CN113098728B - Health check method of load balancing system and related equipment - Google Patents

Health check method of load balancing system and related equipment Download PDF

Info

Publication number
CN113098728B
CN113098728B CN201911341247.9A CN201911341247A CN113098728B CN 113098728 B CN113098728 B CN 113098728B CN 201911341247 A CN201911341247 A CN 201911341247A CN 113098728 B CN113098728 B CN 113098728B
Authority
CN
China
Prior art keywords
server
tenant
load balancing
vpc
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911341247.9A
Other languages
Chinese (zh)
Other versions
CN113098728A (en
Inventor
朱小平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Cloud Computing Technologies Co Ltd
Original Assignee
Huawei Cloud Computing Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Cloud Computing Technologies Co Ltd filed Critical Huawei Cloud Computing Technologies Co Ltd
Priority to CN201911341247.9A priority Critical patent/CN113098728B/en
Publication of CN113098728A publication Critical patent/CN113098728A/en
Application granted granted Critical
Publication of CN113098728B publication Critical patent/CN113098728B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Abstract

The embodiment of the invention provides a health check method and related equipment of a load balancing system, wherein the method is applied to the health check of the load balancing system in a Virtual Private Cloud (VPC), and comprises the following steps: the first load balancing server sends a first detection message to the switch; the first detection message is used for detecting whether the first server normally operates or not; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the first server is a server of a first tenant in the VPC; the security group rule is a rule configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first load balancing server is a server in a load balancing cluster of the VPC. By adopting the embodiment of the invention, the potential safety hazard can be reduced.

Description

Health check method of load balancing system and related equipment
Technical Field
The invention relates to the technical field of cloud networks, in particular to a health check method and related equipment of a load balancing system.
Background
The elastic load balancing (elastic load balance, ELB) is a traffic distribution control service that distributes access traffic to a plurality of back-end servers according to a forwarding policy. Elastic load balancing can expand service capacity of an application system outside through flow distribution, and usability of the application system is improved through eliminating single-point faults.
Elastic load balancing services are typically implemented through elastic load balancing clusters. An elastic load balancing cluster typically contains multiple load balancing servers, and the elastic load balancing cluster needs to initiate health checks periodically to ensure that the response service of the backend server is not interrupted. In a virtual private cloud network, each load balancing server in a resilient load balancing cluster needs to detect whether the services of the backend servers are active to determine whether these backend servers can respond to access requests. Each load balancing server will actively initiate probing of the backend server, which may be probing with transmission control protocol (transmission control protocol, TCP) messages, user datagram protocol (user datagram protocol, UDP) messages, or internet control message protocol (internet control message protocol, ICMP) messages.
In the existing health checking method in the load balancing system based on the virtual private cloud (virtual private cloud, VPC), a detection message sent by an elastic load balancing cluster is determined whether to be forwarded to a server of a back-end tenant through a security group rule configured by default on a virtual switch, and the tenant cannot perceive that the detection message is sent to a server under the name of the tenant, namely, the detection message bypasses the security group rule of the tenant, so that potential safety hazards exist.
Therefore, how to reduce the potential safety hazard and improve the safety in the health inspection of the load balancing system based on the virtual private cloud is a problem to be solved by those skilled in the art.
Disclosure of Invention
The embodiment of the application discloses a health inspection method and related equipment of a load balancing system, which can reduce potential safety hazards and improve safety in the health inspection of the load balancing system of a virtual private cloud.
In a first aspect, an embodiment of the present application discloses a method for checking health of a load balancing system, where the method is applied to checking health of a load balancing system in a virtual private cloud VPC, and the method includes:
the first load balancing server sends a first detection message to the switch; the first detection message is used for detecting whether the first server normally operates or not; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the first server is a server of a first tenant, and the first tenant is a tenant in the VPC; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first load balancing server is a server in a load balancing cluster of the VPC.
Compared with the prior art that the detection message is determined whether to be forwarded to the server of the back-end tenant through the security group rule configured by default on the virtual switch, in the embodiment of the invention, the detection message is determined whether to be forwarded to the server of the back-end tenant through the security group rule configured by the tenant on the virtual switch, so that the tenant can completely control the information flow entering and exiting the back-end server, thereby reducing potential safety hazards and improving safety.
In one possible implementation manner, the source address of the probe message is one of addresses of VPC network segments supported by the first tenant, or a preset public network IP address.
Compared with the address of the address field used by the cloud infrastructure used in the prior art, the tenant cannot perceive the address, and in the embodiment of the application, the source address of the detection message of the health check of the load balancing system is the address of the VPC network field or the public network address, so that the tenant can perceive the access of the detection message to the back-end server, thereby reducing potential safety hazards and improving safety.
In one possible implementation manner, the probe message source address is one of addresses of VPC network segments supported by the first tenant, which is determined according to the indication of the first tenant; or the source address of the probe message is a specific address in addresses of the VPC network segments supported by the first tenant.
In one possible implementation manner, the servers in the load balancing cluster use the same address as a source address of a probe message for detecting whether the servers of the first tenant function normally, where the same address is within a range of source addresses of probe messages allowed to access the servers of the first tenant, where the security group rule includes.
In the embodiment of the application, for the detection of the health condition of the servers of the same tenant, a plurality of load balancing servers in the load balancing cluster can use the same address as the source address of the detection message, so that the occupation of the address can be reduced, and the cost of the address is saved.
In one possible implementation manner, in a case that the source address of the probe message is the preset public network IP address, the servers in the load balancing cluster uniformly use the preset public network IP address as the source address of the probe message for detecting whether the servers of the tenants in the VPC operate normally.
In the embodiment of the application, since the public network IP address is an address which can be perceived by all tenants, the load balancing server can use the same public network IP address as the source address of the detection message of the server of a plurality of tenants, thereby reducing the occupation of the address and saving the cost of the address.
In one possible implementation manner, each server in the load balancing cluster uses a different source port as a source port of a probe message for detecting whether a server of a tenant in the VPC is operating normally.
In the embodiment of the application, since the source addresses of the detection messages of the plurality of load balancing servers use the same address, in order to facilitate distinguishing which of the detection messages is sent by the load balancing server, the source ports of the detection messages of different load balancing servers are set to be different, so that detection connection is ensured not to conflict, and the response message of the detection message can be correctly returned to the load balancing server for sending the detection message.
In a second aspect, an embodiment of the present application discloses a method for checking health of a load balancing system, where the method is applied to checking health of a load balancing system in a virtual private cloud VPC, and the method includes:
the switch receives a first detection message sent by a first load balancing server; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the first load balancing server is a server in a load balancing cluster of the VPC;
The switch determines whether to forward the first detection message to the first server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant;
and the switch sends the first detection message to the first server under the condition that the source address of the first detection message is in the range of the source address of the detection message of the server which allows access to the first tenant.
In a third aspect, an embodiment of the present application discloses a method for checking health of a load balancing system, where the method is applied to checking health of a load balancing system in a virtual private cloud VPC, and the method includes:
the method comprises the steps that a first server receives a first detection message sent by an exchanger; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first detection message is sent to the switch by a first load balancing server, and the first load balancing server is a server in a load balancing cluster of the VPC;
And under the condition that the first server normally operates, the first server sends a response message to the first load balancing server according to the first detection message.
In a fourth aspect, an embodiment of the present application provides a load balancing server, where the load balancing server is a server in a load balancing cluster of a virtual private cloud VPC; the load balancing server includes:
the sending unit is used for sending the first detection message to the switch; the first detection message is used for detecting whether the first server normally operates or not; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the first server is a server of a first tenant, and the first tenant is a tenant in the VPC; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that is allowed to access the first tenant.
In one possible implementation manner, the source address of the probe message is one of addresses of VPC network segments supported by the first tenant, or a preset public network IP address.
In one possible implementation manner, the probe message source address is one of addresses of VPC network segments supported by the first tenant, which is determined according to the indication of the first tenant; or the source address of the probe message is a specific address in addresses of the VPC network segments supported by the first tenant.
In one possible implementation manner, the servers in the load balancing cluster uniformly use the same address as a source address of a probe message for detecting whether the servers of the first tenant are operating normally, where the same address is in a range of source addresses of probe messages allowed to access the servers of the first tenant, where the security group rule includes.
In one possible implementation manner, in a case that the source address of the probe message is the preset public network IP address, the servers in the load balancing cluster uniformly use the preset public network IP address as the source address of the probe message for detecting whether the servers of the tenants in the VPC operate normally.
In one possible implementation manner, each server in the load balancing cluster uses a different source port as a source port of a probe message for detecting whether a server of a tenant in the VPC is operating normally.
The advantages of the fourth aspect may correspond to those described with reference to the first aspect, and are not described here again.
In a fifth aspect, an embodiment of the present application provides a switch, where the switch is a switch in a VPC, and the switch includes:
the receiving unit is used for receiving a first detection message sent by the first load balancing server; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the first load balancing server is a server in a load balancing cluster of the VPC;
the determining unit is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant;
and the sending unit is used for sending the first detection message to the first server under the condition that the source address of the first detection message is in the range of the source address of the detection message of the server which allows access to the first tenant.
In a sixth aspect, an embodiment of the present application provides a server, where the server is a server of a first tenant in a virtual private cloud VPC, and the server includes:
the receiving unit is used for receiving the first detection message sent by the switch; the first detection message is used for detecting whether the server normally operates or not; the switch is used for determining whether to forward the first detection message to the server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first detection message is sent to the switch by a first load balancing server, and the first load balancing server is a server in a load balancing cluster of the VPC;
and the sending unit is used for sending a response message to the first load balancing server according to the first detection message under the condition that the server normally operates.
In a seventh aspect, an embodiment of the present application provides a load balancing server, where the load balancing server is a server in a load balancing cluster of a virtual private cloud VPC; the load balancing server comprises a processor, a memory and a communication interface; the memory and the communication interface are coupled with the processor, the memory stores a computer program, and the processor calls the computer program to execute the following operations:
Sending a first detection message to a switch through the communication interface; the first detection message is used for detecting whether the first server normally operates or not; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the first server is a server of a first tenant, and the first tenant is a tenant in the VPC; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first load balancing server is a server in a load balancing cluster of the VPC.
In one possible implementation manner, the source address of the probe message is one of addresses of VPC network segments supported by the first tenant, or a preset public network IP address.
In one possible implementation manner, the probe message source address is one of addresses of VPC network segments supported by the first tenant, which is determined according to the indication of the first tenant; or the source address of the probe message is a specific address in addresses of the VPC network segments supported by the first tenant.
In one possible implementation manner, the servers in the load balancing cluster use the same address as a source address of a probe message for detecting whether the servers of the first tenant function normally, where the same address is within a range of source addresses of probe messages allowed to access the servers of the first tenant, where the security group rule includes.
In one possible implementation manner, in a case that the source address of the probe message is the preset public network IP address, the servers in the load balancing cluster uniformly use the preset public network IP address as the source address of the probe message for detecting whether the servers of the tenants in the VPC operate normally.
In one possible implementation manner, each server in the load balancing cluster uses a different source port as a source port of a probe message for detecting whether a server of a tenant in the VPC is operating normally.
The advantages of the seventh aspect may correspond to those described with reference to the first aspect, and are not described here again.
In an eighth aspect, an embodiment of the present application provides a switch, where the switch is a switch in a virtual private cloud VPC; the switch includes a processor, a memory, and a communication interface; the memory and the communication interface are coupled with the processor, the memory stores a computer program, and the processor calls the computer program to execute the following operations:
Receiving a first detection message sent by a first load balancing server through the communication interface; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the first load balancing server is a server in a load balancing cluster of the VPC;
determining whether to forward the first detection message to the first server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant;
and sending the first detection message to the first server through the communication interface under the condition that the source address of the first detection message is in the range of the source address of the detection message of the server which allows access to the first tenant.
In a ninth aspect, an embodiment of the present application provides a server, where the server is a server of a first tenant in a virtual private cloud VPC; the server comprises a processor, a memory and a communication interface; the memory and the communication interface are coupled with the processor, the memory stores a computer program, and the processor calls the computer program to execute the following operations:
Receiving a first detection message sent by a switch through the communication interface; the first detection message is used for detecting whether the server normally operates or not; the switch is used for determining whether to forward the first detection message to the server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first detection message is sent to the switch by a first load balancing server, and the first load balancing server is a server in a load balancing cluster of the VPC;
and under the condition that the server normally operates, sending a response message to the first load balancing server through the communication interface according to the first detection message.
In a tenth aspect, embodiments of the present application provide a computer readable storage medium storing a computer program for execution by a processor to implement the method of any one of the first aspects above.
In an eleventh aspect, embodiments of the present application provide a computer readable storage medium storing a computer program, where the computer program is executed by a processor to implement the method of the second aspect.
In a twelfth aspect, embodiments of the present application provide a computer readable storage medium storing a computer program, where the computer program is executed by a processor to implement the method described in the third aspect.
In a thirteenth aspect, embodiments of the present application disclose a computer program that, when executed on a computer, causes the computer to implement a method as described in any of the first aspects above.
In a fourteenth aspect, embodiments of the present application disclose a computer program that, when executed on a computer, causes the computer to implement the method of the second aspect.
In a fifteenth aspect, embodiments of the present application disclose a computer program that, when executed on a computer, causes the computer to implement the method of the third aspect.
In a sixteenth aspect, embodiments of the present application provide a computer program product, which when read and executed by a computer, performs the method according to any one of the first aspects.
In a seventeenth aspect, embodiments of the present application provide a computer program product, which when read and executed by a computer, performs the method according to the second aspect.
In an eighteenth aspect, embodiments of the present application provide a computer program product, which when read and executed by a computer, performs the method according to the third aspect.
In summary, compared with the prior art that the probe message is determined by the security group rule configured by default on the virtual switch to determine whether to forward to the server of the back-end tenant, in the embodiment of the present application, the probe message is determined by the security group rule configured by the tenant on the virtual switch to forward to the server of the back-end tenant, so that the tenant can completely control the information flow entering and exiting the back-end server, thereby reducing the potential safety hazard and improving the security. In addition, the embodiment of the application can detect a plurality of servers by using the same address, thereby reducing the occupation of the address and saving the cost of the address.
Drawings
The drawings that are used as needed in the embodiments of the present application will be described below.
Fig. 1 is a schematic diagram of a scenario where a health checking method of a load balancing system provided in an embodiment of the present disclosure is applicable;
fig. 2 is a flow chart of a health checking method of the load balancing system according to the embodiment of the present disclosure;
Fig. 3 is a schematic logic structure diagram of a load balancing server according to an embodiment of the present disclosure;
fig. 4 is a schematic logic structure diagram of a switch according to an embodiment of the present disclosure;
fig. 5 is a schematic logic structure diagram of a server according to an embodiment of the present disclosure;
fig. 6 is a schematic hardware structure diagram of a load balancing server according to an embodiment of the present disclosure;
fig. 7 is a schematic hardware structure of a switch according to an embodiment of the present disclosure;
fig. 8 is a schematic hardware structure of a server according to an embodiment of the present disclosure.
Detailed Description
The following describes the technical solutions in the embodiments of the present application with reference to the accompanying drawings.
In order to better understand the health checking method of the load balancing system provided by the embodiment of the present invention, a scenario to which the embodiment of the present invention is applicable is described in the following by way of example. Referring to fig. 1, fig. 1 is a schematic diagram of a system architecture of a method for checking health of a load balancing system according to an embodiment of the present invention. As shown in fig. 1, the system architecture may include a load balancing cluster 100, one or more switches 110, and one or more tenants 120, wherein:
the load balancing cluster 100 includes a plurality of load balancing servers 101, and the load balancing servers 101 may distribute access traffic of clients (not shown in fig. 1) to a plurality of servers (such as the server 121 in fig. 1) of the back end of the corresponding tenant according to a forwarding policy, so as to implement a traffic distribution control service. Load balancing can expand service capacity of an application system outside through flow distribution, and usability of the application system is improved through eliminating single-point faults. In a specific embodiment, the access request sent by the client arrives at the load balancing server 100 first, and the load balancing server 100 determines, according to the forwarding policy, to which backend server (the backend server may be, for example, the server 121 in fig. 1) needs to send the access request, where the backend server is configured to respond to the access request. The load balancing server 100 then sends the access request to the backend server. Then, in order to ensure that the backend servers that received the access request can all function properly, the load balancing server 100 needs to check periodically whether these backend servers function properly. When the access request of the client is forwarded, the access request is forwarded to the back-end server which works normally for response, so that the normal provision of the response service is ensured.
Alternatively, in the virtual private cloud, the load balancing server 101 may be a cloud server, or may also be a physical server.
The switch 110 may be used to route messages sent by the load balancing server 101 to a target server under a target tenant. Alternatively, in the virtual private cloud, the switch 110 may be a virtual switch (vSwitch), or may also be a physical switch.
Each tenant 120 may include one or more servers 121, which may be referred to as backend servers, that are servers for responding to access requests by clients (not shown in fig. 1). Alternatively, in the virtual private cloud, the server 121 may be a Virtual Machine (VM) or a physical server.
It should be noted that, the usage scenario of the method for checking the health of the load balancing system provided in the embodiment of the present application is not limited to the scenario described above, and any scenario applicable to the embodiment of the present application is any scenario applicable to the method for checking the health of the load balancing system provided in the embodiment of the present application, and will not be described herein.
The following provides a health checking method of a load balancing system, which can be applied to the system architecture shown in fig. 1. Referring to fig. 2, the method includes, but is not limited to, the steps of:
Step 201, a first load balancing server sends a first detection message to a switch; the first detection message is used for detecting whether the first server operates normally or not.
In a specific embodiment, the first server may be a backend server that responds to access requests of clients. The first server may be any one of the first tenants. The first tenant may be any one of one or more tenants included in the virtual private cloud VPC.
The first load balancing server may be any one of a plurality of servers included in the load balancing cluster of the VPC. The first load balancing server may be a cloud server or may also be a physical server, which is specifically determined according to an actual situation, and the scheme is not limited in this regard.
The first load balancing server checks whether the first server operates normally by sending a detection message (i.e., the first detection message may be sent to the switch and forwarded by the switch) to the first server. The first detection message may be a TCP message, a UDP message, an ICMP message, or the like. The specific protocol under which the first detection message is determined according to the actual situation, and the scheme does not limit the specific protocol.
S202, the switch determines whether to forward the first detection message to the first server according to a configured security group rule, wherein the security group rule comprises a detection message source address of a server allowing access to the first tenant.
In a specific embodiment, a security group rule is configured in the switch, where the security group rule is configured according to the indication of the first tenant. Illustratively, a tenant's management server may be in interactive communication with the switch, and the tenant's management server may configure the security group rules on the switch as directed by the tenant. After the configuration is completed, the management server of the tenant side can inquire and display the configured security group rule.
The security group rule includes a probe message source address of a server allowed to access the first tenant. That is, in the probe message received by the switch, only if the source address of the probe message is within the range of the source address of the probe message included in the security rule and allowing access to the server of the first tenant, the switch forwards the corresponding message to the server of the first tenant pointed by the destination address of the message. Probe messages that are not within this range cannot be forwarded to the server of the first tenant. I.e. addresses that are not within this range cannot access the server of the first tenant.
After the switch receives the first detection message, the switch may first analyze the first detection message to obtain a source address and a destination address of the first detection message, and then compare the source address with a detection message source address of a server allowed to access the first tenant in the security group rule to determine whether the source address of the first detection message is within a range of the detection message source address of the server allowed to access the first tenant included in the security rule.
S203, the switch sends the first detection message to the first server under the condition that the source address of the first detection message is in the range of the source address of the detection message of the server which allows access to the first tenant.
In a specific embodiment, if the comparison result indicates that the source address of the first probe packet is within the range of the source address of the probe packet of the server that allows access to the first tenant, the switch may repackage the first probe packet, and send the first probe packet to the first server according to the destination address of the first probe packet.
S204, the first server receives the first detection message.
S205, under the condition that the first server normally operates, the first server sends a response message to the switch according to the first detection message.
S206, the switch receives the response message.
S207, the switch sends the response message to the first load balancing server.
In a specific embodiment, after the first server receives the first detection message, if the first server is operating normally, the first server generates a response message according to the first detection message, and then sends the response message to the switch, and the response message is forwarded to the first load balancing server by the switch.
After the load balancing server receives the response message, it can be determined that the first server has no fault and is operating normally. Thus, the first load balancing server may continue to send access requests of clients to the first server.
Compared with the prior art that the detection message is determined whether to be forwarded to the server of the back-end tenant through the security group rule configured by default on the virtual switch, in the embodiment of the invention, the detection message is determined whether to be forwarded to the server of the back-end tenant through the security group rule configured by the tenant on the virtual switch, so that the tenant can completely control the information flow entering and exiting the back-end server, thereby reducing potential safety hazards and improving safety.
In one possible implementation manner, if the first server fails, the first load balancing server does not receive a response message of the first server. At this time, the first load balancing server may send the detection message to the first server again, and if no response message is received by the detection message sent for a preset number of times, the first load balancing server may determine that the first server fails. Then, during the failure of the first server, the first load balancing server will not send the access request of the client to the first server.
In one possible implementation manner, the source address of the probe packet allowed to access the server of the first tenant included in the security group rule may be one of addresses of VPC network segments supported by the first tenant, or a preset public network IP address. That is, the source address of the first detection message sent by the first load balancing server to the first server may be set to one of the addresses of the VPC network segments supported by the first tenant, or the preset public network IP address.
Optionally, the address of the VPC network segment supported by the tenant to which the first server belongs may include an address of any part of the 10.0.0.0/8-24 network segments, the 172.16.0.0/12-24 network segments, and the 192.168.0.0/16-24 network segments.
Compared with the prior art that addresses of address segments used by a cloud infrastructure, such as addresses of 100.X.x.x/10 address segments, cannot be perceived by a tenant, in the embodiment of the present application, the source address of the probe packet of the health check of the load balancing system uses the address of the VPC network segment or the public IP address of the tenant, which can be perceived by the tenant, that is, the flow entering and exiting the backend server of the tenant can be controlled through the security group rule configured by the tenant.
In addition, since the source address of the probe packet in the prior art uses the address used by the cloud infrastructure, the tenant cannot perceive the address, if there are multiple network cards in the server of the tenant, in order to send the response packet Wen Zhengque of the probe packet to the load balancing server that sends the probe packet, the response packet needs to be sent out from a specific network card, because different network cards correspond to different networks, and if the network card selection is wrong, the response packet cannot return correctly. Therefore, an additional route needs to be configured in the server of the tenant, so that the tenant can perceive the route, and thus correctly return the response message, and the additional configured route increases the burden of the server. In the embodiment of the application, the source address of the probe message uses an address which can be perceived by the tenant, and no additional configuration of a route in the server of the tenant is needed, so that the burden of the server is reduced.
The following describes two configuration cases of the source address of the first detection message.
In the first case, the source address of the first detection message is configured as one of addresses of the tenant to which the first server belongs, that is, the VPC network segment supported by the first tenant.
In this case, in a specific embodiment, the source address of the first detection packet may be determined according to the indication of the tenant to which the first server belongs, that is, from the perspective of the tenant, it is the source address of the first detection packet that may be specified by the tenant. Alternatively, the source address of the first probe packet may be a specific address in the addresses of the VPC network segment, for example, may be a third address in the addresses of the VPC network segment, and so on. For example, assuming that the VPC network segment is 10.0.0.0/8, the source address of the first probe message may be configured to be 10.0.0.3/32.
In a specific embodiment, if the server of the tenant includes a plurality of servers, the load balancing server needs to check the health status of the plurality of servers, i.e. check whether the plurality of servers are working properly. The load balancing server may send the detection message to the plurality of servers of the tenant respectively.
In one possible implementation manner, if the VPC includes multiple tenants, addresses of VPC network segments supported by each tenant are different. The load balancing server uses the addresses of the VPC network segments supported by the corresponding tenants as the source addresses of the detection messages respectively. Illustratively, it is assumed that the VPC includes two tenants, referred to as a first tenant and a second tenant, respectively, whose supported VPC network segment addresses are a first network segment address and a second network segment address, respectively. And when the load balancing server needs to check the health condition of the server of the first tenant, using the address in the first network segment address as the source address of the detection message. Similarly, when the load balancing server needs to check the health condition of the server of the second tenant, the address in the second network segment address is used as the source address of the detection message. Here, the number of tenants included in the VPC is determined according to the specific situation, and the present solution does not limit this.
Of course, each of the plurality of tenants included in the VPC is configured with a security group rule on a corresponding switch, which allows the address of the VPC network segment supported by the tenant to access the server of the tenant. Illustratively, the first tenant configures, in the corresponding switch, a security group rule that allows the first network segment address to access the server of the tenant, and the second tenant configures, in the corresponding switch, a security group rule that allows the second network segment address to access the server of the tenant, and so on.
In addition, for checking the health of the servers of the same tenant, the plurality of load balancing servers included in the load balancing server cluster use the same address as the source address of the probe message. For example, for health checking of servers in the first tenant, each of the plurality of load balancing servers uses a same one of the first network segment addresses as a source address of the probe message.
Due to the health check of servers of the same tenant, the plurality of load balancing servers included in the load balancing server cluster use the same address as the source address of the probe message. In order to accurately send a response message to a load balancing server which sends a detection message after a server of a tenant receives the detection message, source ports of the detection messages sent by each load balancing server in the plurality of load balancing servers are different. In this way, the server of the tenant can correspondingly send the response message to different load balancing servers according to different source ports. The probe message source port used by each load balancing server is pre-configured. Illustratively, the probe message source port used by each load balancing server may be preconfigured by the cloud management platform of the VPC described above.
In the second case, the source address of the first detection message is configured as a preset public network IP address.
In this case, even if the VPC includes a plurality of tenants, the plurality of load balancing servers included in the load balancing server cluster use the preset public IP address as a source address of the probe message when sending the probe message to the servers of the plurality of tenants. That is, the source addresses of probe messages sent by each of the plurality of load balancing servers included in the load balancing server cluster to the servers of the plurality of tenants are the same.
Similarly, after receiving the detection message, the server of the tenant can accurately send the response message to the load balancing server sending the detection message, and the source ports of the detection messages sent by each load balancing server in the plurality of load balancing servers are different. In this way, the server of the tenant can correspondingly send the response message to different load balancing servers according to different source ports. The probe message source port used by each load balancing server is pre-configured. Illustratively, the probe message source port used by each load balancing server may be preconfigured by the cloud management platform of the VPC described above.
Of course, each of the plurality of tenants included in the VPC is configured with a security group rule that allows the preset public network IP address to access the server of the tenant on the corresponding switch.
In summary, the embodiment of the application can use the same address to probe a plurality of servers, thereby reducing the occupation of the address and saving the overhead of the address.
The health check method of the load balancing system provided by the embodiment of the application is mainly introduced from the angles of interaction of the load balancing server, the switch and the server of the tenant. It will be appreciated that each device, such as a load balancing server or the like, includes corresponding hardware structures and/or software modules that perform each function in order to achieve the corresponding functions described above. Those of skill in the art will readily appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is implemented as hardware or computer software driven hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The embodiment of the application may divide the functional modules of the load balancing server according to the above method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one module. The integrated modules may be implemented in hardware or in software functional modules. It should be noted that, in the embodiment of the present application, the division of the modules is schematic, which is merely a logic function division, and other division manners may be implemented in actual implementation.
Fig. 3 shows a schematic logic structure of a load balancing server provided in the embodiment of the present application, where each functional module is divided by using each corresponding function, and the load balancing server may be the first load balancing server. The load balancing server 300 includes:
a sending unit 301, configured to send a first detection message to a switch; the first detection message is used for detecting whether the first server normally operates or not; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the first server is a server of a first tenant, and the first tenant is a tenant in the VPC; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that is allowed to access the first tenant.
In one possible implementation manner, the source address of the probe message is one of addresses of VPC network segments supported by the first tenant, or a preset public network IP address.
In one possible implementation manner, the probe message source address is one of addresses of VPC network segments supported by the first tenant, which is determined according to the indication of the first tenant; or the source address of the probe message is a specific address in addresses of the VPC network segments supported by the first tenant.
In one possible implementation manner, the servers in the load balancing cluster uniformly use the same address as a source address of a probe message for detecting whether the servers of the first tenant are operating normally, where the same address is in a range of source addresses of probe messages allowed to access the servers of the first tenant, where the security group rule includes.
In one possible implementation manner, in a case that the source address of the probe message is the preset public network IP address, the servers in the load balancing cluster uniformly use the preset public network IP address as the source address of the probe message for detecting whether the servers of the tenants in the VPC operate normally.
In one possible implementation manner, each server in the load balancing cluster uses a different source port as a source port of a probe message for detecting whether a server of a tenant in the VPC is operating normally.
The beneficial effects of the foregoing embodiments may be referred to the corresponding descriptions in the foregoing method embodiment described in fig. 2, and are not repeated herein.
Fig. 4 shows a schematic logic structure of a switch provided in an embodiment of the present application, where each functional module is divided by corresponding each function, where the switch may be a switch described in the foregoing method embodiment. The switch 400 includes:
a receiving unit 401, configured to receive a first detection message sent by a first load balancing server; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the first load balancing server is a server in a load balancing cluster of the VPC;
a determining unit 402, configured to determine whether to forward the first detection message to the first server according to a configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that is allowed to access the first tenant.
A sending unit 403, configured to send the first probe packet to the first server when the source address of the first probe packet is within the range of the source address of the probe packet of the server that allows access to the first tenant.
Fig. 5 shows a schematic logic structure of a server provided in an embodiment of the present application, where each functional module is divided by using each corresponding function, and the server may be the first server described in the foregoing method embodiment. The server 500 includes:
a receiving unit 501, configured to receive a first detection message sent by an exchange; the first detection message is used for detecting whether the server normally operates or not; the switch is used for determining whether to forward the first detection message to the server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first detection message is sent to the switch by a first load balancing server, and the first load balancing server is a server in a load balancing cluster of the VPC;
And the sending unit 502 is configured to send a response message to the first load balancing server according to the first detection message under the condition that the server normally operates.
Fig. 6 is a schematic hardware structure diagram of a load balancing server according to an embodiment of the present application. The load balancing server 600 includes: a processor 601, a memory 602 and a communication interface 603. The processor 601, the communication interface 603 and the memory 602 may be connected to each other or to each other via a bus 604.
By way of example, memory 602 is used to store computer programs and data for device 600, and memory 602 may include, but is not limited to, random access memory (random access memory, RAM), read-only memory (ROM), erasable programmable read-only memory (erasable programmable read only memory, EPROM), or portable read-only memory (compact disc read-only memory, CD-ROM), etc. The communication interface 603 is used to support communication by the device 600, for example, receiving or transmitting data.
By way of example, the processor 601 may be a central processing unit, a general purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. A processor may also be a combination that performs the function of a computation, e.g., including one or more microprocessors, a combination of digital signal processors and microprocessors, and so forth. The processor 601 may be configured to read the program stored in the memory 602, and perform the operations performed by the load balancing server in fig. 2 and possible embodiments.
Fig. 7 is a schematic hardware structure of a switch according to an embodiment of the present application. The switch 700 includes: a processor 701, a memory 702 and a communication interface 703. The processor 701, the communication interface 703 and the memory 702 may be interconnected or interconnected by a bus 704.
By way of example, memory 702 is used to store computer programs and data for device 700, and memory 702 may include, but is not limited to, random access memory (random access memory, RAM), read-only memory (ROM), erasable programmable read-only memory (erasable programmable read only memory, EPROM), or portable read-only memory (compact disc read-only memory, CD-ROM), and the like. The communication interface 703 is used to support communication by the device 700, such as receiving or transmitting data.
By way of example, the processor 701 may be a central processing unit, a general purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. A processor may also be a combination that performs the function of a computation, e.g., including one or more microprocessors, a combination of digital signal processors and microprocessors, and so forth. The processor 701 may be configured to read the program stored in the memory 702 and perform the operations performed by the switch in fig. 2 and possible embodiments.
Fig. 8 is a schematic hardware structure of a server according to an embodiment of the present application. The server 800 includes: a processor 801, a memory 802, and a communication interface 803. The processor 801, the communication interface 803, and the memory 802 may be connected to each other or to each other through a bus 804.
By way of example, memory 802 is used to store computer programs and data for device 800, and memory 802 may include, but is not limited to, random access memory (random access memory, RAM), read-only memory (ROM), erasable programmable read-only memory (erasable programmable read only memory, EPROM), or portable read-only memory (compact disc read-only memory, CD-ROM), etc. The communication interface 803 is used to support communication by the device 800, such as receiving or transmitting data.
By way of example, the processor 801 may be a central processing unit, a general purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. A processor may also be a combination that performs the function of a computation, e.g., including one or more microprocessors, a combination of digital signal processors and microprocessors, and so forth. The processor 801 may be configured to read the program stored in the memory 802 and perform the operations performed by the first server in fig. 2 and possible embodiments.
Embodiments of the present application also provide a computer readable storage medium storing a computer program that is executed by a processor to implement the operations performed by the load balancing server in the method described above in fig. 2 and possible embodiments.
The present embodiments also provide a computer readable storage medium storing a computer program that is executed by a processor to implement the operations performed by the switch in the method of fig. 2 and possible embodiments.
Embodiments of the present application also provide a computer readable storage medium storing a computer program for execution by a processor to perform the operations performed by the first server in the method described above in fig. 2 and possible embodiments.
The embodiment of the application also discloses a computer program, which when executed on a computer, causes the computer to implement the operations performed by the load balancing server, the switch or the first server in the method described in fig. 2 and the possible embodiments.
The embodiments of the present application further provide a computer program product, where when the computer program product is read and executed by a computer, the operations performed by the load balancing server, the switch, or the first server in the method described in fig. 2 and the possible embodiments are implemented.
In summary, compared with the prior art that the probe message is determined by the security group rule configured by default on the virtual switch to determine whether to forward to the server of the back-end tenant, in the embodiment of the present application, the probe message is determined by the security group rule configured by the tenant on the virtual switch to forward to the server of the back-end tenant, so that the tenant can completely control the information flow entering and exiting the back-end server, thereby reducing the potential safety hazard and improving the security. In addition, the embodiment of the application can detect a plurality of servers by using the same address, thereby reducing the occupation of the address and saving the cost of the address.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.

Claims (20)

1. A method of health checking of a load balancing system, the method being applied to health checking of a load balancing system in a virtual private cloud, VPC, the method comprising:
the first load balancing server sends a first detection message to the switch; the first detection message is used for detecting whether the first server normally operates or not; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the first server is a server of a first tenant, and the first tenant is a tenant in the VPC; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first load balancing server is a server in a load balancing cluster of the VPC.
2. The method of claim 1, wherein the probe message source address is one of an address of a VPC network segment supported by the first tenant, or a preset public network IP address.
3. The method of claim 2, wherein the probe message source address is one of the addresses of VPC network segments supported by the first tenant determined from the indication of the first tenant; or the source address of the probe message is a specific address in addresses of the VPC network segments supported by the first tenant.
4. A method according to any of claims 1 to 3, wherein servers in the load balancing cluster use the same address as the source address of the probe message for detecting whether the servers of the first tenant are functioning properly, the same address being within a range of probe message source addresses included by the security group rules for allowing access to the servers of the first tenant.
5. The method according to claim 2, wherein, in the case that the source address of the probe message is the preset public network IP address, servers in the load balancing cluster uniformly use the preset public network IP address as the source address of the probe message for detecting whether the server of the tenant in the VPC operates normally.
6. A method according to any of claims 1 to 3, wherein each server in the load balancing cluster uses a different source port as the source port of the probe message for probing whether the servers of the tenants in the VPC are operating properly.
7. A method of health checking of a load balancing system, the method being applied to health checking of a load balancing system in a virtual private cloud, VPC, the method comprising:
The switch receives a first detection message sent by a first load balancing server; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the first load balancing server is a server in a load balancing cluster of the VPC;
the switch determines whether to forward the first detection message to the first server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant;
and the switch sends the first detection message to the first server under the condition that the source address of the first detection message is in the range of the source address of the detection message of the server which allows access to the first tenant.
8. A method of health checking of a load balancing system, the method being applied to health checking of a load balancing system in a virtual private cloud, VPC, the method comprising:
the method comprises the steps that a first server receives a first detection message sent by an exchanger; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first detection message is sent to the switch by a first load balancing server, and the first load balancing server is a server in a load balancing cluster of the VPC;
And under the condition that the first server normally operates, the first server sends a response message to the first load balancing server according to the first detection message.
9. The load balancing server is characterized by being a server in a load balancing cluster of a Virtual Private Cloud (VPC); the load balancing server includes:
the sending unit is used for sending the first detection message to the switch; the first detection message is used for detecting whether the first server normally operates or not; the switch is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the first server is a server of a first tenant, and the first tenant is a tenant in the VPC; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that is allowed to access the first tenant.
10. The load balancing server of claim 9, wherein the probe message source address is one of an address of a VPC network segment supported by the first tenant, or a preset public network IP address.
11. The load balancing server of claim 10, wherein the probe message source address is one of the addresses of the VPC network segments supported by the first tenant determined from the indication of the first tenant; or the source address of the probe message is a specific address in addresses of the VPC network segments supported by the first tenant.
12. The load balancing server according to any of claims 9 to 11, wherein servers in the load balancing cluster uniformly use the same address as a source address of a probe message for detecting whether the server of the first tenant is operating normally, the same address being within a range of probe message source addresses included in the security group rule for allowing access to the server of the first tenant.
13. The load balancing server according to claim 10, wherein, in the case that the source address of the probe message is the preset public network IP address, the servers in the load balancing cluster uniformly use the preset public network IP address as the source address of the probe message for detecting whether the server of the tenant in the VPC operates normally.
14. The load balancing server of any one of claims 9 to 11, wherein each server in the load balancing cluster uses a different source port as the source port of the probe message for probing whether the servers of the tenants in the VPC are functioning properly.
15. A switch, wherein the switch is a switch in a virtual private cloud, VPC, the switch comprising:
the receiving unit is used for receiving a first detection message sent by the first load balancing server; the first detection message is used for detecting whether a first server normally operates, the first server is a server of a first tenant, and the first tenant is the tenant in the VPC; the first load balancing server is a server in a load balancing cluster of the VPC;
the determining unit is used for determining whether to forward the first detection message to the first server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant;
and the sending unit is used for sending the first detection message to the first server under the condition that the source address of the first detection message is in the range of the source address of the detection message of the server which allows access to the first tenant.
16. A server, wherein the server is a server of a first tenant in a virtual private cloud VPC, the server comprising:
The receiving unit is used for receiving the first detection message sent by the switch; the first detection message is used for detecting whether the server normally operates or not; the switch is used for determining whether to forward the first detection message to the server according to the configured security group rule; the security group rule is configured according to the indication of the first tenant; the security group rule includes a probe message source address of a server that allows access to the first tenant; the first detection message is sent to the switch by a first load balancing server, and the first load balancing server is a server in a load balancing cluster of the VPC;
and the sending unit is used for sending a response message to the first load balancing server according to the first detection message under the condition that the server normally operates.
17. A load balancing server, wherein the load balancing server comprises a processor, a memory and a communication interface; the memory and the communication interface are coupled to the processor, the memory storing a computer program, the processor executing the computer program to implement the method of any one of claims 1 to 6.
18. A switch, the switch comprising a processor, a memory, and a communication interface; the memory and the communication interface are coupled to the processor, the memory storing a computer program, the processor executing the computer program to implement the method of claim 7.
19. A server, wherein the server comprises a processor, a memory, and a communication interface; the memory and the communication interface are coupled to the processor, the memory storing a computer program, the processor executing the computer program to implement the method of claim 8.
20. A computer readable storage medium, characterized in that it stores a computer program that is executed by a processor to implement the method of any one of claims 1 to 6 or claim 7 or claim 8.
CN201911341247.9A 2019-12-23 2019-12-23 Health check method of load balancing system and related equipment Active CN113098728B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911341247.9A CN113098728B (en) 2019-12-23 2019-12-23 Health check method of load balancing system and related equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911341247.9A CN113098728B (en) 2019-12-23 2019-12-23 Health check method of load balancing system and related equipment

Publications (2)

Publication Number Publication Date
CN113098728A CN113098728A (en) 2021-07-09
CN113098728B true CN113098728B (en) 2023-12-19

Family

ID=76663939

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911341247.9A Active CN113098728B (en) 2019-12-23 2019-12-23 Health check method of load balancing system and related equipment

Country Status (1)

Country Link
CN (1) CN113098728B (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104935672A (en) * 2015-06-29 2015-09-23 杭州华三通信技术有限公司 High available realizing method and equipment of load balancing service
CN105208053A (en) * 2014-06-16 2015-12-30 中兴通讯股份有限公司 Method for realizing load balance, device and load balance service system
CN105391771A (en) * 2015-10-16 2016-03-09 张陵 Multi-tenant-oriented cloud network architecture
CN106209563A (en) * 2016-08-07 2016-12-07 付宏伟 A kind of cloud computing platform network virtualization implementation method and accordingly plug-in unit and agency
CN106797405A (en) * 2016-12-14 2017-05-31 华为技术有限公司 Distributed load equalizing system, health examination method and service node
CN106789542A (en) * 2017-03-03 2017-05-31 清华大学 A kind of implementation method of cloud data center security service chain
CN109451084A (en) * 2018-09-14 2019-03-08 华为技术有限公司 A kind of service access method and device
CN109831468A (en) * 2017-11-23 2019-05-31 北京金山云网络技术有限公司 Load-balancing method, device, electronic equipment and storage medium
CN110177028A (en) * 2019-05-30 2019-08-27 北京字节跳动网络技术有限公司 Distributed health examination method and device
CN110392108A (en) * 2019-07-23 2019-10-29 浪潮云信息技术有限公司 A kind of public cloud Network Load Balance system architecture and implementation method
CN110581855A (en) * 2019-09-12 2019-12-17 中国工商银行股份有限公司 Application control method and device, electronic equipment and computer readable storage medium

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105208053A (en) * 2014-06-16 2015-12-30 中兴通讯股份有限公司 Method for realizing load balance, device and load balance service system
CN104935672A (en) * 2015-06-29 2015-09-23 杭州华三通信技术有限公司 High available realizing method and equipment of load balancing service
CN105391771A (en) * 2015-10-16 2016-03-09 张陵 Multi-tenant-oriented cloud network architecture
CN106209563A (en) * 2016-08-07 2016-12-07 付宏伟 A kind of cloud computing platform network virtualization implementation method and accordingly plug-in unit and agency
CN106797405A (en) * 2016-12-14 2017-05-31 华为技术有限公司 Distributed load equalizing system, health examination method and service node
CN106789542A (en) * 2017-03-03 2017-05-31 清华大学 A kind of implementation method of cloud data center security service chain
CN109831468A (en) * 2017-11-23 2019-05-31 北京金山云网络技术有限公司 Load-balancing method, device, electronic equipment and storage medium
CN109451084A (en) * 2018-09-14 2019-03-08 华为技术有限公司 A kind of service access method and device
CN110177028A (en) * 2019-05-30 2019-08-27 北京字节跳动网络技术有限公司 Distributed health examination method and device
CN110392108A (en) * 2019-07-23 2019-10-29 浪潮云信息技术有限公司 A kind of public cloud Network Load Balance system architecture and implementation method
CN110581855A (en) * 2019-09-12 2019-12-17 中国工商银行股份有限公司 Application control method and device, electronic equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN113098728A (en) 2021-07-09

Similar Documents

Publication Publication Date Title
Herker et al. Data-center architecture impacts on virtualized network functions service chain embedding with high availability requirements
CN102187315B (en) Methods and apparatus to get feedback information in virtual environment for server load balancing
CN110224860B (en) Load balancing application creation method and device, computer equipment and storage medium
CN110198226A (en) Access request processing method, system and readable medium in a kind of load balancing cluster
CN104579732A (en) Method, device and system for managing virtualized network function network elements
CN109510878B (en) Long connection session keeping method and device
CN101267334A (en) A method and device for dynamic device allocation
US11005968B2 (en) Fabric support for quality of service
US10009235B2 (en) Messaging queue spinning engine
US20170141951A1 (en) Multi-blade network traffic management apparatus with improved failure handling and methods thereof
US20190005224A1 (en) Trust Based Computing
US10855546B2 (en) Systems and methods for non-intrusive network performance monitoring
US10530634B1 (en) Two-channel-based high-availability
US10592374B2 (en) Remote service failure monitoring and protection using throttling
CN112003794B (en) Floating IP current limiting method, system, terminal and storage medium
CN113765801B (en) Message processing method and device applied to data center, electronic equipment and medium
KR20080008238A (en) Appratus and method for management of environment information in the multi processor system
CN113098728B (en) Health check method of load balancing system and related equipment
KR20080077966A (en) Method and system for registering a distributed service site
CN111818081A (en) Virtual encryption machine management method and device, computer equipment and storage medium
US20110075571A1 (en) Distributed virtual home agent for mobile internet protocol
US11709741B1 (en) Systems and methods for enabling a failover service for block-storage volumes
CN113010314B (en) Load balancing method and device and electronic equipment
CN114726796A (en) Flow control method, gateway and switch
CN114584515A (en) Endpoint notification of storage area network congestion

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20220207

Address after: 550025 Huawei cloud data center, jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guiyang City, Guizhou Province

Applicant after: Huawei Cloud Computing Technology Co.,Ltd.

Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen

Applicant before: HUAWEI TECHNOLOGIES Co.,Ltd.

SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant