CN111371746A - Operation and maintenance system and operation and maintenance method for batch private cloud - Google Patents
Operation and maintenance system and operation and maintenance method for batch private cloud Download PDFInfo
- Publication number
- CN111371746A CN111371746A CN202010108124.7A CN202010108124A CN111371746A CN 111371746 A CN111371746 A CN 111371746A CN 202010108124 A CN202010108124 A CN 202010108124A CN 111371746 A CN111371746 A CN 111371746A
- Authority
- CN
- China
- Prior art keywords
- maintenance
- subsystem
- private cloud
- data
- gatekeeper
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0246—Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The disclosure provides an operation and maintenance system and an operation and maintenance method of a batch of private clouds, and relates to the technical field of cloud computing. In the disclosure, an operation and maintenance system of a batch private cloud is provided, which includes a centralized operation and maintenance subsystem, a plurality of operation and maintenance management subsystems, and a plurality of first gatekeepers; each private cloud and the corresponding operation and maintenance management subsystem build network connection; each operation and maintenance management subsystem is unidirectionally connected with the centralized operation and maintenance subsystem through a corresponding first gatekeeper, so that each operation and maintenance management subsystem transmits the operation and maintenance data of the corresponding private cloud to the centralized operation and maintenance subsystem through the first gatekeeper. The operation and maintenance system for the batch private clouds can realize centralized operation and maintenance of the private clouds, saves labor cost and improves operation and maintenance efficiency, and moreover, the unidirectional connection relation is established through the gatekeeper, so that the safety of data transmission is guaranteed, and the condition that network attacks are implemented among the private clouds is avoided.
Description
Technical Field
The disclosure relates to the technical field of cloud computing, in particular to an operation and maintenance system and an operation and maintenance method for a batch of private clouds.
Background
With the continuous development of cloud computing technology, more and more government departments and enterprises are selected to be on the cloud, and the cloud computing platform not only comprises a public cloud platform, but also comprises a private cloud platform capable of meeting the security requirement. The main starting points of the customer for selecting the private cloud platform are to ensure the security of private data and protect the security of internal systems. With more and more built private cloud platforms distributed all over the country, providing operation and maintenance management for a large number of private clouds becomes a great difficult problem to face.
In some related technologies, the operation and maintenance major methods for cloud computing manufacturers to handle a large number of private clouds are divided into two types. First, a technician is stationed on-site at the private cloud for maintenance. And secondly, connecting the operation and maintenance management terminal with the private cloud by establishing an encrypted network channel.
Disclosure of Invention
The inventor finds that in the related art, the operation and maintenance are performed by adopting the first method, and with the increasing number of private clouds, the labor cost is huge and the operation and maintenance efficiency is low. In the second method, if the operation and maintenance management terminals of the private cloud are physically isolated, each operation and maintenance management terminal manages a corresponding private cloud, and the operation and maintenance efficiency is low. If the operation and maintenance management terminals of the private clouds are not physically isolated, that is, each private cloud and the operation and maintenance management terminal thereof are connected with the operation and maintenance center, a great risk of mutual implementation of network attacks between the private clouds is brought.
In the disclosure, an operation and maintenance system of a batch private cloud is provided, which includes a centralized operation and maintenance subsystem, a plurality of operation and maintenance management subsystems and a plurality of first gatekeepers; each private cloud and the corresponding operation and maintenance management subsystem build network connection; each operation and maintenance management subsystem is unidirectionally connected with the centralized operation and maintenance subsystem through a corresponding first gatekeeper, so that each operation and maintenance management subsystem transmits the operation and maintenance data of the corresponding private cloud to the centralized operation and maintenance subsystem through the first gatekeeper. The operation and maintenance system for the batch private clouds can realize centralized operation and maintenance of the private clouds, saves labor cost and improves operation and maintenance efficiency, and moreover, the unidirectional connection relation is established through the gatekeeper, so that the safety of data transmission is guaranteed, and the condition that network attacks are implemented among the private clouds is avoided.
According to some embodiments of the present disclosure, there is provided an operation and maintenance system of a batch private cloud, including: the system comprises a centralized operation and maintenance subsystem, a plurality of operation and maintenance management subsystems and a plurality of first gatekeepers; each private cloud and the corresponding operation and maintenance management subsystem build network connection; each operation and maintenance management subsystem is unidirectionally connected with the centralized operation and maintenance subsystem through a corresponding first gatekeeper, so that each operation and maintenance management subsystem transmits operation and maintenance data of a corresponding private cloud to the centralized operation and maintenance subsystem through the first gatekeeper.
In some embodiments, further comprising: the unified upgrading and maintaining subsystem and a plurality of second gatekeepers; and each private cloud is unidirectionally connected with the unified upgrading and maintaining subsystem through a corresponding second network gate, so that the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to the corresponding private cloud through the second network gate.
In some embodiments, the system further comprises a unified upgrade and maintenance subsystem, and a plurality of third gatekeepers; each operation and maintenance management subsystem is unidirectionally connected with the unified upgrading and maintenance subsystem through a corresponding third gatekeeper, so that the unified upgrading and maintenance subsystem transmits upgrading data or maintenance data to the corresponding operation and maintenance management subsystem through the third gatekeeper.
In some embodiments, the centralized operation and maintenance subsystem comprises: the device comprises a storage device, a processing device and a display terminal.
According to other embodiments of the present disclosure, there is provided an operation and maintenance method for a batch of private clouds, including: each first gatekeeper receives operation and maintenance data transmitted by the corresponding private cloud through the operation and maintenance management subsystem, and sends the operation and maintenance data to the centralized operation and maintenance subsystem; and the centralized operation and maintenance subsystem acquires the operation and maintenance data transmitted by each first gatekeeper, and processes and displays the operation and maintenance data.
In some embodiments, the acquiring, by the centralized operation and maintenance subsystem, the operation and maintenance data transmitted by each first gatekeeper, and the processing includes: and analyzing and processing the operation and maintenance data of each private cloud by using fault processing experience data.
In some embodiments, the acquiring, by the centralized operation and maintenance subsystem, the operation and maintenance data transmitted by each first gatekeeper, and the processing includes: the centralized operation and maintenance subsystem finds out the failed private cloud according to the acquired operation and maintenance data of each private cloud; and the operation and maintenance management subsystem corresponding to the private cloud with the fault responds to the operation and maintenance processing operation of the operation and maintenance personnel, and processes the private cloud with the fault.
In some embodiments, further comprising: and the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to the corresponding private cloud through the second gatekeeper.
In some embodiments, further comprising: the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to a corresponding operation and maintenance management subsystem through a third gatekeeper, and the operation and maintenance management subsystem transmits the received upgrading data or maintaining data to a corresponding private cloud.
According to still further embodiments of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements the method of operation and maintenance of a batch of private clouds of any of the embodiments.
Drawings
The drawings that will be used in the description of the embodiments or the related art will be briefly described below. The present disclosure can be understood more clearly from the following detailed description, which proceeds with reference to the accompanying drawings.
It is to be understood that the drawings in the following description are merely exemplary of the disclosure, and that other drawings may be derived from those drawings by one of ordinary skill in the art without undue inventive faculty.
Fig. 1 illustrates an architectural diagram of an operation and maintenance system for a bulk private cloud, according to some exemplary embodiments of the present disclosure.
Fig. 2 illustrates a schematic diagram of a network attack security analysis of an operation and maintenance system of a bulk private cloud, according to some example embodiments of the present disclosure.
Fig. 3 illustrates an architectural diagram of an operation and maintenance system for a batch private cloud according to further exemplary embodiments of the present disclosure.
Fig. 4 illustrates an architectural diagram of an operation and maintenance system for a bulk private cloud in accordance with further exemplary embodiments of the present disclosure.
Fig. 5 illustrates a flow diagram of an operation and maintenance method of a bulk private cloud, according to some example embodiments of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure.
The terms used in the present disclosure are first described below.
The private cloud platform system (private cloud for short) is a cloud computing platform established in a user's own data center, and can support the operation of the user's business application. The private cloud platform system is an underlying management and control system that provides private cloud platform capabilities.
A security isolation gateway, called a Gateway (GAP) for short, refers to a network security device that is connected by a link layer between networks and is capable of performing secure and appropriate application data exchange between networks, and is implemented by using dedicated hardware with multiple control functions. The double processing units of the security isolation gatekeeper adopt security reinforced operating systems, and the security reinforced operating systems comprise security functions such as mandatory access control and kernel-based intrusion detection. Aiming at the Trojan attack, most of the Trojan which is commonly seen is based on a Transmission Control Protocol (TCP), a client and a server of the Trojan need to establish connection, and a security isolation gateway uses a self-defined private Protocol (different from a general Protocol), so that all protocols which support the traditional network structure fail, and all TCP connections are cut off from the principle realization, including User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), and other various protocols, so that various Trojan can not communicate through the security isolation gateway. Thereby preventing unknown and known trojan attacks. As an isolation device for providing data exchange, a function module for virus checking and killing is embedded in the security isolation gateway, and virus checking can be carried out on exchanged data.
Operation and maintenance, which refers to the operations of managing, monitoring, maintaining, responding to faults and emergencies, and the like, of software and hardware resources contained in the system before the system is deployed and after the system is on line.
Operation and maintenance operations refer to some safe system handling operations for recovering from a failure or for ensuring that a service is functioning properly.
The private line is used for connecting nodes on two networks through a single physical network cable to realize single-line connection of equipment.
Streaming computing refers to a data processing method that processes data flowing through in time.
And the off-line data analysis refers to a process of analyzing the collected and stored data by a distributed computing method.
Fig. 1 illustrates an architectural diagram of an operation and maintenance system for a bulk private cloud, according to some exemplary embodiments of the present disclosure.
As shown in fig. 1, the system includes a plurality of private cloud platform systems (private cloud for short) 101, and an operation and maintenance system 100 of a batch of private clouds. The operation and maintenance system 100 of the batch private cloud may include a centralized operation and maintenance subsystem 103, a plurality of operation and maintenance management subsystems 104, and a plurality of first gatekeepers 102; each private cloud 101 and the corresponding operation and maintenance management subsystem 104 construct network connection; each operation and maintenance management subsystem 104 is unidirectionally connected with the centralized operation and maintenance subsystem 103 through a corresponding first gatekeeper 102, so that each operation and maintenance management subsystem 104 transmits the operation and maintenance data of a corresponding private cloud 101 to the centralized operation and maintenance subsystem 103 through the first gatekeeper 102. The first gatekeeper 102 is mainly used for realizing unidirectional transmission of network data, so that operation and maintenance data such as operation states and log data uploaded to the operation and maintenance management subsystem 104 by the private cloud platform system can be transmitted to the centralized operation and maintenance subsystem 103 through the first gatekeeper 102, and reverse data flow is prevented, thereby preventing data communication between different private cloud platform systems. For example, the operation and maintenance data includes logs of system operation, status data of key devices, data collected by sensors, and the like, that is, data collected from the target system or the periphery and helpful for the operation and maintenance manager to know the system status and locate the system fault. Based on the security isolation gatekeeper, the security isolation between different private cloud platform systems can be realized.
The operation and maintenance management subsystem 104 can support remote operation and maintenance operations on the private cloud platform system, so that an operation and maintenance manager can process an authorized fault of the private cloud platform after logging in the operation and maintenance management subsystem 104. Therefore, unauthorized operation and maintenance personnel cannot log in the remote operation and maintenance management platform of the unauthorized private cloud platform, so that the unauthorized private cloud platform system cannot be attacked, and the safety of the operation and maintenance system is guaranteed. The remote operation and maintenance refers to the operation and maintenance management operation of the target system in a different place through remote network connection.
The network connection is bidirectional, that is, data may be transmitted from the private cloud 101 to the operation and maintenance management subsystem 104 corresponding to the private cloud 101 through the network connection, or data may be transmitted from the operation and maintenance management subsystem 104 to the corresponding private cloud 101 through the network connection. The network connection may be implemented by, for example, dedicated wires, and/or link layer transmission encryption, and/or network layer transmission encryption, and/or session and application layer transmission encryption, and establishes a secure data transmission channel between the private cloud 101 and the corresponding operation and maintenance management subsystem 104. The transmission encryption refers to encrypting and transmitting data to be protected in a data transmission process, so that the data is prevented from being obtained by unauthorized people. Because the private cloud platform is communicated with the centralized operation and maintenance subsystem 103 and the operation and maintenance management subsystem 104 through a secure network connection, data is transmitted in a private line or high-strength encryption mode, and an internet hacker cannot access the system to damage the system, the security of data transmission can be ensured. In addition, each operation and maintenance management subsystem 104 may be connected to the centralized operation and maintenance subsystem 103 through a dedicated network connection, so that each operation and maintenance management subsystem 104 can receive data transmitted by the centralized operation and maintenance subsystem 103, where the data includes fault handling experience data. The centralized operation and maintenance subsystem 103 is mainly used for performing centralized display on operation and maintenance data such as system operation logs reported by a plurality of private clouds 101, state data of key devices, data collected by sensors and the like, so that not only can unified display of private cloud faults be realized, but also statistics and analysis of the data can be realized, operation and maintenance personnel can quickly know fault information of one or more private clouds, quick treatment is performed, and operation and maintenance efficiency is improved. In addition, the centralized operation and maintenance subsystem 103 can also support setting of permissions, and after the operation and maintenance personnel log in the system, the operation and maintenance personnel can only browse and query the conditions of certain specified private cloud platform systems. Therefore, unauthorized operation and maintenance personnel cannot check the operation and maintenance data of the unauthorized private cloud platform, and therefore the unauthorized private cloud platform system cannot be processed, and the safety of the data on the private cloud is guaranteed.
In addition, the centralized operation and maintenance subsystem 103 may further include a storage device 1031, a processing device 1032, and a plurality of display terminals 1033.
The storage device 1031 (also referred to as a storage system) is configured to store operation and maintenance data of each private cloud platform system, that is, collectively store data information such as state data and log data reported by a plurality of private cloud platform systems. The data uploaded to the centralized operation and maintenance subsystem 103 by each private cloud platform 101 is stored, for example, the data may be encoded and compressed, so that the occupied storage space is reduced, and the storage resources are saved.
The processing device 1032 (also referred to as an analysis system) is configured to mine and analyze operation and maintenance data of each private cloud platform system, so that experience gained from a fault occurring on a certain private cloud platform system can be applied to processing similar faults occurring on other private cloud platform systems. The uploaded data is stored in the storage device 1031, and the processing device 1032 performs real-time stream analysis and later off-line analysis on the uploaded data. In the real-time stream analysis, for example, the data stream to be analyzed in real time is processed by the stream-based computational analysis system, and the situations that a fault may occur and a fault is occurring are mainly investigated. And performing later offline analysis, for example, inputting massive historical data and fault processing empirical data into an offline analysis system together for offline analysis, so as to obtain a mode and a rule which cause a fault, and provide support for prediction and rapid processing of the fault.
The display terminal 1033 is a display terminal system which enables operation and maintenance managers to log in and check the states of all the private cloud platform systems which are responsible for the operation and maintenance managers, and is used for discovering the fault states of the systems in time.
In some embodiments, the centralized operation and maintenance subsystem 103 may further include an operation and maintenance command center screen 1034, which can display a screen system of all the private cloud platform system states, so as to observe global conditions and discover faults in time. The centralized operation and maintenance subsystem 103 transmits data information such as real-time status, recent status, statistical information, event information and the like of the private cloud platform system to the display terminal 1033 and the operation and maintenance command center screen 1034.
With the increasing number of the private clouds, the operation and maintenance system of the batch private clouds in the embodiment can realize centralized operation and maintenance of the batch private clouds, save labor cost and improve operation and maintenance efficiency, and moreover, the connection relationship is established through the gatekeeper, so that the safety of data transmission is ensured, and the occurrence of the situation that network attacks are implemented among the private clouds is avoided.
The operation and maintenance process performed by the operation and maintenance system of the batch private cloud may be, for example: (1) the operation and maintenance manager can quickly obtain the fault information on the responsible private cloud computing platform system through the display terminal 1033 and the operation and maintenance command center screen 1034. (2) The operation and maintenance manager logs in the operation and maintenance management subsystem 104 to verify the identity. (3) And the operation and maintenance management personnel perform state query and fault location on the relevant fault resources through the operation and maintenance management subsystem 104 according to the grasped information. (4) And the operation and maintenance manager remotely disposes the operation and maintenance fault by using the fault processing rule. And if the treatment can not be carried out through the remote operation and maintenance, the relevant technical personnel contacting the data center of the private cloud computing platform system are used for carrying out the treatment. (5) After the fault is resolved, the operation and maintenance manager inputs relevant information such as fault detailed information and a fault handling method into the centralized operation and maintenance subsystem 103, and the centralized operation and maintenance subsystem 103 stores the information and analyzes the information.
In some exemplary implementations, up to tens of private cloud platforms, for example, may be assigned to two operation and maintenance personnel who are able to cooperate and backup each other. The operation and maintenance personnel can easily obtain the faults of all the private cloud platforms in charge of the operation and maintenance personnel from the display terminal 1033 and the operation and maintenance command center screen 1034, so that the operation and maintenance personnel can log in the system to perform operation and maintenance processing on the private cloud. In addition, the fault conditions of all the private clouds supported by the system can be known very conveniently through the operation and maintenance command center screen 1034, so that the quick response and handling can be performed. In addition, the number of operation and maintenance personnel can be greatly reduced, the operation and maintenance efficiency is greatly improved, and the labor cost is reduced.
In addition, the process of adding a new private cloud platform system may be, for example: (1) and (5) completing the construction of a new private cloud platform system, and installing a centralized operation and maintenance data transmission system. (2) And installing the operation and maintenance management subsystem 104 and performing login authorization on the operation and maintenance management personnel. (3) Establishing a secure network connection between the cloud platform and the operation and maintenance management subsystems 104 and a plurality of dedicated line connections between the centralized operation and maintenance subsystem 103 and each operation and maintenance management subsystem 104, and controlling data transmission (also called data traffic) between the private cloud platform system 101 and the centralized operation and maintenance subsystem 103 by using the security isolation gatekeeper 102, so that data can be transmitted only from the private cloud platform system 101 to the centralized operation and maintenance subsystem 103, and the reverse data traffic is prohibited. (4) The configuration is performed in the centralized operation and maintenance subsystem 103, and an operation and maintenance manager capable of browsing data is authorized to set the identification information of the private cloud platform system 101.
Fig. 2 illustrates a schematic diagram of a network attack security analysis of an operation and maintenance system of a bulk private cloud, according to some example embodiments of the present disclosure.
As shown in fig. 2, the system includes a private cloud a and a private cloud B, and an operation and maintenance management subsystem a and an operation and maintenance management subsystem B, a centralized operation and maintenance subsystem 203, and the like. The network attack security of the operation and maintenance system of the batch private cloud is analyzed.
As shown in fig. 2, if a malicious person x in the private cloud a intends to attack the private cloud B, the person x can connect to the operation and maintenance management subsystem a specifically for the private cloud a through the network, and then send data to the centralized operation and maintenance subsystem 203. Due to the fact that traffic isolation is performed through the first gatekeeper 202, the centralized operation and maintenance subsystem 203 cannot send data to the private cloud B, and therefore the malicious person x cannot communicate with the private cloud B. The operation and maintenance management subsystem a of the private cloud a is physically isolated from other systems, and therefore cannot be connected with the private cloud B. Therefore, private cloud platforms cannot attack each other.
Fig. 3 illustrates an architectural diagram of an operation and maintenance system for a batch private cloud according to further exemplary embodiments of the present disclosure.
As shown in fig. 3, the operation and maintenance system 300 of the batch private cloud includes a centralized operation and maintenance subsystem 303 and a plurality of first gatekeepers 302, and an operation and maintenance management subsystem 304. The centralized operation and maintenance subsystem 303 may further include a storage device 3031, a processing device 3032, a plurality of display terminals 3033, and an operation and maintenance command center screen 3034. Each private cloud 301 and the corresponding operation and maintenance management subsystem 304 construct network connection; each operation and maintenance management subsystem 304 is unidirectionally connected with the centralized operation and maintenance subsystem 303 through the corresponding first gatekeeper 302, so that each operation and maintenance management subsystem 304 transmits the operation and maintenance data of the corresponding private cloud 301 to the centralized operation and maintenance subsystem 303 through the first gatekeeper 302. The first gatekeeper 302 may refer to the description related to the first gatekeeper 102 in the embodiment shown in fig. 1, the centralized operation and maintenance subsystem 303 may refer to the description related to the centralized operation and maintenance subsystem 103 in the embodiment shown in fig. 1, and the operation and maintenance management subsystem 304 may refer to the description related to the operation and maintenance management subsystem 104 in the embodiment shown in fig. 1, which is not described herein again.
The operation and maintenance system 300 of the batch private cloud further includes: a unified upgrade and maintenance subsystem 305 and a plurality of third gatekeepers 306; each operation and maintenance management subsystem 304 is unidirectionally connected with the unified upgrade and maintenance subsystem 305 through the corresponding third gatekeeper 306, so that the unified upgrade and maintenance subsystem 305 transmits upgrade data or maintenance data to the corresponding operation and maintenance management subsystem 304 through the third gatekeeper 306.
And a unified upgrading and maintaining subsystem 305 is set up to carry out unified upgrading and management on the private cloud 301. As shown in fig. 3, the unified upgrade and maintenance subsystem 305 is connected to the operation and maintenance management subsystem 304 through a third gatekeeper 306, and uploads related files such as upgrades and patches to the operation and maintenance management subsystem 304. The operation and maintenance management subsystem 304 automatically establishes an upgrade process and implements an upgrade process on the corresponding private cloud. The main process for upgrading with the unified upgrade and maintenance subsystem 305 may be, for example:
(1) the unified upgrade and maintenance subsystem 305 loads verified files, such as safe and reliable upgrades, patches, virus libraries and the like, which need to be processed on each private cloud platform in a unified manner.
(2) The unified upgrade and maintenance subsystem 305 unidirectionally transmits the files to the operation and maintenance management subsystem 304 of each private cloud 301 through the third gatekeeper 306.
(3) After receiving the files, the operation and maintenance management subsystems 304 synchronize the relevant files to each private cloud platform in an automatic or manual mode.
(4) And each private cloud platform utilizes the transmitted file to upgrade and update the system of the private cloud platform according to a preset upgrading mode.
(5) Each private cloud platform sends the updated process state and final state to the centralized operation and maintenance subsystem 303.
(6) The operation and maintenance user disposes the corresponding private cloud through the feedback information of the centralized operation and maintenance subsystem 303. For example, in the case that the centralized operation and maintenance subsystem 303 returns feedback information of upgrade failure, the user may handle the failure.
(7) All data information such as logs generated by the private cloud platform system 301 in the upgrading process is stored in the storage device 3031 of the centralized operation and maintenance subsystem 303.
Through the unified upgrading and maintaining subsystem, the rapid unified upgrading of the private cloud platform system can be realized.
Fig. 4 illustrates an architectural diagram of an operation and maintenance system for a bulk private cloud in accordance with further exemplary embodiments of the present disclosure.
As shown in fig. 4, the operation and maintenance system 400 of the batch private cloud includes a centralized operation and maintenance subsystem 403, a plurality of first gatekeepers 402, and an operation and maintenance management subsystem 404. The centralized operation and maintenance subsystem 403 may further include a storage device 4031, a processing device 4032, a plurality of display terminals 4033, and an operation and maintenance command center screen 4034. Wherein, each private cloud 401 and the corresponding operation and maintenance management subsystem 404 construct a network connection; each operation and maintenance management subsystem 404 is unidirectionally connected with the centralized operation and maintenance subsystem 403 through the corresponding first gatekeeper 402, so that each operation and maintenance management subsystem 404 transmits the operation and maintenance data of the corresponding private cloud 401 to the centralized operation and maintenance subsystem 403 through the first gatekeeper 402. The first gatekeeper 402 may refer to the description related to the first gatekeeper 102 in the embodiment shown in fig. 1, the description related to the centralized operation and maintenance subsystem 403 and the centralized operation and maintenance subsystem 103 in the embodiment shown in fig. 1, and the description related to the operation and maintenance management subsystem 404 and the operation and maintenance management subsystem 104 in the embodiment shown in fig. 1, which are not described herein again.
The operation and maintenance system 400 of the batch private cloud further includes: a unified upgrade and maintenance subsystem 405, and a plurality of second gatekeepers 407; each private cloud 401 is unidirectionally connected with the unified upgrade and maintenance subsystem 405 through a corresponding second gatekeeper 407, so that the unified upgrade and maintenance subsystem 405 transmits upgrade data or maintenance data to the corresponding private cloud 401 through the second gatekeeper 407.
And a unified upgrading and maintaining subsystem 405 is set up to carry out unified upgrading and management on the private cloud 401. As shown in fig. 4, the unified upgrade and maintenance subsystem 405 is connected to the operation and maintenance management subsystem 404 through a second gatekeeper 407, and uploads related files such as upgrade and patch to the operation and maintenance management subsystem 404. The operation and maintenance management subsystem 404 automatically establishes an upgrade process and performs an upgrade process on the corresponding private cloud. The main process of upgrading by using the unified upgrade and maintenance subsystem 405 may be, for example:
(1) the unified upgrade and maintenance subsystem 405 loads verified files that need to be processed on each private cloud platform in a unified manner, such as safe and reliable upgrades, patches, virus libraries, and the like.
(2) The unified upgrade and maintenance subsystem 405 unidirectionally transmits files to the respective private clouds 401 through the second gatekeeper 407.
(3) And each private cloud platform upgrades and updates the system of the private cloud platform by using the transmitted file according to a preset upgrading mode.
(4) Each private cloud platform sends the updated process state and final state to the centralized operation and maintenance subsystem 403.
(5) The operation and maintenance user disposes of the corresponding private cloud through the feedback information of the centralized operation and maintenance subsystem 403. For example, in the case that the centralized operation and maintenance subsystem 403 returns feedback information of upgrade failure, the user may handle the failure.
(6) All data information such as logs generated by the private cloud platform system 401 in the upgrading process are stored in the storage device 4031 of the centralized operation and maintenance subsystem 403.
Through the unified upgrading and maintaining subsystem, the rapid unified upgrading of the private cloud platform system can be realized.
Fig. 5 illustrates a flow diagram of an operation and maintenance method of a bulk private cloud, according to some example embodiments of the present disclosure. The method may be performed by, for example, an operation and maintenance system of a bulk private cloud.
As shown in FIG. 5, the method of this embodiment includes steps 501-504.
In step 501, each first gatekeeper receives operation and maintenance data transmitted by a corresponding private cloud through the operation and maintenance management subsystem, and sends the operation and maintenance data to the centralized operation and maintenance subsystem.
In step 502, the centralized operation and maintenance subsystem obtains, processes and displays the operation and maintenance data transmitted by each first gatekeeper.
Specifically, the operation and maintenance data transmitted by each first gatekeeper is acquired by the centralized operation and maintenance subsystem, and the processing comprises: and analyzing and processing the operation and maintenance data of each private cloud by using the fault processing experience data. The fault processing experience data comprises description information of the fault and processing information of the fault.
Specifically, the operation and maintenance data transmitted by each first gatekeeper is acquired by the centralized operation and maintenance subsystem, and the processing comprises: the centralized operation and maintenance subsystem finds the failed private cloud according to the acquired operation and maintenance data of each private cloud; and the operation and maintenance management subsystem corresponding to the private cloud with the fault responds to the operation and maintenance processing operation of the operation and maintenance personnel, and processes the private cloud with the fault.
For example, in some embodiments, the operation and maintenance method for the batch private cloud further includes step 503: and the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to the corresponding private cloud through the second gatekeeper. And the private cloud completes upgrading or maintenance operation by using the received upgrading data or maintenance data.
For another example, in some embodiments, the operation and maintenance method for the batch private cloud may further include step 504: the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to the corresponding operation and maintenance management subsystem through the third gatekeeper, and the operation and maintenance management subsystem transmits the received upgrading data or maintaining data to the corresponding private cloud. And the private cloud completes upgrading or maintenance operation by using the received upgrading data or maintenance data.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only exemplary of the present disclosure and is not intended to limit the present disclosure, so that any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.
Claims (10)
1. An operation and maintenance system for a batch of private clouds, comprising:
the operation and maintenance subsystem is centralized and the operation and maintenance subsystem is integrated,
a plurality of operation and maintenance management subsystems are arranged,
and
a plurality of first gatekeepers;
each private cloud and the corresponding operation and maintenance management subsystem build network connection;
each operation and maintenance management subsystem is unidirectionally connected with the centralized operation and maintenance subsystem through a corresponding first gatekeeper, so that each operation and maintenance management subsystem transmits operation and maintenance data of a corresponding private cloud to the centralized operation and maintenance subsystem through the first gatekeeper.
2. The operation and maintenance system of the bulk private cloud of claim 1, further comprising:
a subsystem for unified upgrade and maintenance is provided,
and a plurality of second gatekeepers;
and each private cloud is unidirectionally connected with the unified upgrading and maintaining subsystem through a corresponding second network gate, so that the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to the corresponding private cloud through the second network gate.
3. The operation and maintenance system of the bulk private cloud of claim 1, further comprising:
a subsystem for unified upgrade and maintenance is provided,
and a plurality of third gatekeepers;
each operation and maintenance management subsystem is unidirectionally connected with the unified upgrading and maintenance subsystem through a corresponding third gatekeeper, so that the unified upgrading and maintenance subsystem transmits upgrading data or maintenance data to the corresponding operation and maintenance management subsystem through the third gatekeeper.
4. The operation and maintenance system of the bulk private cloud of claim 1, wherein the centralized operation and maintenance subsystem comprises:
a storage device for storing the data of the storage device,
a processing device for processing the raw material to be processed,
and
and displaying the terminal.
5. An operation and maintenance method for a batch of private clouds, comprising:
each first gatekeeper receives operation and maintenance data transmitted by the corresponding private cloud through the operation and maintenance management subsystem, and sends the operation and maintenance data to the centralized operation and maintenance subsystem;
and the centralized operation and maintenance subsystem acquires the operation and maintenance data transmitted by each first gatekeeper, and processes and displays the operation and maintenance data.
6. The operation and maintenance method of the batch private cloud according to claim 5, wherein the operation and maintenance data transmitted by each first gatekeeper is acquired by the centralized operation and maintenance subsystem and processed by the operation and maintenance subsystem, which comprises:
and analyzing and processing the operation and maintenance data of each private cloud by using fault processing experience data.
7. The operation and maintenance method of the batch private cloud according to claim 5, wherein the operation and maintenance data transmitted by each first gatekeeper is acquired by the centralized operation and maintenance subsystem and processed by the operation and maintenance subsystem, which comprises:
the centralized operation and maintenance subsystem finds out the failed private cloud according to the acquired operation and maintenance data of each private cloud;
and the operation and maintenance management subsystem corresponding to the private cloud with the fault responds to the operation and maintenance processing operation of the operation and maintenance personnel, and processes the private cloud with the fault.
8. The operation and maintenance method of the bulk private cloud of claim 5, further comprising:
and the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to the corresponding private cloud through the second gatekeeper.
9. The operation and maintenance method of the bulk private cloud of claim 5, further comprising:
the unified upgrading and maintaining subsystem transmits upgrading data or maintaining data to a corresponding operation and maintenance management subsystem through a third gatekeeper, and the operation and maintenance management subsystem transmits the received upgrading data or maintaining data to a corresponding private cloud.
10. A non-transitory computer readable storage medium having stored thereon a computer program that, when executed by a processor, implements the method of operation and maintenance of a batch of private clouds of any of claims 5-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010108124.7A CN111371746B (en) | 2020-02-21 | 2020-02-21 | Operation and maintenance system and operation and maintenance method for batch private cloud |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010108124.7A CN111371746B (en) | 2020-02-21 | 2020-02-21 | Operation and maintenance system and operation and maintenance method for batch private cloud |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111371746A true CN111371746A (en) | 2020-07-03 |
| CN111371746B CN111371746B (en) | 2021-10-08 |
Family
ID=71211486
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010108124.7A Active CN111371746B (en) | 2020-02-21 | 2020-02-21 | Operation and maintenance system and operation and maintenance method for batch private cloud |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111371746B (en) |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850244A (en) * | 2015-12-07 | 2017-06-13 | 北京航天长峰科技工业集团有限公司 | The resource allocation and operation management system of a kind of across a network |
| CN106899553A (en) * | 2015-12-19 | 2017-06-27 | 北京中船信息科技有限公司 | A kind of industrial control system safety protecting method based on private clound |
| US20170220470A1 (en) * | 2016-01-29 | 2017-08-03 | International Business Machines Corporation | Prioritization of transactions |
| TW201729566A (en) * | 2015-12-30 | 2017-08-16 | China Unionpay Co Ltd | Network management system based on hybrid cloud platform |
| CN107454094A (en) * | 2017-08-23 | 2017-12-08 | 北京明朝万达科技股份有限公司 | A kind of data interactive method and system |
| US20180013798A1 (en) * | 2016-07-07 | 2018-01-11 | Cisco Technology, Inc. | Automatic link security |
| CN107846304A (en) * | 2017-09-14 | 2018-03-27 | 浙江广播电视集团 | A kind of automation engine of mixing cloud service architecture centralized management |
| CN109450933A (en) * | 2018-12-18 | 2019-03-08 | 岭澳核电有限公司 | Network system for nuclear power plant's emergency network |
| CN109861972A (en) * | 2018-12-21 | 2019-06-07 | 陕西商洛发电有限公司 | A kind of security architecture system of industrial information control unified platform |
| CN109992627A (en) * | 2019-04-09 | 2019-07-09 | 太原理工大学 | A kind of big data system for clinical research |
| CN110233750A (en) * | 2019-05-15 | 2019-09-13 | 咪咕文化科技有限公司 | Private clound management system and method |
| CN110611597A (en) * | 2019-10-14 | 2019-12-24 | 中国电子科技集团公司第二十八研究所 | Cross-domain operation and maintenance system based on unidirectional network gate environment |
| CN110809017A (en) * | 2019-08-16 | 2020-02-18 | 云南电网有限责任公司玉溪供电局 | Data analysis application platform system based on cloud platform and micro-service framework |
-
2020
- 2020-02-21 CN CN202010108124.7A patent/CN111371746B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850244A (en) * | 2015-12-07 | 2017-06-13 | 北京航天长峰科技工业集团有限公司 | The resource allocation and operation management system of a kind of across a network |
| CN106899553A (en) * | 2015-12-19 | 2017-06-27 | 北京中船信息科技有限公司 | A kind of industrial control system safety protecting method based on private clound |
| TW201729566A (en) * | 2015-12-30 | 2017-08-16 | China Unionpay Co Ltd | Network management system based on hybrid cloud platform |
| US20170220470A1 (en) * | 2016-01-29 | 2017-08-03 | International Business Machines Corporation | Prioritization of transactions |
| US20180013798A1 (en) * | 2016-07-07 | 2018-01-11 | Cisco Technology, Inc. | Automatic link security |
| CN107454094A (en) * | 2017-08-23 | 2017-12-08 | 北京明朝万达科技股份有限公司 | A kind of data interactive method and system |
| CN107846304A (en) * | 2017-09-14 | 2018-03-27 | 浙江广播电视集团 | A kind of automation engine of mixing cloud service architecture centralized management |
| CN109450933A (en) * | 2018-12-18 | 2019-03-08 | 岭澳核电有限公司 | Network system for nuclear power plant's emergency network |
| CN109861972A (en) * | 2018-12-21 | 2019-06-07 | 陕西商洛发电有限公司 | A kind of security architecture system of industrial information control unified platform |
| CN109992627A (en) * | 2019-04-09 | 2019-07-09 | 太原理工大学 | A kind of big data system for clinical research |
| CN110233750A (en) * | 2019-05-15 | 2019-09-13 | 咪咕文化科技有限公司 | Private clound management system and method |
| CN110809017A (en) * | 2019-08-16 | 2020-02-18 | 云南电网有限责任公司玉溪供电局 | Data analysis application platform system based on cloud platform and micro-service framework |
| CN110611597A (en) * | 2019-10-14 | 2019-12-24 | 中国电子科技集团公司第二十八研究所 | Cross-domain operation and maintenance system based on unidirectional network gate environment |
Non-Patent Citations (3)
| Title |
|---|
| MIKYUNG KANG, DONG-IN KANG, JOHN PAUL WALTERS, AND STEPHEN P. CR: "A Comparison of System Performance on a Private OpenStack Cloud and Amazon EC2", 《2017 IEEE 10TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING》 * |
| 吴奔等: "税务系统信息化建设中网闸的应用探讨", 《走就"金税"工程─税务信息化论文集(2012年版)》 * |
| 曾暾华: "单向网闸在核电厂的应用", 《2016电力行业信息化年会论文集》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111371746B (en) | 2021-10-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9419871B2 (en) | Method and system for remotely monitoring device status and internet connectivity on a computer network | |
| CN110855699B (en) | Flow auditing method and device, server and auditing equipment | |
| EP3904268B1 (en) | Elevator control system | |
| CN101938460A (en) | Coordinated defense method of full process and full network safety coordinated defense system | |
| CN113704767A (en) | Vulnerability scanning engine and vulnerability worksheet management fused vulnerability management system | |
| Babay et al. | Deploying intrusion-tolerant scada for the power grid | |
| EP3396917A1 (en) | Method and apparatus for isolating environment | |
| CN104754582A (en) | Client and method for maintaining BYOD (Bring Your Own Device) safety | |
| CN107493189A (en) | A kind of remote failure processing method and system | |
| CN114584366B (en) | Power monitoring network safety detection system and method | |
| CN101299760B (en) | Information safety processing method and system, communication equipment | |
| EP3970016A1 (en) | Control configuration for a plurality of endpoint devices | |
| US9642013B2 (en) | Mobile communicator network routing decision system and method | |
| ABBASSI et al. | BCSDN-IoT: Towards an IoT security architecture based on SDN and Blockchain | |
| CN111371746B (en) | Operation and maintenance system and operation and maintenance method for batch private cloud | |
| CN111343263B (en) | Operation and maintenance system and operation and maintenance method for batch private cloud | |
| CN107342963A (en) | A kind of secure virtual machine control method, system and the network equipment | |
| CN110990841B (en) | Terminal safety operation and maintenance platform building method | |
| KR101592323B1 (en) | System and method for remote server recovery | |
| US11294700B2 (en) | Method and system for enabling self-monitoring virtual assets to correlate external events with characteristic patterns associated with the virtual assets | |
| CN103581935A (en) | Femtocell test equipment performance expansion method based on distributed architecture | |
| CN106603624B (en) | Data mining system and implementation method thereof | |
| US9940116B2 (en) | System for performing remote services for a technical installation | |
| CN111488235B (en) | Terminal fault processing method, system and cloud platform | |
| CN111338297B (en) | Industrial control safety framework system based on industrial cloud |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |