CN112256387A - Container migration method in container cloud platform - Google Patents
Container migration method in container cloud platform Download PDFInfo
- Publication number
- CN112256387A CN112256387A CN202011082140.XA CN202011082140A CN112256387A CN 112256387 A CN112256387 A CN 112256387A CN 202011082140 A CN202011082140 A CN 202011082140A CN 112256387 A CN112256387 A CN 112256387A
- Authority
- CN
- China
- Prior art keywords
- node
- load
- container
- representing
- computing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/4557—Distribution of virtual machine instances; Migration and load balancing
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
A container migration method in a container cloud platform is characterized in that when a container is migrated, the performance and the type of a target computing node are considered, and meanwhile, the target computing node of the container migration is selected by combining the integrity, the reliability, the availability and the system security level, wherein the measurement of the credibility of the computing node is evaluated from the two aspects of direct credibility and recommended credibility, and a container credible migration algorithm meeting performance constraints is designed. According to experimental results, compared with the traditional algorithm, in the aspect of the load value of each computing node, the standard deviation is reduced by 51.7%, the range is reduced by 52%, and in the aspect of the number of extra container migration caused by downtime of the computing node, the method is reduced by 48.4%.
Description
Technical Field
The invention belongs to the technical field of container cloud platforms, and particularly relates to a container migration method in a container cloud platform.
Background
In the operation process of the container cloud platform, load imbalance among a plurality of computing nodes often occurs, or one computing node fails, or the condition that part or all of containers on one computing node need to be migrated to other computing nodes is caused by personalized requirements of users, and the core problem of container migration is how to select a target computing node. However, the current container migration algorithm only considers the requirement of the container for the type of the computing node, for example, a compute-intensive container is dispatched to a computing node with stronger processor capability, a network-intensive container is dispatched to a node with larger network bandwidth, a storage-intensive container is dispatched to a computing node with a hard disk being an SSD hard disk, and the main indexes for measuring whether the target computing node is appropriate are whether the load of the whole cluster is balanced and whether the processing performance of the container is efficient.
However, at present, the security characteristics of the target node are not considered during container migration in the container cloud platform, and the security level of the computing node is not considered in the same way by different computing tasks.
Disclosure of Invention
In order to solve the above problems, the present invention provides a method for migrating a container in a container cloud platform, where the method includes the steps of:
acquiring a container to be migrated and all computing nodes in a container cloud platform;
calculating the direct credibility and the recommended credibility of each computing node;
calculating the comprehensive reliability and the average value of the comprehensive reliability of each computing node according to the direct reliability and the recommended reliability;
acquiring a load condition corresponding to each computing node;
according to the load condition, correspondingly dividing all the computing nodes into a light load node set, a medium load node set or a heavy load node set;
judging whether the light-load node set is not empty;
if so, acquiring a first computing node with the minimum load and the comprehensive reliability greater than the average value of the comprehensive reliability in the light-load node set, and transferring the container to the first computing node;
if not, judging whether the intermediate load node set is not empty;
if so, acquiring a second computing node with the maximum comprehensive credibility in the intermediate load node set, and migrating the container to the second computing node;
if not, judging whether the heavy-load node set is not empty;
if so, acquiring a third computing node with the minimum load in the heavy-load node set, and migrating the container to the third computing node;
if not, returning to the step of judging whether the light load node set is not empty.
Preferably, the expression of the direct credibility is:
wherein, t'iRepresenting a computing node ciDirect confidence of iniRepresenting a computing node ciDegree of integrity of (de)iRepresenting a computing node ciReliability of aviRepresenting a computing node ciAvailability of (e), seiRepresenting a computing node ciSecurity level of alphai(i-1, 2,3,4) represents a weight, and
preferably, the expression of the recommendation confidence level is:
wherein, t "iRepresenting a computing node ciRecommendation confidence, idiRepresenting a computing node ciIn-degree, EXP () represents an exponential function with e as the base, wiRepresenting a computing node cjTo the computing node ciThe weight of the edge.
Preferably, the expression of the integrated reliability is:
wherein, tiRepresenting a computing node ciAlpha represents a credibility factor, and alpha belongs to [0,1 ]],t’iRepresenting a computing node ciDirect confidence of (1), t "iRepresenting a computing node ciRecommendation confidence of (1).
Preferably, the expression of the integrated reliability average value is:
wherein the content of the first and second substances,
represents the integrated confidence mean, t, of all compute nodesiRepresenting a computing node ciAnd N represents the total number of the computing nodes.
Preferably, the allocating all the computing nodes into a light-load node set, a medium-load node set or a heavy-load node set according to the load condition includes:
presetting node light load threshold llightAnd node override threshold/heavy(ii) a Wherein, 0 < llight<lheavy<1;
Presetting a first empty set ClightA second empty set CnormalAnd a third empty set Cheavy(ii) a Judging whether the load corresponding to each computing node is less than or equal to the node light load threshold value;
if so, dividing the computing nodes into the first empty set and obtaining the light load node set;
if not, judging whether the load corresponding to each computing node is greater than or equal to the node heavy load threshold value;
if so, dividing the computing nodes into the third empty set and obtaining the reloading node set;
if not, the computing nodes are divided into the second empty set, and the intermediate load node set is obtained.
Preferably, the expression of the light load node set is as follows:
Clight={cj|1≤j≤N,0≤lj≤llight},
wherein, ClightRepresenting a lightly loaded node set, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of llightIndicating a node underload threshold.
Preferably, the expression of the intermediate load node set is as follows:
Cnormal={cj|1≤j≤N,llight<lj<lheavy},
wherein, CnormalRepresenting a set of intermediate nodes, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of llightIndicating node underload threshold,/heavyIndicating a node reload threshold.
Preferably, the expression of the reloading node set is as follows:
Cheavy={cj|1≤j≤N,lheavy≤lj≤1},
wherein, CheavyRepresenting a set of overloaded nodes, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of lheavyIndicating a node reload threshold.
The method comprises the steps that when a container is migrated, the performance and the type of a target computing node are considered, and meanwhile, the target computing node of the container migration is selected by combining the integrity, the reliability, the availability and the system security level, wherein the measurement of the credibility of the computing node is evaluated from the two aspects of direct credibility and recommended credibility. And a container trusted migration algorithm meeting performance constraints is designed. According to experimental results, compared with the traditional algorithm, in the aspect of the load value of each computing node, the standard deviation is reduced by 51.7%, the range is reduced by 52%, and in the aspect of the number of extra container migration caused by downtime of the computing node, the method is reduced by 48.4%.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without inventive exercise.
FIG. 1 is a schematic flow chart of a container migration method in a container cloud platform according to the present invention;
FIG. 2 is a comparison diagram of a container migration method and a TPMA algorithm in a container cloud platform according to the present invention;
fig. 3 is a schematic comparison diagram of a container migration method in a container cloud platform and a TTMA algorithm provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings in conjunction with the following detailed description. It should be understood that the description is intended to be exemplary only, and is not intended to limit the scope of the present invention. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present invention.
As shown in fig. 1, in an embodiment of the present application, the present invention provides a method for migrating a container in a container cloud platform, where the method includes the steps of:
s1: acquiring a container to be migrated and all computing nodes in a container cloud platform;
s2: calculating the direct credibility and the recommended credibility of each computing node;
s3: calculating the comprehensive reliability and the average value of the comprehensive reliability of each computing node according to the direct reliability and the recommended reliability;
s4: acquiring a load condition corresponding to each computing node;
s5: according to the load condition, correspondingly dividing all the computing nodes into a light load node set, a medium load node set or a heavy load node set;
s6: judging whether the light-load node set is not empty;
s7: if so, acquiring a first computing node with the minimum load and the comprehensive reliability greater than the average value of the comprehensive reliability in the light-load node set, and transferring the container to the first computing node;
s8: if not, judging whether the intermediate load node set is not empty;
s9: if so, acquiring a second computing node with the maximum comprehensive credibility in the intermediate load node set, and migrating the container to the second computing node;
s10: if not, judging whether the heavy-load node set is not empty;
s11: if so, acquiring a third computing node with the minimum load in the heavy-load node set, and migrating the container to the third computing node;
s12: if not, returning to the step of judging whether the light load node set is not empty.
When the method is used for migrating the container in the container cloud platform, firstly, the container to be migrated and all the computing nodes in the container cloud platform are obtained, and the direct reliability and the recommended reliability of each computing node are calculated; then, calculating the comprehensive reliability and the comprehensive reliability average value of each computing node according to the direct reliability and the recommended reliability; then acquiring the load condition corresponding to each computing node, and correspondingly dividing all the computing nodes into a light-load node set, a medium-load node set or a heavy-load node set according to the load condition; when a container is migrated, firstly, considering a light-load node set, judging whether the light-load node set is not empty, when the light-load node set is not an empty set, acquiring a first computing node with the lowest load and the comprehensive reliability of which is greater than the average value of the comprehensive reliabilities in the light-load node set, and migrating the container to the first computing node; when the light load node set is an empty set, the intermediate load node set is preferentially considered at the moment, whether the intermediate load node set is not empty is judged, and when the intermediate load node set is not an empty set, a second computing node with the maximum comprehensive credibility in the intermediate load node set is obtained at the moment, and the container is migrated to the second computing node; when the intermediate load node set is an empty set, considering the heavy load node set again at the moment, and judging whether the heavy load node set is not empty; when the reloading node set is not an empty set, acquiring a third computing node with the minimum load in the reloading node set, and migrating the container to the third computing node; and when the heavy-load node set is an empty set, returning to the step of judging whether the light-load node set is not empty, and circulating the operation.
In the embodiment of the present application, the expression of the direct reliability in step S2 is:
wherein, t'iRepresenting a computing node ciDirect confidence of iniRepresenting a computing node ciDegree of integrity of (de)iRepresenting a computing node ciReliability of aviRepresenting a computing node ciAvailability of (e), seiRepresenting a computing node ciSecurity level of alphai(i-1, 2,3,4) represents a weight, and
in the embodiment of the present application, the expression of the recommendation reliability in step S2 is:
wherein, t "iRepresentation calculationNode ciRecommendation confidence, idiRepresenting a computing node ciIn-degree, EXP () represents an exponential function with e as the base, wjRepresenting a computing node cjTo the computing node ciThe weight of the edge.
In the embodiment of the present application, the expression of the comprehensive reliability in step S3 is:
wherein, tiRepresenting a computing node ciAlpha represents a credibility factor, and alpha belongs to [0,1 ]],t’iRepresenting a computing node ciDirect confidence of (1), t "iRepresenting a computing node ciRecommendation confidence of (1).
In the embodiment of the present application, the expression of the average value of the integrated reliability in step S3 is:
wherein the content of the first and second substances,
represents the integrated confidence mean, t, of all compute nodesiRepresenting a computing node ciAnd N represents the total number of the computing nodes.
In this embodiment of the present application, the step of dividing all the computing nodes into a light load node set, a medium load node set, or a heavy load node set according to the load condition in step S5 includes the steps of:
presetting node light load threshold llightAnd node override threshold/heavy(ii) a Wherein, 0 < llight<lheavy<1;
Presetting a first empty set ClightA second empty set CnormalAnd a third empty set Cheavy;
Judging whether the load corresponding to each computing node is less than or equal to the node light load threshold value;
if so, dividing the computing nodes into the first empty set and obtaining the light load node set;
if not, judging whether the load corresponding to each computing node is greater than or equal to the node heavy load threshold value;
if so, dividing the computing nodes into the third empty set and obtaining the reloading node set;
if not, the computing nodes are divided into the second empty set, and the intermediate load node set is obtained.
In the embodiment of the application, firstly, a node light load threshold l is presetlightAnd node override threshold/heavyAnd a first null set, a second null set, and a third null set, wherein 0 < llight<lheavyLess than 1; then respectively enabling the load corresponding to each computing node to be in contact with a node underload threshold llighAnd node override threshold/heavyComparing the sizes of the nodes, and when the load is less than a node light load threshold value llightThen, dividing the computing nodes corresponding to the load into a first empty set; when the load is greater than the node overload threshold lheavyThen, the computing nodes corresponding to the load are divided into a third empty set; when the load is between the node light load threshold llightAnd node override threshold/heavyAnd in the meantime, the computing nodes corresponding to the load are divided into a second empty set. After the operations are completed on all the computing nodes, the first empty set, the second empty set and the third empty set respectively become a light load node set, a medium load node set and a heavy load node set.
In this embodiment of the present application, the expression of the light load node set is:
Clight={cj|1≤j≤N,0≤lj≤llight},
wherein, ClightRepresenting a lightly loaded node set, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of llightIndicating a node underload threshold.
In this embodiment of the present application, the expression of the intermediate node set is:
Cnormal={cj|1≤j≤N,llight<lj<lheavy},
wherein, CnormalRepresenting a set of intermediate nodes, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of llightIndicating node underload threshold,/heavyIndicating a node reload threshold.
In this embodiment of the present application, the expression of the heavy-load node set is:
Cheavy={cj|1≤j≤N,lheavy≤lj≤1},
wherein, CheavyRepresenting a set of overloaded nodes, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of lheavyIndicating a node reload threshold.
Some of the words in this application are explained below, in particular as follows:
a container: the method is a lightweight virtualization technology capable of realizing computing resources of an operating system, and a container packages application software and a dependent operating environment to realize isolation and control of resources such as a processor, a memory, a file system and the like.
Credibility: a computing node is trusted, meaning that the behavior of the computing node always behaves in the expected manner, a highly trusted node should have high integrity, high reliability, high availability, and a high level of security.
Integrity: the integrity refers to the degree of damage or tampering of information such as system software configuration information and user core data of the computing node, and the computing node ciCan be expressed as iniAnd 0 is not less than ini1, in particular, when not destroyed or tampered withi1 is ═ 1; when part of non-critical information is destroyed or tampered, 0<ini<1; in when critical configuration information, core system software and vital user data are tampered with or destroyedi=0。
Reliability: reliability refers to the probability that a computing system will operate smoothly without failure within a specified time. Assuming that the probability of computing node failure obeys exponential distribution, computing node ciMay be expressed as dei=e-λtWhere λ represents failure rate, t represents compute node uptime0Indicating the time at which the computing node failed last time, txIs an unreliable time threshold, i.e. the running time t of the computing node is less than or equal to txAt this time, dei=0;tyIs a safety threshold, i.e. the running time t of the computing node is more than or equal to tyAt this time, de i1 is ═ 1; when t isx<t<tyWhen is 0<dei<1。
Availability: the availability refers to the time ratio of the computing node capable of normally providing service in a certain time period, node ciAvailability of can be expressed as
And av is more than or equal to 0iLess than or equal to 1. Wherein, MFiRepresents node ciMean time between failures, MRiRepresents node ciAverage recovery time of (c). In particular, when node ciWhen the service can be stably provided within a certain period of time, then avi=1。
And (4) safety level: the security level refers to the capability level of the computer system for security protection, node ciCan be expressed as sei. According to the standard, the security level of the computer system is divided into 5 levels and 5-level time sei1 is ═ 1; time se of 4 th orderi0.75; time se of 3 stagesi0.5; level 2 time sei0.25; time se of 1 stagei=0.1。
Direct reliability: direct trustworthiness refers to reflecting a compute node ciThe degree of self-integrity, reliability, availability and security level can be expressed as: t'iAnd 0 is not more than t'i≤1。
In the cloud platform, if the node ciContainer on to node cjAbove, node c can be saidiAnd node cjA trust relationship occurs. Also, if node cjThe container on it is migrated to the node ckThen the slave node ciTo node cjTo node ckA chain of trust is formed. When all the computing nodes are considered, a trust network is formed according to the migration track of the container.
A trust network: in the cloud platform, the trust network refers to a logic trust relationship graph formed according to the migration track of the containers on the computing nodes. A trust network may be represented as a directed weighted graph, which may be represented as G ═ C, T', E, W. Wherein, the point set C ═ { C ═ C1,c2,…,cNRepresents the set of compute nodes in the cloud, the number of vertices | C | ═ N; t ═ T'1,t′2,…,t′k) Representing a direct set of trustworthiness of compute nodes, where t'iIs node ciDirect confidence of. Edge set E ═ E1,e2,…,eKIs the set of trust relationships between nodes, E belongs to C × C, and the number of edges | ET|=K;W={w1,w2,…,wK) Set of weights representing edges, where wiIs an edge eiThe weight of (2) indicates the number of times the container has migrated along the direction of the directed edge. In particular, node ciAnd node cjThe directed edges in between may be bidirectional.
Migrating the node set: in the trust network G, a node ciThe term "migration node set" refers to a node set represented by ciFor the migration target, with node ciSet of nodes with migration relationships occurring, node ciCan be represented as
And is
Migration degree: with ciMigrating the node set to the migration target
The number of middle nodes is called node ciCan be expressed as idiI.e. by
In fact, the trust network is dynamic, and the weight values on the edges of the trust network are also dynamically changed, so that the trust network reflects the trust relationship of the computing nodes in the cloud platform at the current moment.
Recommendation confidence level: node ciThe recommendation credibility of (c) means that all nodes and the node c in the cloud platformiNode pair c with over-migration relationshipiEvaluation of the degree of trust, and node ciThe recommendation confidence level of (c) is expressed as: t ″)iAnd t is not less than 0 ≦ t ″)i≤1。
Comprehensive reliability: the comprehensive credibility is a comprehensive evaluation of the credibility of the computing node by combining the direct credibility and the recommended credibility, and the computing node ciIs expressed as tiI.e. ti=f(t′i,t″i),0≤ti≤1。
Container migration method (TVM) in container cloud platform2PC) is described as follows:
the method provided by the present application is illustrated below with specific examples.
In order to verify the container migration method in the container cloud platform (a container trusted migration algorithm, TVM, which meets performance constraints) provided by the application2PC), the application uses discrete events of MatlabThe simulation tool carries out simulation experiments, and relevant parameters and values or value ranges related to the experiment environment are as follows: the number of containers to be migrated is 1600, the total number of nodes in the cloud platform is N16, that is, 100 containers are initially located on each node, and all the containers are numbered sequentially, that is, vm1,vm2,…,vm1600. Computing node ciIntegrated confidence level t ofiWith initial values in the range 0,1]Randomly generating, dynamically changing the comprehensive credibility of each node along with the change of the operating environment, and calculating the node ciInitial degree of loading ljAlso in the range [0,1 ]]Random inter-generation, confidence factor alpha 0.6, light load threshold llight0.3, overload threshold lheavy=0.8。
In the experiment, in order to simulate the authenticity of the experiment, containers were randomly selected for migration each time, and the time interval between container migration was set to 5 seconds. Also for simulating the authenticity of the experiment, 1 physical computing node is randomly selected to fail 3 times, and the time interval of the physical computing node failure is assumed to be distributed according to an exponential, and the time interval can be controlled by a negative exponential distribution function
The mobility λ represents the number of containers transferred per unit time. In order to ensure the correctness of the experimental process, 5 groups of experiments are carried out according to different values of the mobility lambda, wherein lambda is {1,2,3,4, 5}, and the experimental results are the average values of the 5 groups of experimental results.
In order to verify the container migration method (TVM) in the container cloud platform provided by the application2PC) is superior in performance, a Trusted Priority Migration Algorithm (TPMA) is designed as a comparison, and the Algorithm idea is as follows: and when a container needs to be migrated, migrating the container to the node with the highest comprehensive credibility. And combining TPMA and TVM2The PC is compared in terms of the load conditions of all the computing nodes, and the comparison of the test results is shown in FIG. 2.
The experimental results according to fig. 2 show that the algorithm (TVM) provided in the present application is used2PC) is added to the system, and,the load among the computing nodes tends to be balanced, and when a Trusted Priority Migration Algorithm (TPMA) is adopted, the load among the computing nodes is greatly increased. Specifically, TVM is adopted2During the PC algorithm, the standard deviation of the load value of each computing node is about 0.1, and the range is about 0.36; the standard deviation of TPMA is about 0.21, and the range is about 0.75. Namely, the standard deviation is reduced by 51.7 percent, and the range is reduced by 52 percent. As shown in fig. 2, it can be seen that the TVM2PC algorithm is adopted to better ensure load balance among the computing nodes.
In addition, to verify the algorithm (TVM) proposed by the present application2PC) rationality and correctness in terms of credibility, and TVM2The PC is compared with a Traditional Trusted Migration Algorithm (TTMA), which has the main idea that: the credibility of a node is judged according to the integrity, and the node is either credible or incredible, when a container needs to be migrated, the container is migrated to a node which is not overloaded and has good integrity, and the test results are compared as shown in fig. 3 without considering factors such as reliability, availability and the like.
In the cloud platform, when a node failure occurs, all containers on the node need to be completely migrated to other nodes, which causes a lot of additional container migration, that is, in addition to 1600 container migrations set in an experiment, container migration due to the failure of a computing node needs to be performed. From the experimental results of FIG. 3, it was found that TVM was used in 5 experiments2In the PC algorithm, the number of additional container migrations is significantly smaller than that of the conventional trusted migration algorithm (TTMA), and the number of 5 migrations is: 187, 125, 216, 89, 146 times; when the TTMA algorithm is adopted, the number of migration times for 5 times is respectively: 337, 297, 317, 216, 287 times. The number of five additional container migrations was reduced by an average of 48.4%. As shown in fig. 3. The analysis reason is that the TTMA algorithm does not consider the reliability of the migration target computing node, but uses completeness to replace credibility, which is one of the main disadvantages of the current credible computing. And TVM2The PC algorithm considers the reliability of the nodes, and when one computing node goes down, the running time t of the computing node is less than the unreliable time thresholdAnd when the value tx is obtained, the comprehensive credibility of the node is 0 according to the comprehensive credibility formula, which means that the containers on other nodes cannot be migrated to the node within the unreliable time threshold tx, and if the node is down again, a large amount of extra container migration can be avoided. Thus, TVM2The PC algorithm greatly reduces the occurrence of a situation that a large number of containers need to be migrated due to unreliable nodes.
The method comprises the steps that when a container is migrated, the performance and the type of a target computing node are considered, and meanwhile, the target computing node of the container migration is selected by combining the integrity, the reliability, the availability and the system security level, wherein the measurement of the credibility of the computing node is evaluated from the two aspects of direct credibility and recommended credibility. And a container trusted migration algorithm meeting performance constraints is designed. According to experimental results, compared with the traditional algorithm, in the aspect of the load value of each computing node, the standard deviation is reduced by 51.7%, the range is reduced by 52%, and in the aspect of the number of extra container migration caused by downtime of the computing node, the method is reduced by 48.4%.
It is to be understood that the above-described embodiments of the present invention are merely illustrative of or explaining the principles of the invention and are not to be construed as limiting the invention. Therefore, any modification, equivalent replacement, improvement and the like made without departing from the spirit and scope of the present invention should be included in the protection scope of the present invention. Further, it is intended that the appended claims cover all such variations and modifications as fall within the scope and boundaries of the appended claims or the equivalents of such scope and boundaries.
Claims (9)
1. A method for migrating containers in a container cloud platform is characterized by comprising the following steps:
acquiring a container to be migrated and all computing nodes in a container cloud platform;
calculating the direct credibility and the recommended credibility of each computing node;
calculating the comprehensive reliability and the average value of the comprehensive reliability of each computing node according to the direct reliability and the recommended reliability;
acquiring a load condition corresponding to each computing node;
according to the load condition, correspondingly dividing all the computing nodes into a light load node set, a medium load node set or a heavy load node set;
judging whether the light-load node set is not empty;
if so, acquiring a first computing node with the minimum load and the comprehensive reliability greater than the average value of the comprehensive reliability in the light-load node set, and transferring the container to the first computing node;
if not, judging whether the intermediate load node set is not empty;
if so, acquiring a second computing node with the maximum comprehensive credibility in the intermediate load node set, and migrating the container to the second computing node;
if not, judging whether the heavy-load node set is not empty;
if so, acquiring a third computing node with the minimum load in the heavy-load node set, and migrating the container to the third computing node;
if not, returning to the step of judging whether the light load node set is not empty.
2. The method for migrating the container in the container cloud platform according to claim 1, wherein the expression of the direct credibility is as follows:
wherein, t'iRepresenting a computing node ciDirect confidence of iniRepresenting a computing node ciDegree of integrity of (de)iRepresenting a computing node ciReliability of aviRepresenting a computing node ciAvailability of (e), seiRepresenting a computing node ciSecurity level of alphai(i-1, 2,3,4) represents a weight, and
3. the method for migrating the container in the container cloud platform according to claim 1, wherein the expression of the recommendation credibility is as follows:
wherein, t "iRepresenting a computing node ciRecommendation confidence, idiRepresenting a computing node ciIn-degree, EXP () represents an exponential function with e as the base, wjRepresenting a computing node cjTo the computing node ciThe weight of the edge.
4. The method for migrating the container in the container cloud platform according to claim 1, wherein the expression of the comprehensive credibility is as follows:
wherein, tiRepresenting a computing node ciAlpha represents a credibility factor, and alpha belongs to [0,1 ]],t′iRepresenting a computing node ciDirect confidence of (1), t "iRepresenting a computing node ciRecommendation confidence of (1).
5. The method for migrating the container in the container cloud platform according to claim 1, wherein the expression of the comprehensive reliability average value is as follows:
wherein the content of the first and second substances,
represents the integrated confidence mean, t, of all compute nodesiAnd the comprehensive credibility of the computing nodes is represented, and N represents the total number of the computing nodes.
6. The method for migrating the container in the container cloud platform according to claim 1, wherein the step of assigning all the computing nodes into a light-load node set, a medium-load node set or a heavy-load node set according to the load condition comprises the steps of:
presetting node light load threshold llightAnd node override threshold/heavy(ii) a Wherein, 0 < llight<lheavy<1;
Presetting a first empty set ClightA second empty set CnormalAnd a third empty set Cheavy;
Judging whether the load corresponding to each computing node is less than or equal to the node light load threshold value;
if so, dividing the computing nodes into the first empty set and obtaining the light load node set;
if not, judging whether the load corresponding to each computing node is greater than or equal to the node heavy load threshold value;
if so, dividing the computing nodes into the third empty set and obtaining the reloading node set;
if not, the computing nodes are divided into the second empty set, and the intermediate load node set is obtained.
7. The method for migrating the container in the container cloud platform according to claim 6, wherein the expression of the light load node set is as follows:
Clight={cj|1≤j≤N,0≤lj≤llight},
wherein, ClightRepresenting a lightly loaded node set, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad situation ofL. 1lightIndicating a node underload threshold.
8. The method for migrating the container in the container cloud platform according to claim 6, wherein the expression of the intermediate load node set is as follows:
Cnormal={cj|1≤j≤N,llight<lj<lheavy},
wherein, CnormalRepresenting a set of intermediate nodes, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of llightIndicating node underload threshold,/heavyIndicating a node reload threshold.
9. The method for migrating the container in the container cloud platform according to claim 1, wherein the expression of the heavy-load node set is as follows:
Cheavy={cj|1≤j≤N,lheavy≤lj≤1},
wherein, CheavyRepresenting a set of overloaded nodes, cjRepresenting the compute nodes, j representing the compute node number, N representing the total number of compute nodes, ljRepresents node cjLoad condition of lheavyIndicating a node reload threshold.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011082140.XA CN112256387B (en) | 2020-10-12 | 2020-10-12 | Container migration method in container cloud platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011082140.XA CN112256387B (en) | 2020-10-12 | 2020-10-12 | Container migration method in container cloud platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112256387A true CN112256387A (en) | 2021-01-22 |
| CN112256387B CN112256387B (en) | 2023-06-27 |
Family
ID=74242006
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011082140.XA Active CN112256387B (en) | 2020-10-12 | 2020-10-12 | Container migration method in container cloud platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112256387B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8208637B2 (en) * | 2007-12-17 | 2012-06-26 | Microsoft Corporation | Migration of computer secrets |
| CN106095532A (en) * | 2016-06-12 | 2016-11-09 | 北京大学 | A kind of virtual machine load balancing sacurity dispatching method in cloud environment |
| CN110134495A (en) * | 2019-05-21 | 2019-08-16 | 山东大学 | A kind of container is across the online moving method of host, storage medium and terminal device |
| CN110888713A (en) * | 2019-11-15 | 2020-03-17 | 西安石油大学 | Trusted virtual machine migration algorithm for heterogeneous cloud data center |
| CN111190688A (en) * | 2019-12-19 | 2020-05-22 | 西安交通大学 | Cloud data center-oriented Docker migration method and system |
-
2020
- 2020-10-12 CN CN202011082140.XA patent/CN112256387B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8208637B2 (en) * | 2007-12-17 | 2012-06-26 | Microsoft Corporation | Migration of computer secrets |
| CN106095532A (en) * | 2016-06-12 | 2016-11-09 | 北京大学 | A kind of virtual machine load balancing sacurity dispatching method in cloud environment |
| CN110134495A (en) * | 2019-05-21 | 2019-08-16 | 山东大学 | A kind of container is across the online moving method of host, storage medium and terminal device |
| CN110888713A (en) * | 2019-11-15 | 2020-03-17 | 西安石油大学 | Trusted virtual machine migration algorithm for heterogeneous cloud data center |
| CN111190688A (en) * | 2019-12-19 | 2020-05-22 | 西安交通大学 | Cloud data center-oriented Docker migration method and system |
Non-Patent Citations (1)
| Title |
|---|
| 汤琳琳 于治楼: "基于可信计算的虚拟机在线迁移机制", 《信息技术与信息化》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112256387B (en) | 2023-06-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10924535B2 (en) | Resource load balancing control method and cluster scheduler | |
| US11429449B2 (en) | Method for fast scheduling for balanced resource allocation in distributed and collaborative container platform environment | |
| US10958719B2 (en) | Pairwise comparison for load balancing | |
| US8621480B2 (en) | Load balancer with starvation avoidance | |
| WO2018000991A1 (en) | Data balancing method and device | |
| JP5162579B2 (en) | Deploy virtual machines to hosts based on workload characteristics | |
| US8037185B2 (en) | Dynamic application placement with allocation restrictions, vertical stacking and even load distribution | |
| US20200026446A1 (en) | Establishing and maintaining data apportioning for availability domain fault tolerance | |
| US10776141B2 (en) | Directed placement for request instances | |
| US11138049B1 (en) | Generating narratives for optimized compute platforms | |
| CN109189552B (en) | Virtual network function capacity expansion and capacity reduction method and system | |
| CN114174993A (en) | Optimizing cluster applications in a cluster infrastructure | |
| CN110928638A (en) | Method and device for selecting host machine for virtual machine deployment | |
| CN111913670A (en) | Load balancing processing method and device, electronic equipment and storage medium | |
| CN111381928A (en) | Virtual machine migration method, cloud computing management platform and storage medium | |
| Mousavi Khaneghah et al. | A mathematical multi-dimensional mechanism to improve process migration efficiency in peer-to-peer computing environments | |
| US20120054762A1 (en) | Scheduling apparatus and method for a multicore device | |
| Manikandan et al. | Virtualized load balancer for hybrid cloud using genetic algorithm | |
| US8516090B1 (en) | Method and apparatus for distributing licenses | |
| US9998392B1 (en) | Iterative network graph placement | |
| US20230393898A1 (en) | Pre-emptive scheduling of workloads to enable improved sharing of resources | |
| CN112256387A (en) | Container migration method in container cloud platform | |
| US10594620B1 (en) | Bit vector analysis for resource placement in a distributed system | |
| CN112130927A (en) | Reliability-enhanced mobile edge computing task unloading method | |
| US10387578B1 (en) | Utilization limiting for nested object queries |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |