CN112333244A - Cluster mutual trust method, system, equipment and computer readable storage medium - Google Patents

Cluster mutual trust method, system, equipment and computer readable storage medium Download PDF

Info

Publication number
CN112333244A
CN112333244A CN202011111488.7A CN202011111488A CN112333244A CN 112333244 A CN112333244 A CN 112333244A CN 202011111488 A CN202011111488 A CN 202011111488A CN 112333244 A CN112333244 A CN 112333244A
Authority
CN
China
Prior art keywords
cluster
cluster node
node
mutual trust
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011111488.7A
Other languages
Chinese (zh)
Inventor
范中华
刘正伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinan Inspur Data Technology Co Ltd
Original Assignee
Jinan Inspur Data Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinan Inspur Data Technology Co Ltd filed Critical Jinan Inspur Data Technology Co Ltd
Priority to CN202011111488.7A priority Critical patent/CN112333244A/en
Publication of CN112333244A publication Critical patent/CN112333244A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1044Group management mechanisms 
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a cluster mutual trust method, a system, equipment and a computer readable storage medium, which are applied to a target cluster node and used for determining each other cluster node to be mutually trusted with the target cluster node; acquiring cluster information of all other cluster nodes; generating a script file based on the cluster information and generating a key pair; and based on the script file, sending the public key in the key pair to each other cluster node in batch to realize cluster mutual trust based on the public key. In the method, the script file and the key pair are generated by obtaining the cluster information of all other cluster nodes, then the public key in the key pair is sent to each other cluster node in batch based on the script file, batch mutual trust among the cluster nodes is realized, and compared with the prior art, the method and the device are high in efficiency and accuracy and good in applicability. The cluster mutual trust system, the cluster mutual trust equipment and the computer readable storage medium solve the corresponding technical problems.

Description

Cluster mutual trust method, system, equipment and computer readable storage medium
Technical Field
The present application relates to the field of secret-free mutual trust technology, and more particularly, to a cluster mutual trust method, system, device, and computer-readable storage medium.
Background
At present, when files need to be transmitted among cluster nodes, if secret-free mutual trust operation is not performed among the cluster nodes, the files need user names and passwords every time of transmission, interaction is not friendly, and therefore secret-free mutual trust needs to be performed among all machines in the face of frequent transmission operation among the cluster nodes, and deployment efficiency is improved.
The existing cluster mutual trust method is realized manually through a shell script command, and mainly comprises the following steps: generating a Key pair, namely a Public Key and a Private Key, on a deployment machine; sequentially transmitting the generated Public keys to each target cluster node of the cluster; the Public Key file is added to authorized _ keys and authorized for automatic authentication of the visitor, realizing mutual trust.
However, in the process of manually implementing cluster mutual trust through the shell script command, the above operations need to be manually performed on each cluster node, which is low in efficiency, and the mutual trust establishment may fail due to the error of the operations, which is considered to be poor in applicability.
In summary, how to improve the applicability of the cluster mutual trust method is a problem to be solved urgently by those skilled in the art.
Disclosure of Invention
The purpose of the present application is to provide a cluster mutual trust method, which can solve the technical problem of how to improve the applicability of the cluster mutual trust method to a certain extent. The application also provides a cluster mutual trust system, a device and a computer readable storage medium.
In order to achieve the above purpose, the present application provides the following technical solutions:
a cluster mutual trust method is applied to a target cluster node and comprises the following steps:
determining each other cluster node to be mutually trusted with the target cluster node;
acquiring cluster information of all other cluster nodes;
generating a script file based on the cluster information and generating a key pair;
and sending the public key in the key pair to each other cluster node in batch based on the script file so as to realize cluster mutual trust based on the public key.
Preferably, the information type of the cluster information includes: IP of cluster node, host name, user role, password, system variable information.
Preferably, the user role is a role that is not the maximum authority in the cluster node.
Preferably, the generating a script file based on the cluster information includes:
and generating a script file based on the cluster information through an authorized _ key module of the enterprise.
Preferably, the sending the public key in the key pair to each of the other cluster nodes in batch based on the script file includes:
and sending the public key in the key pair to each other cluster node in batch by executing an allowed script command based on the script file.
Preferably, after determining each other cluster node to be mutually trusted with the target cluster node and before acquiring cluster information of all other cluster nodes, the method further includes:
acquiring a cluster node adjustment instruction transmitted by an uploading port;
adjusting the other cluster nodes based on the cluster node adjustment instruction.
Preferably, the type of the cluster node adjustment instruction includes a cluster node deletion instruction, a cluster node addition instruction, and a cluster node modification instruction.
A cluster mutual trust system is applied to a target cluster node and comprises the following components:
a first determining module, configured to determine each other cluster node that is to perform mutual trust with the target cluster node;
the first acquisition module is used for acquiring the cluster information of all other cluster nodes;
the first generation module is used for generating a script file based on the cluster information and generating a key pair;
and the first sending module is used for sending the public key in the key pair to each other cluster node in batch based on the script file so as to realize cluster mutual trust based on the public key.
A cluster mutual trust device comprising:
a memory for storing a computer program;
a processor for implementing the steps of the cluster mutual trust method as described in any one of the above when executing the computer program.
A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the cluster mutual trust method as set forth in any of the above.
The cluster mutual trust method is applied to a target cluster node, and determines each other cluster node to be mutually trusted with the target cluster node; acquiring cluster information of all other cluster nodes; generating a script file based on the cluster information and generating a key pair; and based on the script file, sending the public key in the key pair to each other cluster node in batch to realize cluster mutual trust based on the public key. In the method, the script file and the key pair are generated by obtaining the cluster information of all other cluster nodes, then the public key in the key pair is sent to each other cluster node in batch based on the script file, batch mutual trust among the cluster nodes is realized, and compared with the prior art, the method and the device are high in efficiency and accuracy and good in applicability. The cluster mutual trust system, the cluster mutual trust equipment and the computer readable storage medium solve the corresponding technical problems.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a cluster mutual trust method provided in an embodiment of the present application;
fig. 2 is a schematic structural diagram of a cluster mutual trust system provided in an embodiment of the present application;
fig. 3 is a schematic structural diagram of a cluster mutual trust device provided in an embodiment of the present application;
fig. 4 is another schematic structural diagram of a cluster mutual trust device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
At present, when files need to be transmitted among cluster nodes, if secret-free mutual trust operation is not performed among the cluster nodes, the files need user names and passwords every time of transmission, interaction is not friendly, and therefore secret-free mutual trust needs to be performed among all machines in the face of frequent transmission operation among the cluster nodes, and deployment efficiency is improved. The existing cluster mutual trust method is realized manually through a shell script command, and mainly comprises the following steps: generating a Key pair, namely a Public Key and a Private Key, on a deployment machine; sequentially transmitting the generated Public keys to each target cluster node of the cluster; the Public Key file is added to authorized _ keys and authorized for automatic authentication of the visitor, realizing mutual trust. The shell is a program written in C language, which is a bridge for users to use Linux, is a command language and a programming language, and refers to an application program which provides an interface through which users can access services of an operating system kernel. However, in the process of manually implementing cluster mutual trust through the shell script command, the above operations need to be manually performed on each cluster node, which is low in efficiency, and the mutual trust establishment may fail due to the error of the operations, which is considered to be poor in applicability. The cluster mutual trust method provided by the application can improve the applicability of the cluster mutual trust method.
Referring to fig. 1, fig. 1 is a flowchart of a cluster mutual trust method according to an embodiment of the present disclosure.
The cluster mutual trust method provided by the embodiment of the application is applied to a target cluster node and can comprise the following steps:
step S101: each other cluster node to be mutually trusted with the target cluster node is determined.
In practical applications, the target cluster node may determine each of the other cluster nodes to be mutually trusted with the target cluster node. The target cluster node is also a cluster node in the cluster which needs to realize mutual communication with other cluster nodes.
In a specific application scenario, the target cluster node may use a cluster node that communicates with the target cluster node and needs to be verified as another cluster node, and certainly, the user may also designate another cluster node, and the like, which is not specifically limited herein.
Step S102: and acquiring cluster information of all other cluster nodes.
In practical application, after determining each other cluster node to be mutually trusted with the target cluster node, the target cluster node needs to acquire cluster information of the other cluster nodes, so as to generate a script file for sending a public key to the other cluster nodes according to the cluster information of the other cluster nodes. The cluster information is also the related information of other cluster nodes, and the type of the cluster information can be determined according to actual needs.
Step S103: and generating a script file based on the cluster information and generating a key pair.
In practical application, after acquiring cluster information of all other cluster nodes, a target cluster node may generate a scenario file based on the cluster information and generate a key pair corresponding to the scenario file, where the key pair is also a public key and a private key, and a manner in which the target cluster node generates the key pair may be determined according to actual needs, which is not specifically limited herein.
Step S104: and based on the script file, sending the public key in the key pair to each other cluster node in batch to realize cluster mutual trust based on the public key.
In practical application, after the target cluster node generates the script file based on the cluster information and generates the key pair, the public key in the key pair can be sent to each other cluster node in batch based on the script file, so as to realize cluster mutual trust based on the public key. It should be noted that, in this process, after the target cluster node sends the public key to each of the other cluster nodes, the other cluster nodes need to add the public key of the target cluster node to their own authorization files and assign rights to their own authorization files, so as to achieve mutual trust without secret with the target cluster node.
The cluster mutual trust method is applied to a target cluster node, and determines each other cluster node to be mutually trusted with the target cluster node; acquiring cluster information of all other cluster nodes; generating a script file based on the cluster information and generating a key pair; and based on the script file, sending the public key in the key pair to each other cluster node in batch to realize cluster mutual trust based on the public key. In the method, the script file and the key pair are generated by obtaining the cluster information of all other cluster nodes, then the public key in the key pair is sent to each other cluster node in batch based on the script file, batch mutual trust among the cluster nodes is realized, and compared with the prior art, the method and the device are high in efficiency and accuracy and good in applicability.
In the cluster mutual trust method provided in the embodiment of the present application, the information type of the cluster information obtained by the target cluster node may include: IP (Internet Protocol Address), host name, user role, password, system variable information, etc. of the cluster node.
In practical application, because the cluster information acquired by the target cluster node includes the password, the cluster nodes except other cluster nodes can acquire the passwords of other cluster nodes, which brings hidden danger to the security of other cluster nodes. Therefore, even if the passwords of other cluster nodes are leaked, all the authorities of other cluster nodes cannot be leaked, and the potential safety hazards of other cluster nodes can be reduced.
In the cluster mutual trust method provided by the embodiment of the application, in the process that the target cluster node generates the script file based on the cluster information, the script file can be generated based on the cluster information through the authorized _ key module of the idle, so that the generation efficiency of the script file is improved.
In practical application, in the process that the target cluster node sends the public key in the key pair to each other cluster node in batch based on the script file, the public key in the key pair can be sent to each other cluster node in batch by executing an allowed script command based on the script file.
It should be noted that in the process, the ansable needs to be deployed in the cluster, and the ansable related to the present application is an automatic operation and maintenance tool, and based on Python development, the operation and maintenance automation can be realized through the ansable, the work efficiency of an operation and maintenance engineer is improved, human errors are reduced, the ansable integrates the advantages of numerous operation and maintenance tools, and the functions of batch system configuration, batch program deployment, batch operation commands and the like are realized.
In the cluster mutual trust method provided in the embodiment of the present application, after the target cluster node determines each other cluster node to perform mutual trust with the target cluster node, before the cluster information of all other cluster nodes is acquired, the method may further include: acquiring a cluster node adjustment instruction transmitted by an uploading port; and adjusting other cluster nodes based on the cluster node adjusting instruction.
That is, in the present application, the user may manage and control other cluster nodes that the target cluster node mutually communicates only by the cluster node adjustment instruction, and may subsequently reuse the previous drama file to transmit the public key to other cluster nodes in batch.
In practical applications, the type of the cluster node adjustment instruction received by the target cluster node may include a cluster node deletion instruction, a cluster node addition instruction, a cluster node modification instruction, and the like. The cluster node deleting instruction is also the corresponding cluster node is deleted; adding instructions to the cluster nodes, namely adding corresponding cluster nodes; the cluster node modification instruction also modifies the corresponding cluster node, and specifically, the user role, password and the like of the corresponding cluster node can be modified.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a cluster mutual communication system according to an embodiment of the present application.
The cluster mutual trust system provided by the embodiment of the application is applied to a target cluster node, and may include:
a first determining module 101, configured to determine each other cluster node that is to perform mutual trust with a target cluster node;
a first obtaining module 102, configured to obtain cluster information of all other cluster nodes;
the first generation module 103 is configured to generate a script file based on the cluster information and generate a key pair;
and the first sending module 104 is configured to send the public key in the key pair to each of the other cluster nodes in batch based on the script file, so as to implement cluster mutual trust based on the public key.
The cluster mutual trust system provided by the embodiment of the application is applied to a target cluster node, and the information type of cluster information comprises: IP of cluster node, host name, user role, password, system variable information.
The cluster mutual trust system provided by the embodiment of the application is applied to a target cluster node, and the user role is a role which is not the maximum authority in the cluster node.
The cluster mutual trust system provided by the embodiment of the application is applied to a target cluster node, and the first generating module may include:
and the first generating unit is used for generating the script file based on the cluster information through an authorized _ key module of the enterprise.
The cluster mutual trust system provided by the embodiment of the application is applied to a target cluster node, and the first sending module may include:
and the first sending unit is used for sending the public keys in the key pairs to each other cluster node in batches by executing an allowed script command based on the script file.
The cluster mutual trust system provided by the embodiment of the application is applied to a target cluster node, and may further include:
the second acquisition module is used for acquiring the cluster node adjustment instruction transmitted by the uploading port after the first determination module determines each other cluster node to be mutually communicated with the target cluster node and before the first acquisition module acquires the cluster information of all other cluster nodes;
and the first adjusting module is used for adjusting other cluster nodes based on the cluster node adjusting instruction.
The cluster mutual trust system provided by the embodiment of the application is applied to a target cluster node, and the type of the cluster node adjusting instruction comprises a cluster node deleting instruction, a cluster node adding instruction and a cluster node modifying instruction.
The application also provides cluster mutual trust equipment and a computer readable storage medium, which have the corresponding effects of the cluster mutual trust method provided by the embodiment of the application. Referring to fig. 3, fig. 3 is a schematic structural diagram of a cluster mutual communication device according to an embodiment of the present application.
The cluster mutual communication device provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein a computer program is stored in the memory 201, and the processor 202 executes the computer program to realize the following steps:
determining each other cluster node to be mutually trusted with the target cluster node;
acquiring cluster information of all other cluster nodes;
generating a script file based on the cluster information and generating a key pair;
and based on the script file, sending the public key in the key pair to each other cluster node in batch to realize cluster mutual trust based on the public key.
The cluster mutual communication device provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein a computer program is stored in the memory 201, and the processor 202 executes the computer program to realize the following steps: the information types of the cluster information include: IP of cluster node, host name, user role, password, system variable information.
The cluster mutual communication device provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein a computer program is stored in the memory 201, and the processor 202 executes the computer program to realize the following steps: the user role is the role of non-maximum authority in the cluster node.
The cluster mutual communication device provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein a computer program is stored in the memory 201, and the processor 202 executes the computer program to realize the following steps: and generating the script file based on the cluster information through an authorized _ key module of the enterprise.
The cluster mutual communication device provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein a computer program is stored in the memory 201, and the processor 202 executes the computer program to realize the following steps: and based on the script file, sending the public key in the key pair to each other cluster node in batch by executing an allowed script command.
The cluster mutual communication device provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein a computer program is stored in the memory 201, and the processor 202 executes the computer program to realize the following steps: after each other cluster node to be mutually communicated with the target cluster node is determined, acquiring a cluster node adjusting instruction transmitted by an uploading port before cluster information of all other cluster nodes is acquired; and adjusting other cluster nodes based on the cluster node adjusting instruction.
The cluster mutual communication device provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein a computer program is stored in the memory 201, and the processor 202 executes the computer program to realize the following steps: the type of the cluster node adjusting instruction comprises a cluster node deleting instruction, a cluster node adding instruction and a cluster node modifying instruction.
Referring to fig. 4, another cluster mutual communication device provided in the embodiment of the present application may further include: an input port 203 connected to the processor 202, for transmitting externally input commands to the processor 202; a display unit 204 connected to the processor 202, for displaying the processing result of the processor 202 to the outside; and the communication module 205 is connected with the processor 202 and is used for realizing the communication between the cluster mutual communication device and the outside world. The display unit 204 may be a display panel, a laser scanning display, or the like; the communication method adopted by the communication module 205 includes, but is not limited to, mobile high definition link technology (HML), Universal Serial Bus (USB), High Definition Multimedia Interface (HDMI), and wireless connection: wireless fidelity technology (WiFi), bluetooth communication technology, bluetooth low energy communication technology, ieee802.11s based communication technology.
A computer-readable storage medium is provided in an embodiment of the present application, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the following steps:
determining each other cluster node to be mutually trusted with the target cluster node;
acquiring cluster information of all other cluster nodes;
generating a script file based on the cluster information and generating a key pair;
and based on the script file, sending the public key in the key pair to each other cluster node in batch to realize cluster mutual trust based on the public key.
A computer-readable storage medium is provided in an embodiment of the present application, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the following steps: the information types of the cluster information include: IP of cluster node, host name, user role, password, system variable information.
A computer-readable storage medium is provided in an embodiment of the present application, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the following steps: the user role is the role of non-maximum authority in the cluster node.
A computer-readable storage medium is provided in an embodiment of the present application, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the following steps: and generating the script file based on the cluster information through an authorized _ key module of the enterprise.
A computer-readable storage medium is provided in an embodiment of the present application, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the following steps: and based on the script file, sending the public key in the key pair to each other cluster node in batch by executing an allowed script command.
A computer-readable storage medium is provided in an embodiment of the present application, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the following steps: after each other cluster node to be mutually communicated with the target cluster node is determined, acquiring a cluster node adjusting instruction transmitted by an uploading port before cluster information of all other cluster nodes is acquired; and adjusting other cluster nodes based on the cluster node adjusting instruction.
A computer-readable storage medium is provided in an embodiment of the present application, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the following steps: the type of the cluster node adjusting instruction comprises a cluster node deleting instruction, a cluster node adding instruction and a cluster node modifying instruction.
The computer-readable storage media to which this application relates include Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage media known in the art.
For a description of a relevant part in the cluster mutual trust system, the device and the computer readable storage medium provided in the embodiment of the present application, refer to a detailed description of a corresponding part in the cluster mutual trust method provided in the embodiment of the present application, and are not described herein again. In addition, parts of the above technical solutions provided in the embodiments of the present application, which are consistent with the implementation principles of corresponding technical solutions in the prior art, are not described in detail so as to avoid redundant description.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A cluster mutual trust method is applied to a target cluster node and comprises the following steps:
determining each other cluster node to be mutually trusted with the target cluster node;
acquiring cluster information of all other cluster nodes;
generating a script file based on the cluster information and generating a key pair;
and sending the public key in the key pair to each other cluster node in batch based on the script file so as to realize cluster mutual trust based on the public key.
2. The method of claim 1, wherein the information type of the cluster information comprises: IP of cluster node, host name, user role, password, system variable information.
3. The method of claim 2, wherein the user role is a non-maximum authority role in the cluster node.
4. The method of claim 1, wherein generating a transcript file based on the cluster information comprises:
and generating a script file based on the cluster information through an authorized _ key module of the enterprise.
5. The method of claim 4, wherein bulk sending the public key of the key pair to each of the other cluster nodes based on the transcript file comprises:
and sending the public key in the key pair to each other cluster node in batch by executing an allowed script command based on the script file.
6. The method according to any one of claims 1 to 5, wherein after determining each other cluster node to mutually communicate with the target cluster node and before acquiring cluster information of all the other cluster nodes, further comprising:
acquiring a cluster node adjustment instruction transmitted by an uploading port;
adjusting the other cluster nodes based on the cluster node adjustment instruction.
7. The method of claim 6, wherein the type of the cluster node adjustment instruction comprises a cluster node delete instruction, a cluster node add instruction, and a cluster node modify instruction.
8. A cluster mutual trust system is applied to a target cluster node and comprises the following steps:
a first determining module, configured to determine each other cluster node that is to perform mutual trust with the target cluster node;
the first acquisition module is used for acquiring the cluster information of all other cluster nodes;
the first generation module is used for generating a script file based on the cluster information and generating a key pair;
and the first sending module is used for sending the public key in the key pair to each other cluster node in batch based on the script file so as to realize cluster mutual trust based on the public key.
9. A cluster mutual trust device, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the cluster mutual trust method according to any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the cluster mutual trust method according to any one of claims 1 to 7.
CN202011111488.7A 2020-10-16 2020-10-16 Cluster mutual trust method, system, equipment and computer readable storage medium Pending CN112333244A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011111488.7A CN112333244A (en) 2020-10-16 2020-10-16 Cluster mutual trust method, system, equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011111488.7A CN112333244A (en) 2020-10-16 2020-10-16 Cluster mutual trust method, system, equipment and computer readable storage medium

Publications (1)

Publication Number Publication Date
CN112333244A true CN112333244A (en) 2021-02-05

Family

ID=74313552

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011111488.7A Pending CN112333244A (en) 2020-10-16 2020-10-16 Cluster mutual trust method, system, equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN112333244A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113297589A (en) * 2021-03-31 2021-08-24 阿里巴巴新加坡控股有限公司 Method, device and system for setting cluster permission
CN115118530A (en) * 2022-08-30 2022-09-27 太平金融科技服务(上海)有限公司深圳分公司 Secret-free mutual trust configuration method, system, device, medium and computer program product

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105872059A (en) * 2016-03-31 2016-08-17 北京奇艺世纪科技有限公司 Remote execution method and device
CN108694053A (en) * 2018-05-14 2018-10-23 平安科技(深圳)有限公司 Build the method and terminal device of Kubernetes host nodes automatically based on Ansible tools
CN109976774A (en) * 2019-04-11 2019-07-05 北京启迪区块链科技发展有限公司 Block chain node deployment method, device, equipment and storage medium
WO2019171704A1 (en) * 2018-03-06 2019-09-12 日本電気株式会社 Management server, cluster system, cluster system control method, and non-transitory computer-readable medium for storing program

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105872059A (en) * 2016-03-31 2016-08-17 北京奇艺世纪科技有限公司 Remote execution method and device
WO2019171704A1 (en) * 2018-03-06 2019-09-12 日本電気株式会社 Management server, cluster system, cluster system control method, and non-transitory computer-readable medium for storing program
CN108694053A (en) * 2018-05-14 2018-10-23 平安科技(深圳)有限公司 Build the method and terminal device of Kubernetes host nodes automatically based on Ansible tools
CN109976774A (en) * 2019-04-11 2019-07-05 北京启迪区块链科技发展有限公司 Block chain node deployment method, device, equipment and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
DEVOPS海洋的渔夫: "Ansible批量推送主机公钥至其他服务器", 《腾讯云》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113297589A (en) * 2021-03-31 2021-08-24 阿里巴巴新加坡控股有限公司 Method, device and system for setting cluster permission
CN113297589B (en) * 2021-03-31 2024-04-16 阿里巴巴创新公司 Method, device and system for setting cluster permission
CN115118530A (en) * 2022-08-30 2022-09-27 太平金融科技服务(上海)有限公司深圳分公司 Secret-free mutual trust configuration method, system, device, medium and computer program product

Similar Documents

Publication Publication Date Title
US10111096B2 (en) AP connection method, terminal, and server
KR102200936B1 (en) Credential information processing method and device for network connection, and application program (APP)
CN113055867A (en) Method and device for auxiliary network distribution of terminal and electronic equipment
CN104520805A (en) Secure app ecosystem with key and data exchange according to enterprise information control policy
CN109831435B (en) Database operation method, system, proxy server and storage medium
CN112333244A (en) Cluster mutual trust method, system, equipment and computer readable storage medium
CN112398824B (en) Authority verification method, storage medium and electronic equipment
CN113271289B (en) Method, system and computer storage medium for resource authorization and access
CN103699824A (en) Method, system and client for calling REST (Representational State Transfer) API (Application Program Interface)
CN114760112B (en) Wireless local area network-oriented intelligent home equipment networking method, system, equipment and storage medium
CN115129332A (en) Firmware burning method, computer equipment and readable storage medium
CN107104797B (en) Office encryption method and device
CN115150109A (en) Authentication method, device and related equipment
CN103559430A (en) Application account management method and device based on android system
CN109413200B (en) Resource import method, client, MES and electronic equipment
CN111405550A (en) WhatsApp key file extraction method and device
US20140033318A1 (en) Apparatus and method for managing usim data using mobile trusted module
CN113364821B (en) Function service access method, equipment and storage medium
CN102426635B (en) Display device for file information, display method and system
CN112954054A (en) Access method, server and system
JP7221462B1 (en) Programmable logic controller, control method and program
CN112637122B (en) Test method, response method and system for access control of communication unit master station
CN117492872B (en) Environment configuration method, device, system and storage medium
CN114788226B (en) Unmanaged tool for building decentralized computer applications
CN115996126B (en) Information interaction method, application device, auxiliary platform and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210205

RJ01 Rejection of invention patent application after publication