CN111835685A - Method and server for monitoring running state of Nginx network isolation space - Google Patents
Method and server for monitoring running state of Nginx network isolation space Download PDFInfo
- Publication number
- CN111835685A CN111835685A CN201910320302.XA CN201910320302A CN111835685A CN 111835685 A CN111835685 A CN 111835685A CN 201910320302 A CN201910320302 A CN 201910320302A CN 111835685 A CN111835685 A CN 111835685A
- Authority
- CN
- China
- Prior art keywords
- target
- isolation space
- server
- nginx
- network isolation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0817—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/16—Multipoint routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/22—Alternate routing
Abstract
The invention discloses a method and a server for monitoring the running state of an Nginx network isolation space, which relate to the technical field of cloud computing, wherein the method comprises the following steps: establishing a plurality of network isolation spaces in a locally operated Nginx process based on a user mode protocol stack; creating a corresponding virtual interface for each network isolation space through the Nginx process; monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by a local machine; and determining the running state of the network isolation space corresponding to each virtual interface through the Keepalived process based on the state of each virtual interface. The invention can realize effective monitoring of the running state of each network isolation space in the Nginx process.
Description
Technical Field
The invention relates to the technical field of cloud computing, in particular to a method and a server for monitoring an operation state of an Nginx network isolation space.
Background
With the rapid development of cloud computing technology, internet service providers can create different network isolation spaces for different users in one server through network isolation technology, and provide network services for different users through different network isolation spaces.
In order to ensure the service quality of the network isolation space, the Linux system provides a method for monitoring the operation state of the network isolation space running in the kernel space, each network isolation space in the method corresponds to a keepalive process and a Nginx process respectively, each Nginx process can provide an interface for the monitoring of the keepalive process, the state of the interface can represent the operation state of the corresponding network isolation space, when the state of the interface is up, the operation state of the network isolation space is available, and when the state of the interface is down, the operation state of the network isolation space is a fault, so that the keepalive process can determine the operation state of the corresponding network isolation space through the states of the interfaces of different Nginx processes. Thus, a large amount of system resources are occupied. In order to solve the above problem, in the prior art, a network isolation space may be created inside a Nginx process based on a user mode protocol stack, and the running state of the Nginx process is determined by monitoring the state of an interface of a single Keepalived process. In this way, monitoring of the running state of the Nginx process can only be achieved, and monitoring of the running state of each network isolation space inside the Nginx process cannot be achieved. Therefore, a method for effectively monitoring the operating state of each network isolation space inside an nginnx process, which is applied to a user mode protocol stack, is needed at present.
Disclosure of Invention
In order to solve the problems in the prior art, embodiments of the present invention provide a method and a server for monitoring an operating state of an nginnx network isolation space. The technical scheme is as follows:
in a first aspect, a method for monitoring an operation state of an nginnx network isolation space is provided, and the method includes:
establishing a plurality of network isolation spaces in a locally operated Nginx process based on a user mode protocol stack;
creating a corresponding virtual interface for each network isolation space through the Nginx process;
monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by a local machine;
and determining the running state of the network isolation space corresponding to each virtual interface through the Keepalived process based on the state of each virtual interface.
Optionally, the method is applied to the master/standby servers corresponding to each other;
the method for creating a plurality of network isolation spaces in the locally operated Nginx process based on the user mode protocol stack comprises the following steps:
and the master/standby server creates a network isolation space corresponding to each user in a Nginx process operated by the local machine based on a user mode protocol stack according to the preset Nginx configuration files of a plurality of users.
Optionally, after the creating, based on the user mode protocol stack, a plurality of network isolation spaces inside the locally running Nginx process, the method further includes:
the master/standby server configures a virtual IP corresponding to each user for each network isolation space;
and the main server provides Nginx service for each user through each network isolation space created by the main server locally based on the virtual IP corresponding to each user.
Optionally, after determining, based on the state of each virtual interface, the operating state of the network isolation space corresponding to each virtual interface through the keepalive process, the method further includes:
if the running state of the target main isolation space is normal, the main server periodically sends a target VRRP message corresponding to the target main isolation space to the standby server through a keepalive process running by the local machine;
if the running state of the target main isolation space is a fault, the main server stops providing the Nginx service for the target user corresponding to the target main isolation space through the target main isolation space and stops sending the target VRRP message to the standby server;
and if the standby server does not receive the target VRRP message for the preset duration, determining a target standby isolation space which is created by a local machine and corresponds to the target VRRP message, and providing Nginx service for a target user corresponding to the target main isolation space through the target standby isolation space based on the virtual IP corresponding to the target main isolation space.
Optionally, the creating, according to the preset nginnx configuration files of the multiple users, a network isolation space corresponding to each user in a locally-operated nginnx process based on a user mode protocol stack includes:
dividing the plurality of users into a plurality of VRRP groups through a locally operated Nginx process;
for each VRRP group, configuring Nginx configuration files of all users included in the VRRP group into the VRRP group in a linked list form;
and according to the Nginx configuration files of all users in each VRRP group, creating a network isolation space of each VRRP group in the Nginx process based on a user mode protocol stack.
