CN112910726A - Cloud environment flow monitoring method, device and system - Google Patents

Cloud environment flow monitoring method, device and system Download PDF

Info

Publication number
CN112910726A
CN112910726A CN202110073112.XA CN202110073112A CN112910726A CN 112910726 A CN112910726 A CN 112910726A CN 202110073112 A CN202110073112 A CN 202110073112A CN 112910726 A CN112910726 A CN 112910726A
Authority
CN
China
Prior art keywords
server
service
acquisition
monitoring
configuration information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110073112.XA
Other languages
Chinese (zh)
Inventor
李贤平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Cloud Information Technology Co Ltd
Original Assignee
Inspur Cloud Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Cloud Information Technology Co Ltd filed Critical Inspur Cloud Information Technology Co Ltd
Priority to CN202110073112.XA priority Critical patent/CN112910726A/en
Publication of CN112910726A publication Critical patent/CN112910726A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0876Network utilisation, e.g. volume of load or congestion level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services

Abstract

The invention provides a cloud environment flow monitoring method, a cloud environment flow monitoring device and a cloud environment flow monitoring system. The method comprises the following steps: determining a target service subnet and deploying a server according to the scale of each service subnet in the cloud environment in advance; deploying at least one acquisition terminal and registering the acquisition terminal to a server terminal; when receiving configuration information for representing the start of monitoring, the server side sends the configuration information to an API (application programming interface) of an acquisition side in each service subnet; when receiving the configuration information sent by the server, each acquisition end distributes the configuration information to other acquisition ends in the current service subnet; each acquisition end checks the connectivity of each connected device according to the configuration information and determines the connected devices; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through the API so as to store the statistical result by the server; and when receiving the query request, the server side pushes the stored statistical result to at least one external management terminal. The scheme of the invention can monitor the flow of each service subnet in the cloud environment.

Description

Cloud environment flow monitoring method, device and system
Technical Field
The invention relates to the technical field of flow detection, in particular to a cloud environment flow monitoring method, device and system.
Background
As cloud computing has matured, various applications based on cloud environments have become more and more widespread. In a cloud environment, with the continuous expansion of the scale of a data center, different service subnets need to be divided to carry different services in different service scenarios.
Traffic in the service subnets is invisible during operation, and due to the large number of devices in each service subnet, the ingress and egress traffic of the devices in each service subnet is difficult to monitor.
Based on the above problems, a method capable of monitoring traffic of each service subnet in a cloud environment is needed.
Disclosure of Invention
The embodiment of the invention provides a method, a device and a system for monitoring cloud environment traffic, which can monitor traffic of each service subnet in a cloud environment.
In a first aspect, an embodiment of the present invention provides a cloud environment traffic monitoring method, including: firstly, determining a target service subnet according to the scale of each service subnet in a cloud environment, and deploying a server in the target service subnet; deploying at least one acquisition terminal according to the number of the devices in each service subnet and registering the acquisition terminal to the server terminal, wherein each acquisition terminal is connected with at least one device in the service subnet where the acquisition terminal is located; further comprising:
the server side sends configuration information to an API interface of an acquisition side in each service subnet when receiving the configuration information for representing the start of monitoring; so that each acquisition end carries out flow monitoring when receiving the configuration information;
when receiving the configuration information sent by the server, each acquisition end distributes the configuration information to other acquisition ends in the current service subnet;
each acquisition end checks the connectivity of each connected device according to the configuration information and determines the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through an API (application program interface) so as to store the statistical result by the server;
and the server side pushes the stored statistical result to at least one external management terminal when receiving the query request.
Preferably, the first and second electrodes are formed of a metal,
the server comprises a database cluster and a service cluster;
the deploying a server in the target service subnet includes:
building a database cluster by utilizing at least two databases in a master-slave mode;
creating a service cluster with at least two servers;
configuring main Nginx service and standby Nginx service and using keepalived software to realize high availability;
and reverse proxy is carried out on the API of each server by utilizing the Nginx service, and the API of the Nginx service is exposed to the outside and serves as the API of the server side.
Preferably, the first and second electrodes are formed of a metal,
the monitoring of the flow value of the corresponding connected device and the statistics, and the sending of the statistical result to the server through the API, includes:
according to a preset detection period, periodically monitoring the flow value of the connected equipment in and out in a monitoring period through a simple network protocol (SNMP), judging whether the monitoring value is greater than a threshold value, and if not, returning the monitoring value to the server; if yes, generating alarm information and returning the alarm information to the server side;
and when the server side receives the monitoring value or the alarm information sent by an acquisition side, the monitoring value or the alarm information is stored in the database cluster according to the registration information of the acquisition side.
Preferably, the first and second electrodes are formed of a metal,
further comprising:
the server side generates a cloud center service topological graph according to the connection relation between each service subnet and the registered acquisition side;
and pushing the cloud center service topological graph to an external display terminal for display by using the API of the Nginx service.
Preferably, the first and second electrodes are formed of a metal,
when the server side receives a target detection value sent by a target acquisition side, the position of the target acquisition side in a cloud environment is positioned according to the registration information of the target acquisition side, and a normal mark indicating that a monitored value is normal and the target detection value are displayed at the position of the target acquisition side in the cloud center topological graph;
when receiving target alarm information sent by a target acquisition end, the server end positions the position of the target acquisition end in a cloud environment according to the registration information of the target acquisition end, and displays an abnormal identifier representing that a monitoring value is abnormal at the position of the target acquisition end in the cloud center topological graph.
Preferably, the first and second electrodes are formed of a metal,
the method for monitoring the flow value of the connected equipment in the inlet and outlet in a monitoring period periodically through a simple network protocol (SNMP) according to a preset detection period comprises the following steps:
for each of the connected devices, performing: calling a first uplink flow value ifInOcets and a first downlink flow value ifOutOcets which characterize accumulated flow values in MIB values of the current connected equipment;
after a detection period, determining a current second uplink flow value ifInOctets and a current second downlink flow value ifOutOctets;
determining an uplink difference value of the first uplink flow value and the second uplink flow value and a downlink difference value of the first downlink flow value and the second downlink flow value;
and dividing the uplink difference value and the downlink difference value by the time interval of the detection period respectively to obtain the monitoring value of the currently connected equipment.
Preferably, the first and second electrodes are formed of a metal,
after each acquisition terminal checks the connectivity of each connected device when receiving the configuration information, the method further includes:
determining the equipment number of at least one piece of equipment with connection failure;
sending at least one equipment number to the server;
and when the server receives the equipment number, displaying a reminding identifier for representing that the equipment connection failure exists and the equipment number at a service subnet where the acquisition end which sends the equipment number in the cloud center service topological graph is located.
In a second aspect, an embodiment of the present invention provides a cloud environment traffic monitoring apparatus based on the cloud environment traffic monitoring method in any one of the first aspects, including: the system comprises a user side, a server side and at least one acquisition side;
the user side is used for determining a target service subnet in advance according to the scale of each service subnet in the cloud environment and deploying the server side in the target service subnet; deploying at least one acquisition terminal according to the number of the devices in each service subnet and registering the acquisition terminal to the server terminal, wherein each acquisition terminal is connected with at least one device in the service subnet where the acquisition terminal is located;
the service end is used for sending configuration information to an API (application programming interface) interface of an acquisition end in each service subnet when receiving the configuration information for representing the start of monitoring, so that each acquisition end carries out flow monitoring when receiving the configuration information;
each acquisition terminal is used for distributing the configuration information to other acquisition terminals in the current service subnet when receiving the configuration information sent by the server terminal; checking the connectivity of each connected device according to the configuration information, and determining the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through an API (application program interface) so as to store the statistical result by the server;
and the server is also used for pushing the stored statistical result to at least one external management terminal when receiving the query request.
Preferably, the first and second electrodes are formed of a metal,
when the server includes a database cluster and a service cluster, the client, when executing the deployment of the server in the target service subnet, specifically executes:
building a database cluster by utilizing at least two databases in a master-slave mode;
creating a service cluster with at least two servers;
configuring main Nginx service and standby Nginx service and using keepalived software to realize high availability;
and reverse proxy is carried out on the API of each server by utilizing the Nginx service, and the API of the Nginx service is exposed to the outside and serves as the API of the server side.
In a third aspect, an embodiment of the present invention provides a cloud environment traffic monitoring system, including: the cloud environment traffic monitoring device and the external management terminal according to any one of the second aspects;
and the external management terminal is used for receiving the statistical result sent by the cloud environment flow detection device.
The embodiment of the invention provides a cloud environment flow monitoring method, a cloud environment flow monitoring device and a cloud environment flow monitoring system. According to the technical scheme, one of the service subnets is selected as a target service subnet according to the scale of the service subnet, and a server is deployed in the target service subnet, wherein the server is a registration point of a collection terminal and is used for managing the collection terminals in each service subnet and providing services for clients. And deploying a corresponding number of acquisition ends according to the number of the equipment of each service subnet, registering the acquisition ends to the server ends by the acquisition ends, and connecting each acquisition end with at least one piece of equipment in the service subnet where the acquisition end is located. The server side sends configuration information to an API interface of an acquisition side in each service subnet when receiving the configuration information for representing the start of monitoring; so that each acquisition end carries out flow monitoring when receiving the configuration information; when receiving the configuration information sent by the server, each acquisition end distributes the configuration information to other acquisition ends in the current service subnet; each acquisition end checks the connectivity of each connected device according to the configuration information and determines the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through an API (application program interface) so as to store the statistical result by the server; and the server side pushes the stored statistical result to at least one external management terminal when receiving the query request. Therefore, in the scheme provided by the invention, the acquisition end is placed in the service subnet to complete the traffic monitoring task, different acquisition ends are correspondingly placed in a plurality of service subnets with different services in the cloud environment to acquire network traffic information, and the traffic monitoring of the virtual network of the service subnets with different network segments and disconnected with each other is realized. And a network flow monitoring server is deployed in a certain service subnet of the cloud center, and the network flow conditions of the whole cloud center and specific equipment are stored and pushed. The service end is deployed in a certain service subnet to provide services for operation and maintenance personnel and tenants, and the service end needs to be ensured to be communicated with the network of the acquisition end deployed in other service subnets so as to realize monitoring of all devices in the same cloud center. Therefore, the technical scheme provided by the invention can realize the monitoring of the flow of each service subnet in the cloud environment.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a cloud environment traffic monitoring method according to an embodiment of the present invention;
fig. 2 is a schematic deployment diagram of a server and a collector according to an embodiment of the present invention;
FIG. 3 is a schematic deployment diagram of a server according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a cloud environment traffic monitoring apparatus according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a cloud environment traffic monitoring system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
With the maturity of cloud computing, the scale of a data center is larger and larger, different service subnets are often divided to carry different services according to different service scenes, and the service subnets are basically isolated from each other and may be communicated with each other. The devices in the traffic sub-network may be tens or thousands. The monitoring of the cloud environment and the cloud system under one cloud center is very important, and cloud service providers and customers expect to see the flow of the managed equipment, which is very difficult. Meanwhile, the number of network models under the cloud center is large, and network management and quality are difficult to control. Each flow blind area is displayed in a visual mode in front of people, and the method is a research direction of cloud supervision business.
The following describes a method, an apparatus, and a system for monitoring cloud environment traffic according to various embodiments of the present invention in detail with reference to the accompanying drawings.
As shown in fig. 1, an embodiment of the present invention provides a cloud environment traffic monitoring method, including the following steps:
step 101: determining a target service subnet in advance according to the scale of each service subnet in the cloud environment, and deploying a server in the target service subnet; deploying at least one acquisition terminal according to the number of the devices in each service subnet and registering the acquisition terminal to the server terminal, wherein each acquisition terminal is connected with at least one device in the service subnet where the acquisition terminal is located;
step 102: the server side sends configuration information to an API interface of an acquisition side in each service subnet when receiving the configuration information for representing the start of monitoring; so that each acquisition end carries out flow monitoring when receiving the configuration information;
step 103: when receiving the configuration information sent by the server, each acquisition end distributes the configuration information to other acquisition ends in the current service subnet;
step 104: each acquisition end checks the connectivity of each connected device according to the configuration information and determines the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through an API (application program interface) so as to store the statistical result by the server;
step 105: and the server side pushes the stored statistical result to at least one external management terminal when receiving the query request.
According to the technical scheme, one of the service subnets is selected as a target service subnet according to the scale of the service subnet, and a server is deployed in the target service subnet, wherein the server is a registration point of a collection terminal and is used for managing the collection terminals in each service subnet and providing services for clients. And deploying a corresponding number of acquisition ends according to the number of the equipment of each service subnet, registering the acquisition ends to the server ends by the acquisition ends, and connecting each acquisition end with at least one piece of equipment in the service subnet where the acquisition end is located. The server side sends configuration information to an API interface of an acquisition side in each service subnet when receiving the configuration information for representing the start of monitoring; so that each acquisition end carries out flow monitoring when receiving the configuration information; when receiving the configuration information sent by the server, each acquisition end distributes the configuration information to other acquisition ends in the current service subnet; each acquisition end checks the connectivity of each connected device according to the configuration information and determines the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through an API (application program interface) so as to store the statistical result by the server; and the server side pushes the stored statistical result to at least one external management terminal when receiving the query request. Therefore, in the scheme provided by the invention, the acquisition end is placed in the service subnet to complete the traffic monitoring task, different acquisition ends are correspondingly placed in a plurality of service subnets with different services in the cloud environment to acquire network traffic information, and the traffic monitoring of the virtual network of the service subnets with different network segments and disconnected with each other is realized. And a network flow monitoring server is deployed in a certain service subnet of the cloud center, and the network flow conditions of the whole cloud center and specific equipment are stored and pushed. The service end is deployed in a certain service subnet to provide services for operation and maintenance personnel and tenants, and the service end needs to be ensured to be communicated with the network of the acquisition end deployed in other service subnets so as to realize monitoring of all devices in the same cloud center. Therefore, the technical scheme provided by the invention can realize the monitoring of the flow of each service subnet in the cloud environment.
As shown in fig. 2, a deployment diagram of a server and an acquisition end may select a larger service subnet 200 to deploy a server 201 and an acquisition end 202, and get through each acquisition end to the server network to ensure interconnection. And a clustered server is deployed under a larger business subnet in the cloud center, and a plurality of REST API interfaces are provided for registration of a collection end, monitoring information release, collection, analysis and display of collected information, large-screen display and equipment network flow warning and clearing. High availability is realized through the clustering deployment of components such as a server, a database, a message queue and the like; and the concurrent processing capacity of the server is improved through load balancing. And an extensible acquisition terminal is deployed in the service and the subnet. In detail, the acquisition end can be arranged in a container mode, the number of the acquisition ends is flexibly selected according to the number of devices in a service network, a plurality of acquisition ends can form an acquisition node, the acquisition nodes can be matched with one another to complete all tasks, the efficiency is improved, and meanwhile, the acquisition nodes have horizontal and vertical expansion. When the acquisition end deployment is completed, the REST API provided by the server end is provided to initiate registration and provide a health check port, such as the acquisition node 204 composed of the plurality of acquisition ends 203 in fig. 2. After the registration is successful, all the information of the acquisition terminals registered by the server terminal can be acquired in real time, and the service network related display and data transmission are carried out according to the information. The smaller service subnets of the cloud center are integrated, all the devices are allocated to different service subnets for monitoring, the number of the acquisition terminals in the current service subnet is flexibly matched according to the number of the devices in the current service subnet, for example, in fig. 2, the acquisition terminals 205 correspond to two smaller service subnets 206. When a certain service sub-network exists, a plurality of acquisition ends are combined to complete tasks sent by a server end, the plurality of acquisition ends are regarded as a large acquisition end, and the operation of the whole combined acquisition end cannot be influenced when a certain acquisition end generates errors.
The acquisition of the acquisition end is controlled by the server, the configuration information of the relevant acquired equipment is transmitted by the server, and the acquisition end is only responsible for data acquisition, high-grade data return, so that the real-time performance and the accuracy of the equipment information are effectively enhanced. In one step, the acquisition end performs pre-inspection on each acquired device, inspects the connectivity of the device, filters the devices which cannot be communicated, and then starts formal acquisition, thereby avoiding unnecessary resource waste. In addition, the collection node formed by combining a plurality of collection ends has one collection end to receive the equipment information sent by the server end and distribute the equipment information to other collection ends, and meanwhile, the collection task is completed, and the collection efficiency is improved.
In an embodiment of the present invention, the server includes a database cluster and a service cluster;
the deploying a server in the target service subnet includes:
building a database cluster by utilizing at least two databases in a master-slave mode;
creating a service cluster with at least two servers;
configuring main Nginx service and standby Nginx service and using keepalived software to realize high availability;
and reverse proxy is carried out on the API of each server by utilizing the Nginx service, and the API of the Nginx service is exposed to the outside and serves as the API of the server side.
Specifically, a deployment diagram of the server is shown in fig. 3. The master-slave database building cluster 301 is adopted, and comprises a master database 3011 and two slave databases 3012 to improve the high availability of the databases, the three servers 3021, 3022, and 3023 are used to create the service cluster 302, and to implement load balancing, and the server cluster 302 where the server is located is deployed with a Nginx service and configured with a Nginx master and a Nginx backup, which are a master Nginx3024 and a backup Nginx3025, respectively, to ensure that the service is available in unexpected situations. High availability is achieved by using keepalived, and the API is exposed externally, external access is provided, and access flow is limited.
Keepalived is a high-performance server high-availability or hot standby solution, can be used for preventing the occurrence of single-point failure of a server, and can realize the high availability of the web front-end service by matching with Nginx.
Keepalived is based on implementation of the VRRP protocol, which is used to implement High Availability (HA). VRRP (virtual router redundancy protocol) protocol is a protocol for implementing router redundancy, the VRRP protocol virtualizes two or more router devices into one device, provides a virtual router IP(s) for the outside, and inside a router group, if a router actually having the external IP works normally, the router is a MASTER, or is generated by algorithm election, the MASTER implements various network functions for the virtual router IP, such as ARP request, ICMP, and forwarding of data; the other devices do not own the virtual IP, the status is BACKUP, and no external network function is executed except for receiving VRRP status notification information of MASTER. When the host fails, BACKUP will take over the network function of the original MASTER. The VRRP protocol uses multicast data to transmit VRRP data, the VRRP data uses a special virtual source MAC address to transmit data but not the MAC address of a self network card, when the VRRP runs, only a MASTER router periodically transmits VRRP notification information to indicate that the MASTER normally works and virtual router IP (group), BACKUP only receives the VRRP data but not transmits the data, if the notification information of the MASTER is not received within a certain time, each BACKUP declares itself to be the MASTER, transmits the notification information and carries out MASTER election state again.
In an embodiment of the present invention, the monitoring and counting a flow value of a corresponding connected device, and sending a statistical result to the server through an API, includes:
according to a preset detection period, periodically monitoring the flow value of the connected equipment in and out in a monitoring period through a simple network protocol (SNMP), judging whether the monitoring value is greater than a threshold value, and if not, returning the monitoring value to the server; if yes, generating alarm information and returning the alarm information to the server side;
and when the server side receives the monitoring value or the alarm information sent by an acquisition side, the monitoring value or the alarm information is stored in the database cluster according to the registration information of the acquisition side.
When the cloud center and the client use, the network is smooth or not and the network speed meets the requirements or not, and the flow in and out conditions and the flow in and out sizes are usually ignored. SNMP is a simple network protocol, is suitable for almost all network devices, supports the collection of various indexes, is an ideal monitoring protocol, and is accepted by most people. And monitoring the whole cloud center and network access and output flow information of specific equipment in the cloud center. The network access flow collection can be carried out by opening the SNMP protocol and communicating the collection end. The acquisition end can configure acquisition intervals to detect network traffic within a certain period of time. By setting at the server, the network traffic information can be detected and displayed in the time dimension. The corresponding port flow data are collected through the SNMP protocol, so that not only can flow monitoring be carried out on a virtualization product, but also the flow of the hardware equipment and the inlet and outlet of the detailed port of the whole cloud center and historical data can be monitored.
In an embodiment of the present invention, the method further includes: the server side generates a cloud center service topological graph according to the connection relation between each service subnet and the registered acquisition side;
and pushing the cloud center service topological graph to an external display terminal for display by using the API of the Nginx service.
When the server side receives a target detection value sent by a target acquisition side, the position of the target acquisition side in a cloud environment is positioned according to the registration information of the target acquisition side, and a normal mark indicating that a monitored value is normal and the target detection value are displayed at the position of the target acquisition side in the cloud center topological graph;
when receiving target alarm information sent by a target acquisition end, the server end positions the position of the target acquisition end in a cloud environment according to the registration information of the target acquisition end, and displays an abnormal identifier representing that a monitoring value is abnormal at the position of the target acquisition end in the cloud center topological graph.
Specifically, the acquisition end firstly monitors ports of the equipment, then monitors the flow of the inlet and the outlet of each port, and simultaneously judges whether the network flow exceeds a threshold value, and performs alarming and clearing operations. And cutting a part of data processing of the server side to the acquisition side.
The server side can display the condition of the whole cloud center network through a foreground interface, manually configure objects needing to be monitored, send alarms, analyze reasons for generating the alarms and check specific information of the monitored objects;
when the interface is displayed, the flow of the whole cloud center, all subordinate network hardware equipment and all subordinate virtual machine products can be displayed, and history records are provided. When the data is updated, the interface data is updated in real time, and the abnormal real-time discovery is achieved. Correspondingly, the cloud center service topological graph formed by the registered connection of the acquisition ends can display the alarm information of the acquisition ends in real time, and facilitates the positioning of abnormal areas.
Further, after the alarm occurs, if it is analyzed that the host to which the acquisition client belongs does not have a network fault, the analysis condition of the acquisition client is checked, if the network state is changed from the original abnormal state to the current normal state, the alarm clearing processing is initiated, the message queue of the alarm platform is connected, and the alarm clearing information is pushed to the alarm queue for alarm clearing.
When the system is built, operation and maintenance personnel enter equipment configuration information, an alarm personnel list, a collection interval and flow monitoring time. The acquisition end runs and sends a registration request to the server end, the server end starts to periodically perform health check, equipment information is distributed to each acquisition end according to acquisition intervals, and the acquisition ends return monitoring data and alarm and clear the information. After the alarm is generated, all people in the alarm list receive the alarm information, and the operation and maintenance personnel trigger the problem solving. After the server side obtains the data, the operation and maintenance personnel, the client and the leader can see the monitoring data.
In an embodiment of the present invention, the periodically monitoring an incoming/outgoing flow value of the connected device in a monitoring period according to a preset detection period through a simple network protocol SNMP includes:
for each of the connected devices, performing: calling a first uplink flow value ifInOcets and a first downlink flow value ifOutOcets which characterize accumulated flow values in MIB values of the current connected equipment;
after a detection period, determining a current second uplink flow value ifInOctets and a current second downlink flow value ifOutOctets;
determining an uplink difference value of the first uplink flow value and the second uplink flow value and a downlink difference value of the first downlink flow value and the second downlink flow value;
and dividing the uplink difference value and the downlink difference value by the time interval of the detection period respectively to obtain the monitoring value of the currently connected equipment.
In an embodiment of the present invention, after each of the acquisition terminals checks connectivity of each of the connected devices when receiving the configuration information, the method further includes:
determining the equipment number of at least one piece of equipment with connection failure;
sending at least one equipment number to the server;
and when the server receives the equipment number, displaying a reminding identifier for representing that the equipment connection failure exists and the equipment number at a service subnet where the acquisition end which sends the equipment number in the cloud center service topological graph is located.
As shown in fig. 4, an embodiment of the present invention provides a cloud environment traffic monitoring apparatus based on the cloud environment traffic monitoring method shown in fig. 1, including: a user side 401, a server side 402 and at least one acquisition side 403;
the user side 401 is configured to determine a target service subnet in advance according to the scale of each service subnet in the cloud environment, and deploy the server side 402 in the target service subnet; deploying at least one acquisition terminal 403 according to the number of devices in each service subnet and registering the acquisition terminal 403 to the server terminal 402, wherein each acquisition terminal 403 is connected with at least one device in the service subnet where the acquisition terminal 403 is located;
the server 402 is configured to send configuration information to an API interface of an acquisition end 403 in each service subnet when receiving configuration information for characterizing start of monitoring, so that each acquisition end 403 performs traffic monitoring when receiving the configuration information;
each acquisition terminal 403 is configured to distribute, when receiving the configuration information sent by the server terminal 402, to other acquisition terminals 403 in the current service subnet; checking the connectivity of each connected device according to the configuration information, and determining the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending a statistical result to the server 402 through an API (application programming interface) so as to store the statistical result by the server 402;
the server 402 is further configured to, when receiving a query request, push the stored statistical result to at least one external management terminal.
In an embodiment of the present invention, when the server 402 includes a database cluster and a service cluster, the user specifically performs, when the server 402 is deployed in the target service subnet, the following steps:
building a database cluster by utilizing at least two databases in a master-slave mode;
creating a service cluster with at least two servers;
configuring main Nginx service and standby Nginx service and using keepalived software to realize high availability;
the API of each server is reversely proxied by using the Nginx service, and the API of the Nginx service is externally exposed as the API of the server 402.
It is to be understood that the illustrated structure of the embodiment of the present invention does not constitute a specific limitation to the cloud environment flow monitoring apparatus. In other embodiments of the invention, the cloud environment flow monitoring device may include more or fewer components than shown, or combine certain components, or split certain components, or a different arrangement of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
Because the information interaction, execution process, and other contents between the units in the device are based on the same concept as the method embodiment of the present invention, specific contents may refer to the description in the method embodiment of the present invention, and are not described herein again.
As shown in fig. 5, an embodiment of the present invention provides a cloud environment traffic monitoring system, including:
a cloud environment traffic monitoring device 501 and an external management terminal 502 described in any one of fig. 4;
the external management terminal 502 is configured to receive the statistical result sent by the cloud environment traffic detection apparatus 501.
The information interaction, execution process and other contents between the units in the system are based on the same concept as the method embodiment of the present invention, and specific contents can be referred to the description in the method embodiment of the present invention, and are not described herein again.
It should be noted that not all steps and modules in the above flows and system structure diagrams are necessary, and some steps or modules may be omitted according to actual needs. The execution order of the steps is not fixed and can be adjusted as required. The system structure described in the above embodiments may be a physical structure or a logical structure, that is, some modules may be implemented by the same physical entity, or some modules may be implemented by a plurality of physical entities, or some components in a plurality of independent devices may be implemented together.
In the above embodiments, the hardware unit may be implemented mechanically or electrically. For example, a hardware element may comprise permanently dedicated circuitry or logic (such as a dedicated processor, FPGA or ASIC) to perform the corresponding operations. The hardware elements may also comprise programmable logic or circuitry, such as a general purpose processor or other programmable processor, that may be temporarily configured by software to perform the corresponding operations. The specific implementation (mechanical, or dedicated permanent, or temporarily set) may be determined based on cost and time considerations.
While the invention has been shown and described in detail in the drawings and in the preferred embodiments, the invention is not limited to the embodiments disclosed, and those skilled in the art will appreciate that various combinations of code auditing means in the various embodiments described above may be employed to obtain further embodiments of the invention, which are also within the scope of the invention.

Claims (10)

1. The cloud environment flow monitoring method is characterized by comprising the following steps: determining a target service subnet in advance according to the scale of each service subnet in the cloud environment, and deploying a server in the target service subnet; deploying at least one acquisition terminal according to the number of the devices in each service subnet and registering the acquisition terminal to the server terminal, wherein each acquisition terminal is connected with at least one device in the service subnet where the acquisition terminal is located; further comprising:
the server side sends configuration information to an API interface of an acquisition side in each service subnet when receiving the configuration information for representing the start of monitoring; so that each acquisition end carries out flow monitoring when receiving the configuration information;
when receiving the configuration information sent by the server, each acquisition end distributes the configuration information to other acquisition ends in the current service subnet;
each acquisition end checks the connectivity of each connected device according to the configuration information and determines the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through an API (application program interface) so as to store the statistical result by the server;
and the server side pushes the stored statistical result to at least one external management terminal when receiving the query request.
2. The method of claim 1,
the server comprises a database cluster and a service cluster;
the deploying a server in the target service subnet includes:
building a database cluster by utilizing at least two databases in a master-slave mode;
creating a service cluster with at least two servers;
configuring main Nginx service and standby Nginx service and using keepalived software to realize high availability;
and reverse proxy is carried out on the API of each server by utilizing the Nginx service, and the API of the Nginx service is exposed to the outside and serves as the API of the server side.
3. The method of claim 2,
the monitoring of the flow value of the corresponding connected device and the statistics, and the sending of the statistical result to the server through the API, includes:
according to a preset detection period, periodically monitoring the flow value of the connected equipment in and out in a monitoring period through a simple network protocol (SNMP), judging whether the monitoring value is greater than a threshold value, and if not, returning the monitoring value to the server; if yes, generating alarm information and returning the alarm information to the server side;
and when the server side receives the monitoring value or the alarm information sent by an acquisition side, the monitoring value or the alarm information is stored in the database cluster according to the registration information of the acquisition side.
4. The method of claim 2,
further comprising:
the server side generates a cloud center service topological graph according to the connection relation between each service subnet and the registered acquisition side;
and pushing the cloud center service topological graph to an external display terminal for display by using the API of the Nginx service.
5. The method of claim 4,
when the server side receives a target detection value sent by a target acquisition side, the position of the target acquisition side in a cloud environment is positioned according to the registration information of the target acquisition side, and a normal mark indicating that a monitored value is normal and the target detection value are displayed at the position of the target acquisition side in the cloud center topological graph;
when receiving target alarm information sent by a target acquisition end, the server end positions the position of the target acquisition end in a cloud environment according to the registration information of the target acquisition end, and displays an abnormal identifier representing that a monitoring value is abnormal at the position of the target acquisition end in the cloud center topological graph.
6. The method of claim 3,
the method for monitoring the flow value of the connected equipment in the inlet and outlet in a monitoring period periodically through a simple network protocol (SNMP) according to a preset detection period comprises the following steps:
for each of the connected devices, performing: calling a first uplink flow value ifInOcets and a first downlink flow value ifOutOcets which characterize accumulated flow values in MIB values of the current connected equipment;
after a detection period, determining a current second uplink flow value ifInOctets and a current second downlink flow value ifOutOctets;
determining an uplink difference value of the first uplink flow value and the second uplink flow value and a downlink difference value of the first downlink flow value and the second downlink flow value;
and dividing the uplink difference value and the downlink difference value by the time interval of the detection period respectively to obtain the monitoring value of the currently connected equipment.
7. The method according to any one of claims 1 to 6,
after each of the acquisition terminals checks the connectivity of each of the connected devices upon receiving the configuration information, the method further includes:
determining the equipment number of at least one piece of equipment with connection failure;
sending at least one equipment number to the server;
and when the server receives the equipment number, displaying a reminding identifier for representing that the equipment connection failure exists and the equipment number at a service subnet where the acquisition end which sends the equipment number in the cloud center service topological graph is located.
8. The cloud environment flow monitoring device based on the cloud environment flow monitoring method according to any one of claims 1 to 7, characterized by comprising: the system comprises a user side, a server side and at least one acquisition side;
the user side is used for determining a target service subnet in advance according to the scale of each service subnet in the cloud environment and deploying the server side in the target service subnet; deploying at least one acquisition terminal according to the number of the devices in each service subnet and registering the acquisition terminal to the server terminal, wherein each acquisition terminal is connected with at least one device in the service subnet where the acquisition terminal is located;
the service end is used for sending configuration information to an API (application programming interface) interface of an acquisition end in each service subnet when receiving the configuration information for representing the start of monitoring, so that each acquisition end carries out flow monitoring when receiving the configuration information;
each acquisition terminal is used for distributing the configuration information to other acquisition terminals in the current service subnet when receiving the configuration information sent by the server terminal; checking the connectivity of each connected device according to the configuration information, and determining the connected device which is successfully connected; monitoring the flow value of the corresponding connected equipment, carrying out statistics, and sending the statistical result to the server through an API (application program interface) so as to store the statistical result by the server;
and the server is also used for pushing the stored statistical result to at least one external management terminal when receiving the query request.
9. The apparatus of claim 8,
when the server includes a database cluster and a service cluster, the client, when executing the deployment of the server in the target service subnet, specifically executes:
building a database cluster by utilizing at least two databases in a master-slave mode;
creating a service cluster with at least two servers;
configuring main Nginx service and standby Nginx service and using keepalived software to realize high availability;
and reverse proxy is carried out on the API of each server by utilizing the Nginx service, and the API of the Nginx service is exposed to the outside and serves as the API of the server side.
10. Cloud environment flow monitoring system, its characterized in that includes:
the cloud environment traffic monitoring device and the external management terminal of claims 8-9;
and the external management terminal is used for receiving the statistical result sent by the cloud environment flow detection device.
CN202110073112.XA 2021-01-20 2021-01-20 Cloud environment flow monitoring method, device and system Pending CN112910726A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110073112.XA CN112910726A (en) 2021-01-20 2021-01-20 Cloud environment flow monitoring method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110073112.XA CN112910726A (en) 2021-01-20 2021-01-20 Cloud environment flow monitoring method, device and system

Publications (1)

Publication Number Publication Date
CN112910726A true CN112910726A (en) 2021-06-04

Family

ID=76116339

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110073112.XA Pending CN112910726A (en) 2021-01-20 2021-01-20 Cloud environment flow monitoring method, device and system

Country Status (1)

Country Link
CN (1) CN112910726A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114826969A (en) * 2022-03-17 2022-07-29 阿里巴巴(中国)有限公司 Network connectivity checking method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104168156A (en) * 2014-08-05 2014-11-26 中国人民解放军91655部队 Autonomous system level flow collection system and method based on Netflow
CN106330602A (en) * 2016-08-22 2017-01-11 中国科学院信息工程研究所 Method and system for monitoring cloud computing virtual tenant network
CN107623611A (en) * 2017-09-22 2018-01-23 国云科技股份有限公司 A kind of flux monitoring system of cloud platform virtual machine
CN109714192A (en) * 2018-11-29 2019-05-03 深圳供电局有限公司 A kind of monitoring method and system monitoring cloud platform
CN110708209A (en) * 2019-08-28 2020-01-17 无锡华云数据技术服务有限公司 Virtual machine flow acquisition method and device, electronic equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104168156A (en) * 2014-08-05 2014-11-26 中国人民解放军91655部队 Autonomous system level flow collection system and method based on Netflow
CN106330602A (en) * 2016-08-22 2017-01-11 中国科学院信息工程研究所 Method and system for monitoring cloud computing virtual tenant network
CN107623611A (en) * 2017-09-22 2018-01-23 国云科技股份有限公司 A kind of flux monitoring system of cloud platform virtual machine
CN109714192A (en) * 2018-11-29 2019-05-03 深圳供电局有限公司 A kind of monitoring method and system monitoring cloud platform
CN110708209A (en) * 2019-08-28 2020-01-17 无锡华云数据技术服务有限公司 Virtual machine flow acquisition method and device, electronic equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
徐晗: "基于SNMP协议的网络流量监控系统", 《中国优秀硕士学位论文全文数据库信息科技辑》 *
王佳: "基于SNMP的网络流量监控系统的设计与实现", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114826969A (en) * 2022-03-17 2022-07-29 阿里巴巴(中国)有限公司 Network connectivity checking method, device, equipment and storage medium
CN114826969B (en) * 2022-03-17 2024-02-06 阿里巴巴(中国)有限公司 Network connectivity checking method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN105165054B (en) Network service failure processing method, service management system and system management module
CN101282237B (en) Synthetic network management system based on SNMP
EP0898822B1 (en) Method and apparatus for integrated network management and systems management in communications networks
EP2486706B1 (en) Network path discovery and analysis
CN106656682B (en) Cluster heartbeat detecting method, system and device
CN111970146B (en) Monitoring platform and monitoring method for SRDC whole cabinet nodes
CN104243185B (en) A kind of experience type service monitoring system
CN112714013B (en) Application fault positioning method in cloud environment
CN109039795B (en) Cloud server resource monitoring method and system
US20040083246A1 (en) Method and system for performance management in a computer system
JP2012054622A (en) Network system, management server and oam test management method
CN108234161A (en) For the access detection method and system of on-line off-line multitiered network framework
CN113364624A (en) Mixed cloud flow acquisition method and system based on edge computing
CN112910726A (en) Cloud environment flow monitoring method, device and system
CN108599978B (en) Cloud monitoring method and device
CN112367212B (en) Virtual machine network quality monitoring method and system in cloud environment
CN113676723A (en) Non-homologous network video monitoring fault positioning method and device based on Internet of things
CN111953525A (en) Special equipment operation and maintenance monitoring system
CN111786830B (en) Network quality simulation method in cloud computing environment
CN109951313A (en) A kind of monitoring device and method of Hadoop cloud platform
US10129086B2 (en) Collection of performance data in a communications network
JP6542538B2 (en) Network monitoring system, monitoring device and monitoring method
CN116166499A (en) Data monitoring method and device, electronic equipment and nonvolatile storage medium
JP2004350198A (en) Network control system
CN115484208A (en) Distributed drainage system and method based on cloud security resource pool

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210604