CN112631726A - Virtual machine data processing method, system, equipment and medium - Google Patents
Virtual machine data processing method, system, equipment and medium Download PDFInfo
- Publication number
- CN112631726A CN112631726A CN202011568000.3A CN202011568000A CN112631726A CN 112631726 A CN112631726 A CN 112631726A CN 202011568000 A CN202011568000 A CN 202011568000A CN 112631726 A CN112631726 A CN 112631726A
- Authority
- CN
- China
- Prior art keywords
- bridge
- data message
- virtual
- virtual machine
- network card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 12
- 238000000034 method Methods 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 9
- 238000012545 processing Methods 0.000 claims description 5
- 238000004806 packaging method and process Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 230000003993 interaction Effects 0.000 abstract description 4
- 230000006870 function Effects 0.000 description 6
- 238000005538 encapsulation Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4604—LAN interconnection over a backbone network, e.g. Internet, Frame Relay
- H04L12/462—LAN interconnection over a bridge based backbone
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a virtual machine data processing method, which comprises the following steps: responding to the received data message, and sending the data message to a first network bridge through a first virtual network card; decapsulating the data message by using the first bridge and sending the decapsulated data message to a second bridge; and forwarding the decapsulated data message to corresponding virtual machines on other virtual network cards by using the second network bridge according to the corresponding identifier through the second virtual network card. The invention also discloses a system, a computer device and a readable storage medium. The scheme provided by the invention carries out data interaction with a virtual machine (VF driver) through the VF and vice versa, so that the middle virtualization stack can be skipped, and the performance which is approximate to a pure physical environment can be achieved.
Description
Technical Field
The present invention relates to the field of virtual machines, and in particular, to a method, a system, a device, and a storage medium for processing data of a virtual machine.
Background
For the implementation of the SRIOV scheme, nothing in the prior art is that the pci of the host machine VF is directly transmitted to the inside of the virtual machine through the pci passhigh, and the virtual machine implements the use of the VF virtual network card by loading the pci. As shown in fig. 1, after data flows of two Child Partition virtual machines in the upper right corner pass through a kernel protocol stack, the data flows are sent to a physical network card through a driver of a VF, and a data message is directly sent to a physical outlet of the network card through a network card switch on the physical network card, so that the message leaves a host. It can be found that in the set of SRIOV scheme provided by the openstack community, SRIOV data traffic of a virtual machine is uncontrollable, and a security group and qos cannot be set, so that the security of the SRIOV data traffic of the virtual machine cannot be guaranteed.
At present, the leading direction for solving the pain point is generally achieved by using an intelligent network card with an operating system, and ovs is installed on the operating system, so that after a message enters ovs, security group, qos flow table definition and vxlan encapsulation are performed. However, the intelligent network card used by the method is expensive, and has higher technical requirements on operation and maintenance developers.
Disclosure of Invention
In view of the above, in order to overcome at least one aspect of the above problem, an embodiment of the present invention provides a virtual machine data processing method, including:
responding to the received data message, and sending the data message to a first network bridge through a first virtual network card;
decapsulating the data message by using the first bridge and sending the decapsulated data message to a second bridge;
and forwarding the decapsulated data message to corresponding virtual machines on other virtual network cards by using the second network bridge according to the corresponding identifier through the second virtual network card.
In some embodiments, further comprising:
virtualizing a physical network card on a host machine into a first virtual network card, a second virtual network card and a plurality of other virtual network cards;
adding the first virtual network card into the first network bridge, adding the second virtual network card into the second network bridge, and creating a virtual machine by using the other virtual network cards.
In some embodiments, the forwarding, by using the second network bridge, the decapsulated data packet to a corresponding virtual machine on another virtual network card through the second virtual network card according to the corresponding identifier further includes:
converting the vlan carried by the data message into an internal vlan according to a preset corresponding relation in the second bridge;
and determining the Mac address of the virtual machine according to the internal vlan, and determining the internal vlan and the Mac address as the identifier of the virtual machine.
In some embodiments, further comprising:
establishing a corresponding regulation and control rule according to the internal vlan and the Mac address;
sending the regulation rule into the second bridge through a flow table.
In some embodiments, further comprising:
judging whether the data message conforms to the regulation and control rule;
and responding to the coincidence, and forwarding the data message to the corresponding virtual machine through the second virtual network card.
In some embodiments, further comprising:
and in response to the non-compliance, discarding the data packet.
In some embodiments, further comprising:
responding to the external data message sent by the virtual machine, marking an internal vlan on the data message to be sent, and then forwarding the data message to be sent to the second network bridge through other virtual network cards corresponding to the virtual machine;
converting the internal vlan into an actual vlan of the virtual machine according to a preset corresponding relation by using the second bridge and forwarding the actual vlan to the first bridge;
and packaging the data message to be sent carrying the actual vlan of the virtual machine by using the first network bridge, and then sending the data message to be sent through the first virtual network card.
Based on the same inventive concept, according to another aspect of the present invention, an embodiment of the present invention further provides a virtual machine data processing system, including:
the first virtual network card module is configured to respond to the received data message and send the data message to a first network bridge through the first virtual network card;
a first bridge module configured to decapsulate the data packet and send the decapsulated data packet to a second bridge by using the first bridge;
and the second network bridge module is configured to forward the decapsulated data message to corresponding virtual machines on other virtual network cards through a second virtual network card according to the corresponding identifier by using the second network bridge.
Based on the same inventive concept, according to another aspect of the present invention, an embodiment of the present invention further provides a computer apparatus, including:
at least one processor; and
a memory storing a computer program operable on the processor, wherein the processor executes the program to perform any of the steps of the virtual machine data processing method described above.
Based on the same inventive concept, according to another aspect of the present invention, an embodiment of the present invention further provides a computer-readable storage medium storing a computer program which, when executed by a processor, performs the steps of any of the virtual machine data processing methods described above.
The invention has one of the following beneficial technical effects: the scheme provided by the invention carries out data interaction with a virtual machine (VF driver) through the VF and vice versa, so that the middle virtualization stack can be skipped, and the performance which is approximate to a pure physical environment can be achieved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other embodiments can be obtained by using the drawings without creative efforts.
FIG. 1 is a block diagram of a prior art implementation of an SRIOV scheme;
fig. 2 is a schematic flowchart of a data processing method of a virtual machine according to an embodiment of the present invention;
fig. 3 is a flowchart of a virtual machine data processing method according to an embodiment of the present invention;
FIG. 4 is a block diagram of a virtual machine data processing system according to an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a computer device provided in an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention are described in further detail with reference to the accompanying drawings.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it should be noted that "first" and "second" are merely for convenience of description and should not be construed as limitations of the embodiments of the present invention, and they are not described in any more detail in the following embodiments.
In the embodiment of the invention, the SRIOV refers to single root virtualization, which belongs to a branch of VT-d technology, and the SRIOV function is realized on the premise that the network card used by a user needs to support the SRIOV and the mainboard used needs to support the VT-d technology; VT-d refers to IO virtualization technology implemented based on PCI bus; the PF is a PCI function supported by the physical network card, and can expand a plurality of VFs; the VF is a virtual network card or an example of virtual network card that supports sriov, and it may be presented in the form of an independent network card, and each VF has its own independent PCI configuration area and may share the same physical resource (share a physical port) with other VFs; the Qos means that the network flow of the virtual machine can be regulated and controlled through the Qos, network congestion is avoided and managed, and the loss rate of messages is reduced; the Neutron-openvswitch-agent is an openstack two-layer plug-in used for issuing a flow table to ovs so as to control the trend of the message.
According to an aspect of the present invention, an embodiment of the present invention provides a virtual machine data processing method, as shown in fig. 2, which may include the steps of:
s1, responding to the received data message, sending the data message to a first network bridge through a first virtual network card;
s2, the first bridge is used for decapsulating the data message and sending the decapsulated data message to a second bridge;
and S3, the second network bridge is used for forwarding the decapsulated data message to corresponding virtual machines on other virtual network cards through the second virtual network card according to the corresponding identifier.
The scheme provided by the invention carries out data interaction with a virtual machine (VF driver) through the VF and vice versa, so that the middle virtualization stack can be skipped, and the performance which is approximate to a pure physical environment can be achieved.
In some embodiments, further comprising:
responding to the external data message sent by the virtual machine, marking an internal vlan on the data message to be sent, and then forwarding the data message to be sent to the second network bridge through other virtual network cards corresponding to the virtual machine;
converting the internal vlan into an actual vlan of the virtual machine according to a preset corresponding relation by using the second bridge and forwarding the actual vlan to the first bridge;
and packaging the data message to be sent carrying the actual vlan of the virtual machine by using the first network bridge, and then sending the data message to be sent through the first virtual network card.
Specifically, as shown in fig. 3, the data flow of the vxlan from the external access vm virtual machine may be: and transmitting the vxlan data traffic from the switch to the physical network card through the linux kernel bond, and decapsulating the vxlan after passing through vf0 to br-trunk-phy. And after decapsulation is completed, the data is uploaded to the br-int bridge, after reaching the br-int bridge, a corresponding vlan is added according to the network where the vm is to be accessed, and then the data is forwarded to the corresponding cloud virtual machine vm at the second layer through the vlan and the mac. The step of sending vxlan data to the outside by the internal vm virtual machine may be that after marking an internal vlan on a data message to be sent, the data message is forwarded to the second bridge through other virtual network cards corresponding to the virtual machine, the second bridge is used to convert the internal vlan into an actual vlan of the virtual machine according to a preset corresponding relationship and forward the actual vlan to the first bridge, and the first bridge is used to encapsulate the data message to be sent carrying the actual vlan of the virtual machine and then send the data message through the first virtual network card. The traffic qos and security group of Vm may be defined by flow table rules in the br-int bridge according to vlan and mac, thereby implementing the function that sriov virtual machine supports qos, security group, and vxlan encapsulation.
In this way, vxlan encapsulation or decapsulation is performed on the br-trunk-phy bridge (first bridge) for traffic from the switch to vf0 or vf0, so as to implement a vxlan networking function of the sriov virtual machine.
In some embodiments, further comprising:
virtualizing a physical network card on a host machine into a first virtual network card, a second virtual network card and a plurality of other virtual network cards;
adding the first virtual network card into the first network bridge, adding the second virtual network card into the second network bridge, and creating a virtual machine by using the other virtual network cards.
Specifically, the sriov vf function of the physical network card may be started first, and two physical ports on the physical network card are connected to the switch in a linux kernel bond manner. Adding two physical ports PF1 of a physical network card and a first port vf0 of the vf opened on PF2 to a br-trunk-phy ovs bridge (first bridge). Adding two physical ports PF1 of the physical network card and a second port vf1 opened on PF2 to a br-int ovs bridge (second bridge). The other vfs on the two physical ports PF1, PF2 of the physical network card supply nova schedules to create sriov virtual machines.
When creating the sriov virtual machine, the pci passhrough white list of nova-computer can be configured, vf (n) after vf2 is transmitted, ml2_ conf. ini of neutron-server is configured to add mechanism _ driver, schedule _ default _ files in nova-schedule is configured, and sriov agent is configured. When a sriov virtual machine with a network type of vlan is created, tenants can be isolated through the vlan. In the creation process, nova configures the vlan of the network to the vf used by the virtual machine. Thus, the cloud virtual machine can perform tenant isolation through the vlan, and can be uniquely determined to one virtual machine through the vlan and the mac address in the environment.
In some embodiments, step S3, forwarding the decapsulated data packet to a corresponding virtual machine on another virtual network card through a second virtual network card according to the corresponding identifier by using the second network bridge, further includes:
converting the vlan carried by the data message into an internal vlan according to a preset corresponding relation in the second bridge;
and determining the Mac address of the virtual machine according to the internal vlan, and determining the internal vlan and the Mac address as the identifier of the virtual machine.
Specifically, the actual vlan of each virtual machine may be specified when the virtual machine is created, but an internal vlan corresponding to each actual vlan needs to be created in the second bridge, so that, no matter external data is received or internal data of the virtual machine is forwarded to the outside, vlan conversion is performed by the second bridge, that is, after a data packet carrying the vlan (the actual vlan of the virtual machine) is received by the second bridge, the vlan is converted into the internal vlan according to a preset correspondence relationship, then the identifier of the virtual machine is determined according to the internal vlan and the corresponding Mac address, and the data packet is forwarded to the corresponding virtual machine according to the identifier.
In some embodiments, further comprising:
establishing a corresponding regulation and control rule according to the internal vlan and the Mac address;
sending the regulation rule into the second bridge through a flow table.
In some embodiments, further comprising:
judging whether the data message conforms to the regulation and control rule;
and responding to the coincidence, and forwarding the data message to the corresponding virtual machine through the second virtual network card.
In some embodiments, further comprising:
and in response to the non-compliance, discarding the data packet.
Specifically, the neutron-openvswitch-agent may issue a corresponding flow table to br-int according to the vlan and mac addresses where the current virtual machine is located, the security group on the port, and the qos regulation and control rule, and perform two-layer lookup and security group qos regulation and control for the vf1 port. For example, the received data packet may be subjected to determination of an IP address, or the size of the received data traffic may be limited, and so on. And forwarding the data message to the corresponding virtual machine only when the received data message meets the regulation and control rule, and discarding the data if the received data message does not meet the regulation and control rule, for example, the IP address of the received data does not meet the requirement or the size of the currently received data flow reaches a threshold value.
The scheme provided by the invention can realize secure group, qos and vxan encapsulation of the SRIOV virtual machine based on the network card of the SRIOV, so that after the SRIOV scheme is started, the physical NIC performs data interaction with the virtual machine (VF driver) through the VF, and vice versa. This may skip the middle virtualization stack to achieve performance that is near a purely physical environment. Because the virtual machine directly transmits the data message through the VF, the traditional security group, Qos and vxlan schemes for the virtual machine cannot be realized, but the scheme provided by the invention can solve the problems that the SRIOV scheme is wanted but the security protection such as the security group, the Qos and the like cannot be set for the SRIOV virtual machine and the vxlan cannot be encapsulated, and the related functions can be realized by only using the self network card to sit one layer of encapsulation on a software layer without borrowing other hardware, so that the SRIOV virtual machine created by an openstack cloud computing platform supports the security group and the Qos setting.
Based on the same inventive concept, according to another aspect of the present invention, an embodiment of the present invention further provides a virtual machine data processing system 400, as shown in fig. 4, including:
a first virtual network card module 401, where the first virtual network card module 401 is configured to respond to receiving a data message, and send the data message to a first network bridge through a first virtual network card;
a first bridge module 402, said first bridge module 402 configured to decapsulate said data packet by said first bridge and send it to a second bridge;
a second bridge module 403, where the second bridge module 403 is configured to forward the decapsulated data packet to a corresponding virtual machine on another virtual network card through a second virtual network card according to the corresponding identifier by using the second bridge.
Based on the same inventive concept, according to another aspect of the present invention, as shown in fig. 5, an embodiment of the present invention further provides a computer apparatus 501, comprising:
at least one processor 520; and
the memory 510, the memory 510 stores a computer program 511 that is executable on the processor, and the processor 520 executes the computer program to perform the steps of any of the above virtual machine data processing methods.
Based on the same inventive concept, according to another aspect of the present invention, as shown in fig. 6, an embodiment of the present invention further provides a computer-readable storage medium 601, where the computer-readable storage medium 601 stores computer program instructions 610, and the computer program instructions 610, when executed by a processor, perform the steps of any of the above virtual machine data processing methods.
Finally, it should be noted that, as will be understood by those skilled in the art, all or part of the processes of the methods of the above embodiments may be implemented by a computer program, which may be stored in a computer-readable storage medium, and when executed, may include the processes of the embodiments of the methods described above.
Further, it should be appreciated that the computer-readable storage media (e.g., memory) herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the disclosed embodiments of the present invention.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the present disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
The numbers of the embodiments disclosed in the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments.
It will be understood by those skilled in the art that all or part of the steps of implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, of embodiments of the invention is limited to these examples; within the idea of an embodiment of the invention, also technical features in the above embodiment or in different embodiments may be combined and there are many other variations of the different aspects of the embodiments of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present invention are intended to be included within the scope of the embodiments of the present invention.
Claims (10)
1. A data processing method of a virtual machine is characterized by comprising the following steps:
responding to the received data message, and sending the data message to a first network bridge through a first virtual network card;
decapsulating the data message by using the first bridge and sending the decapsulated data message to a second bridge;
and forwarding the decapsulated data message to corresponding virtual machines on other virtual network cards by using the second network bridge according to the corresponding identifier through the second virtual network card.
2. The method of claim 1, further comprising:
virtualizing a physical network card on a host machine into a first virtual network card, a second virtual network card and a plurality of other virtual network cards;
adding the first virtual network card into the first network bridge, adding the second virtual network card into the second network bridge, and creating a virtual machine by using the other virtual network cards.
3. The method of claim 1, wherein the second bridge is used to forward the decapsulated data packet to a corresponding virtual machine on another virtual network card through the second virtual network card according to the corresponding identifier, and further comprising:
converting the vlan carried by the data message into an internal vlan according to a preset corresponding relation in the second bridge;
and determining the Mac address of the virtual machine according to the internal vlan, and determining the internal vlan and the Mac address as the identifier of the virtual machine.
4. The method of claim 3, further comprising:
establishing a corresponding regulation and control rule according to the internal vlan and the Mac address;
sending the regulation rule into the second bridge through a flow table.
5. The method of claim 4, further comprising:
judging whether the data message conforms to the regulation and control rule;
and responding to the coincidence, and forwarding the data message to the corresponding virtual machine through the second virtual network card.
6. The method of claim 5, further comprising:
and in response to the non-compliance, discarding the data packet.
7. The method of claim 1, further comprising:
responding to the external data message sent by the virtual machine, marking an internal vlan on the data message to be sent, and then forwarding the data message to be sent to the second network bridge through other virtual network cards corresponding to the virtual machine;
converting the internal vlan into an actual vlan of the virtual machine according to a preset corresponding relation by using the second bridge and forwarding the actual vlan to the first bridge;
and packaging the data message to be sent carrying the actual vlan of the virtual machine by using the first network bridge, and then sending the data message to be sent through the first virtual network card.
8. A virtual machine data processing system, comprising:
the first virtual network card module is configured to respond to the received data message and send the data message to a first network bridge through the first virtual network card;
a first bridge module configured to decapsulate the data packet and send the decapsulated data packet to a second bridge by using the first bridge;
and the second network bridge module is configured to forward the decapsulated data message to corresponding virtual machines on other virtual network cards through a second virtual network card according to the corresponding identifier by using the second network bridge.
9. A computer device, comprising:
at least one processor; and
memory storing a computer program operable on the processor, wherein the processor executes the program to perform the steps of the method according to any of claims 1-7.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, is adapted to carry out the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011568000.3A CN112631726B (en) | 2020-12-25 | 2020-12-25 | Virtual machine data processing method, system, device and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011568000.3A CN112631726B (en) | 2020-12-25 | 2020-12-25 | Virtual machine data processing method, system, device and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112631726A true CN112631726A (en) | 2021-04-09 |
| CN112631726B CN112631726B (en) | 2022-05-24 |
Family
ID=75325311
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011568000.3A Active CN112631726B (en) | 2020-12-25 | 2020-12-25 | Virtual machine data processing method, system, device and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112631726B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113612689A (en) * | 2021-08-11 | 2021-11-05 | 优刻得科技股份有限公司 | Message forwarding method, system, device and medium |
| CN113904986A (en) * | 2021-09-29 | 2022-01-07 | 烽火通信科技股份有限公司 | Two-layer intercommunication method and equipment for vxlan virtual network and vlan network |
| CN113965521A (en) * | 2021-10-19 | 2022-01-21 | 京东科技信息技术有限公司 | Data packet transmission method, server and storage medium |
| CN114124683A (en) * | 2021-09-26 | 2022-03-01 | 奇安信科技集团股份有限公司 | Network card configuration method and device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140112205A1 (en) * | 2012-10-24 | 2014-04-24 | Cisco Technology, Inc. | System and method for pinning virtual machine adapters to physical adapters in a network environment |
| CN107278359A (en) * | 2016-11-09 | 2017-10-20 | 华为技术有限公司 | The method of Message processing, main frame and system in cloud computing system |
| CN110391993A (en) * | 2019-07-12 | 2019-10-29 | 苏州浪潮智能科技有限公司 | A kind of data processing method and system |
-
2020
- 2020-12-25 CN CN202011568000.3A patent/CN112631726B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140112205A1 (en) * | 2012-10-24 | 2014-04-24 | Cisco Technology, Inc. | System and method for pinning virtual machine adapters to physical adapters in a network environment |
| CN107278359A (en) * | 2016-11-09 | 2017-10-20 | 华为技术有限公司 | The method of Message processing, main frame and system in cloud computing system |
| CN110391993A (en) * | 2019-07-12 | 2019-10-29 | 苏州浪潮智能科技有限公司 | A kind of data processing method and system |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113612689A (en) * | 2021-08-11 | 2021-11-05 | 优刻得科技股份有限公司 | Message forwarding method, system, device and medium |
| CN114124683A (en) * | 2021-09-26 | 2022-03-01 | 奇安信科技集团股份有限公司 | Network card configuration method and device, electronic equipment and storage medium |
| CN114124683B (en) * | 2021-09-26 | 2024-03-08 | 奇安信科技集团股份有限公司 | Network card configuration method and device, electronic equipment and storage medium |
| CN113904986A (en) * | 2021-09-29 | 2022-01-07 | 烽火通信科技股份有限公司 | Two-layer intercommunication method and equipment for vxlan virtual network and vlan network |
| CN113904986B (en) * | 2021-09-29 | 2022-11-18 | 烽火通信科技股份有限公司 | Two-layer intercommunication method and equipment for vxlan virtual network and vlan network |
| CN113965521A (en) * | 2021-10-19 | 2022-01-21 | 京东科技信息技术有限公司 | Data packet transmission method, server and storage medium |
| CN113965521B (en) * | 2021-10-19 | 2024-03-01 | 京东科技信息技术有限公司 | Data packet transmission method, server and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112631726B (en) | 2022-05-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112631726B (en) | Virtual machine data processing method, system, device and medium | |
| CN107276783B (en) | Method, device and system for realizing unified management and intercommunication of virtual machines | |
| CN109660443B (en) | SDN-based physical device and virtual network communication method and system | |
| Bakshi | Considerations for software defined networking (SDN): Approaches and use cases | |
| CN106685787B (en) | PowerVM (virtual machine) virtualized network management method and device based on OpenStack | |
| Wang et al. | Network virtualization: Technologies, perspectives, and frontiers | |
| US10476699B2 (en) | VLAN to VXLAN translation using VLAN-aware virtual machines | |
| CN106713103B (en) | Method and system for virtual and physical network integration | |
| CN111224821B (en) | Security service deployment system, method and device | |
| CN112671578B (en) | SRIOV virtual network configuration method and related device | |
| WO2020135542A1 (en) | Cloud computing data center system, gateway, server, and message processing method | |
| CN109861899B (en) | Virtual home gateway and implementation method, home network center and data processing method | |
| CN111064649B (en) | Method and device for realizing binding of layered ports, control equipment and storage medium | |
| CN111756658A (en) | Network Function Virtualization (NFV) backplane on forwarding microchip | |
| WO2017032251A1 (en) | Virtual network management | |
| WO2019040720A1 (en) | Accessing endpoints in logical networks and public cloud service providers native networks using a single network interface and a single routing table | |
| CN103905309A (en) | Method and system of data exchange between virtual machines | |
| US20220385497A1 (en) | Method for network slices to share uplink port, apparatus, and storage medium | |
| CN114301868A (en) | Method for quickly generating floating IP of virtual container and method and device for network direct connection | |
| CN108574613A (en) | The double layer intercommunication method and device of SDN data centers | |
| CN111404797B (en) | Control method, SDN controller, SDN access point, SDN gateway and CE | |
| CN105264837B (en) | A kind of Transmission system of data message, transmission method and equipment | |
| CN109756419A (en) | Routing iinformation distribution method, device and RR | |
| CN109995636B (en) | Hybrid networking method, device, system, equipment and medium | |
| CN114124714A (en) | Multi-level network deployment method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |