute the SDN drainage instructions through the switch to finish service opening on the target network element.
It should be noted that, the service that is opened and operated on the target network element involved in the method mainly includes: firewall vFW traffic or network defense intrusion detection vIPS traffic. The network function virtualization orchestrator NFVO includes: at least one of a cloud management platform or a management application program is used for executing the service opening method related to any one of the steps.
Because the scheme adopts a decoupling mode (namely, the hardware and the software have no direct binding relation, the software also have no strong binding relation, corresponding software or hardware can be purchased along with business development and actual demands, and other virtualized network elements can be integrated according to the demands without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualized products are combined by multiple manufacturers, and have no coupling relation. The network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The method can personalize the service of different physical areas and user groups, and the service scale can be quickly and conveniently stretched.
In conclusion, the method realizes unified management of the network and the NFV virtualized network element by interfacing with the cloud management platform or the management APP, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capacity.
To better illustrate the method of fig. 3, an embodiment of the present application provides a specific example, as shown in fig. 4.
Fig. 4 is a schematic logic structure diagram of an NFV service provisioning method according to an embodiment of the present application. In particular, the method comprises the steps of,
it should be noted that, step 1-3 may correspond to step S310 in fig. 3:
step 1: at least one of the cloud management platform or the management APP creates vwf/vpps through the OpenStack standard API interface.
Step 2: the OpenStack informs the self-VNFM component S-VNFM of the creation of the vFW/vIPS network element through a standard plug-in (e.g., mountain Dan Chajian) installed corresponding to the OpenStack standard component.
Step 3: the S-VNFM issues create vFW/vIPS instructions through the NOVA & Neutron standard interface with OpenStack.
It should be noted that, step 4-6 may correspond to step S320 in fig. 3:
step 4: NOVA & Neutron of OpenStack for creating vFW/vIPS through resource pools
Step 5: NOVA & Neutron of OpenStack feeds back vFW/vIPS creation state to S-VNMM through interface
Step 6: S-VNFM feeds vFW/vIPS creation state & information back to cloud management platform/management APP.
It should be noted that, step 7-8 may correspond to step S330 in fig. 3:
step 7: and the cloud management platform/management APP issues an SDN drainage instruction to the SDN controller according to the vFW/vIPS deployment state & information.
Step 8: SDN control executes SDN drainage rules through a switch/OVS to finish service opening.
It should be noted that fig. 4 is similar to the architecture shown in fig. 2, in which the interfaces are not shown, and reference may be made to fig. 2 for connection of the interfaces.
To sum up, in order to enable the NFV virtualized network element and the SDN to cooperate and realize overall network orchestration based on services or tenants, scheduling of the overall network and the virtualized network element needs to be realized through a cloud management platform or a management APP of a higher layer, so that overall network orchestration is realized. When the service/tenant demands the NFV virtualized security network element, management configuration is carried out through a cloud management platform/management software, the cloud management platform/management software calls SDN control and VIM, commands are issued, the VIM completes arrangement and deployment of the NFV virtualized security network element through linkage with the autonomous VNM, and the SDN controller automatically guides traffic to the corresponding NFV virtualized security network element according to information feedback of the VIM. For advanced/personalized management or configuration requirements, the cloud management platform/management APP can issue required configuration to an NFV virtualized network element through the REST API of the VNF, so that the advanced/personalized requirements and the subsequent service expansion requirements are met. By realizing the automatic deployment of network elements and the automatic drainage of traffic, the whole network arrangement based on business/tenant is realized.
It should be noted that, in fig. 2-4, a docking interface scheme between the standard interface, the third party interface, and the proprietary interface is referred to. The following is a detailed description of the steps:
firstly, the creation, modification, deletion and query of vwf and vwf configuration are implemented based on the OpenStack standard interface, which can be divided into the following 4 cases, as shown in the following:
in the first case, the business process: starting a virtual machine where the S-VNFM is located; communication path: cloud management platform/management APP- > (NOVA); the use interface: v2.1/{ tenant_id }/servers.
Second, business process: the cloud management platform or the management APP inputs S-VNFM and NFV equipment on an interface; communication path: cloud management platform or management APP.
Third, business process: the cloud management platform or the management APP issues the designated zone information to the S-VNMM; communication path: the cloud management platform or the management APP- > (S-VNFM); the use interface: vnfm_hs_fw/app/zone.
Fourth, business process: cloud management platform or management APP call openstackFWaaS API; communication path: cloud management platform/management APP- > (Openstack); the use interface: v2.0/fw/firewells.
Secondly, the feedback information receiving query for the S-VNFM based on the REST API may be divided into the following 2 cases, as shown below:
In the first case, the business process: after receiving the vm creating success message, the S-VNM stores and sends vm information to a cloud management platform or a management APP; communication path: S-VNFM- > cloud management platform/management APP; the use interface: the S-VNFM informs the cloud management platform or manages the APP, vfw that the creation was successful (can be provided by the cloud platform).
Second, business process: the cloud management platform or the management APP distributes vlan for the current vFW and sends service and heartbeat vlan information to the S-VNFM; communication path: cloud management platform or management APP- > S-VNFM; the use interface: v nfm_hs_fw/app/vlan.
Then, the creation, modification, deletion and query of the vIPS and vIPS configuration through S-VNM are realized based on REST API, and can be divided into the following 2 cases as follows:
in the first case, the business process: the cloud management platform or the management APP calls the REST API of the S-VNM to carry out vIPS network element management; communication path: the cloud management platform or the management APP- > (S-VNFM); the use interface: vnfm_hs_ips/app/< create_ips/remove_ips/update_ips, vlan/zone >.
Second, business process: the cloud management platform or the management APP carries out vIPS configuration management; communication path: the cloud management platform or the management APP- > (S-VNFM); the use interface: the term "rule" is used to refer to the term "rule" as used herein, and the term "rule" is used to refer to the term "rule" as used herein.
Finally, the interface interfacing with the SDN controller is involved, and the drainage based on the NFV network element is implemented, which can be divided into the following 3 possible cases, as shown in the following:
in the first case, the business process: creating a mapping device; communication path: a cloud management platform or a management APP- > (SDN controller; the use interface: a mapping device is created.
Second, business process: calling an interface to create a third party device on the controller; communication path: a cloud management platform or a management APP- > (SDN controller; the use interface: a third party device group is created.
Third, business process: creating a flow feature group and a service chain on a controller; communication path: a cloud management platform or a management APP- > (SDN controller; the use interface: at least one of creating a set of traffic characteristics or creating a traffic chain.
The arrangement after the service is opened may be specifically shown in fig. 5 based on the service opening method referred to in fig. 2 to fig. 4.
Fig. 5 is a flow chart of a business arrangement method according to an embodiment of the present application.
As shown in fig. 5, the method for service orchestration may include S510-S550:
s510: the network function virtualization orchestrator NFVO receives an instruction to create a router on a cloud management platform running in the NFVO.
For example: the cloud management platform receives the instruction of creating the router, and can display a first interface of the service arrangement through the display device, and the first interface corresponding to the step can be shown in fig. 6.
S520: the NFVO creates a plurality of first master-slave routers with firewall vwf traffic and a plurality of second master-slave routers with network defense intrusion detection vpps traffic according to instructions to create virtual routers and trigger OpenStack in a software defined network SDN controller.
For example: triggering OpenStack to automatically create 2 main/standby vFWs and 2 main/standby vIPSs, wherein a second interface corresponding to the steps is shown in FIG. 7. The meaning of the primary and the secondary can be understood as a primary device and a standby device, when the primary device is abnormal, corresponding operations can be executed according to the standby device, a third interface which may correspond to the above situation is shown in fig. 8, and through automatic arrangement, HA deployment of NFV virtualized products can be realized, and high reliability is ensured.
S530: the NFVO receives a first message, the first message comprising: the virtualized network function manager VNFM is configured for the first primary and standby router with first configuration information and for the second primary and standby router with second configuration information.
Specifically, before the NFVO receives the first message, it may further include: the VNFM will automatically issue IPS configurations to the vIPS and interface with the vwf interconnect. The fourth interface corresponding to the possible case is shown in fig. 9, and in the possible case of issuing configuration, configuration is mainly performed for policies and networks. The cloud management platform receives an instruction of connecting a private network and setting an external gateway, and triggers SDN drainage (for example, a fifth interface which may correspond to the situation is shown in fig. 10); triggering the VNFM to the corresponding interconnection interface of the vcps, and simultaneously issuing a corresponding routing configuration (e.g., a sixth interface that may correspond to the case is shown in fig. 11 and a seventh interface is shown in fig. 12); triggering the VNFM to create a corresponding interconnection interface for the vFW, and simultaneously issuing a corresponding routing configuration and NAT configuration (e.g., an eighth interface that may correspond to the case is shown in fig. 13 and a ninth interface is shown in fig. 14); creating firewall rules by the cloud management platform will issue security policies to the vwf (e.g., based on a tenth interface that this case may correspond to, as shown in fig. 15); binding the cloud management platform and the virtual machine to the public network IP, vww will automatically create a corresponding DNAT configuration, which is convenient for other users of the internet to access the cloud management platform according to the IP (an eleventh interface that may correspond to this case is shown in fig. 16).
S540: when the instruction for creating the virtual router fails, the NFVO deletes the first primary and second primary and secondary routers, and triggers the VNFM to delete the first configuration information and the second configuration information.
For example: deleting a router on the cloud management platform will trigger VNFM to delete vcps and vww (based on this case a twelfth interface that may correspond is shown in fig. 17).
This step is an important step in the embodiments provided in the present application, and it can be understood that when the instruction for creating the virtual router fails (i.e. when the service is not being created), the cloud management platform may delete the virtual router created by the service before, and at the same time, trigger the VNFM to store the service information due to the service. And releasing the unnecessary service to facilitate the use of other resources, and the mode can improve the utilization rate of the resources.
In summary, in some network locations of larger services/tenants, the NFV virtualized network element is required to support high performance, so as to implement automatic arrangement of the high-performance NFV virtualized network element, so as to meet service requirements, and through SR-IOV technology, network throughput performance of the virtualized network element can be increased. When a high-throughput NFV virtualized network element is required, an administrator links with VIM software through an interface after deploying the high-performance network element in the cloud management platform/management APP operation, and notifies an autonomous VNFM to create the virtualized network element, and the autonomous VNFM calls a standard interface of the VIM software, so that the virtualized network element can be automatically deployed directly by using an SR-IOV, the initialization of basic configuration is realized, and the cloud management platform/management APP is notified to modify SDN drainage rules. When the demand is changed or reduced, the configuration and the number of the NFV virtualized network elements can be modified or deleted through the operation on VIM software, so that the automatic arrangement based on the business/tenant can be realized.
Fig. 18 is a schematic structural diagram of a service opening device according to an embodiment of the present application.
As shown in fig. 18, the apparatus 180 may include: a processing module 1801, configured to invoke a software defined network SDN module in the control module 1802, and send a message for creating a target network element to the management module 1803;
the processing module 1801 is further configured to receive status information of the target network element fed back by the management module 1803, where the status information of the target network element is determined by the management module 1803 according to a message for creating the target network element and information in the virtual resource pool;
the processing module 1801 is further configured to issue an SDN drainage instruction to the SDN module according to the state information of the target network element, so that the SDN module executes the SDN drainage instruction through the switch, and service opening on the target network element is completed.
Specifically, the service of opening operation on the target network element includes: firewall vFW traffic or network defense intrusion detection vIPS traffic.
The processing module 1801 specifically is configured to: determining a message for creating a target network element through a first interface of an OpenStack standard in an SDN module; and calling a standard plug-in corresponding to the first interface, and sending a message for creating the target network element to a specific virtual network element module S-VNFM in the management module 1803. In addition, the processing module 1801 specifically is configured to: the S-VNFM module determines the state information of the target network element according to the information of the created target network element and the information in the virtual resource pool; and receiving state information of the target network element fed back by the S-VNFM module.
It should be noted that, in another possible embodiment, the processing module 1801 may include: at least one of a cloud management platform or a management application for performing the method of service provisioning of any of the steps of fig. 3 or fig. 4.
Because the scheme adopts a decoupling mode (namely, the hardware and the software have no direct binding relation, the software also have no strong binding relation, corresponding software or hardware can be purchased along with business development and actual demands, and other virtualized network elements can be integrated according to the demands without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualized products are combined by multiple manufacturers, and have no coupling relation. The network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The method can personalize the service of different physical areas and user groups, and the service scale can be quickly and conveniently stretched.
In conclusion, the method realizes unified management of the network and the NFV virtualized network element by interfacing with the cloud management platform or the management APP, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capacity.
Fig. 19 is a schematic structural diagram of a service arrangement device according to an embodiment of the present application.
As shown in fig. 19, the apparatus 190 may include: a processing module 1901 for receiving an instruction to create a router on a cloud management platform running in the processing module 1901;
the processing module 1901 is further configured to create a plurality of first active and standby routers with firewall vFW services and a plurality of second active and standby routers with network defense intrusion detection vIPS services according to an instruction for creating a virtual router and triggering OpenStack in the software defined network SDN module 1902; it should be noted that, the control module may include a software defined network SDN module 1902.
The processing module 1901 is further configured to receive a first message, where the first message includes: the management module 1903 configures first configuration information for the first master router and second configuration information for the second master router;
when the instruction for creating the virtual router fails, the processing module 1901 is further configured to delete the first primary router and the second primary router, and trigger the management module 1903 to delete the first configuration information and the second configuration information.
In the scheme, on network positions of some larger services/tenants, the NFV virtualized network elements are required to support high performance, automatic arrangement of the high-performance NFV virtualized network elements is realized so as to meet service requirements, when the high-throughput NFV virtualized network elements are required, an administrator establishes the virtualized network elements through an autonomous management module after deploying the high-performance network elements through cloud management platform or management APP operation, the virtualized network elements can be directly subjected to automatic deployment, the initialization of basic configuration is realized, and the cloud management platform or management APP is notified to modify SDN drainage rules. When the demand is changed or reduced, the configuration and the number of the NFV virtualized network elements can be modified or deleted through the operation of the processing module on the control module, so that the automation arrangement based on the service or the tenant can be realized, and the high reliability can be ensured.
Fig. 20 is a schematic structural diagram of a service opening and arrangement device according to an embodiment of the present application. As shown in fig. 20, the service opening and orchestration device may include a processor 2001 and a memory 2002 storing computer program instructions.
In particular, the processor 2001 may include a Central Processing Unit (CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured as one or more integrated circuits that implement embodiments of the present application.
Memory 2002 may include mass storage for data or instructions. By way of example, and not limitation, memory 2002 may comprise a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, magnetic tape, or universal serial bus (Universal Serial Bus, USB) Drive, or a combination of two or more of the foregoing. Memory 2002 may include removable or non-removable (or fixed) media, where appropriate. Memory 2002 may be internal or external to the integrated gateway disaster recovery device, where appropriate. In a particular embodiment, the memory 2002 is a non-volatile solid state memory. In a particular embodiment, the memory 2002 includes Read Only Memory (ROM). The ROM may be mask programmed ROM, programmable ROM (PROM), erasable PROM (EPROM), electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory, or a combination of two or more of these, where appropriate.
The processor 2001 implements any of the service opening and orchestration methods of the above embodiments by reading and executing computer program instructions stored in the memory 2002.
It should be noted that, in the service opening and arrangement device related to the present application, the X86 server preferably carries out hardware bearing.
In one example, the device may also include a bus 2003. As shown in fig. 20, the processor 2001 and the memory 2002 are connected to each other via a bus 2003 and communicate with each other.
Bus 2003 includes hardware, software, or both, coupling the components of the service provisioning and orchestration device to one another. By way of example, and not limitation, the buses may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a HyperTransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a micro channel architecture (MCa) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus, or a combination of two or more of the above. Bus 2003 may include one or more buses, where appropriate. Although embodiments of the application have been described and illustrated with respect to a particular bus, the application contemplates any suitable bus or interconnect.
The service opening and arranging device can execute the service opening and arranging method in the embodiment of the application, thereby realizing any one of the service opening and arranging methods and devices described in connection with fig. 2-17.
In addition, in combination with the method for opening and arranging the service in the above embodiment, the embodiment of the application can be implemented by providing a computer storage medium. The computer storage medium has stored thereon computer program instructions; the computer program instructions, when executed by a processor, implement a method of provisioning and orchestration of any of the above embodiments.
In combination with the method, device, equipment and computer storage medium for opening and arranging services, the method provided by the embodiment of the application can be on one hand: the special hardware purchase is reduced, the hardware utilization rate is improved, the hardware purchase cost is reduced, all the standard X86 building servers are used as bearing hardware, no special hardware purchase is performed, the existing servers can be used for deployment, and the hardware purchase cost is reduced; when the service changes, the hardware can be used for other service systems, so that the utilization rate of the hardware is increased.
On the other hand, the omnibearing decoupling is realized, and the expansibility and the flexibility of the system are improved. The hardware and the software have no direct binding relation, the software has no strong binding relation, the corresponding software or hardware can be purchased along with the service development and the actual demand, and other virtualized network elements can be integrated according to the demand without being influenced by the compatibility of the existing hardware and software. Network applications can implement multiple versions and multiple tenants. And supporting different applications, users and tenants to share a unified platform. The method can personalize the service of different physical areas and user groups, and the service scale can be quickly and conveniently stretched.
And finally, unified management and arrangement are realized, and the maintenance cost is reduced. By interfacing with the cloud management platform/management APP, the overall arrangement and unified management of the network and the NFV virtualized network element are realized, the operation and maintenance difficulty is greatly reduced, the rapid service expansion and change can be realized, the operation and maintenance response speed is greatly increased, and the service expansion capability is increased.
It should be understood that the application is not limited to the particular arrangements and instrumentality described above and shown in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present application are not limited to the specific steps described and shown, and those skilled in the art can make various changes, modifications and additions, or change the order between steps, after appreciating the spirit of the present application.
The functional blocks shown in the above block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the application are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this disclosure describe some methods or systems based on a series of steps or devices. However, the present application is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, or may be performed in a different order from the order in the embodiments, or several steps may be performed simultaneously.
In the foregoing, only the specific embodiments of the present application are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present application is not limited thereto, and any equivalent modifications or substitutions can be easily made by those skilled in the art within the technical scope of the present application, and they should be included in the scope of the present application.
Claims (8)
1. A method for opening a service, comprising:
the network function virtualization orchestrator NFVO invokes a software defined network SDN controller in a cross-virtualization infrastructure management VIM, sending a message to the virtualized network function manager VNFM to create a target network element;
The NFVO receives the state information of the target network element fed back by the VNFM, wherein the state information of the target network element is determined by the VNFM according to the message for creating the target network element and the information in the virtual resource pool;
the NFVO issues SDN drainage instructions to the SDN controller according to the state information of the target network element, so that the SDN controller can execute the SDN drainage instructions through a switch to finish service opening on the target network element;
the network function virtualization orchestrator NFVO invokes a software defined network SDN controller in a cross-virtualization infrastructure management VIM, sends a message to a virtualized network function manager VNFM to create a target network element, comprising:
the NFVO determines to create the message of the target network element through a first interface of an OpenStack standard in the SDN;
the NFVO calls a standard plug-in corresponding to the first interface, and sends a message for creating the target network element to a specific virtual network element manager S-VNFM in the VNFM;
the NFVO receiving the state information of the target network element fed back by the VNFM, including:
the S-VNFM determines the state information of the target network element according to the message for creating the target network element and the information in the virtual resource pool;
And the NFVO receives the S-VNFM and feeds back the state information of the target network element.
2. The method of claim 1, wherein opening the operational service on the target network element comprises: firewall vFW traffic or network defense intrusion detection vIPS traffic.
3. The method according to claim 1, characterized in that said network function virtualization orchestrator NFVO comprises: at least one of a cloud management platform or a management application for performing the method of service provisioning according to any of claims 1-2.
4. A method of traffic orchestration, comprising:
a Network Function Virtualization Orchestrator (NFVO) receives an instruction to create a virtual router on a cloud management platform running in the NFVO;
the NFVO creates a plurality of first main and standby routers with firewall vFW service and a plurality of second main and standby routers with network defense intrusion detection vIPS service according to the instruction for creating the virtual router and triggering OpenStack in a software defined network SDN controller;
the NFVO receives a first message, the first message comprising: the Virtual Network Function Manager (VNFM) configures first configuration information for the first master and slave routers and second configuration information for the second master and slave routers;
When the instruction for creating the virtual router fails, the NFVO deletes the first master router and the second master router, and triggers the VNFM to delete the first configuration information and the second configuration information.
5. An apparatus for service provisioning, the apparatus comprising:
the processing module is used for calling the software defined network SDN module in the control module and sending a message for creating the target network element to the management module;
the processing module is further configured to receive status information of the target network element fed back by the management module, where the status information of the target network element is determined by the management module according to the message for creating the target network element and information in the virtual resource pool;
the processing module is further configured to issue an SDN drainage instruction to the SDN module according to the state information of the target network element, so that the SDN module executes the SDN drainage instruction through a switch to complete service provisioning on the target network element;
the processing module further includes:
a first determining unit, configured to determine, by using the NFVO through a first interface of an OpenStack standard in the SDN, a message for creating the target network element;
a calling unit, configured to call, by using the NFVO, a standard plug-in corresponding to the first interface, and send a message for creating the target network element to a specific virtual network element manager S-VNFM in the VNFM;
The processing module further includes:
a second determining unit, configured to determine, by using the S-VNFM, status information of the target network element according to the message for creating the target network element and information in the virtual resource pool;
and the receiving unit is used for receiving the state information fed back by the S-VNFM by the NFVO.
6. An apparatus for orchestration of traffic, the apparatus comprising:
the processing module is used for receiving an instruction for creating a virtual router on the cloud management platform running in the processing module;
the processing module is further used for creating a plurality of first main and standby routers with firewall vFW service and a plurality of second main and standby routers with network defense intrusion detection vIPS service according to the instruction for creating the virtual router and triggering OpenStack in the software defined network SDN module;
the processing module is further configured to receive a first message, where the first message includes: the management module is used for configuring first configuration information for the first master and slave routers and second configuration information for the second master and slave routers;
when the instruction for creating the virtual router fails, the processing module is further configured to delete the first primary router and the second primary router, and trigger the management module to delete the first configuration information and the second configuration information.
7. A device for service provisioning and orchestration, the device comprising: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements the method of any one of claims 1-3 or 4.
8. A computer storage medium having stored thereon computer program instructions which, when executed by a processor, implement the method of any of claims 1-3 or 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811425055.1A CN111221619B (en) | 2018-11-27 | 2018-11-27 | Method, device and equipment for opening and arranging business |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811425055.1A CN111221619B (en) | 2018-11-27 | 2018-11-27 | Method, device and equipment for opening and arranging business |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111221619A CN111221619A (en) | 2020-06-02 |
| CN111221619B true CN111221619B (en) | 2023-09-08 |
Family
ID=70807906
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811425055.1A Active CN111221619B (en) | 2018-11-27 | 2018-11-27 | Method, device and equipment for opening and arranging business |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111221619B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113138833A (en) * | 2020-01-19 | 2021-07-20 | 华为技术有限公司 | Method and related device for deploying virtual machine |
| CN113810206B (en) * | 2020-06-11 | 2023-01-13 | 中国移动通信有限公司研究院 | Network automation arrangement management method, entity, controller and electronic equipment |
| CN113810348B (en) * | 2020-06-17 | 2023-04-07 | 华为技术有限公司 | Network security detection method, system, equipment and controller |
| CN111901154B (en) * | 2020-07-04 | 2022-05-27 | 烽火通信科技股份有限公司 | Safety architecture system based on NFV and safety deployment and safety threat processing method |
| CN111769992B (en) * | 2020-07-13 | 2022-06-21 | 迈普通信技术股份有限公司 | Network data management method, cloud platform and storage medium |
| CN112187517B (en) * | 2020-09-07 | 2022-06-07 | 烽火通信科技股份有限公司 | Configuration method, platform and controller for SDN virtual routing of data center |
| CN112492003B (en) * | 2020-11-18 | 2023-03-28 | 中盈优创资讯科技有限公司 | Cloud network convergence service processing method and device based on service orchestrator |
| EP4250103A4 (en) * | 2020-12-15 | 2024-01-10 | Huawei Technologies Co., Ltd. | Method and device for establishing network connection |
| CN114765579A (en) * | 2021-01-11 | 2022-07-19 | 中国移动通信有限公司研究院 | Data transmission method, device, related equipment and storage medium |
| CN113300881B (en) * | 2021-04-23 | 2022-08-05 | 北京邮电大学 | 5G network-based scheduling method, device, equipment and storage medium |
| CN113630270B (en) * | 2021-08-04 | 2022-08-16 | 中国联合网络通信集团有限公司 | Online cutover method, device, equipment and storage medium |
| CN116566752B (en) * | 2023-07-11 | 2023-09-12 | 苏州浪潮智能科技有限公司 | Safety drainage system, cloud host and safety drainage method |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219127A (en) * | 2014-08-30 | 2014-12-17 | 华为技术有限公司 | Creation method and device of virtual network instance |
| CN105955824A (en) * | 2016-04-21 | 2016-09-21 | 华为技术有限公司 | Method and device for configuring virtual resource |
| CN105975330A (en) * | 2016-06-27 | 2016-09-28 | 华为技术有限公司 | Virtual network function deployment method, device and system adopting NEC (network edge computing) |
| CN106533935A (en) * | 2015-09-14 | 2017-03-22 | 华为技术有限公司 | Method for obtaining business chain information in cloud computing system and devices |
| CN106549792A (en) * | 2015-09-22 | 2017-03-29 | 中国移动通信集团公司 | A kind of method of the security control of VNF, apparatus and system |
| CN107005434A (en) * | 2015-05-15 | 2017-08-01 | 华为技术有限公司 | A kind of method, device and the equipment of synchronous virtual network function VNF states |
| CN107005426A (en) * | 2015-06-10 | 2017-08-01 | 华为技术有限公司 | A kind of life cycle management method of virtual network function, and device |
| CN107689882A (en) * | 2016-08-05 | 2018-02-13 | 华为技术有限公司 | The method and apparatus of service deployment in a kind of virtualization network |
| CN107948006A (en) * | 2018-01-09 | 2018-04-20 | 重庆邮电大学 | A kind of method of combination and device for virtualizing network function |
| WO2018130883A1 (en) * | 2017-01-14 | 2018-07-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Scalable application level monitoring for sdn networks |
| CN108400945A (en) * | 2017-02-04 | 2018-08-14 | 中兴通讯股份有限公司 | A kind of layout management system and network sliced sheet processing method |
| CN108667777A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of service chaining generation method and network function composer NFVO |
| CN108781166A (en) * | 2016-04-27 | 2018-11-09 | 华为技术有限公司 | The determination method and network function of VNFM virtualizes composer |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180018203A1 (en) * | 2016-07-14 | 2018-01-18 | Zte Usa (Tx) | Method and system for accelerating orchestration in network function virtualization (nfv) environment |
-
2018
- 2018-11-27 CN CN201811425055.1A patent/CN111221619B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219127A (en) * | 2014-08-30 | 2014-12-17 | 华为技术有限公司 | Creation method and device of virtual network instance |
| CN107005434A (en) * | 2015-05-15 | 2017-08-01 | 华为技术有限公司 | A kind of method, device and the equipment of synchronous virtual network function VNF states |
| CN107005426A (en) * | 2015-06-10 | 2017-08-01 | 华为技术有限公司 | A kind of life cycle management method of virtual network function, and device |
| CN106533935A (en) * | 2015-09-14 | 2017-03-22 | 华为技术有限公司 | Method for obtaining business chain information in cloud computing system and devices |
| CN106549792A (en) * | 2015-09-22 | 2017-03-29 | 中国移动通信集团公司 | A kind of method of the security control of VNF, apparatus and system |
| CN105955824A (en) * | 2016-04-21 | 2016-09-21 | 华为技术有限公司 | Method and device for configuring virtual resource |
| CN108781166A (en) * | 2016-04-27 | 2018-11-09 | 华为技术有限公司 | The determination method and network function of VNFM virtualizes composer |
| CN105975330A (en) * | 2016-06-27 | 2016-09-28 | 华为技术有限公司 | Virtual network function deployment method, device and system adopting NEC (network edge computing) |
| CN107689882A (en) * | 2016-08-05 | 2018-02-13 | 华为技术有限公司 | The method and apparatus of service deployment in a kind of virtualization network |
| WO2018130883A1 (en) * | 2017-01-14 | 2018-07-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Scalable application level monitoring for sdn networks |
| CN108400945A (en) * | 2017-02-04 | 2018-08-14 | 中兴通讯股份有限公司 | A kind of layout management system and network sliced sheet processing method |
| CN108667777A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of service chaining generation method and network function composer NFVO |
| CN107948006A (en) * | 2018-01-09 | 2018-04-20 | 重庆邮电大学 | A kind of method of combination and device for virtualizing network function |
Non-Patent Citations (1)
| Title |
|---|
| Network service orchestration standardization: A technology survey;Charalampos Rotsos 等;《Computer Standards & Interfaces》;第203-215页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111221619A (en) | 2020-06-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111221619B (en) | Method, device and equipment for opening and arranging business | |
| US11093257B2 (en) | Resource configuration based on dynamic group membership | |
| US11210123B2 (en) | Securing live migration of a virtual machine including blocking communication with other virtual machines | |
| EP3200393B1 (en) | Method and device for virtual network function management | |
| US9875127B2 (en) | Enabling uniform switch management in virtual infrastructure | |
| CN107113219B (en) | System and method for supporting VLAN tagging in a virtual environment | |
| US9304793B2 (en) | Master automation service | |
| CN107357660A (en) | The distribution method and device of a kind of virtual resource | |
| CN107896191B (en) | Container-based virtual security component cross-cloud system and method | |
| EP3276490B1 (en) | Extension of a private cloud end-point group to a public cloud | |
| CN105306225B (en) | A kind of physical machine remote power-off method based on Openstack | |
| US10680898B2 (en) | Mini-cloud deployment system | |
| CN110995480B (en) | Block chain network deployment method, device, electronic equipment and medium | |
| CN103595801B (en) | Cloud computing system and real-time monitoring method for virtual machine in cloud computing system | |
| US20140137073A1 (en) | End to end modular information technology system | |
| CN108028827A (en) | The management method and device of certificate in network function virtualization architecture | |
| US11902329B2 (en) | Integration of an orchestration services with a cloud automation services | |
| CN105068899A (en) | Automatic restart stability test method under Vmware system | |
| US9306768B2 (en) | System and method for propagating virtualization awareness in a network environment | |
| US20230336367A1 (en) | Blockchain twin architecture for secure management of multi-cloud computing environment | |
| US9798571B1 (en) | System and method for optimizing provisioning time by dynamically customizing a shared virtual machine | |
| Rodrigues de Castro | A feasible community cloud architecture for provisioning infrastructure as a service in the government sector | |
| CN114546595A (en) | Private cloud automatic deployment system and method | |
| Wibowo | Cloud management and automation | |
| US20240211295A1 (en) | Systems and methods for automated migration replication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |