CN112217656B - Method and device for synchronizing configuration information of network equipment in SD-WAN (secure digital-to-Wide area network) system - Google Patents

Abstract

The present invention provides a method and device for synchronizing configuration information of network equipment in an SD-WAN system. The method includes: acquiring configuration information of a network device stored in a configuration database, and obtaining first configuration information, wherein the configuration information includes several configurations, and each configuration includes several configuration items; and generating the first configuration information according to the reference relationship between the configurations. a configuration tree; obtain the configuration information in the configuration file of the network device to obtain the second configuration information; generate the second configuration tree from the second configuration information according to the reference relationship between the configurations; compare the first configuration tree and the second configuration tree by comparing the first configuration tree and the second configuration tree All nodes in the system, obtain the differential configuration information; and deliver the differential configuration information to the network device. Through the present invention, synchronization of differential configurations can be achieved.

Description

Method and device for synchronizing configuration information of network equipment in SD-WAN system

technical field

The present invention relates to the technical field of data processing, and in particular, to a method and device for synchronizing configuration information of network equipment in an SD-WAN system.

Background technique

Software-defined wide area network (SD-WAN) is a service formed by applying SD-WAN technology to a wide area network scenario, which is used to connect enterprise networks, data centers, Internet applications and cloud services across a wide geographic range. SD-WAN can separate the control plane from the data plane of network devices, so that the control plane operates as an independent application of the upper layer, and communicates with the lower layer data plane through standardized interface protocols, so as to realize flexible control of network traffic and provide network The innovation of architecture and upper-layer application provides a good platform.

During the operation of the SD-WAN system, the management and control platform needs to centrally manage and control multiple network devices in the entire WAN. In the process of centralized management and control of each network device, it is necessary to frequently perform configuration information delivery/synchronization operations. When the service of a network device in the SD-WAN system changes, it is necessary to push the changed service configuration information to the network device within a very short period of time, so that the service can run normally.

In the prior art, after the business of a certain network device in the SD-WAN system is changed, the management and control platform usually re-deliveries the overall configuration information of the network device to the network device for configuration, which takes a long time and affects the normal operation of the business. conduct.

Therefore, a method and device for synchronizing configuration information of network equipment in an SD-WAN system are provided, so as to realize the different delivery of network equipment configurations in the SD-WAN system, and reduce the configuration time of network equipment after the business of network equipment is changed, Reducing time-consuming and reducing the impact on business is a technical problem that needs to be solved urgently in this field.

SUMMARY OF THE INVENTION

The purpose of the present invention is to provide a configuration information synchronization method, apparatus, computer equipment and computer-readable storage medium of a network device in an SD-WAN system, so as to solve the above-mentioned technical problems existing in the prior art.

On the one hand, in order to achieve the above object, the present invention provides a method for synchronizing configuration information of a network device in an SD-WAN system.

The SD-WAN system includes a management and control platform and a network device. The method for synchronizing configuration information of the network device in the SD-WAN system includes: acquiring the configuration information of the network device stored in the configuration database, and obtaining the first configuration information, wherein the configuration information includes several configurations , each configuration includes several configuration items; a first configuration tree is generated from the first configuration information according to the reference relationship between configurations, wherein each node of the first configuration tree corresponds to one of the first configuration information. configuration; obtain the configuration information in the configuration file of the network device, and obtain the second configuration information; generate the second configuration tree according to the reference relationship between the configurations according to the second configuration information, wherein each node of the second configuration tree corresponds to the One of the configurations in the second configuration information; by comparing all nodes of the first configuration tree and the second configuration tree, the difference configuration information is obtained, wherein the difference configuration information includes several difference configurations; and the difference configuration information is issued to the network device.

Further, after delivering the differential configuration information to the network device, the method further includes: receiving a configuration execution result for each differential configuration fed back by the network device; when the configuration execution result is an execution failure, recording the failed differential configuration as a result. The failure record is entered, and the failure reason is displayed; when the configuration execution result is successful, the successful differential configuration is updated to the configuration file.

Further, before delivering the difference configuration information to the network device, the method further includes: writing the difference configuration in the failure record into the difference configuration information, and clearing the failure record.

Further, the differential configuration includes adding a configuration, modifying a configuration and deleting a configuration, and by comparing all nodes of the first configuration tree and the second configuration tree, the step of obtaining the differential configuration information includes: The leaf nodes form the first set, and all the first-layer leaf nodes of the second configuration tree form the second set; all configurations in the first set are circulated, and the second set is determined according to the configuration identifier of the first configuration in the first set. Whether there is a first configuration, if the first configuration does not exist in the second set, the first configuration and the configurations corresponding to all branch nodes of the node where the first configuration is located in the first configuration tree are newly added configurations, if there is a first configuration in the second set For the first configuration, the first configuration and the configurations corresponding to all the branch nodes of the node where the first configuration is located in the first configuration tree are formed into a third set, and the first configuration and the second configuration tree are all branch nodes of the node where the first configuration is located. The corresponding configuration forms a fourth set; all configurations in the second set are circulated, and it is judged whether there is a second configuration in the first set according to the configuration identifier of the second configuration in the second set, if the second configuration does not exist in the first set, Then the configuration corresponding to the second configuration and all branch nodes of the node where the second configuration is located in the second configuration tree is the deletion configuration; all configurations in the third set are circulated, and the fourth set is determined according to the configuration identifier of the third configuration in the third set Whether there is a third configuration in the fourth set, if the third configuration does not exist in the fourth set, the third configuration is a newly added configuration, if there is a third configuration in the fourth set, the third configuration in the third set and the fourth set Compare each configuration item of the third configuration in the Determines whether the fourth configuration exists in the third set, and if the fourth configuration does not exist in the third set, the fourth configuration is to delete the configuration.

Further, the network device is controlled to perform configuration in the order of adding configuration, modifying configuration and deleting configuration.

Further, the step of controlling the network device to perform configuration in the order of newly added configuration, modified configuration and deleted configuration includes: sorting the differential configurations in the differential configuration information in the order of newly added configuration, modified configuration and deleted configuration.

Further, the configuration is used to limit the service attributes of the network device, the configuration information is a json file, and the configuration is json data, and the steps of generating the configuration tree from the configuration information according to the reference relationship between the configurations include: converting the json schema file corresponding to the json file Map to a class structure, which can identify the reference relationship between various service attributes of the network device and the value of the service attribute; parse the json data, map the json data to a data instance according to the class structure; map each data corresponding to the configuration information The instance is converted into a configuration tree, wherein when the configuration information is the first configuration information, the configuration tree is the first configuration tree, and when the configuration information is the second configuration information, the configuration tree is the second configuration tree.

On the other hand, in order to achieve the above object, the present invention provides an apparatus for synchronizing configuration information of a network device in an SD-WAN system.

The SD-WAN system includes a management and control platform and a network device. The configuration information synchronization device of the network device is set on the management and control platform. The device includes: a first acquisition module for acquiring the configuration information of the network device stored in the configuration database to obtain the first configuration. information, wherein the configuration information includes several configurations, and each configuration includes several configuration items; the first generation module is configured to generate a first configuration tree from the first configuration information according to the reference relationship between the configurations, wherein the first configuration tree is Each node corresponds to one of the configurations in the first configuration information; the second acquisition module is used to acquire the configuration information in the configuration file of the network device to obtain the second configuration information; the second generation module is used to The second configuration information generates a second configuration tree according to the reference relationship between the configurations, wherein each node of the second configuration tree corresponds to one of the configurations in the second configuration information; the processing module is configured to compare the first configuration All nodes of the first configuration tree and the second configuration tree obtain differential configuration information, wherein the differential configuration information includes several differential configurations; and a sending module is configured to deliver the differential configuration information to the network device.

In order to achieve the above object, the present invention also provides a computer device, comprising a memory, a processor, and a computer program stored in the memory and running on the processor, the processor implements the steps of the above method when the processor executes the computer program.

To achieve the above object, the present invention also provides a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, implements the steps of the above method.

According to the method and device for synchronizing configuration information of network equipment in the SD-WAN system provided by the present invention, when the operation or management personnel configures the network equipment on the management and control platform, the configuration information is written into the configuration database, and then according to the configuration information in the configuration database Configure the network device, and record the successful configuration of the network device into the configuration file. When the service configuration of the network device changes, after the management and control platform updates the configuration information in the configuration database in response to the configuration operation, the changed part will also be changed. That is, the difference configuration information is synchronized to the network device. Specifically, the configuration information in the configuration database and the configuration information in the current configuration file are respectively mapped to the configuration tree, and then the difference configuration information is obtained by comparing the nodes of the two configuration trees, and then the following On the one hand, the synchronization method realizes the distribution of different configurations, which can reduce the amount of data synchronized from the management and control platform to the network equipment, and the network equipment only needs to configure the difference parts, reducing the business changes of the network equipment. On the other hand, there is no limit to the complexity of the configuration information, and any simple or complex network device configuration can be supported for processing.

Description of drawings

1 is a flowchart of a method for synchronizing configuration information of a network device in an SD-WAN system according to Embodiment 1 of the present invention;

2 is a schematic diagram of a configuration tree in an embodiment of the present invention;

3 is a block diagram of a method and apparatus for synchronizing configuration information of a network device in an SD-WAN system according to Embodiment 2 of the present invention;

4 is a flowchart of a method for synchronizing configuration information of a network device in an SD-WAN system according to Embodiment 3 of the present invention;

5 is a flowchart of a method for synchronizing configuration information of a network device in an SD-WAN system according to Embodiment 4 of the present invention;

6 is a schematic structural diagram of a moc class provided by an embodiment of the present invention;

FIG. 7 is a schematic structural diagram of a moc container class provided by an embodiment of the present invention;

8 is a schematic structural diagram of a moi data instance provided by an embodiment of the present invention;

9 is a schematic diagram of generating a configuration tree according to an embodiment of the present invention;

10 is a block diagram of an apparatus for synchronizing configuration information of a network device in an SD-WAN system according to Embodiment 5 of the present invention;

FIG. 11 is a hardware structural diagram of a computer device according to Embodiment 6 of the present invention.

Detailed ways

In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

The present invention provides a configuration information synchronization method, apparatus, computer equipment and computer-readable storage medium of network equipment in an SD-WAN system. In this SD-WAN system, the SD-WAN system includes a management and control platform and a network device. The management and control platform sends configuration information to the network device and configures the network device. The configuration information includes several configurations, and each configuration includes several configuration items. . When the operation or management personnel configure the network device on the management and control platform, the configuration information is written into the configuration database, and then the network device is configured according to the configuration information in the configuration database, and the successful configuration of the network device is recorded in the configuration file. When the service configuration of a certain network device changes, the configuration information of the network device in the configuration database is modified. At this time, the management and control platform obtains the changed configuration information in the configuration database, obtains the first configuration information, and uses the first configuration information. Generate the first configuration tree according to the reference relationship between the configurations, obtain the configuration information in the configuration file of the current network device, obtain the second configuration information, and generate the second configuration tree according to the reference relationship between the configurations according to the second configuration information; For all the nodes of the first configuration tree and the second configuration tree, the difference configuration information is obtained, and finally the difference configuration information is delivered to the network device. Through the present invention, when the service configuration of the network device changes, the configuration tree is constructed according to the configuration information in the configuration database and the configuration file, respectively, and the difference configuration information is obtained by comparing the two configuration trees, and finally only the difference configuration information is needed. It can be sent to the network device, which reduces the amount of data synchronized between the management and control platform and the network device, and the network device only needs to configure the difference part, which reduces the configuration time after the service of the network device is changed, reduces the time consumption, and reduces the Impact on business.

The specific embodiments of the method, apparatus, computer device, and computer-readable storage medium for synchronizing configuration information of network devices in the SD-WAN system provided by the present invention will be described in detail below.

Example 1

Embodiment 1 of the present invention provides a method for synchronizing configuration information of network devices in an SD-WAN system. The SD-WAN system includes a management and control platform and several network devices, and the management and control platform synchronizes configuration information to the network devices. When the service configuration of the network device changes, only the changed differential configuration is synchronized to the network device. Specifically, FIG. 1 is a flowchart of a method for synchronizing configuration information of a network device in an SD-WAN system provided by Embodiment 1 of the present invention, As shown in FIG. 1 , the method for synchronizing configuration information of a network device in an SD-WAN system provided by this embodiment includes the following steps S101 to S106.

Step S101: Acquire the configuration information of the network device stored in the configuration database to obtain the first configuration information.

The management and control platform includes a back-end and a front-end that provides a user interactive interface. Users can configure the networking relationship and business of the network devices in the SD-WAN system on the interactive interface. The back-end generates configuration information and modifies the configuration according to the user's input. The configuration information in the database is then synchronized to the network device. At the same time, the configured configuration information, that is, the configuration file, is stored on the management and control platform side. The configuration information includes several configurations, and each configuration includes several configuration items. When the user needs to modify the service configuration of the network device, etc., the modification operation can also be performed on the interactive interface, and the back end modifies the configuration information in the configuration database according to the content input by the user.

Optionally, the configuration information is a json file, and the json file includes json data, wherein each configuration is a piece of json data, and each configuration item is a parameter in the json data.

In this step, the management and control platform acquires the configuration information of the network device stored on the local side, and defines the acquired configuration information as the first configuration information.

Step S102: Generate a first configuration tree from the first configuration information according to the reference relationship between the configurations.

The configuration information includes multiple configurations. After the configuration tree is formed, each configuration corresponds to a node in the configuration tree, that is, the node corresponds to the configuration one-to-one. The reference relationship between the configurations defines the location and correlation of the nodes in the configuration tree. . For example, the configuration information includes security policy configuration, address group configuration, and address configuration, each of which corresponds to a node in the configuration tree. At the same time, the address group configuration is referenced based on the security policy configuration, the address group configuration refers to the relationship of the address configuration, and the security policy configuration corresponds to The node refers to the node corresponding to the address group configuration, and the node corresponding to the address group configuration refers to the node configured for the address.

2 is a schematic diagram of a configuration tree in an embodiment of the present invention. As shown in FIG. 2, taking the configuration tree as the first configuration tree as an example, the root node Dev of the configuration tree is the root of the configuration tree, and the parent node of each leaf node, A set of service policies that identify a network device, that is, configuration information. After all service configurations of a certain network device are abstracted into a configuration tree, all configurations in the configuration tree belong to the network device. The configuration tree includes 14 leaf nodes, of which there are 3 first-layer leaf nodes, each first-layer leaf node corresponds to a service policy type, and different first-layer leaf nodes can correspond to the same service policy type, among which, As shown in Figure 2, the first-layer leaf node Policy-1 corresponds to a security policy of a network device, and the network device's security policy may include multiple types. Correspondingly, the first-layer leaf node may also include Policy-2, Policy- 3, etc.; please continue to refer to Figure 2, the first layer leaf node PBR-1 is a routing policy, and its function is to select the outgoing line when the internal address goes out to access the Internet or other networks, for example, its application environment is: When a multi-link access application has a load distribution requirement, the outgoing link is selected according to a specified method when the internal network IP address goes out to access the Internet. The routing strategy of the network device can include multiple types. Correspondingly, the first-layer leaf node It can also include PBR-2, PBR-3, etc.; please continue to refer to Figure 2, the first-layer leaf node SNAT-1 is a source NAT policy, and its function is to translate the source address when the terminal device in the local area network accesses an external network address. Then the network device can access the external network through the network device. When requesting a reply, the network device can determine the terminal device in the local area network corresponding to the access, so that the address of the terminal device in the local area network will not be exposed to the outside world. The source NAT policy of the network device may include multiple types. Correspondingly, the first-layer leaf node may also include SNAT-2, SNAT-3, and so on.

As shown in Figure 2, the first-layer leaf node Policy-1 refers to the leaf node URL-PE-1, the leaf node URL-PE-1 is the URL security configuration file, and the leaf node ADDr-grp-1 is the address group in the security policy , the leaf node ADDr-1 is the address in the address group, the leaf node APP-1 is the application in the security policy and routing policy, the leaf node TUN-Inf-tun-1 is the tunnel interface in the routing policy, and the leaf node User-1 is the service user in the routing policy, the leaf node IPSec-1 is the tunnel in the routing policy, the leaf node IKE-1 is the IKE gateway, the leaf node IPSec-Prop-1 is the IPSec proposal, and the leaf node Inf-ge1 is the physical port of the tunnel , the leaf node IKE-Prop-1 is an IKE proposal.

Step S103: Obtain the configuration information in the configuration file of the network device to obtain the second configuration information.

The management and control platform reads the configuration information in the configuration file of the network device stored locally, which is defined as the second configuration information. The configuration information and the configuration information in the configuration database can use the same data structure, for example, the configuration file includes The configuration is configured with the json data defined in the configuration database using the same jsonschema file constraints.

Step S104: Generate a second configuration tree from the second configuration information according to the reference relationship between the configurations.

For the second configuration tree, reference may be made to FIG. 2 and the above related descriptions, which will not be repeated here.

Step S105: Obtain differential configuration information by comparing all nodes of the first configuration tree and the second configuration tree.

Optionally, the comparison is performed from the root node of the configuration tree, the leaf nodes of the first layer, the leaf nodes of the second layer... to the leaf nodes of the last layer, and the difference configuration information is obtained.

The differential configuration information includes several differential configurations, and the differential configuration includes deletion configuration, new configuration, and modified configuration. Specifically, the deletion configuration is the configuration that needs to be deleted on the network device side, and the newly added configuration is the configuration that needs to be added on the network device side. To modify the configuration, you need to modify some configuration items, add some configuration items, or delete some configuration items on the network device side.

Step S106: Deliver the differential configuration information to the network device.

Using the method for synchronizing configuration information of network devices in the SD-WAN system provided by this embodiment, when the operation or management personnel configures the network devices on the management and control platform, the configuration information is written into the configuration database, and then the configuration information in the configuration database is used according to the configuration information in the configuration database. Configure the network device, and record the successful configuration of the network device into the configuration file. When the service configuration of the network device changes, after the management and control platform updates the configuration information in the configuration database in response to the configuration operation, the changed part will also be changed. That is, the difference configuration information is synchronized to the network device. Specifically, the configuration information in the configuration database and the configuration information in the current configuration file are respectively mapped to the configuration tree, and then the difference configuration information is obtained by comparing the nodes of the two configuration trees, and then the following On the one hand, the synchronization method realizes the distribution of different configurations, which can reduce the amount of data synchronized from the management and control platform to the network equipment, and the network equipment only needs to configure the difference parts, reducing the business changes of the network equipment. On the other hand, in the traditional SDN system, switches or routers are generally used as network devices for networking, and all data is based on "flow". In this type of network equipment, the generation, maintenance, and distribution of flow tables are all implemented by the SDN controller. Each flow table has detailed flow entries, and each flow entry has corresponding parameters. , the configuration information is delivered based on the OpenFlow protocol, while the method based on the OpenFlow protocol can only deliver the configuration items supported in the flow table. In the SD-WAN system, the supported policies, objects, tunnel networking, qos and other functions in network devices are becoming more and more complex, and the method of delivering configuration information based on the OpenFlow protocol has been unable to adapt to network devices with complex configurations, that is, It cannot be delivered through the OpenFlow protocol, and the synchronization method provided in this embodiment has no limit to the complexity of the configuration information, and can process the configuration of any simple or complex network device.

Embodiment 2

On the basis of the above-mentioned first embodiment, the second embodiment of the present invention provides a preferred method for synchronizing configuration information of network devices in an SD-WAN system. The same technical features are only briefly described in this embodiment, and details can be Refer to Embodiment 1 above. Specifically, FIG. 3 is a flowchart of a method for synchronizing configuration information of a network device in an SD-WAN system according to Embodiment 2 of the present invention. As shown in FIG. 3 , the configuration information of the network device in the SD-WAN system provided by this embodiment is The configuration information synchronization method includes the following steps S201 to S209.

Step S201: Acquire the configuration information of the network device stored in the configuration database to obtain the first configuration information.

The configuration information includes several configurations, and each configuration includes several configuration items.

Step S202: Generate a first configuration tree from the first configuration information according to the reference relationship between the configurations.

Wherein, each node of the first configuration tree corresponds to a configuration in the first configuration information.

Step S203: Acquire the configuration information in the configuration file of the network device to obtain the second configuration information.

Step S204: Generate a second configuration tree from the second configuration information according to the reference relationship between the configurations.

Wherein, each node of the second configuration tree corresponds to a configuration in the second configuration information.

Step S205: Obtain difference configuration information by comparing all nodes of the first configuration tree and the second configuration tree.

The differential configuration information includes several differential configurations.

Step S206: Write the difference configuration in the failure record into the difference configuration information, and clear the failure record.

The failure record of the corresponding network device is set on the management and control platform side, which is used to record the difference configuration that fails to execute. After comparing the configuration tree to obtain the difference configuration information, the difference configuration in the failure record is obtained at the same time, and the difference configuration information is written and delivered together. to the network device.

Step S207: Deliver the differential configuration information to the network device.

After receiving the differential configuration information, the network device performs configuration processing according to each differential configuration in the differential configuration information, and feeds back the configuration execution result for each differential configuration to the management and control device.

Step S208: Receive a configuration execution result for each differential configuration fed back by the network device.

Step S209 : when the configuration execution result is that the execution fails, record the failed differential configuration in the failure record, and display the failure reason, and when the configuration execution result is that the execution is successful, update the successful differential configuration to the configuration file.

Among them, the difference configuration that fails to be executed is recorded in the failure record, and when the configuration information is delivered to the network device next time, the difference configuration in the failure record is issued again; the difference configuration that is successfully executed is recorded in the configuration file to ensure the current configuration file. The configuration in is consistent with the actual configuration of the network device.

By adopting the method for synchronizing configuration information of network devices in the SD-WAN system provided by this embodiment, a failure record is set for the differential configuration that fails to be performed by the network device. The failed differential configuration is written into the differential configuration information to implement re-delivery. After each differential configuration information is delivered, the failed differential configuration is written into the failure record for re-delivery, thus ensuring the complete delivery of the configuration information. ; Record the successfully executed differential configuration into the configuration file to ensure that the configuration in the current configuration file is consistent with the actual configuration of the network device, so that each time the configuration of the network device needs to be changed, the configuration information in the configuration database can be compared and the configuration information in the configuration file to deliver differentiated configurations.

Embodiment 3

On the basis of the above-mentioned first embodiment, the third embodiment of the present invention provides a preferred method for synchronizing configuration information of network devices in an SD-WAN system. The same technical features are only briefly described in this embodiment. Refer to Embodiment 1 above. Specifically, FIG. 4 is a flowchart of a method for synchronizing configuration information of a network device in an SD-WAN system provided by Embodiment 3 of the present invention. As shown in FIG. 4 , the configuration information of the network device in the SD-WAN system provided by this embodiment is The configuration information synchronization method includes the following steps S301 to S311.

Step S301: Acquire the configuration information of the network device stored in the configuration database to obtain the first configuration information.

The configuration information includes several configurations, and each configuration includes several configuration items.

Step S302: Generate a first configuration tree from the first configuration information according to the reference relationship between the configurations.

Wherein, each node of the first configuration tree corresponds to a configuration in the first configuration information.

Step S303: Acquire the configuration information in the configuration file of the network device to obtain the second configuration information.

Step S304: Generate a second configuration tree from the second configuration information according to the reference relationship between the configurations.

Wherein, each node of the second configuration tree corresponds to a configuration in the second configuration information.

The configuration is used to limit the service attributes of the network device, and the configuration information is a json file. The json file includes json data, and the configuration is json data. The json data is constrained and defined according to the json schema file. For steps S302 and S303, when generating a configuration tree from the configuration information according to the reference relationship between the configurations, the following steps may be specifically performed:

Step S31: Map the json schema file of the configuration information into a class structure, and the class structure can identify the reference relationship between the attributes of the network device and the rules that the attribute values should abide by.

The default class structure, which is the payhon representation of the json schema file. Optionally, the configuration in the configuration database and the configuration in the configuration file use the json data defined in advance and the same jsonschema file constraints and definitions, the json schema file is stored in the management and control platform, and the corresponding configuration is issued in the management and control platform. When the controller of the information to the network device starts, the json schema file is mapped to the corresponding class structure and stored in the cache.

Optionally, in an embodiment, the class structure is defined as a moc class. In the moc class, the parameters and methods included in the base class are as follows:

name: The name of the moc, which is the type of object being described.

primary_key: identifies the field in the corresponding json data as the primary key, uniquely identifying an object.

Attributes: The first-level attribute description of moc, which is a complex attribute.

attr_name_stack: moc attribute name collection.

attr_name_for_reference_moc: moc attribute reference collection.

get_primary_key(): Get the primary_key field recorded in the moc.

build_attr_name_stack(): The function to get attr_name_stack in moc.

The subclass includes the following methods:

dict:all_mocs: The key is the moc name, and the value is the dictionary corresponding to the moc.

func:__init_: Call the parse_one_file function to parse the schemas into moc in turn, and store them in the all_mocs dictionary.

func:parse_one_file: 1. Get the object type described by the schema, and set the moc name and primary_key; 2. Call the parse_items function to parse each attribute in the schema; 3. Set the attributes dictionary in the moc according to the parsing result.

func:parse_items: 1. According to the type of the attribute of this layer, determine whether the attribute is a simple attribute or a complex attribute. At present, the array and object types are complex attributes, and the others are simple attributes; 2. For simple attributes, set various identifiers of simple attributes , checkRule, and set the referenced moc type; 3. For complex attributes, recursively call the function until all attributes are simple attributes.

func:parse_constraints: 1. Parse the constraint combination of simple attributes, pick out the currently supported constraint check items, and use it to initialize the checkRule class of simple attributes. For example, through the stringCheck class, it supports the checking of string length and mode.

Step S32: Parse the json data, and map the json data to a data instance according to the moc.

Optionally, the structure of the data instance moi formed according to the predefined data format is as follows:

type: The object type to which the data instance belongs, obtained from json data, and the corresponding moc in the cache can be determined accordingly.

primary_key: which field in the data is found by moc ne_id: configuration set ID or device ID.

attach_type: The identifier is a public object of a policy set or configuration set, or an object on a remote device.

parent_moi: The data instance of the parent object that refers to the object, only corresponds to the case of one-to-one reference.

children_moi: a dictionary formed by the data instances of all the objects referenced by the object, the key of the dictionary is the type of children_moi, and the value is a dictionary composed of all the children_moi of this type referenced by the parent object, and the key of the dictionary is the primary key of each children_moi value, value is the corresponding single children_moi.

children_attributes: The python representation of json data, which is equivalent to calling the json.loads method on the json data.

Among them, a moi is a data instance of a type configuration object, obtained by parsing json data.

Step S33: Convert each moi corresponding to the configuration information into a configuration tree according to the reference relationship in the moi.

Among them, each data instance corresponding to the configuration information is a discrete moi, and all the discrete moi form a moi tree according to the reference relationship in the moi. The generated tree structure is also a configuration tree, which contains all the objects required by a configuration information. Moi of resources, and can clearly indicate the hierarchical relationship between them.

Step S305: Compose all the first-level leaf nodes of the first configuration tree into a first set, and combine all the first-level leaf nodes of the second configuration tree into a second set.

Step S306: Circulate all configurations in the first set, and determine whether the first configuration exists in the second set according to the configuration identifier of the first configuration in the first set. If the first configuration does not exist in the second set, the first configuration and the The configurations corresponding to all branch nodes of the node where the first configuration is located in the first configuration tree are newly added configurations. If the first configuration exists in the second set, the first configuration and all branches of the node where the first configuration is located in the first configuration tree are combined. The configurations corresponding to the nodes form a third set, and the configurations corresponding to all branch nodes of the nodes where the first configuration is located in the first configuration and the second configuration tree form a fourth set;

Step S307: Circulate all configurations in the second set, and determine whether there is a second configuration in the first set according to the configuration identifier of the second configuration in the second set. If the second configuration does not exist in the first set, the second configuration and The configuration corresponding to all branch nodes of the node where the second configuration is located in the second configuration tree is the deletion configuration;

Step S308: Circulate all configurations in the third set, and determine whether there is a third configuration in the fourth set according to the configuration identifier of the third configuration in the third set. If the third configuration does not exist in the fourth set, the third configuration is: Add a new configuration. If there is a third configuration in the fourth set, compare the third configuration in the third set with each configuration item of the third configuration in the fourth set. If there are any one or more configuration items If different, the third configuration is to modify the configuration;

Step S309: Circulate all configurations in the fourth set, and determine whether there is a fourth configuration in the third set according to the configuration identifier of the fourth configuration in the fourth set. If the fourth configuration does not exist in the third set, the fourth configuration is: Delete configuration.

Step S310 : Use newly added configuration, modified configuration and deleted configuration to form differential configuration information, and sort the configurations in the differential configuration information according to the sequence of newly added configuration, modified configuration and deleted configuration.

Step S311: Deliver the differential configuration information to the network device.

By adopting the method for synchronizing configuration information of network devices in the SD-WAN system provided by this embodiment, all business configurations of network devices are constrained and defined in advance in the management and control platform according to json schemas to ensure the correctness of each type of configuration; the management and control platform When the application starts, the corresponding moc will be generated according to the pre-defined jsonschemas and stored in the cache; when the business configuration of the network device in the management and control platform changes, the configuration database and the configuration file of the network device stored locally on the management and control platform will be obtained respectively. According to the configuration information in the moc, the moi is generated according to the configuration relationship defined in the moc, and then each moi is formed into a configuration tree whose configuration depends on each other. Finally, the difference configuration information composed of the difference configuration is obtained, which ensures that after the network device supports the advanced function, the configuration difference can be accurately compared and the configuration difference is synchronized to the network device. Optionally, convert each type of configuration in the differential configuration information into a json format recognizable by the network device according to the moi, store all the differential configurations in a differential configuration file, and finally send the differential configuration file through the configuration delivery channel. Delivered to network devices.

Embodiment 4

The fourth embodiment of the present invention provides an SD-WAN system. The SD-WAN system includes a management and control platform and a network device. In this embodiment, the network device is a firewall as an example to describe the configuration of the network device in the SD-WAN system. For the information synchronization method and related technical features, reference may also be made to any of the above-mentioned embodiments. It should be noted that the network device in the present invention is not limited to a firewall, but may also be other communication devices. Through this method, in the process of centralized management and control of network devices by the management and control platform, different configuration trees are generated according to the two business configurations in the configuration database and the local configuration file of the management and control platform each time the configuration is issued, and the two configuration trees are generated. Perform configuration comparison to generate incremental network device difference configuration information, so as to achieve the purpose of only synchronizing the incremental configuration. Specifically, FIG. 5 is a flowchart of a method for synchronizing configuration information of a network device in an SD-WAN system according to Embodiment 4 of the present invention. As shown in FIG. 5 , the network device in the SD-WAN system provided by this embodiment has a The configuration information synchronization method includes the following steps S401 to S414.

Step S401: The management and control platform retrieves the configuration information of the network device in the configuration database according to the device id and user_id.

In the SD-WAN system, a database for storing the configuration information of network devices is set, that is, the configuration database. Through the device id and user_id (user id) of the network device, the configuration information of the network device can be found in the configuration database.

Step S402: The management and control platform generates a db_moi_tree according to the configuration information.

The configuration information includes multiple configurations, each configuration corresponds to a json data, and the jsonschema file corresponding to the configuration information is converted into a moc class. FIG. 6 is a schematic structural diagram of a moc class provided by an embodiment of the present invention, and FIG. 7 is an embodiment of the present invention. The provided moc container class structure diagram, as shown in Figure 6 and Figure 7, the jsonschema file of the configuration information of each network device corresponds to a moc, and a moc is the python structure representation of the jsonschema of a certain type of object, which indicates a certain type of object The relationship between the attributes and the stipulation that the value of the attribute should abide by, parse the entire content of the json schema, and put it into the moc container class for use.

A moi data instance is generated for each configuration, and FIG. 8 is a schematic structural diagram of a moi data instance provided by an embodiment of the present invention. As shown in FIG. 8 , a moi is a data instance of a configuration object of a certain type, and is parsed according to the actual data of the configuration 9 is a schematic diagram of generating a configuration tree provided by an embodiment of the present invention. As shown in FIG. 9, all discrete moi data instances form a moi tree according to the reference relationship defined in the json schema to generate a tree-like structure , which contains the moi of all object resources required by a configuration set, and can clearly indicate the hierarchical relationship between them.

Step S403: The management and control platform retrieves the device configuration information from the locally stored device configuration file.

Step S404: The management and control platform generates a dev_moi_tree according to the configuration information.

Step S405: The management and control platform generates configuration difference information based on db_moi_tree and dev_moi_tree, including adding, modifying, deleting, and the like.

Step S406 : The management and control platform sorts the difference configurations in the generated difference information, adding a configuration first, modifying a configuration second, and deleting a configuration again.

After the comparison of all nodes in the moi type set is completed, a differential configuration information will be generated. Since there is a reference relationship between the differential configurations in the differential configuration information, when the network device performs the differential configuration in sequence, if the referenced differential configuration is deleted, the referenced differential configuration will be deleted. It will fail to execute, and an error will be reported if the difference configuration that has not been added is referenced when adding or modifying. The above problem can be solved by sorting the difference configuration in the difference configuration information. Specifically, because the configuration tree itself is based on the reference relationship in the moc Therefore, when sorting, you do not need to care about the order of different types of configurations. Therefore, the sorting rules can be defined as adding class configuration first, modifying class configuration second, and deleting class configuration last.

Step S407: The management and control platform converts the differential configuration information into a configuration structure recognized by the firewall, such as json, xml, and the like.

Step S408: The management and control platform writes the differential configuration information into the differential configuration file, and sends a command to obtain the differential configuration file to the firewall.

Step S409: After receiving the command to obtain the differential configuration file, the firewall actively obtains the differential configuration file from the management and control platform.

Step S410: The firewall executes each differential configuration in the differential configuration file in a loop, and returns the execution result to the management and control platform.

Step S411: The management and control platform cyclically receives the device configuration execution result, and determines which configuration execution result is according to the returned information.

Step S412: The management and control platform determines whether the execution result is correct.

Step S413: If the execution is successful, the management and control platform updates the differential configuration of this article to the configuration file to ensure that the configuration in the configuration file is consistent with the real configuration on the network device side.

Step S414: If the execution fails, the management and control platform records the failure information, and displays the reason for the configuration execution failure to the user.

With the SD-WAN system provided in this embodiment, network equipment is provided in the SD-WAN system of the backbone network supporting cloud computing, and the network equipment supports zero-configuration online, that is, network administrators do not need to perform relevant network configuration on a single network equipment, all The configuration of the network equipment is handed over to the management and control platform for centralized management and settings; the management and control platform will centrally manage and control the configuration of the network equipment. Through the present invention, the concept of incremental synchronization configuration of the network equipment is realized, and the network equipment needs to be configured every time When synchronizing, only the configuration added, deleted or modified this time will be distributed, and other configurations do not need to be distributed. After each distribution is completed, the configuration distribution results will be counted, and the correct configuration will be synchronized to the configuration file, and the record part will be recorded. Indicates the reason for the failure to deliver the configuration, and continues to deliver it to the network device the next time the configuration is synchronized. When implementing incremental delivery, different configuration trees are generated according to the two service configurations in the configuration database and the local configuration file of the management and control platform, and the configuration of the two configuration trees is compared to generate incremental network device differential configurations. information to achieve the purpose of synchronizing only the incremental configuration.

Embodiment 5

Corresponding to Embodiment 1 above, Embodiment 5 of the present invention provides an apparatus for synchronizing configuration information of a network device in an SD-WAN system. FIG. 10 is a configuration of a network device in the SD-WAN system provided by Embodiment 5 of the present invention. As shown in FIG. 10 , the block diagram of the information synchronization apparatus includes: a first obtaining module 501 , a first generating module 502 , a second obtaining module 503 , a second generating module 504 , a first processing module 505 and a sending module 506 .

Wherein, the first obtaining module 501 is used for obtaining the configuration information of the network device stored in the configuration database to obtain the first configuration information, wherein the configuration information includes several configurations, and each configuration includes several configuration items; the first generating module 502 is used for converting The first configuration information generates a first configuration tree according to the reference relationship between the configurations, wherein each node of the first configuration tree corresponds to a configuration in the first configuration information; the second obtaining module 503 is used to obtain the configuration file of the network device. The second configuration information is obtained, and the second configuration information is obtained; the second generation module 504 is configured to generate the second configuration tree according to the reference relationship between the configurations according to the second configuration information, wherein each node of the second configuration tree corresponds to the second configuration information in the second configuration information. a configuration; the first processing module 505 is used to obtain difference configuration information by comparing all nodes of the first configuration tree and the second configuration tree, wherein the difference configuration information includes several difference configurations; the sending module 506 is used to send the difference configuration The information is sent to the network device.

Optionally, in an embodiment, the apparatus for synchronizing configuration information of the network device in the SD-WAN system further includes a receiving module and a second processing module, wherein the receiving module is used to deliver the difference configuration information to the network device. Afterwards, receive the configuration execution result for each differential configuration fed back by the network device; the second processing module is configured to record the failed differential configuration in the failure record when the configuration execution result is an execution failure, and display the failure reason, when the configuration is executed When the result is that the execution is successful, the successful differential configuration is updated to the configuration file.

Optionally, in an embodiment, the apparatus for synchronizing the configuration information of the network device in the SD-WAN system further includes a third processing module, and the third processing module is configured to, before delivering the difference configuration information to the network device, The differential configuration in the failure record is written to the differential configuration information, and the failure record is cleared.

Optionally, in an embodiment, the differential configuration includes adding a configuration, modifying a configuration, and deleting a configuration, and the first processing module specifically performs the following steps:

All the first-level leaf nodes of the first configuration tree are composed of the first set, and all the first-level leaf nodes of the second configuration tree are composed of the second set; all configurations in the first set are circulated, according to the first set of The configuration identifier of a configuration determines whether the first configuration exists in the second set. If the first configuration does not exist in the second set, the first configuration corresponds to the configuration of all branch nodes of the node where the first configuration is located in the first configuration tree as Add a new configuration. If there is a first configuration in the second set, combine the first configuration and the configurations corresponding to all branch nodes of the node where the first configuration is located in the first configuration tree to form a third set, and combine the first configuration and the second configuration tree The configurations corresponding to all branch nodes of the node where the first configuration is located form a fourth set; all configurations in the second set are circulated, and whether there is a second configuration in the first set is determined according to the configuration identifier of the second configuration in the second set, if If the second configuration does not exist in the first set, then the second configuration and the configuration corresponding to all branch nodes of the node where the second configuration is located in the second configuration tree is the deletion configuration; The configuration identifier of the third configuration determines whether the third configuration exists in the fourth set. If the third configuration does not exist in the fourth set, the third configuration is a newly added configuration. If the third configuration exists in the fourth set, the third configuration is added. The third configuration in the set is compared with each configuration item of the third configuration in the fourth set. If any one or more configuration items are different, the third configuration is the modified configuration; configuration, according to the configuration identifier of the fourth configuration in the fourth set to determine whether the fourth configuration exists in the third set, if the fourth configuration does not exist in the third set, the fourth configuration is to delete the configuration.

Optionally, in an embodiment, the apparatus for synchronizing configuration information of a network device in the SD-WAN system further includes a control module configured to control the network device to perform configuration in the order of adding configuration, modifying configuration, and deleting configuration.

Optionally, in an embodiment, the control module sorts the configurations in the differential configuration information according to the order of newly added configuration, modified configuration and deleted configuration, so as to control the network device according to the newly added configuration, modified configuration and deleted configuration. The configuration is executed in the order in which the configuration is deleted.

Optionally, in an embodiment, the configuration is used to define service attributes of the network device, the configuration information is a json file, the json file includes json data, and the configuration is json data, the first generation module and the second generation module are respectively The specific steps are as follows:

Map the json schema file corresponding to the json file into a class structure, which can identify the reference relationship between various service attributes of the network device and the value of the service attribute; parse the json data, and map the json data into data instances according to the class structure; Each data instance corresponding to the configuration information is converted into a configuration tree, wherein when the configuration information is the first configuration information, the configuration tree is the first configuration tree, and when the configuration information is the second configuration information, the configuration tree is the second configuration tree.

Embodiment 6

The fifth embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server, or a cabinet server that can execute programs (including independent servers, or a server cluster composed of multiple servers), etc. As shown in FIG. 11 , the computer device 01 in this embodiment at least includes but is not limited to: a memory 011 and a processor 012 that can be communicatively connected to each other through a system bus, as shown in FIG. 11 . It should be pointed out that FIG. 11 only shows the computer device 01 having the component memory 011 and the processor 012, but it should be understood that it is not required to implement all the shown components, and more or less may be implemented instead. components.

In this embodiment, the memory 011 (that is, a readable storage medium) includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), Programmable Read Only Memory (PROM), Magnetic Memory, Magnetic Disk, Optical Disk, etc. In some embodiments, the memory 011 may be an internal storage unit of the computer device 01 , such as a hard disk or a memory of the computer device 01 . In other embodiments, the memory 011 may also be an external storage device of the computer device 01, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), a secure digital (Secure Digital, SD) card, flash memory card (Flash Card), etc. Of course, the memory 011 may also include both the internal storage unit of the computer device 01 and its external storage device. In this embodiment, the memory 011 is generally used to store the operating system and various application software installed in the computer device 01, such as the program code of the configuration information synchronization apparatus of the network device in the SD-WAN system of the fourth embodiment. In addition, the memory 011 can also be used to temporarily store various types of data that have been output or will be output.

The processor 012 may be a central processing unit (Central Processing Unit, CPU), a controller, a microcontroller, a microprocessor, or other data processing chips in some embodiments. The processor 012 is typically used to control the overall operation of the computer device 01 . In this embodiment, the processor 012 is configured to run program codes or process data stored in the memory 011, such as a method for synchronizing configuration information of network devices in the SD-WAN system.

Embodiment 7

This embodiment also provides a computer-readable storage medium, such as a flash memory, a hard disk, a multimedia card, a card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), only Read-only memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Programmable Read-Only Memory (PROM), magnetic memory, magnetic disk, optical disk, server, App application mall, etc., on which computer programs are stored, When the program is executed by the processor, the corresponding function is realized. The computer-readable storage medium of this embodiment is used to store the configuration information synchronization device of the network device in the SD-WAN system, and when executed by the processor, implements the configuration information synchronization method of the network device in the SD-WAN system of the first embodiment.

It should be noted that, herein, the terms "comprising", "comprising" or any other variation thereof are intended to encompass non-exclusive inclusion, such that a process, method, article or device comprising a series of elements includes not only those elements, It also includes other elements not expressly listed or inherent to such a process, method, article or apparatus. Without further limitation, an element qualified by the phrase "comprising a..." does not preclude the presence of additional identical elements in a process, method, article or apparatus that includes the element.

The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.

From the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation.

The above are only preferred embodiments of the present invention, and are not intended to limit the scope of the present invention. Any equivalent structure or equivalent process transformation made by using the contents of the description and drawings of the present invention, or directly or indirectly applied in other related technical fields , are similarly included in the scope of patent protection of the present invention.

Claims (8)

1. A method for synchronizing configuration information of network equipment in an SD-WAN system, wherein the SD-WAN system comprises a management and control platform and the network equipment, and the method comprises the following steps:

acquiring configuration information of the network equipment stored in a configuration database to obtain first configuration information, wherein the configuration information comprises a plurality of configurations, each configuration comprises a plurality of configuration items, after a configuration tree is formed, each configuration corresponds to a node in the configuration tree, and the reference relationship existing among the configurations defines the position and the correlation relationship of the nodes in the configuration tree;

generating a first configuration tree by the first configuration information according to the reference relation among the configurations, wherein each node of the first configuration tree corresponds to one configuration in the first configuration information;

acquiring the configuration information in the configuration file of the network equipment to obtain second configuration information;

generating a second configuration tree by using the second configuration information according to the reference relation among the configurations, wherein each node of the second configuration tree corresponds to one configuration in the second configuration information;

obtaining difference configuration information by comparing all nodes of the first configuration tree and the second configuration tree, wherein the difference configuration information comprises a plurality of difference configurations, and the difference configurations comprise a newly added configuration, a modified configuration and a deleted configuration;

sending the difference configuration information to the network equipment; and

controlling the network equipment to execute configuration according to the sequence of the newly added configuration, the modified configuration and the deleted configuration;

wherein the step of obtaining the differential configuration information by comparing all nodes of the first configuration tree and the second configuration tree comprises:

forming all first-layer leaf nodes of the first configuration tree into a first set, and forming all first-layer leaf nodes of the second configuration tree into a second set;

circulating all the configurations in the first set, judging whether the first configuration exists in the second set according to the configuration identifier of the first configuration in the first set, if the first configuration does not exist in the second set, configuring the first configuration and all the branch nodes of the node where the first configuration is located in the first configuration tree into the newly added configuration, if the first configuration exists in the second set, forming the first configuration and the configuration corresponding to all the branch nodes of the node where the first configuration is located in the first configuration tree into a third set, and forming the first configuration and the configuration corresponding to all the branch nodes of the node where the first configuration is located in the second configuration tree into a fourth set;

circulating all configurations in the second set, judging whether the second configuration exists in the first set according to the configuration identifier of the second configuration in the second set, and if the second configuration does not exist in the first set, configuring the second configuration and all branch nodes of the node where the second configuration exists in the second configuration tree into the deletion configuration;

circulating all the configurations in the third set, judging whether the third configuration exists in the fourth set according to the configuration identifier of the third configuration in the third set, if the third configuration does not exist in the fourth set, comparing each configuration item of the third configuration in the third set with each configuration item of the third configuration in the fourth set, if any one or more configuration items are different, determining that the third configuration exists in the fourth set;

and circulating all the configurations in the fourth set, judging whether the fourth configuration exists in the third set according to the configuration identifier of the fourth configuration in the fourth set, and if the fourth configuration does not exist in the third set, the fourth configuration is the deletion configuration.

2. The method for synchronizing configuration information of network devices in an SD-WAN system according to claim 1, wherein after the sending the differential configuration information to the network devices, the method further comprises:

receiving configuration execution results fed back by the network equipment for each of the different configurations;

when the configuration execution result is execution failure, recording the failed difference configuration into a failure record, and displaying the failure reason;

and when the configuration execution result is that the execution is successful, updating the successful difference configuration to the configuration file.

3. The method for synchronizing configuration information of network devices in an SD-WAN system according to claim 2, wherein before sending the differential configuration information to the network devices, the method further comprises: and writing the difference configuration in the failure record into the difference configuration information, and clearing the failure record.

4. The method for synchronizing configuration information of network devices in an SD-WAN system according to claim 1, wherein the step of controlling the network devices to perform configuration in the order of the addition configuration, the modification configuration, and the deletion configuration comprises:

and sequencing the difference configuration in the difference configuration information according to the sequence of the newly added configuration, the modified configuration and the deleted configuration.

5. The method according to claim 1, wherein the configuration is used to define service attributes of the network device, the configuration information is a json file, the configuration is json data, and the step of generating the configuration tree from the configuration information according to a reference relationship between configurations includes:

mapping a json schema file corresponding to the json file into a class structure, wherein the class structure can identify a reference relation among all service attributes of the network equipment and a value of the service attribute;

analyzing the json data, and mapping the json data into a data instance according to the class structure;

and converting each data instance corresponding to the configuration information into a configuration tree, wherein when the configuration information is the first configuration information, the configuration tree is the first configuration tree, and when the configuration information is the second configuration information, the configuration tree is the second configuration tree.

6. The configuration information synchronization device of a network device in an SD-WAN system, characterized in that the SD-WAN system comprises a management and control platform and a network device, the device is arranged on the management and control platform, and the device comprises:

a first obtaining module, configured to obtain configuration information of the network device stored in a configuration database, to obtain first configuration information, where the configuration information includes a plurality of configurations, and each configuration includes a plurality of configuration items;

a first generating module, configured to generate a first configuration tree from the first configuration information according to a reference relationship between configurations, where each node of the first configuration tree corresponds to one of the configurations in the first configuration information;

the second obtaining module is used for obtaining the configuration information in the configuration file of the network equipment to obtain second configuration information;

a second generating module, configured to generate a second configuration tree from the second configuration information according to a reference relationship between configurations, where each node of the second configuration tree corresponds to one of the configurations in the second configuration information;

the first processing module is used for obtaining difference configuration information by comparing all nodes of the first configuration tree with all nodes of the second configuration tree, wherein the difference configuration information comprises a plurality of difference configurations, and the difference configurations comprise a new configuration, a modified configuration and a deleted configuration;

a sending module, configured to send the difference configuration information to the network device; and

a control module, configured to control the network device to execute configuration according to the sequence of the new configuration, the modified configuration and the deleted configuration,

the first processing module specifically executes the following steps:

forming all first-layer leaf nodes of the first configuration tree into a first set, and forming all first-layer leaf nodes of the second configuration tree into a second set;

circulating all the configurations in the first set, judging whether the first configuration exists in the second set according to the configuration identifier of the first configuration in the first set, if the first configuration does not exist in the second set, configuring the first configuration and all the branch nodes of the node where the first configuration is located in the first configuration tree into the newly added configuration, if the first configuration exists in the second set, forming the first configuration and the configuration corresponding to all the branch nodes of the node where the first configuration is located in the first configuration tree into a third set, and forming the first configuration and the configuration corresponding to all the branch nodes of the node where the first configuration is located in the second configuration tree into a fourth set;

circulating all configurations in the second set, judging whether the second configuration exists in the first set according to the configuration identifier of the second configuration in the second set, and if the second configuration does not exist in the first set, configuring the second configuration and all branch nodes of the node where the second configuration exists in the second configuration tree into the deletion configuration;

circulating all the configurations in the third set, judging whether the third configuration exists in the fourth set according to the configuration identifier of the third configuration in the third set, if the third configuration does not exist in the fourth set, comparing each configuration item of the third configuration in the third set with each configuration item of the third configuration in the fourth set, if any one or more configuration items are different, determining that the third configuration exists in the fourth set;

and circulating all the configurations in the fourth set, judging whether the fourth configuration exists in the third set according to the configuration identifier of the fourth configuration in the fourth set, and if the fourth configuration does not exist in the third set, the fourth configuration is the deletion configuration.

7. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1 to 5 are implemented by the processor when executing the computer program.

8. A computer-readable storage medium having stored thereon a computer program, characterized in that: the computer program when executed by a processor implements the steps of the method of any one of claims 1 to 5.

Images