Optionally, after determining, based on the state of each virtual interface, the operating state of the network isolation space corresponding to each virtual interface through the keepalive process, the method further includes:
if the running states of all network isolation spaces in a target main VRRP group are normal, the main server periodically sends a target VRRP group message corresponding to the target main VRRP group to the standby server through a keepalive process running by a local machine;
if the target main VRRP group has a network isolation space with a fault operation state, the main server stops providing Nginx service for all users corresponding to the target main VRRP group through all network isolation spaces in the target main VRRP group, and stops sending the target VRRP group message to the standby server;
and if the standby server does not receive the target VRRP group message for the duration of preset time, determining a locally created target standby VRRP group corresponding to the target VRRP group message, and providing Nginx service for all users corresponding to the target main VRRP group based on all network isolation spaces in the target standby VRRP group.
In a second aspect, a server for monitoring an operating status of a nginnx network isolation space is provided, the server being configured to:
establishing a plurality of network isolation spaces in a locally operated Nginx process based on a user mode protocol stack;
creating a corresponding virtual interface for each network isolation space through the Nginx process;
monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by a local machine;
and determining the running state of the network isolation space corresponding to each virtual interface through the Keepalived process based on the state of each virtual interface.
Optionally, the server is a master/slave server corresponding to each other;
the master/standby server is configured to:
according to preset Nginx configuration files of a plurality of users, a network isolation space corresponding to each user is created in a Nginx process running in a machine on the basis of a user mode protocol stack.
Optionally, the master/backup server is further configured to configure a virtual IP corresponding to each user for each network isolation space;
the main server is further configured to:
and providing Nginx service for each user through each locally created network isolation space based on the virtual IP corresponding to each user.
Optionally, the main server is further configured to:
if the running state of the target main isolation space is normal, periodically sending a target VRRP message corresponding to the target main isolation space to the standby server through a keepalive process running by a local machine;
if the running state of the target main isolation space is a fault, stopping providing Nginx service for a target user corresponding to the target main isolation space through the target main isolation space, and stopping sending the target VRRP message to the standby server;
the standby server is further configured to:
and if the target VRRP message is not received for the duration of preset time, determining a target backup isolation space created by a local machine corresponding to the target VRRP message, and providing Nginx service for a target user corresponding to the target main isolation space through the target backup isolation space based on the virtual IP corresponding to the target main isolation space.
Optionally, the master/slave server is specifically configured to:
dividing the plurality of users into a plurality of VRRP groups through a locally operated Nginx process;
for each VRRP group, configuring Nginx configuration files of all users included in the VRRP group into the VRRP group in a linked list form;
and according to the Nginx configuration files of all users in each VRRP group, creating a network isolation space of each VRRP group in the Nginx process based on a user mode protocol stack.
Optionally, the main server is further configured to:
if the running states of all network isolation spaces in the target main VRRP group are normal, periodically sending a target VRRP group message corresponding to the target main VRRP group to the standby server through a Keepalived process run by the local machine;
if the target main VRRP group has a network isolation space with a fault operation state, stopping providing Nginx service for all users corresponding to the target main VRRP group through all network isolation spaces in the target main VRRP group, and stopping sending the target VRRP group message to the standby server;
the standby server is further configured to:
and if the target VRRP group message is not received for the duration of preset time, determining a locally created target standby VRRP group corresponding to the target VRRP group message, and providing Nginx service for all users corresponding to the target main VRRP group based on all network isolation spaces in the target standby VRRP group.
In a third aspect, a server is provided, which includes a processor and a memory, where at least one instruction, at least one program, a set of codes, or a set of instructions is stored in the memory, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by the processor to implement the method for monitoring the operation state of the Nginx network isolation space according to the first aspect.
In a fourth aspect, there is provided a computer readable storage medium having stored therein at least one instruction, at least one program, set of codes, or set of instructions, which is loaded and executed by a processor to implement the method of monitoring the operational status of a Nginx network isolation space according to the first aspect.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
in the embodiment of the invention, a plurality of network isolation spaces are created in the Nginx process operated by a local machine based on a user mode protocol stack; creating a corresponding virtual interface for each network isolation space through the Nginx process; monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by a local machine; and determining the running state of the network isolation space corresponding to each virtual interface through the Keepalived process based on the state of each virtual interface. Therefore, a virtual interface is created for each network isolation space in the Nginx process, and the running state of each network isolation space is determined by monitoring the state of the virtual interface, so that the running state of each network isolation space in the Nginx process can be effectively monitored under a user mode protocol stack.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a flowchart of a method for monitoring an operation status of an nginnx network isolation space according to an embodiment of the present invention;
fig. 2 is a schematic view of a scenario for monitoring an operating state of an isolated space of an nginnx network according to an embodiment of the present invention;
fig. 3 is a schematic view of a scenario for monitoring an operating state of an isolated space of an nginnx network according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a server according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
The embodiment of the invention provides a method for monitoring the running state of a Nginx network isolation space, which can be applied to a server for providing Nginx service in a cloud computing system, wherein the server can be provided with a user mode protocol stack based on DPDK or other technologies, and the server can process received user messages through a Nginx program running on the user mode protocol stack. A keepalive process for detecting the service state of the Nginx may also be run on the server, and specifically, the server may monitor the running state of each network isolation space inside the Nginx process based on the user mode protocol stack through the keepalive process. The server may include a processor, a memory and a transceiver, the processor may be configured to perform the method for monitoring the operating status of the nginnx network isolation space in the following process, the memory may be configured to store data required and generated in the following process, and the transceiver may be configured to receive and transmit related data in the following process.
The following will describe in detail a process flow of the method for monitoring the operation status of the nginnx network isolation space shown in fig. 1 with reference to the specific embodiment, which may be as follows:
step 101: a plurality of network isolation spaces are created within a natively running Nginx process based on a user mode protocol stack.
In implementation, a Nginx program may be installed on a server, and the Nginx program may perform various business processes on a user mode protocol stack of the server, so that the server can serve as a web server, a reverse proxy server or an email proxy server to provide a Nginx service for a user in a cloud computing system. When the Nginx program is started for the first time or restarted due to a fault, the server can run the Nginx process locally, and a plurality of network isolation spaces are created in the Nginx process based on a user mode protocol stack. Here, the specific number of the network isolation spaces may be preset on the server by the administrator, or may be automatically recorded by the server according to the number of the network isolation spaces used by the previous Nginx program run. If the number of the actually required network isolation spaces is larger than the set number of the network isolation spaces, the network isolation spaces can be additionally arranged at any time in the process of running the Nginx program.
Step 102: and creating a corresponding virtual interface for each network isolation space through the Nginx process.
In implementation, after the server creates a plurality of network isolation spaces inside the Nginx process, an independent virtual interface can be created for each network isolation space through the Nginx process, and each virtual interface corresponds to one network isolation space. The virtual interface can be used for monitoring the state at least, the running state of each network isolation space corresponds to the interface state of the virtual interface, and when the running state of the network isolation space is normal, the state of the corresponding virtual interface can be up; when the operation state of the network isolation space is a fault, the state of the corresponding virtual interface may be "down".
Step 103: and monitoring the virtual interface corresponding to each network isolation space through a Keepalived process operated by the local machine.
In implementation, after the server creates the virtual interface through the nginn process, the keepalive process may be started, and the virtual interface corresponding to each network isolation space may be provided to the keepalive process through the nginn process. Then, as shown in fig. 2, the server may monitor the virtual interface corresponding to each network isolation space through a locally run Keepalived process.
Step 104: and determining the running state of the network isolation space corresponding to each virtual interface through a Keeplived process based on the state of each virtual interface.
In implementation, after the server monitors the state of each virtual interface through the keepalive process, the server may determine, through the keepalive process, an operating state of the network isolation space corresponding to each virtual interface based on the monitored state of each virtual interface. Taking a virtual interface monitored by the Keepalived process as an interface 1 as an example, assuming that the state of the interface 1 is "up", the server can determine that the running state of the network isolation space corresponding to the interface 1 is normal through the Keepalived process; assuming that the state of the interface 1 is "down", the server may determine that the operation state of the network isolation space corresponding to the interface 1 is a fault through the Keepalived process.
Optionally, a server architecture of the primary/secondary server may be used to provide an external Nginx service, and correspondingly, the method for monitoring the operation state of the isolated space of the Nginx network may be simultaneously applied to the primary/secondary servers corresponding to each other, where the processing of step 101 may be as follows: and the master/standby server creates a network isolation space corresponding to each user in the Nginx process operated by the local machine based on the user mode protocol stack according to the preset Nginx configuration files of the plurality of users.
In the implementation, as shown in fig. 3, in consideration of the situation that a network isolation space inside a single server provides a network service for a user, when the server fails, a nginnx service cannot be continuously provided for the user, and thus the quality of the network service is affected, for this reason, a technician of an internet service provider may provide the nginnx service based on a main/standby server architecture and simultaneously apply the processing of the above steps 101 to 104 to the main/standby servers corresponding to each other. For the step of creating the network isolation space, a technician of an internet service provider may set a Nginx configuration file corresponding to each user in a master/standby server, and the master/standby server may load the Nginx configuration file corresponding to each user through a locally operated Nginx process, respectively, so as to create the network isolation space corresponding to each user inside the Nginx process. It can be understood that the number of the network isolation spaces created on the primary/secondary server is consistent, and the network isolation spaces are in one-to-one correspondence with the primary and secondary servers.
Optionally, the master/standby server may configure a different virtual IP for each network isolation space to provide an Nginx service for different users, and accordingly, after step 101, the following processing may be performed: the master/standby server configures a virtual IP corresponding to each user for each network isolation space; and the main server provides Nginx service for each user through each network isolation space created by the main server on the basis of the virtual IP corresponding to each user.
In implementation, after the master/backup server creates a plurality of network isolation spaces in an Nginx process based on a user mode Protocol stack, a configuration file of a keepalive process may be set, where the configuration file of the keepalive process may include various types of configuration information such as global configuration information and VRRP (Virtual Router Redundancy Protocol) configuration information. The global configuration information may include information such as a recipient address of the VRRP packet and a server identifier under the primary/backup server architecture. The VRRP configuration information may include configuration information such as a VRRP synchronization group, a VRRP _ instance (hereinafter, referred to as a VRRP group), and the like, where the VRRP synchronization group may include information such as an identifier of each VRRP group and an execution script when the master/backup state is switched, and the VRRP _ instance may include information such as an initial state of a server, a source address for sending a VRRP packet, a priority of the server, and a virtual IP corresponding to each user. Then, the primary/standby server may configure a virtual IP corresponding to each user for each network isolation space based on the configuration file of the keepalive process. Then, the server can determine a main server and a standby server through the keepalive process based on different priorities of different servers, the main server allocates the virtual IP corresponding to each user to the corresponding network isolation space through the keepalive process, and provides the Nginx service for the corresponding user through the corresponding network isolation space based on the different virtual IP corresponding to each user.
Optionally, the server may divide the plurality of network isolation spaces into one VRRP group, and accordingly, the process of creating the network isolation spaces may specifically be as follows: dividing a plurality of users into a plurality of VRRP groups through a Nginx process operated by a local machine; for each VRRP group, configuring the Nginx configuration files of all users included in the VRRP group into the VRRP group in a linked list form; and according to the Nginx configuration files of all users in each VRRP group, creating a network isolation space of each VRRP group in the Nginx process based on a user mode protocol stack.
In implementation, when the server creates a network isolation space inside a locally running Nginx process based on a user mode protocol stack, all users may be grouped first. Specifically, the server may divide all users into a plurality of VRRP groups through a locally run Nginx process, and each VRRP group may be divided into one or more users. Then, the server can configure the Nginx configuration files of the users included in each VRRP group into the corresponding VRRP group in a linked list mode. If six users, namely user A, user B, user C, user D, user E and user F, exist in total, the server can divide the users into two VRRP groups, for example, user A, user B and user C correspond to the VRRP group 1, user D, user E and user F correspond to the VRRP group 2, then the server can configure the Nginx configuration files of each user A, user B and user C into the VRRP group 1 in a chain table mode, and configure the Nginx configuration files of user D, user E and user F into the VRRP group 2 in a chain table mode. Then, the server can load all the configuration files of the users in each VRRP group through the Nginx process, and then creates the network isolation space included by each VRRP group in the Nginx process based on the user mode protocol stack according to the Nginx configuration files.
Optionally, the main server may notify the running state of the network isolation space on the standby server in a manner of sending a VRRP packet to the standby server, and if the standby server does not receive a VRRP packet of a certain network isolation space sent by the main server for a certain duration, it may be determined that the network isolation space on the main server fails, and accordingly, after step 104, the following processing may be performed: if the running state of the target main isolation space is normal, the main server periodically sends a target VRRP message corresponding to the target main isolation space to the standby server through a keepalive process running by the local machine; if the running state of the target main isolation space is a fault, the main server stops providing the Nginx service for the target user corresponding to the target main isolation space through the target main isolation space and stops sending a target VRRP message to the standby server; and if the target VRRP message is not received within the continuous preset time, the standby server determines a target standby isolation space created by the local machine corresponding to the target VRRP message, and provides Nginx service for a target user corresponding to the target main isolation space through the target standby isolation space based on the virtual IP corresponding to the target main isolation space.
In implementation, when the master server monitors that the state of a virtual interface corresponding to a certain network isolation space (which may be referred to as a target master isolation space) is "up" through the keepalive process, that is, the state of the target master isolation space is normal, the master server may generate a VRRP message (which may be referred to as a target VRRP message) corresponding to the target master isolation space through the keepalive process running on the host server, where the target VRRP message may carry information such as a running state of the target master isolation space and a space identifier of the target master isolation space, and periodically (e.g., every 1 second) sends the target VRRP message to the standby server. When the main server monitors that the state of the virtual interface corresponding to the target main isolation space is down through the keepalive process, namely the state of the target main isolation space is a fault, the main server stops providing the Nginx service for a user (which can be called a target user) corresponding to the target main isolation space through the target main isolation space, and does not send a target VRRP message to the standby server through the keepalive process operated by the local machine.
The standby server can record the current receiving time each time when receiving the target VRRP message corresponding to the target main isolation space, and if the standby server does not receive the target VRRP message continuously within the preset time after receiving the target VRRP message, the standby server can firstly determine the target standby isolation space created by the local machine corresponding to the target VRRP message, and then provide Nginx service for the target user through the target standby isolation space based on the virtual IP corresponding to the target main isolation space. Meanwhile, the standby server can also periodically send the VRRP message corresponding to the target standby isolation space to the main server through the Keepalived process operated by the local machine.
Optionally, when the server divides a plurality of network isolation spaces into one VRRP group, the main server may notify the standby server of the operating status of each network isolation space in the VRRP group by sending a VRRP group message to the standby server, and if the standby server does not receive a certain VRRP group message sent by the main server for a certain duration, the standby server may determine that a faulty network isolation space exists in the corresponding VRRP group on the main server, and accordingly, after step 104, the following processing may be performed: if the running states of all network isolation spaces in the target main VRRP group are normal, the main server periodically sends a target VRRP group message corresponding to the target main VRRP group to the standby server through a keepalive process running by the local machine; if the target main VRRP group has a network isolation space with a fault operation state, the main server stops providing the Nginx service for all users corresponding to the target main VRRP group through all the network isolation spaces in the target main VRRP group, and stops sending a target VRRP group message to the standby server; and if the standby server does not receive the target VRRP group message within the continuous preset time, determining the target VRRP group created by the local machine corresponding to the target VRRP group message, and providing Nginx service for all users corresponding to the target main VRRP group based on all network isolation spaces in the target VRRP group.
In implementation, when the master server monitors that states of virtual interfaces corresponding to all master isolation spaces in a certain VRRP group (which may be referred to as a target master VRRP group) are "up" through a locally-operated Keepalived process, the master server may determine that an operating state of the target master VRRP group is normal. At this time, the master server may generate a VRRP group packet (which may be referred to as a target VRRP group packet) corresponding to the target master VRRP group through a keepalive process run by the local server, that is, one VRRP group corresponds to one VRRP group packet, and when a plurality of users are divided in one VRRP group, that is, a plurality of network isolation spaces are divided in one VRRP group, the number of VRRP packets may be effectively reduced. Then, the main server may periodically send the target VRRP group packet to the standby server, where the target VRRP group packet may carry at least the identification information of the target main VRRP group. When the main server monitors that the state of the virtual interfaces corresponding to one or more network isolation spaces in the target main VRRP group is down through the Keepalived process operated by the local machine, the main server can determine that the network isolation space with the fault operation state exists in the target main VRRP group. At this time, the master server may stop providing the Nginx service for the user through all the network isolation spaces in the target master VRRP group, and no longer send the target master VRRP group message to the standby server through the Keepalived process run by the local server.
The standby server can record the current receiving time each time when receiving the target VRRP group message, and if the standby server does not receive the target VRRP group message continuously within the preset time after receiving the target VRRP group message, the standby server can determine the target VRRP group created by the local machine corresponding to the target VRRP group message, specifically, the standby server can obtain the identification information of the target main VRRP group carried by the target VRRP group message through a keepalive process operated by the local machine, and then determine the target VRRP group created by the local machine corresponding to the target VRRP group message according to the identification information. And then, the standby server can provide the Nginx service for all target users corresponding to the target main VRRP group based on all network isolation spaces in the target standby VRRP group. Meanwhile, the standby server can also periodically send the VRRP group message corresponding to the target standby VRRP group to the original main server through the Keepalived process operated by the local machine.
In the embodiment of the invention, a plurality of network isolation spaces are created in the Nginx process operated by a local machine based on a user mode protocol stack; creating a corresponding virtual interface for each network isolation space through the Nginx process; monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by the local machine; and determining the running state of the network isolation space corresponding to each virtual interface through a Keeplived process based on the state of each virtual interface. Therefore, a virtual interface is created for each network isolation space in the Nginx process, and the running state of each network isolation space is determined by monitoring the state of the virtual interface, so that the running state of each network isolation space in the Nginx process can be effectively monitored under a user mode protocol stack.
Based on the same technical concept, an embodiment of the present invention further provides a server for monitoring an operating state of an nginnx network isolation space, where the server is configured to:
establishing a plurality of network isolation spaces in a locally operated Nginx process based on a user mode protocol stack;
creating a corresponding virtual interface for each network isolation space through the Nginx process;
monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by a local machine;
and determining the running state of the network isolation space corresponding to each virtual interface through the Keepalived process based on the state of each virtual interface.
Optionally, the server is a master/slave server corresponding to each other;
the master/standby server is configured to:
according to preset Nginx configuration files of a plurality of users, a network isolation space corresponding to each user is created in a Nginx process running in a machine on the basis of a user mode protocol stack.
Optionally, the master/backup server is further configured to configure a virtual IP corresponding to each user for each network isolation space;
the main server is further configured to:
and providing Nginx service for each user through each locally created network isolation space based on the virtual IP corresponding to each user.
Optionally, the main server is further configured to:
if the running state of the target main isolation space is normal, periodically sending a target VRRP message corresponding to the target main isolation space to the standby server through a keepalive process running by a local machine;
if the running state of the target main isolation space is a fault, stopping providing Nginx service for a target user corresponding to the target main isolation space through the target main isolation space, and stopping sending the target VRRP message to the standby server;
the standby server is further configured to:
and if the target VRRP message is not received for the duration of preset time, determining a target backup isolation space created by a local machine corresponding to the target VRRP message, and providing Nginx service for a target user corresponding to the target main isolation space through the target backup isolation space based on the virtual IP corresponding to the target main isolation space.
Optionally, the master/slave server is specifically configured to:
dividing the plurality of users into a plurality of VRRP groups through a locally operated Nginx process;
for each VRRP group, configuring Nginx configuration files of all users included in the VRRP group into the VRRP group in a linked list form;
and according to the Nginx configuration files of all users in each VRRP group, creating a network isolation space of each VRRP group in the Nginx process based on a user mode protocol stack.
Optionally, the main server is further configured to:
if the running states of all network isolation spaces in the target main VRRP group are normal, periodically sending a target VRRP group message corresponding to the target main VRRP group to the standby server through a Keepalived process run by the local machine;
if the target main VRRP group has a network isolation space with a fault operation state, stopping providing Nginx service for all users corresponding to the target main VRRP group through all network isolation spaces in the target main VRRP group, and stopping sending the target VRRP group message to the standby server;
the standby server is further configured to:
and if the target VRRP group message is not received for the duration of preset time, determining a locally created target standby VRRP group corresponding to the target VRRP group message, and providing Nginx service for all users corresponding to the target main VRRP group based on all network isolation spaces in the target standby VRRP group.
In the embodiment of the invention, a plurality of network isolation spaces are created in the Nginx process operated by a local machine based on a user mode protocol stack; creating a corresponding virtual interface for each network isolation space through the Nginx process; monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by the local machine; and determining the running state of the network isolation space corresponding to each virtual interface through a Keeplived process based on the state of each virtual interface. Therefore, a virtual interface is created for each network isolation space in the Nginx process, and the running state of each network isolation space is determined by monitoring the state of the virtual interface, so that the running state of each network isolation space in the Nginx process can be effectively monitored under a user mode protocol stack.
It should be noted that: the server for monitoring the operation state of the nginnx network isolation space and the method embodiment for monitoring the operation state of the nginnx network isolation space provided by the above embodiments belong to the same concept, and specific implementation processes thereof are detailed in the method embodiment and are not described herein again.
Fig. 4 is a schematic structural diagram of a server according to an embodiment of the present invention. The server 400 may vary widely due to configuration or performance differences and may include one or more central processors 422 (e.g., one or more processors) and memory 432, one or more storage media 430 (e.g., one or more mass storage devices) storing applications 442 or data 444. Wherein the memory 432 and storage medium 430 may be transient or persistent storage. The program stored on the storage medium 430 may include one or more modules (not shown), each of which may include a series of instructions operating on the server 400. Still further, the central processor 422 may be arranged to communicate with the storage medium 430, and execute a series of instruction operations in the storage medium 430 on the server 400.
The Server 400 may also include one or more power supplies 426, one or more wired or wireless network interfaces 450, one or more input-output interfaces 458, one or more keyboards 456, and/or one or more operating systems 441, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, and the like.
The server 400 may include memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors include instructions for performing the above-described monitoring of the operational status of the Nginx network isolation space.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (14)
1. A method of monitoring the operational status of an nginnx network isolation space, the method comprising:
establishing a plurality of network isolation spaces in a locally operated Nginx process based on a user mode protocol stack;
creating a corresponding virtual interface for each network isolation space through the Nginx process;
monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by a local machine;
and determining the running state of the network isolation space corresponding to each virtual interface through the Keepalived process based on the state of each virtual interface.
2. The method according to claim 1, wherein the method is applied to mutually corresponding master/standby servers;
the method for creating a plurality of network isolation spaces in the locally operated Nginx process based on the user mode protocol stack comprises the following steps:
and the master/standby server creates a network isolation space corresponding to each user in a Nginx process operated by the local machine based on a user mode protocol stack according to the preset Nginx configuration files of a plurality of users.
3. The method of claim 2, wherein after creating the plurality of network isolation spaces within the natively running Nginx process based on the user mode protocol stack, further comprising:
the master/standby server configures a virtual IP corresponding to each user for each network isolation space;
and the main server provides Nginx service for each user through each network isolation space created by the main server locally based on the virtual IP corresponding to each user.
4. The method according to claim 3, wherein after determining, by the keepalive process, the operating state of the network isolation space corresponding to each of the virtual interfaces based on the state of each of the virtual interfaces, the method further comprises:
if the running state of the target main isolation space is normal, the main server periodically sends a target VRRP message corresponding to the target main isolation space to the standby server through a keepalive process running by the local machine;
if the running state of the target main isolation space is a fault, the main server stops providing the Nginx service for the target user corresponding to the target main isolation space through the target main isolation space and stops sending the target VRRP message to the standby server;
and if the standby server does not receive the target VRRP message for the preset duration, determining a target standby isolation space which is created by a local machine and corresponds to the target VRRP message, and providing Nginx service for a target user corresponding to the target main isolation space through the target standby isolation space based on the virtual IP corresponding to the target main isolation space.
5. The method according to claim 3, wherein the creating a network isolation space corresponding to each user inside a locally running Nginx process based on a user mode protocol stack according to a preset Nginx profile of a plurality of users comprises:
dividing the plurality of users into a plurality of VRRP groups through a locally operated Nginx process;
for each VRRP group, configuring Nginx configuration files of all users included in the VRRP group into the VRRP group in a linked list form;
and according to the Nginx configuration files of all users in each VRRP group, creating a network isolation space of each VRRP group in the Nginx process based on a user mode protocol stack.
6. The method according to claim 5, wherein after determining, by the keepalive process, the operating state of the network isolation space corresponding to each of the virtual interfaces based on the state of each of the virtual interfaces, the method further comprises:
if the running states of all network isolation spaces in a target main VRRP group are normal, the main server periodically sends a target VRRP group message corresponding to the target main VRRP group to the standby server through a keepalive process running by a local machine;
if the target main VRRP group has a network isolation space with a fault operation state, the main server stops providing Nginx service for all users corresponding to the target main VRRP group through all network isolation spaces in the target main VRRP group, and stops sending the target VRRP group message to the standby server;
and if the standby server does not receive the target VRRP group message for the duration of preset time, determining a locally created target standby VRRP group corresponding to the target VRRP group message, and providing Nginx service for all users corresponding to the target main VRRP group based on all network isolation spaces in the target standby VRRP group.
7. A server for monitoring the operational status of an nginnx network isolation space, the server being configured to:
establishing a plurality of network isolation spaces in a locally operated Nginx process based on a user mode protocol stack;
creating a corresponding virtual interface for each network isolation space through the Nginx process;
monitoring a virtual interface corresponding to each network isolation space through a Keepalived process operated by a local machine;
and determining the running state of the network isolation space corresponding to each virtual interface through the Keepalived process based on the state of each virtual interface.
8. The server according to claim 7, wherein the servers are mutually corresponding master/standby servers;
the master/standby server is configured to:
according to preset Nginx configuration files of a plurality of users, a network isolation space corresponding to each user is created in a Nginx process running in a machine on the basis of a user mode protocol stack.
9. The server according to claim 8, wherein the primary/backup server is further configured to configure a virtual IP corresponding to each user for each network isolation space;
the main server is further configured to:
and providing Nginx service for each user through each locally created network isolation space based on the virtual IP corresponding to each user.
10. The server according to claim 9, wherein the main server is further configured to:
if the running state of the target main isolation space is normal, periodically sending a target VRRP message corresponding to the target main isolation space to the standby server through a keepalive process running by a local machine;
if the running state of the target main isolation space is a fault, stopping providing Nginx service for a target user corresponding to the target main isolation space through the target main isolation space, and stopping sending the target VRRP message to the standby server;
the standby server is further configured to:
and if the target VRRP message is not received for the duration of preset time, determining a target backup isolation space created by a local machine corresponding to the target VRRP message, and providing Nginx service for a target user corresponding to the target main isolation space through the target backup isolation space based on the virtual IP corresponding to the target main isolation space.
11. The server according to claim 9, wherein the primary/secondary server is specifically configured to:
dividing the plurality of users into a plurality of VRRP groups through a locally operated Nginx process;
for each VRRP group, configuring Nginx configuration files of all users included in the VRRP group into the VRRP group in a linked list form;
and according to the Nginx configuration files of all users in each VRRP group, creating a network isolation space of each VRRP group in the Nginx process based on a user mode protocol stack.
12. The server according to claim 11, wherein the main server is further configured to:
if the running states of all network isolation spaces in the target main VRRP group are normal, periodically sending a target VRRP group message corresponding to the target main VRRP group to the standby server through a Keepalived process run by the local machine;
if the target main VRRP group has a network isolation space with a fault operation state, stopping providing Nginx service for all users corresponding to the target main VRRP group through all network isolation spaces in the target main VRRP group, and stopping sending the target VRRP group message to the standby server;
the standby server is further configured to:
and if the target VRRP group message is not received for the duration of preset time, determining a locally created target standby VRRP group corresponding to the target VRRP group message, and providing Nginx service for all users corresponding to the target main VRRP group based on all network isolation spaces in the target standby VRRP group.
13. A server, comprising a processor and a memory, wherein the memory has stored therein at least one instruction, at least one program, set of codes, or set of instructions, which is loaded and executed by the processor to implement the method of monitoring the operational status of a Nginx network isolation space according to any one of claims 1-6.
14. A computer readable storage medium having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to implement the method of monitoring the operational status of an isolated space of an Nginx network as set forth in any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910320302.XA CN111835685B (en) | 2019-04-19 | 2019-04-19 | Method and server for monitoring running state of Nginx network isolation space |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910320302.XA CN111835685B (en) | 2019-04-19 | 2019-04-19 | Method and server for monitoring running state of Nginx network isolation space |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111835685A true CN111835685A (en) | 2020-10-27 |
| CN111835685B CN111835685B (en) | 2022-10-28 |
Family
ID=72912140
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910320302.XA Active CN111835685B (en) | 2019-04-19 | 2019-04-19 | Method and server for monitoring running state of Nginx network isolation space |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111835685B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112346899A (en) * | 2020-11-06 | 2021-02-09 | 北京北信源软件股份有限公司 | Method and device for optimizing microservice performance |
| CN112787998A (en) * | 2020-12-26 | 2021-05-11 | 郑州信大捷安信息技术股份有限公司 | DPDK-based ALG implementation method and system |
| CN113098925A (en) * | 2021-03-06 | 2021-07-09 | 郑州信大捷安信息技术股份有限公司 | Method and system for realizing dynamic proxy based on F-Stack and Nginx |
| CN113992683A (en) * | 2021-10-25 | 2022-01-28 | 重庆紫光华山智安科技有限公司 | Method, system, device and medium for realizing effective isolation of double networks in same cluster |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101060478A (en) * | 2007-03-27 | 2007-10-24 | 华为技术有限公司 | A router and method for the router distributing the route information |
| US20100146085A1 (en) * | 2008-12-05 | 2010-06-10 | Social Communications Company | Realtime kernel |
| CN101741742A (en) * | 2009-12-18 | 2010-06-16 | 华为技术有限公司 | Message processing method, access equipment and communication system |
| EP2796766A1 (en) * | 2013-04-26 | 2014-10-29 | Siemens Aktiengesellschaft | Pressure vessel and method for monitoring its state |
| CN104899126A (en) * | 2015-06-12 | 2015-09-09 | 北京奇虎科技有限公司 | Method, device and system for performing local real-time monitoring on containers in host |
| CN105760214A (en) * | 2016-04-19 | 2016-07-13 | 华为技术有限公司 | Equipment state and resource information monitoring method, related equipment and system |
| WO2016206171A1 (en) * | 2015-06-26 | 2016-12-29 | 宇龙计算机通信科技(深圳)有限公司 | Secure networking method based on network isolation, and terminal |
| CN106411589A (en) * | 2016-09-29 | 2017-02-15 | 北京神州绿盟信息安全科技股份有限公司 | Method and apparatus for realizing high availability |
| US20170060613A1 (en) * | 2015-08-28 | 2017-03-02 | Vmware, Inc. | Partitioning a hypervisor into virtual hypervisors |
| CN106506314A (en) * | 2016-09-30 | 2017-03-15 | 北京赢点科技有限公司 | Network high availability method and device based on docker |
| CN108089968A (en) * | 2017-12-13 | 2018-05-29 | 国云科技股份有限公司 | A kind of method of host's machine monitoring virtual-machine data storehouse state |
-
2019
- 2019-04-19 CN CN201910320302.XA patent/CN111835685B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101060478A (en) * | 2007-03-27 | 2007-10-24 | 华为技术有限公司 | A router and method for the router distributing the route information |
| US20100146085A1 (en) * | 2008-12-05 | 2010-06-10 | Social Communications Company | Realtime kernel |
| CN101741742A (en) * | 2009-12-18 | 2010-06-16 | 华为技术有限公司 | Message processing method, access equipment and communication system |
| EP2796766A1 (en) * | 2013-04-26 | 2014-10-29 | Siemens Aktiengesellschaft | Pressure vessel and method for monitoring its state |
| CN104899126A (en) * | 2015-06-12 | 2015-09-09 | 北京奇虎科技有限公司 | Method, device and system for performing local real-time monitoring on containers in host |
| WO2016206171A1 (en) * | 2015-06-26 | 2016-12-29 | 宇龙计算机通信科技(深圳)有限公司 | Secure networking method based on network isolation, and terminal |
| US20170060613A1 (en) * | 2015-08-28 | 2017-03-02 | Vmware, Inc. | Partitioning a hypervisor into virtual hypervisors |
| CN105760214A (en) * | 2016-04-19 | 2016-07-13 | 华为技术有限公司 | Equipment state and resource information monitoring method, related equipment and system |
| WO2017181876A1 (en) * | 2016-04-19 | 2017-10-26 | 华为技术有限公司 | Device state and resource information monitoring method, related device, and system |
| CN106411589A (en) * | 2016-09-29 | 2017-02-15 | 北京神州绿盟信息安全科技股份有限公司 | Method and apparatus for realizing high availability |
| CN106506314A (en) * | 2016-09-30 | 2017-03-15 | 北京赢点科技有限公司 | Network high availability method and device based on docker |
| CN108089968A (en) * | 2017-12-13 | 2018-05-29 | 国云科技股份有限公司 | A kind of method of host's machine monitoring virtual-machine data storehouse state |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112346899A (en) * | 2020-11-06 | 2021-02-09 | 北京北信源软件股份有限公司 | Method and device for optimizing microservice performance |
| CN112346899B (en) * | 2020-11-06 | 2024-02-09 | 北京北信源软件股份有限公司 | Micro-service performance optimization method and device |
| CN112787998A (en) * | 2020-12-26 | 2021-05-11 | 郑州信大捷安信息技术股份有限公司 | DPDK-based ALG implementation method and system |
| CN112787998B (en) * | 2020-12-26 | 2022-04-08 | 郑州信大捷安信息技术股份有限公司 | DPDK-based ALG implementation method and system |
| CN113098925A (en) * | 2021-03-06 | 2021-07-09 | 郑州信大捷安信息技术股份有限公司 | Method and system for realizing dynamic proxy based on F-Stack and Nginx |
| CN113098925B (en) * | 2021-03-06 | 2022-03-11 | 郑州信大捷安信息技术股份有限公司 | Method and system for realizing dynamic proxy based on F-Stack and Nginx |
| CN113992683A (en) * | 2021-10-25 | 2022-01-28 | 重庆紫光华山智安科技有限公司 | Method, system, device and medium for realizing effective isolation of double networks in same cluster |
| CN113992683B (en) * | 2021-10-25 | 2024-02-13 | 重庆紫光华山智安科技有限公司 | Method, system, equipment and medium for realizing effective isolation of double networks in same cluster |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111835685B (en) | 2022-10-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111835685B (en) | Method and server for monitoring running state of Nginx network isolation space | |
| US10635558B2 (en) | Container monitoring method and apparatus | |
| US10644952B2 (en) | VNF failover method and apparatus | |
| US11895016B2 (en) | Methods and apparatus to configure and manage network resources for use in network-based computing | |
| US9141491B2 (en) | Highly available server system based on cloud computing | |
| CN105743692B (en) | Policy-based framework for application management | |
| US8495208B2 (en) | Migrating virtual machines among networked servers upon detection of degrading network link operation | |
| WO2017181876A1 (en) | Device state and resource information monitoring method, related device, and system | |
| EP1697843B1 (en) | System and method for managing protocol network failures in a cluster system | |
| US11567790B2 (en) | Node regeneration in distributed storage systems | |
| CN108347339B (en) | Service recovery method and device | |
| US20200127884A1 (en) | Two-channel-based high-availability | |
| CN112217847A (en) | Micro service platform, implementation method thereof, electronic device and storage medium | |
| JP5558422B2 (en) | Network system, redundancy method, failure detection apparatus, and failure detection program | |
| US20240089352A1 (en) | Udp message distribution method, udp message distribution apparatus, electronic device and computer readable storage medium | |
| CN111835684B (en) | Network isolation monitoring method and system for haproxy equipment | |
| CN113709220B (en) | High-availability implementation method and system of virtual load equalizer and electronic equipment | |
| CN111835544B (en) | Monitoring method and system of virtual router based on user mode protocol stack | |
| CN111385352A (en) | Instance control method, node, terminal and distributed storage system | |
| US20210314259A1 (en) | Automatic configuration and connection of heterogeneous bandwidth managed multicast fabrics | |
| CN116455963A (en) | Cluster node registration method, medium, device and computing equipment | |
| Srikanth et al. | Software installation on a huge heterogeneous network using mobile agents |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |