CN112052060A - IDV desktop secret-keeping-free terminal, server, system and method based on container technology - Google Patents
IDV desktop secret-keeping-free terminal, server, system and method based on container technology Download PDFInfo
- Publication number
- CN112052060A CN112052060A CN202010928355.2A CN202010928355A CN112052060A CN 112052060 A CN112052060 A CN 112052060A CN 202010928355 A CN202010928355 A CN 202010928355A CN 112052060 A CN112052060 A CN 112052060A
- Authority
- CN
- China
- Prior art keywords
- cloud
- idv
- container
- desktop
- cloud desktop
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000007726 management method Methods 0.000 description 9
- 238000002955 isolation Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/451—Execution arrangements for user interfaces
- G06F9/452—Remote windowing, e.g. X-Window System, desktop virtualisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Human Computer Interaction (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to the technical field of virtualized cloud desktops, and discloses a container technology-based IDV desktop secret-keeping terminal, server, system and method. The system comprises a cloud terminal and a cloud server, wherein the cloud server is used for creating a cloud desktop container and configuring a shared block storage type, an IP (Internet protocol), a port and authentication information, and the cloud desktop container comprises an initial IDV (inverse discrete vector) cloud desktop container mirror image and a block storage device file; the IDV cloud desktop container mirror image acquisition module is also used for opening a switch of the IDV cloud desktop container mirror image to acquire the IDV cloud desktop container mirror image; the cloud terminal is used for obtaining and deploying the IDV cloud desktop container mirror image, starting the IDV cloud desktop container mirror image, connecting the block storage device file in the cloud server, creating a container read-write hierarchy in the block storage device file, and the container read-write hierarchy is used for storing all data generated when the cloud desktop is operated.
Description
Technical Field
The invention belongs to the technical field of virtualized cloud desktops, and particularly relates to an IDV desktop secret-keeping terminal, server, system and method based on a container technology.
Background
In recent years, virtualization technology is developed at a high speed, and the cloud desktop industry is applied more and more widely, so that more convenience is brought to government, enterprise, office and college education. IDV (Intelligent Desktop Virtualization) is a more common cloud Desktop technology, and is characterized in that distributed computing centralized management is performed, and IDV desktops are executed locally at a Virtualization cloud terminal and are managed by an administrator through a Virtualization cloud Desktop management system in a unified manner. The cloud desktop management method is characterized in that the virtual desktop runs at the virtualization cloud terminal, hardware resources of the cloud terminal are fully utilized, management and deployment can be centralized and simplified, the advantage of desktop virtualization is fully played, and the cloud desktop management and the scale adjustment of the virtualization cloud desktop as required are facilitated.
Meanwhile, the IDV desktop has the defects that the virtualized data of the IDV desktop is stored in the cloud terminal, the desktop data and the private data in the using process of a user are stored locally in the cloud terminal, and the safety of the data is low.
Disclosure of Invention
The invention aims to provide a container technology-based IDV desktop terminal secret-keeping method, a container technology-based IDV desktop terminal secret-keeping system and a container technology-based IDV desktop terminal secret-keeping storage medium, which are used for solving the problems that in the prior art, virtualized data of an IDV desktop are stored in a cloud terminal and the data security is low.
In order to realize the task, the invention adopts the following technical scheme:
an IDV desktop secret-free server based on a container technology is a cloud server and is used for creating a cloud desktop container, and the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file;
and the switch is also used for opening the initial IDV cloud desktop container mirror image to obtain the IDV cloud desktop container mirror image.
The IDV desktop is not provided with a secret terminal, the terminal is a cloud terminal and is used for downloading and installing IDV cloud desktop container mirror images, starting the IDV cloud desktop container mirror images to normally operate and connecting block storage device files in a cloud server, container read-write layers are created in the block storage device files, and the container read-write layers are used for storing all data generated when the cloud desktop operates.
The IDV desktop password-free system based on the container technology comprises a cloud server and a cloud terminal;
the cloud server is used for creating a cloud desktop container, and the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file; and the switch is also used for opening the initial IDV cloud desktop container mirror image to obtain the IDV cloud desktop container mirror image.
The cloud terminal is used for downloading and installing IDV cloud desktop container mirror images, starting the IDV cloud desktop container mirror images to work, and connecting block storage device files in the cloud server, wherein container read-write layers are created in the block storage device files and are used for storing all data generated when the IDV cloud desktop is operated.
A terminal secret-keeping method of an IDV desktop based on a container technology is used for storing all data generated when a cloud terminal runs the IDV cloud desktop in a cloud server so as to achieve the effect of terminal secret-keeping, and the method is realized by adopting the following steps:
step 1: the cloud server creates a cloud desktop container, wherein the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file;
step 2: the cloud server opens the switch of the initial IDV cloud desktop container mirror image created in the step 1 to obtain an IDV cloud desktop container mirror image;
and step 3: the cloud terminal downloads and installs IDV cloud desktop container mirror images from the cloud server;
and 4, step 4: the cloud terminal starts an IDV cloud desktop container mirror image to work, connects a block storage device file in the cloud server, and creates a container read-write hierarchy in the block storage device file, wherein the container read-write hierarchy is used for storing all data generated when the IDV cloud desktop is operated.
Further, opening the switch of the initial IDV cloud desktop container image created in step 1 in step 2 means configuring the "keep _ secret" attribute of the IDV desktop to be 1.
Compared with the prior art, the invention has the following technical characteristics:
the method can create the IDV desktop without a terminal secret, only downloads the virtualized operating system image when the IDV desktop is deployed to the cloud terminal, connects a network sharing block storage system provided by the virtualized cloud server and mounts a read-write layer of a desktop container to the network sharing block storage when the cloud terminal starts the desktop, and data in the desktop running process is stored in a network sharing block storage file; when the terminal does not keep a secret IDV desktop, disconnecting the network sharing block storage system; therefore, data of the IDV desktop realized based on the container technology are stored on the cloud server, and the data security of the IDV desktop of the user is ensured.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it is to be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The IDV desktop realized based on the container technology is a lightweight IDV cloud desktop established by applying the isolation characteristic of a container to the field of virtualization cloud desktops based on the current popular container technology. At present, the IDV desktop is realized by a full virtualization or semi-virtualization platform, and the IDV desktop realized by using a container technology is lighter, can be quickly started and migrated, and saves hardware resources.
First, the technical vocabulary appearing in the present invention is explained:
network shared block storage: the local disk space is mapped to the host for use by a dedicated network protocol, which may be part of a physical block device, a combination of physical block devices, or a file on a local file system.
The container technology comprises the following steps: the method is light-weight operating system level virtualization, and can run the application in a resource isolation environment. The files necessary to run the application are packaged as a mirror image and can be reused. The mirror image is called container when executing, the container runs in an isolation environment and does not affect the environment of an external operating system.
Mounting: the file system in the device file is connected to a specified directory under the Linux system, and the mounted system can access the files on the devices.
Deployment: the desktop file on the server is downloaded to the terminal, which is generally called "deployment", such as a deployment environment.
IDV cloud desktop container mirroring: refers to an IDV cloud desktop container mirror image with no terminal secret.
The terminal is not kept secret: the method does not reserve any data generated in the desktop using process, namely, does not reserve difference files in the running process. The system and the method can realize that any operation file of the IDV desktop by the user is not stored in the terminal but in the cloud server in the process of using the IDV desktop on the terminal, thereby ensuring the data security of the IDV desktop of the user.
The embodiment of the invention discloses an IDV desktop secret-free terminal based on a container technology, which is used for downloading and installing an IDV cloud desktop container mirror image, starting the IDV cloud desktop container mirror image to normally operate, and connecting a block storage device file in a cloud server, wherein a container read-write layer is created in the block storage device file and is used for storing all data generated when a cloud desktop is operated;
and the system is also used for closing the IDV cloud desktop container mirror image and disconnecting the IDV cloud desktop container mirror image from the block storage device file in the cloud server.
The embodiment of the invention discloses an IDV (inverse discrete vector) desktop secret-free server based on a container technology, which is used for creating a cloud desktop container, wherein the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file;
and the switch is also used for opening the initial IDV cloud desktop container mirror image to obtain the IDV cloud desktop container mirror image.
The embodiment of the invention discloses an IDV desktop secret-keeping system based on a container technology, which comprises a cloud server and a cloud terminal;
the cloud server is used for creating a cloud desktop container, and the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file; and the switch is also used for opening the initial IDV cloud desktop container mirror image to obtain the IDV cloud desktop container mirror image.
The cloud terminal is used for downloading and installing IDV cloud desktop container mirror images, starting the IDV cloud desktop container mirror images to work, and connecting block storage device files in the cloud server, wherein container read-write layers are created in the block storage device files and are used for storing all data generated when the IDV cloud desktop is operated; and the system is also used for closing the IDV cloud desktop container mirror image and disconnecting the IDV cloud desktop container mirror image from the block storage device file in the cloud server.
The embodiment of the invention discloses a terminal secret-keeping method of an IDV desktop based on a container technology, which is used for storing all data generated when a cloud terminal runs a cloud desktop in a cloud server so as to achieve the effect of terminal secret-keeping, and the method is realized by adopting the following steps:
step 1: the cloud server creates a cloud desktop container, wherein the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file;
step 2: the cloud server opens the switch of the initial IDV cloud desktop container mirror image created in the step 1 to obtain an IDV cloud desktop container mirror image;
and step 3: the cloud terminal downloads and installs IDV cloud desktop container mirror images from the cloud server;
and 4, step 4: the cloud terminal starts an IDV cloud desktop container mirror image to work, connects a block storage device file in the cloud server, and creates a container read-write hierarchy in the block storage device file, wherein the container read-write hierarchy is used for storing all data generated when the IDV cloud desktop is operated.
Specifically, the step 2 of opening the terminal secret-free switch of the IDV cloud desktop container mirror created in the step 1 means configuring the attribute "keep _ secret" of the IDV desktop to be 1.
Specifically, the process of making the cloud desktop container in the operating system environment with the installed configuration is as follows:
a. creating a temporary directory/dest/rootfs;
b. packaging operating system files and directories:
tar cpf---exclude=/dest/rootfs/|tar xpf--C/dest/rootfs
c. importing an operating system image:
tar-c/dest/rootfs|docker import-{IMAGE-NAME}
example 1
On the basis of the above embodiment, the present embodiment discloses a terminal privacy-free method for an IDV desktop based on a container technology, which includes the following steps:
s1, deploying a virtualized cloud desktop management system on the virtualized cloud server; the virtualized cloud desktop management system is used for managing the virtualized cloud terminal, the virtualized operating system mirror image, the cloud desktop user and the virtualized cloud desktop resource of the user;
s2, deploying a network sharing block storage system on the virtualization cloud server; the network sharing block storage system provides a virtualization cloud platform to create a new block storage space, and allows the cloud terminal to access the virtualization block storage space in a network sharing mode;
s3, configuring a virtualized cloud desktop management system, and connecting to a network sharing block storage system; configuring a network sharing block storage system type, an IP (Internet protocol), a port and authentication information in a virtualization cloud desktop management system; common types of network shared block storage systems such as Ceph, iSCSI, etc.;
s4, creating an IDV desktop by using the created desktop system container mirror image; establishing a terminal secret-free IDV desktop by specifying desktop configuration parameters; when a desktop is created, a block storage device file is distributed to the desktop in a network sharing block storage system;
s5, deploying the created terminal without keeping a secret IDV desktop to the terminal, and only downloading the desktop system container mirror image by the terminal;
s6, when the terminal is started and the IDV desktop is not kept secret, connecting the block storage device files distributed for the desktop in the network sharing block storage system, creating a container read-write hierarchy in the block storage device files, and mounting the container read-write hierarchy to a read-write layer directory of the container to realize that the difference data of the desktop is stored in the network sharing block storage;
and S7, when the terminal is closed and the IDV desktop is not reserved, closing the desktop and disconnecting the network shared storage connection.
Claims (5)
1. The IDV desktop secret-free server based on the container technology is characterized in that the server is a cloud server and is used for creating a cloud desktop container, and the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file;
and the switch is also used for opening the initial IDV cloud desktop container mirror image to obtain the IDV cloud desktop container mirror image.
2. The IDV desktop secret-free terminal based on the container technology is characterized in that the terminal is a cloud terminal and is used for downloading and installing IDV cloud desktop container mirror images, starting the IDV cloud desktop container mirror images to normally operate and connecting block storage device files in a cloud server, container read-write layers are created in the block storage device files, and the container read-write layers are used for storing all data generated when the cloud desktop operates.
3. The IDV desktop password-free system based on the container technology is characterized by comprising a cloud server and a cloud terminal;
the cloud server is used for creating a cloud desktop container, and the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file; and the switch is also used for opening the initial IDV cloud desktop container mirror image to obtain the IDV cloud desktop container mirror image.
The cloud terminal is used for downloading and installing IDV cloud desktop container mirror images, starting the IDV cloud desktop container mirror images to work, and connecting block storage device files in the cloud server, wherein container read-write layers are created in the block storage device files and are used for storing all data generated when the IDV cloud desktop is operated.
4. A terminal secret-keeping method of an IDV desktop based on a container technology is characterized in that the method is used for storing all data generated when a cloud terminal runs the IDV cloud desktop in a cloud server so as to achieve the effect of terminal secret-keeping, and the method is realized by adopting the following steps:
step 1: the cloud server creates a cloud desktop container, wherein the cloud desktop container comprises an initial IDV cloud desktop container mirror image and a block storage device file;
step 2: the cloud server opens the switch of the initial IDV cloud desktop container mirror image created in the step 1 to obtain an IDV cloud desktop container mirror image;
and step 3: the cloud terminal downloads and installs IDV cloud desktop container mirror images from the cloud server;
and 4, step 4: the cloud terminal starts an IDV cloud desktop container mirror image to work, connects a block storage device file in the cloud server, and creates a container read-write hierarchy in the block storage device file, wherein the container read-write hierarchy is used for storing all data generated when the IDV cloud desktop is operated.
5. The container technology-based IDV desktop terminal un-confidentiality method of claim 1, wherein the step 2 of opening the switch of the initial IDV cloud desktop container image created in step 1 means configuring the "keep _ secret" attribute of the IDV desktop to be 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010928355.2A CN112052060A (en) | 2020-09-07 | 2020-09-07 | IDV desktop secret-keeping-free terminal, server, system and method based on container technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010928355.2A CN112052060A (en) | 2020-09-07 | 2020-09-07 | IDV desktop secret-keeping-free terminal, server, system and method based on container technology |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112052060A true CN112052060A (en) | 2020-12-08 |
Family
ID=73606822
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010928355.2A Pending CN112052060A (en) | 2020-09-07 | 2020-09-07 | IDV desktop secret-keeping-free terminal, server, system and method based on container technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112052060A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113312128A (en) * | 2021-05-24 | 2021-08-27 | 华南理工大学 | Desktop cloud system integrating micro-services and IDV (integrated digital video) framework |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107885564A (en) * | 2017-10-31 | 2018-04-06 | 南京斯坦德云科技股份有限公司 | The super fusion cloud desktop system of one kind |
| CN108322549A (en) * | 2018-03-13 | 2018-07-24 | 武汉兴和产业大数据研究院有限公司 | Cloud desktop computer system based on middleware and application method |
| CN109547525A (en) * | 2018-10-09 | 2019-03-29 | 李九梅 | A kind of computer distribution type cloud desktop office system |
| CN110543775A (en) * | 2019-08-30 | 2019-12-06 | 湖南麒麟信息工程技术有限公司 | data security protection method and system based on super-fusion concept |
| CN110990089A (en) * | 2019-10-25 | 2020-04-10 | 西安雷风电子科技有限公司 | Double-screen double-desktop intelligent system and method based on IDV |
-
2020
- 2020-09-07 CN CN202010928355.2A patent/CN112052060A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107885564A (en) * | 2017-10-31 | 2018-04-06 | 南京斯坦德云科技股份有限公司 | The super fusion cloud desktop system of one kind |
| CN108322549A (en) * | 2018-03-13 | 2018-07-24 | 武汉兴和产业大数据研究院有限公司 | Cloud desktop computer system based on middleware and application method |
| CN109547525A (en) * | 2018-10-09 | 2019-03-29 | 李九梅 | A kind of computer distribution type cloud desktop office system |
| CN110543775A (en) * | 2019-08-30 | 2019-12-06 | 湖南麒麟信息工程技术有限公司 | data security protection method and system based on super-fusion concept |
| CN110990089A (en) * | 2019-10-25 | 2020-04-10 | 西安雷风电子科技有限公司 | Double-screen double-desktop intelligent system and method based on IDV |
Non-Patent Citations (2)
| Title |
|---|
| 陈君华等: "《云计算基础与实践教程》", 31 July 2017, 云南大学出版社, pages: 34 - 37 * |
| 驻云科技乔锐杰: "《阿里云运维架构实践秘籍》", 30 April 2020, 机械工业出版社, pages: 63 - 67 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113312128A (en) * | 2021-05-24 | 2021-08-27 | 华南理工大学 | Desktop cloud system integrating micro-services and IDV (integrated digital video) framework |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10484427B2 (en) | Methods and systems for providing configuration management for computing environments | |
| US11848817B2 (en) | Techniques for updating edge devices | |
| US10169173B2 (en) | Preserving management services with distributed metadata through the disaster recovery life cycle | |
| EP2956854B1 (en) | Computer system supporting remotely managed it services | |
| JP5746312B2 (en) | Provision and manage replicated data instances | |
| US9354983B1 (en) | Integrated it service provisioning and management | |
| US9258262B2 (en) | Mailbox-based communications system for management communications spanning multiple data centers and firewalls | |
| CN103491144B (en) | A kind of construction method of Internet virtual platform | |
| US9712599B2 (en) | Application peak load processing | |
| US10061665B2 (en) | Preserving management services with self-contained metadata through the disaster recovery life cycle | |
| US11429373B2 (en) | Upgrade implementation of a virtualization management system | |
| CN110753069B (en) | Method, device and storage medium for cloud desktop offline management | |
| CN112052060A (en) | IDV desktop secret-keeping-free terminal, server, system and method based on container technology | |
| US11972300B2 (en) | Techniques for managing edge device provisioning | |
| US11915059B2 (en) | Virtual edge devices | |
| Bai et al. | A novel vsftp-based kvm virtualization cloud deployment scheme | |
| JP2024515247A (en) | Configurable Edge Device Platform | |
| CN116997892A (en) | Combinable edge device platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |