CN113301090B - Storage system access method, device, equipment and storage medium - Google Patents

Storage system access method, device, equipment and storage medium Download PDF

Info

Publication number
CN113301090B
CN113301090B CN202010742004.2A CN202010742004A CN113301090B CN 113301090 B CN113301090 B CN 113301090B CN 202010742004 A CN202010742004 A CN 202010742004A CN 113301090 B CN113301090 B CN 113301090B
Authority
CN
China
Prior art keywords
storage system
identification information
target
access
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010742004.2A
Other languages
Chinese (zh)
Other versions
CN113301090A (en
Inventor
廖武钧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN202010742004.2A priority Critical patent/CN113301090B/en
Publication of CN113301090A publication Critical patent/CN113301090A/en
Application granted granted Critical
Publication of CN113301090B publication Critical patent/CN113301090B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding

Abstract

The invention discloses a storage system access method, a device, equipment and a storage medium, wherein the method comprises the following steps: receiving a first request sent by a first target access object, wherein the first request is used for requesting to connect to a storage system, and the first request comprises first identification information which is used for identifying the use authority of the first target access object on a disk in the storage system; determining whether the first identification information is matched with the preset identification information or not, and whether a second target object which is connected with the storage system already exists or not, so as to obtain a determination result; the method comprises the steps that preset identification information is used for identifying the use permission of an operation and maintenance tool on a disk in a storage system; and accessing the first target access object to the storage system according to the determination result. According to the embodiment of the invention, the access mode to the storage system can be more flexible.

Description

Storage system access method, device, equipment and storage medium
Technical Field
The present invention belongs to the field of computers, and in particular, relates to a storage system access method, device, equipment and storage medium.
Background
Currently, a server may store its data in a disk of a storage system, and typically, one server may mount a plurality of disks. The server establishes connection with the storage system through the access terminal software to store and read data from the disk mounted on the server, so that the operation of the server is supported. Similar to the server, a device accessing a disk may be considered an access terminal of a storage system.
In actual operation, the access end of the same disk is often changed. For example, when the device at the access terminal fails, the management and control system searches for another normal device as a new access terminal, and uses the normal device to rerun the work carried by the original device, at this time, the access terminal of the magnetic disk changes. In order to enable the new access terminal to have the right of possession of the disk, compared with the use right of the original access terminal to the disk, the management and control system can give the new access terminal higher use right to the disk, so that the new access terminal can preempt the disk of the original equipment, and the preemption mechanism of the disk is realized.
Based on the preemption mechanism, the access terminal accessing to the storage system is assumed to be a server, and when the server accesses a certain disk in the storage system, if the operation and maintenance tool also needs to access the disk, for example, the backup tool accesses the disk to backup data. In this case, the management and control system needs to give higher usage rights to the operation and maintenance tool, and the operation and maintenance tool can access to the storage system to realize access to the disk.
The operation and maintenance tool has higher use authority to the disk than the server, so that the operation and maintenance tool preempts the disk. However, the usage rights of the server become low, and if the server continues to access the storage system when the operation and maintenance tool finishes accessing the disk, the server needs to be given higher rights, otherwise, the server cannot access the storage system again, so that the access mode to the storage system is not flexible enough.
Disclosure of Invention
The embodiment of the invention provides a storage system access method, a storage system access device, storage system access equipment and a storage medium, which can solve the technical problem that the access mode of a storage system is not flexible enough.
In one aspect, an embodiment of the present invention provides a storage system access method, including:
receiving a first request sent by a first target access object, wherein the first request is used for requesting to connect to a storage system, and the first request comprises first identification information which is used for identifying the use authority of the first target access object on a disk in the storage system;
determining whether the first identification information is matched with preset identification information or not, and whether a second target object which is connected with the storage system already exists or not, so as to obtain a determination result; the preset identification information is used for identifying the use authority of the operation and maintenance tool on the disk in the storage system;
and accessing the first target access object to the storage system according to the determination result.
In another aspect, an embodiment of the present invention provides a storage system access device, including:
the first request receiving module is used for receiving a first request sent by a first target access object, wherein the first request is used for requesting to be connected to a storage system, and the first request comprises first identification information which is used for identifying the use permission of the first target access object on a disk in the storage system;
The determining module is used for determining whether the first identification information is matched with preset identification information or not and whether a second target object which is connected with the storage system already exists or not, so that a determining result is obtained; the preset identification information is used for identifying the use authority of the operation and maintenance tool on the disk in the storage system;
and the access module is used for accessing the first target access object to the storage system according to the determination result.
In yet another aspect, an embodiment of the present invention provides a storage system access device, including: a processor and a memory storing computer program instructions;
the processor implements the storage system access method described above when executing the computer program instructions.
In yet another aspect, an embodiment of the present invention provides a computer storage medium having stored thereon computer program instructions that, when executed by a processor, implement the storage system access method described above.
According to the storage system access method, the storage system access device, the storage system access equipment and the storage medium, specific preset identification information is allocated to the operation and maintenance tool in advance, and the preset identification information is used for identifying the use permission of the operation and maintenance tool on a disk in the storage system. Based on this, in the embodiment of the present invention, under the condition that a first request for requesting to connect to the storage system sent by the first target access object is received, it is determined whether the first identification information matches with the preset identification information, and whether there is a second target object that has established a connection with the storage system, so as to obtain a determination result. And then, accessing the first target access object to the storage system according to the determination result. Because the special preset identification information is allocated to the operation and maintenance tool in advance, a management and control system is not required to give higher use authority to the disk to the operation and maintenance tool, the authority of a server which is accessed before is not lowered due to the fact that the authority of the operation and maintenance tool is higher, and further, the higher authority is not required to be allocated to the server which is accessed to the storage system in the prior art, so that the access mode to the storage system is more flexible.
Drawings
In order to more clearly illustrate the technical solution of the embodiments of the present invention, the drawings that are needed to be used in the embodiments of the present invention will be briefly described, and it is possible for a person skilled in the art to obtain other drawings according to these drawings without inventive effort.
FIG. 1 is a schematic diagram of a preemption mechanism in the related art;
FIG. 2 is a schematic diagram of a system frame of a storage system access method according to an embodiment of the present invention;
FIG. 3 is a flow chart of a method for accessing a storage system according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a multiplexing mechanism in the related art;
fig. 5 to 10 are schematic diagrams of six storage system access methods according to an embodiment of the present invention;
FIG. 11 is a schematic diagram of a storage system access device according to an embodiment of the present invention;
fig. 12 is a schematic hardware structure of a storage system access device according to an embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings and the detailed embodiments. It should be understood that the specific embodiments described herein are merely configured to illustrate the invention and are not configured to limit the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the invention by showing examples of the invention.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
In the related art storage system, each disk in the storage system corresponds to one server. For example, each cloud disk in the cloud storage system corresponds to one cloud server, so that a plurality of cloud disks can be mounted on one cloud server, and the cloud server is used as a common disk to store and read data and support operation of the cloud server. Similar to the server, devices that access the storage system may be considered as access points to the storage system.
In actual operation, the access end of the same disk is often changed. For example, when the device at the access terminal fails, the management and control system searches for another normal device as a new access terminal, and uses the normal device to rerun the work carried by the original device, at this time, the access terminal of the magnetic disk changes.
Although the access terminal can be changed to a new device, if the original access terminal is abnormal during switching, for example, the original access terminal breaks the network, the management and control system cannot smoothly manage the original access terminal, so that the original access terminal always keeps occupied with the magnetic disk, or always tries to restore the connection with the magnetic disk. In order to ensure that the access terminal can be switched smoothly, the storage system often provides a preemption mechanism of the access terminal, and a new access terminal providing clear preemption information is allowed to take away the right of use of the disk.
In the related art, one notification manner of the preemption information is a version number mechanism: the management and control system grants a higher version number to the new access terminal, when the new access terminal applies for using the disk to the storage system, the storage system can compare the version number of the new access terminal with the version number of the existing access terminal, and the version number with a larger version number has the authority of legally using the disk.
Another way of notifying the preemption information may be: the management and control system directly informs the storage system of the position of the new access terminal, for example, the management and control system informs the storage system of the internet protocol (Internet Protocol, IP) address of the new access terminal, and the storage system can check whether the new access terminal is authorized or not based on the IP address of the new access terminal; or the management and control system maintains the authorization information of the disk and the new access terminal through a resource access control (Resource Access Management, RAM) service, and the storage system acquires whether the new access terminal is authorized or not based on the information provided by the RAM service.
The preemption mechanism of an access terminal is described below by way of an example.
As shown in fig. 1, the access terminal includes a target object and a storage system access device, where the target object may include a server (such as a cloud server) and an operation tool (such as a backup tool or a scan tool).
In one example, the storage system access device may be access side software that may run on a hosting physical server of the target object. In another example, the storage system access device may be hardware. In yet another example, the storage system access device may be implemented in a combination of software and hardware.
The version number of the target access object of the original access terminal is 3, and in order to enable the new access terminal to preempt the access of the target access object of the original access terminal to the disk a, a higher version number is given to the target access object of the new access terminal, and the version number of the target access object of the new access terminal is 4. The target access object of the new access terminal sends a request to the storage system through the storage system access device, and the request is used for accessing the storage system and accessing the disk A in the storage system. The storage system determines that the version number in the request (i.e. 4) is higher than the highest version number recorded by the storage system (i.e. 3), then a connection between the target access object of the new access terminal and the storage system is established. And the highest version number of the storage system record is replaced by 3 to 4.
After that, if the target access object of the original access terminal sends a request to the storage system through the storage system access device, the request is used for accessing the storage system and accessing the disk A therein. However, the storage system determines that the version number in the request (i.e., 3) is lower than the version number recorded by the storage system (i.e., 4), and then the storage system refuses to establish the connection between the original access terminal and the storage system. Therefore, the connection between the new access terminal and the storage system is established, so that the new access terminal preempts the disk A in the storage system.
Based on the preemption mechanism, the access terminal accessing to the storage system is assumed to be a server, and when the server accesses a certain disk in the storage system, if the operation and maintenance tool also needs to access the disk, for example, the backup tool accesses the disk to backup data. In this case, the management and control system needs to give higher usage rights to the operation and maintenance tool, and the operation and maintenance tool can access to the storage system to realize access to the disk.
The operation and maintenance tool has higher use authority to the disk than the server, so that the operation and maintenance tool preempts the disk. However, the usage rights of the server become low, and if the server continues to access the storage system when the operation and maintenance tool finishes accessing the disk, the server needs to be given higher rights, otherwise, the server cannot access the storage system again, so that the access mode to the storage system is not flexible enough.
In order to solve the problems in the prior art, the embodiment of the invention provides a storage system access method, a storage system access device, storage system access equipment and storage media. The following first describes a storage system access method provided by an embodiment of the present invention.
Before describing the storage system access method, a system frame of the storage system access method according to the embodiment of the present invention is described.
As shown in fig. 2, the first target access object requests connection to the storage system through the storage system access device. Specifically, the first target access object sends a first request for requesting to connect to the storage system, and the storage system access device grants or denies access to the storage system from the first target access object according to the first request.
As one example, a first target access object accessing a storage system includes: and establishing a connection between a target access object and the storage system.
As another example, the first target access object accessing the storage system includes: in case that other access objects than the first target access object have established a connection with the storage system, the first target access object multiplexes the connection between the other access objects and the storage system.
The following describes, by way of an example, a system framework of a storage system access method according to an embodiment of the present invention.
The first target access object is assumed to be a cloud server, the storage system access device is access terminal software, and the cloud server and the access terminal software are hosted on the same physical server.
The cloud server sends a first request for accessing the storage system to the access terminal software, the first request comprises a version number of the cloud server, the version number identifies the use authority of the cloud server on a disk in the storage system, if the version number is equal to or higher than the highest version number stored in the storage system, the cloud server has the use authority on the disk in the storage system, and otherwise, the cloud server does not have the use authority on the disk in the storage system.
And then the access terminal software agrees or refuses to access the cloud server to the storage system according to the version number of the cloud server and whether a second target object which is connected with the storage system exists.
Based on the system framework, a storage system access method is described below.
Fig. 3 is a flow chart illustrating a storage system access method according to an embodiment of the present invention. The storage system access method can be applied to a storage system access device, and the storage system access device can be realized by software, hardware or a combination of software and hardware. As one example, where the storage system access device is software, the storage system access device may be running on a hosting physical server of the first target access object.
As shown in fig. 3, the storage system access method includes:
step 102: receiving a first request sent by a first target access object, wherein the first request is used for requesting to connect to a storage system, and the first request comprises first identification information which is used for identifying the use authority of the first target access object on a disk in the storage system;
step 104: determining whether the first identification information is matched with the preset identification information or not, and whether a second target object which is connected with the storage system already exists or not, so as to obtain a determination result; the method comprises the steps that preset identification information is used for identifying the use permission of an operation and maintenance tool on a disk in a storage system;
step 106: and accessing the first target access object to the storage system according to the determination result.
In the embodiment of the invention, specific preset identification information is allocated to the operation and maintenance tool in advance, and the preset identification information is used for identifying the use authority of the operation and maintenance tool on the disk in the storage system. Based on this, in the embodiment of the present invention, under the condition that a first request for requesting to connect to the storage system sent by the first target access object is received, it is determined whether the first identification information matches with the preset identification information, and whether there is a second target object that has established a connection with the storage system, so as to obtain a determination result. And then, accessing the first target access object to the storage system according to the determination result. Because the special preset identification information is allocated to the operation and maintenance tool in advance, a management and control system is not required to give higher use authority to the disk to the operation and maintenance tool, the authority of a server which is accessed before is not lowered due to the fact that the authority of the operation and maintenance tool is higher, and further, the higher authority is not required to be allocated to the server which is accessed to the storage system in the prior art, so that the access mode to the storage system is more flexible.
The steps of the embodiments of the present invention are described below.
For step 102, in one or more embodiments, the first target access object may be a cloud server or an operation and maintenance tool for running the user program. The operation and maintenance tool can comprise at least one of the following: backup tool, scanning tool.
In one or more embodiments, the first identification information may be a version number, where the version number in the first request indicates a right of use of a disk in the storage system by the first target access object.
As an example, the version number in the first request is equal to or higher than the version number recorded by the storage system, which indicates that the first target access object has a right to use a disk in the storage system. The version number in the first request is lower than the version number recorded by the storage system, which indicates that the first target access object does not have the use right on the disk in the storage system.
For step 104, in one or more embodiments, the preset identification information is an operation and maintenance tool fixed identification information. The preset identification information of the operation and maintenance tool is not changed.
In one or more embodiments, the second target object may be a cloud server or an operation and maintenance tool for running the user program.
In one or more embodiments, the first identification information is a first version number and the preset identification information is a preset version number. The determining whether the first identification information is matched with the preset identification information may include:
detecting whether the first version number is consistent with a preset version number; under the condition that the first version number is consistent with the preset version number, determining that the first identification information is matched with the preset identification information; and under the condition that the first version number is inconsistent with the preset version number, determining that the first identification information is not matched with the preset identification information.
The first identification information is matched with the preset identification information, and the first target access object for sending the first request is an operation tool; the first identification information does not match with the preset identification information, which indicates that the first target access object sending the first request is not an operation and maintenance tool, for example, the first target access object is a cloud server for running the user program.
In one or more embodiments, the second target object and the first target access object may belong to the same access terminal, i.e. the second target object and the first target access object may host the same physical server.
Corresponding to step 106, before introducing the steps included in step 106, the multiplexing connection mechanism involved in step 106 is described.
One disk is usually allowed to initiate a single connection for read-write use by one access terminal, i.e. it is considered that one disk will be used on one access terminal at the same time.
In practical use, for one disk, there may be a case where multiple access objects of the access terminal are used simultaneously. For example, when a cloud disk is normally provided for a virtual machine, an operation and maintenance tool needs to read disk information at the same time, or when the virtual machine performs double-process hot upgrading, new and old virtual machine processes may need to temporarily share a disk connection.
So that in practice, multiple access objects are often allowed to multiplex connections. The storage system access device of the access terminal is connected with the storage system, and a plurality of access objects of the access terminal can read and write the magnetic disk in the storage system through the connection.
The access terminal has a real connection between the read and write, and multiple access objects of the access terminal multiplex the connection. The multiplexing of multiple access objects into one connection is described below by way of one example.
As shown in fig. 4, after the cloud server establishes a connection with the storage system through the storage system access device, the backup tool may use the connection to access the disks in the storage system. In this way, the cloud server and the backup tool multiplex one connection, which is the connection of the cloud server to the storage system.
However, the above multiplexing connection mechanism has the following drawbacks: among the plurality of access objects, the identification information of some of the access objects indicates that they do not have the right to use the disk in the storage system, but the access objects actually use the disk in the storage system through the multiplexed connection. Thus, there is a conflict between the meaning of the identification information representation of some access objects and the fact that the access objects are using disks in the storage system.
For example, the identification information is a version number, and the access object with the highest version number has been described as having the use right to the disk in the storage system in the preemption mechanism of the access terminal, however, in the multiplexing connection mechanism, the access object with the low version number may also use the disk in a multiplexing connection manner, so that the multiplexing connection mechanism and the preemption mechanism have a conflict.
In order to solve the technical problem of a conflict between the meaning of the identification information of some access objects and the disk in the storage system that the access objects actually use, in one or more embodiments, step 106 may include:
the determining result includes that the first identification information is not matched with the preset identification information, and if a second target object exists, second identification information of the second target object is obtained, wherein the second identification information is used for identifying the use permission of the second target object on a disk in the storage system;
Respectively matching the second identification information with the first identification information and preset identification information;
and allowing the first target access object to multiplex the connection of the second target object and the storage system under the condition that the second identification information is not matched with the preset identification information and the second identification information is matched with the first identification information, so that the first target access object is accessed to the storage system.
The various steps involved in step 106 are described below by way of one example.
As shown in fig. 5, it is assumed that there is a second target object connected to the storage system, the second identification information of the second target object is a version number K, the preset identification information specific to the operation and maintenance tool is a version number a, and the first identification information of the first target access object is a version number M.
It can be seen that the version number M of the first target access object does not coincide with the version number a specific to the operation tool, indicating that the first target access object sending the first request is not an operation tool. In the case that the version number M of the first target access object is the same as the version number K of the second target object, it is explained that the first target access object and the second target object have the same authority. In case the second target access object has access rights, the first target access object also has access rights. Thus, the first target access object is allowed to multiplex the connection of the second target object with the storage system. Therefore, the first target access object and the second target object which are accessed to the storage system have the same version number, the access of the access object with the lower version number to the storage system is avoided, and the principle that the access object with the highest version number can access the disk is not violated.
In the embodiment of the application, when the first target access object is not accessed but needs to access the disk system and the second target access object is already accessed to the disk system, the first target access object is allowed to multiplex the connection between the second target object and the storage system when the second identification information matches with the first identification information. Because the second identification information is matched with the first identification information, the first target access object and the second target access object have the same use authority of the disk in the storage system, and the second target access object has the use authority of the disk in the storage system, so that the second target access object also has the use authority of the disk in the storage system. Therefore, the technical problem that the conflict exists between the meaning of the identification information of some access objects and the disk in the storage system actually used by the access objects is solved.
In one or more embodiments, after the second identification information is respectively matched with the first identification information and the preset identification information, the storage system access method may further include:
and under the condition that the second identification information is not matched with the preset identification information and the second identification information is not matched with the first identification information, the first target access object is forbidden to multiplex the connection of the second target object and the storage system. This step is illustrated below by way of an example.
Assuming that the specific preset identification information of the operation and maintenance tool is a version number A, the second identification information of the second target object is a version number K, and the first identification information of the first target access object is a version number M.
The storage system access device receives a first request sent by a first target access object, and if the version number M in the first request is inconsistent with the version number A special for the operation and maintenance tool, the first target access object sending the first request is not the operation and maintenance tool. In addition, in the case that the version number M of the first target access object is different from the version number K of the second target object (i.e., the version number K of the existing connection), the first target access object is prohibited from accessing the storage system, so that the first target access object having a low version is denied to use the disk in the storage system. That is, in the case of m+.k in fig. 5, the storage system access device denies the request of the first target access object.
In this embodiment of the present application, the second identification information is not matched with the preset identification information, and the second identification information is not matched with the first identification information, which indicates that the second target access object that has been accessed to the storage system is not an operation and maintenance tool, and the usage right of the second target access object is different from the usage right of the first target access object, for example, the second target access object has the highest version number, and the first target access object has a lower version number. Then the first target access object is prohibited from multiplexing the connection of the second target object to the storage system. Thus, the first target access object without the use authority to the disk in the storage system is prevented from using the disk in the storage system through multiplexing connection.
In one or more embodiments, after the second identification information is respectively matched with the first identification information and the preset identification information, the storage system access method may further include:
and under the condition that the second identification information is matched with the preset identification information, the first target access object is forbidden to multiplex the connection of the second target object and the storage system.
As shown in fig. 6, it is assumed that there is a second target object connected to the storage system, the second identification information of the second target object is a version number a, the preset identification information specific to the operation and maintenance tool is a version number a, and the first identification information of the first target access object is a version number M.
The storage system access device receives a first request sent by a first target access object, wherein the version number M in the first request is inconsistent with the version number A specific to the operation and maintenance tool, which means that the operation and maintenance tool does not send the first request. And the version number a (i.e. the second identification information) of the second target object is consistent with the version number a of the preset identification information specific to the operation and maintenance tool, which indicates that the second target object is the operation and maintenance tool, i.e. the connection between the operation and maintenance tool and the storage system is established, and then the connection between the operation and maintenance tool and the storage system is refused to be multiplexed by the first target access object.
In this embodiment of the present application, the second identification information is matched with the preset identification information, which indicates that the second target access object that has established a connection with the storage system is an operation and maintenance tool. Because the data in the disk is not changed when the operation and maintenance tool accesses the disk, the data in the disk is not changed by the non-operation and maintenance tool, for example, the operation and maintenance tool scans the data in the disk, the data in the disk is not changed due to the fact that the cloud server runs the user program, for example, the cloud server can add data to the disk, delete data in the disk or modify data in the disk. Therefore, the connection of the first target access object multiplexing operation tool and the storage system is forbidden, and the data of the disk in the storage system is prevented from being changed due to the fact that the first target access object accesses the storage system.
In one or more embodiments, in a case where the second identification information matches the preset identification information, the storage system access method may further include:
a second request is sent to the second target object, the second request being for notifying the second target object to release the connection with the storage system.
And under the condition that the second identification information is matched with the preset identification information, the second target object is an operation and maintenance tool, namely, the connection between the operation and maintenance tool and the storage system is established, and the first target object cannot multiplex the connection. The second target object is informed to release the connection with the storage system by sending a second request to the second target object so that the first target object can be connected to the storage system in time. It can be ensured that the work of the first target object can be performed preferentially.
In one or more embodiments, in a case where the second identification information matches the preset identification information, the storage system access method may further include:
detecting whether the second target object releases the connection with the storage system or not at preset time intervals;
and sending a third request to the storage system when the second target object is detected to release the connection with the storage system, wherein the third request is used for establishing the connection between the first target access object and the storage system.
As one example, the predetermined time period is 1 second, so that it is detected whether the second target object releases the connection with the storage system every 1 second. And under the condition that the second target object is detected to release the connection with the storage system, a third request can be timely sent to the storage system, so that the first target access object can be timely accessed to the storage system.
In one or more embodiments, step 106 may include:
and if the determined result comprises that the second target object does not exist, sending a fourth request to the storage system, wherein the fourth request is used for establishing connection between the first target access object and the storage system.
As an example, as shown in fig. 7, it is assumed that preset identification information specific to an operation tool is a version number a, and first identification information of a first target access object is a version number M.
The storage system access device receives a first request, the version number M in the first request is inconsistent with the version number A special for the operation and maintenance tool, and a second target object connected with the storage system does not exist, and then the storage system access device sends a fourth request to the storage system, wherein the fourth request comprises the version number M. After the storage system receives the fourth request, determining that the version number M in the fourth request is consistent with the highest version number stored in the storage system, and then establishing connection between the first target access object and the storage system.
As another example, as shown in fig. 8, it is assumed that preset identification information specific to an operation tool is a version number a, and first identification information of a first target access object is a version number a.
The storage system access device receives a first request, wherein the version number A in the first request is consistent with the version number A specific to the operation and maintenance tool, and a second target object connected with the storage system does not exist, and then the storage system access device sends a fourth request to the storage system, and the fourth request comprises the version number A. After the storage system receives the fourth request, the first target access object is connected with the storage system.
In this embodiment, no matter whether the first identification information is matched with the preset identification information, as long as there is no second target object that has established a connection with the storage system, the connection of the first target access object and the storage system is established.
In one or more embodiments, step 106 may include:
and allowing the first target access object to multiplex the connection of the second target object and the storage system under the condition that the determination result comprises that the first identification information is matched with the preset identification information and the second target object exists, so that the first target access object is accessed to the storage system.
As an example, as shown in fig. 9, it is assumed that preset identification information specific to an operation and maintenance tool is a version number a, first identification information of a first target access object is the version number a, there is a second target object that has been connected to a storage system, and first identification information of the first target access object is the version number K.
The storage system access device receives a first request, wherein the version number A in the first request is consistent with the version number A special for the operation and maintenance tool, which indicates that a first target access object sending the first request is the operation and maintenance tool, and the operation and maintenance tool is inconsistent with the version number K of the existing connection, but the operation and maintenance tool does not change the data of a disk in the storage system, so that the operation and maintenance tool (namely the first target access object) is allowed to multiplex the connection of a second target object and the storage system.
As another example, as shown in fig. 10, it is assumed that preset identification information specific to a first operation tool is a version number a, preset identification information specific to a second operation tool is a version number B, first identification information of a first target access object is a version number a, there is a second target object that has been connected to a storage system, and the second target object is a second operation tool.
The storage system access device receives a first request, wherein the version number A in the first request is consistent with the version number A specific to the first operation and maintenance tool, which indicates that a first target access object sending the first request is the first operation and maintenance tool, and the first operation and maintenance tool is inconsistent with the version number B of the existing connection, but the operation and maintenance tool does not change the data of a disk in the storage system, so that the first operation and maintenance tool (namely the first target access object) is allowed to multiplex the connection of a second target object and the storage system.
In the embodiment of the present application, the first identification information is matched with the preset identification information, which indicates that the first target object is an operation and maintenance tool. In this case, the operation and maintenance tool is allowed to multiplex the existing connection because the operation and maintenance tool does not change the data of the disk in the storage system.
As can be seen from the above, assuming that the first target access object is a server or an operation tool, the first request is divided into a server connection request and an operation connection request.
Server connection request: refers to a connection request by a server using a disk in a storage system. Running on the server is a user program, and this connection is used by the server, a common usage. The storage system is to ensure that the storage system can normally use the preemption mechanism, so that the storage system can use the preemption mechanism: the server can smoothly switch the access terminal and is not influenced by the residual connection of other physical machines.
Operation and maintenance connection request: the finger operation tool uses the connection request of the disk. This connection generally has three features:
1. the operation mode is clear, the risk of data errors does not exist, and the damage of residual connection is not required to be prevented. That is, the operation and maintenance tool does not change the data in the disk, and the multiplexing connection of the operation and maintenance tool does not damage the data in the disk.
2. The use is lighter, and the usability of the cloud server is not affected, so that a preemption mechanism is not needed. Because the preemption mechanism is designed for removing illegally occupied disk servers, if one server becomes an illegitimate device, the version of the legal server can be improved, so that the illegitimate server is removed.
3. It is inconvenient to use a version number or other authorization mechanism related to user rights as with the server.
4. As flexible as possible, because the long-term operation of the server is normal, when the server operates, the operation and maintenance connection should multiplex the existing connection of the server, otherwise, the opportunity of operation and maintenance is very little, and the engineering requirement is not met.
Based on the six examples of fig. 5 to 10 described above, further description is made below in conjunction with table 1 below.
TABLE 1
As can be seen from table 1, the storage system access device receives the first request sent by the first target access object, and for the version number in the first request, there are several different processing manners:
1. Regardless of the version number in the first request, if there is no existing connection (i.e., there is no second target object that has established a connection with the storage system), then a connection of the first target access object to the storage system is established. Reference may be made to the examples of fig. 7 and 8 described above.
2. If the version number in the first request is M and there is an existing connection (i.e. there is a second target object that has established a connection with the storage system), then if the version number K of the existing connection is not a special version number a, i.e. the second target object is not an operation tool, then if m=k, indicating that the version numbers of the first target access object and the second target access object are the same, the first target access object is allowed to multiplex the connection of the second target access object with the storage system. If M is not equal to K, the first target access object is forbidden to multiplex the connection. Reference may be made to the example of fig. 5 described above.
3. The version number in the first request is M and there is an existing connection (i.e. there is a second target object that has established a connection with the storage system), then the first target access object is prohibited from multiplexing the connection of the second target access object with the storage system in case the version number of the existing connection is a special version number a, i.e. the second target object is an operation and maintenance tool. Reference may be made to the example of fig. 6 described above.
4. The version number in the first request is a, i.e. the first target object is an operation and maintenance tool and there is an existing connection (i.e. there is a second target object that has established a connection with the storage system), the first target access object is allowed to multiplex the connection of the second target access object with the storage system. Reference may be made to the examples of fig. 9 and 10 described above.
Briefly, an embodiment of the present invention generally includes the following points:
1. if there is no existing connection at present, then no matter whether the first request received by the storage system access device is a server connection request or an operation and maintenance connection request, a connection with the storage system can be newly established. The premise of newly establishing the connection with the storage system is that the storage system determines that the first target access object has the use right according to the first identification information of the first target access object.
2. In the case that the first request received by the storage system access device is a server connection request, if the first identification information in the first request is consistent with the second identification information of the existing connection, for example, the version number in the first request is consistent with the version number of the existing connection, multiplexing connection is allowed, otherwise, the unification of the authority version of the server and the real connection authority version is destroyed, and the preemption mechanism is not shared in the follow-up.
3. In the case where the first request received by the storage system access device is an operation and maintenance connection request, multiplexing of the connection is allowed because it does not need to enjoy the preemption mechanism.
Corresponding to the storage system access method of the embodiment of the invention, the embodiment of the invention provides a storage system access device. Fig. 11 is a schematic structural diagram of a storage system access device according to an embodiment of the present invention.
As shown in fig. 11, the storage system access device 200 includes:
a first request receiving module 202, configured to receive a first request sent by a first target access object, where the first request is used to request to connect to a storage system, and the first request includes first identification information, where the first identification information is used to identify a usage right of the first target access object to a disk in the storage system;
a determining module 204, configured to determine whether the first identification information matches the preset identification information, and whether a second target object that has established a connection with the storage system exists, to obtain a determination result; the method comprises the steps that preset identification information is used for identifying the use permission of an operation and maintenance tool on a disk in a storage system;
and the access module 206 is configured to access the first target access object to the storage system according to the determination result.
In the embodiment of the invention, specific preset identification information is allocated to the operation and maintenance tool in advance, and the preset identification information is used for identifying the use authority of the operation and maintenance tool on the disk in the storage system. Based on this, in the embodiment of the present invention, under the condition that a first request for requesting to connect to the storage system sent by the first target access object is received, it is determined whether the first identification information matches with the preset identification information, and whether there is a second target object that has established a connection with the storage system, so as to obtain a determination result. And then, accessing the first target access object to the storage system according to the determination result. Because the special preset identification information is allocated to the operation and maintenance tool in advance, a management and control system is not required to give higher use authority to the disk to the operation and maintenance tool, the authority of a server which is accessed before is not lowered due to the fact that the authority of the operation and maintenance tool is higher, and further, the higher authority is not required to be allocated to the server which is accessed to the storage system in the prior art, so that the access mode to the storage system is more flexible.
In one or more embodiments, the access module 206 includes:
the identification acquisition unit is used for acquiring second identification information of a second target object when the determination result comprises that the first identification information is not matched with preset identification information and the second target object exists, wherein the second identification information is used for identifying the use authority of the second target object on a disk in the storage system;
The first matching unit is used for respectively matching the second identification information with the first identification information and the preset identification information;
and the first multiplexing unit is used for allowing the first target access object to multiplex the connection of the second target object and the storage system under the condition that the second identification information is not matched with the preset identification information and the second identification information is matched with the first identification information so as to enable the first target access object to be accessed to the storage system.
In the embodiment of the application, when the first target access object is not accessed but needs to access the disk system and the second target access object is already accessed to the disk system, the first target access object is allowed to multiplex the connection between the second target object and the storage system when the second identification information matches with the first identification information. Because the second identification information is matched with the first identification information, the first target access object and the second target access object have the same use authority of the disk in the storage system, and the second target access object has the use authority of the disk in the storage system, so that the second target access object also has the use authority of the disk in the storage system. Therefore, the technical problem that the conflict exists between the meaning of the identification information of some access objects and the disk in the storage system actually used by the access objects is solved.
In one or more embodiments, the storage system access device 200 further comprises:
and the first multiplexing prohibition module is used for prohibiting the first target access object from multiplexing the connection of the second target object and the storage system under the condition that the second identification information is not matched with the preset identification information and the second identification information is not matched with the first identification information.
In this embodiment of the present application, the second identification information is not matched with the preset identification information, and the second identification information is not matched with the first identification information, which indicates that the second target access object that has been accessed to the storage system is not an operation and maintenance tool, and the usage right of the second target access object is different from the usage right of the first target access object, for example, the second target access object has the highest version number, and the first target access object has a lower version number. Then the first target access object is prohibited from multiplexing the connection of the second target object to the storage system. Thus, the first target access object without the use authority to the disk in the storage system is prevented from using the disk in the storage system through multiplexing connection.
In one or more embodiments, the storage system access device 200 further comprises:
And the second multiplexing prohibition module is used for prohibiting the first target access object from multiplexing the connection of the second target object and the storage system under the condition that the second identification information is matched with the preset identification information.
In this embodiment of the present application, the second identification information is matched with the preset identification information, which indicates that the second target access object that has established a connection with the storage system is an operation and maintenance tool. Because the data in the disk is not changed when the operation and maintenance tool accesses the disk, the data in the disk is not changed by the non-operation and maintenance tool, for example, the operation and maintenance tool scans the data in the disk, the data in the disk is not changed due to the fact that the cloud server runs the user program, for example, the cloud server can add data to the disk, delete data in the disk or modify data in the disk. Therefore, the connection of the first target access object multiplexing operation tool and the storage system is forbidden, and the data of the disk in the storage system is prevented from being changed due to the fact that the first target access object accesses the storage system.
In one or more embodiments, the storage system access device 200 further comprises:
the first request sending module is used for sending a second request to the second target object, and the second request is used for informing the second target object to release the connection with the storage system.
The second target object is informed to release the connection with the storage system by sending a second request to the second target object so that the first target object can be connected to the storage system in time. It can be ensured that the work of the first target object can be performed preferentially.
In one or more embodiments, the storage system access device 200 further comprises:
the detection module is used for detecting whether the second target object releases the connection with the storage system or not at intervals of preset time;
and the second request sending module is used for sending a third request to the storage system under the condition that the second target object is detected to release the connection with the storage system, wherein the third request is used for establishing the connection between the first target access object and the storage system.
And under the condition that the second target object is detected to release the connection with the storage system, a third request can be timely sent to the storage system, so that the first target access object can be timely accessed to the storage system.
In one or more embodiments, the access module 206 includes:
and the request sending unit is used for sending a fourth request to the storage system when the determination result comprises that the second target object does not exist, wherein the fourth request is used for establishing the connection between the first target access object and the storage system.
In this embodiment, no matter whether the first identification information is matched with the preset identification information, as long as there is no second target object that has established a connection with the storage system, the connection of the first target access object and the storage system is established.
In one or more embodiments, the access module 206 includes:
and the second multiplexing unit is used for allowing the first target access object to multiplex the connection of the second target object and the storage system when the determination result comprises that the first identification information is matched with the preset identification information and the second target object exists, so that the first target access object is accessed to the storage system.
In the embodiment of the present application, the first identification information is matched with the preset identification information, which indicates that the first target object is an operation and maintenance tool. In this case, the operation and maintenance tool is allowed to multiplex the existing connection because the operation and maintenance tool does not change the data of the disk in the storage system.
In one or more embodiments, the first identification information is a first version number, and the preset identification information is a preset version number; the determination module 204 includes:
the detection unit is used for detecting whether the first version number is consistent with a preset version number;
the first determining unit is used for determining that the first identification information is matched with the preset identification information under the condition that the first version number is consistent with the preset version number;
And the second determining unit is used for determining that the first identification information is not matched with the preset identification information under the condition that the first version number is inconsistent with the preset version number.
Fig. 12 is a schematic hardware structure of a storage system access device according to an embodiment of the present invention.
The storage system access device may include a processor 301 and a memory 302 storing computer program instructions.
In particular, the processor 301 may include a Central Processing Unit (CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured as one or more integrated circuits that implement embodiments of the present invention.
Memory 302 may include mass storage for data or instructions. By way of example, and not limitation, memory 302 may comprise a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, magnetic tape, or universal serial bus (Universal Serial Bus, USB) Drive, or a combination of two or more of the foregoing. Memory 302 may include removable or non-removable (or fixed) media, where appropriate. Memory 302 may be internal or external to the integrated gateway disaster recovery device, where appropriate. In a particular embodiment, the memory 302 is a non-volatile solid-state memory. In particular embodiments, memory 302 includes Read Only Memory (ROM). The ROM may be mask programmed ROM, programmable ROM (PROM), erasable PROM (EPROM), electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory, or a combination of two or more of these, where appropriate.
The processor 301 implements any of the storage system access methods of the above embodiments by reading and executing computer program instructions stored in the memory 302.
In one example, the storage system access device may also include a communication interface 303 and a bus 310. As shown in fig. 12, the processor 301, the memory 302, and the communication interface 303 are connected to each other by a bus 310 and perform communication with each other.
The communication interface 303 is mainly used to implement communication between each module, device, unit and/or apparatus in the embodiment of the present invention.
Bus 310 includes hardware, software, or both that couple the components of the storage system access device to each other. By way of example, and not limitation, the buses may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a HyperTransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a multi-channel architecture (MCa) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus, or a combination of two or more of the above. Bus 310 may include one or more buses, where appropriate. Although embodiments of the invention have been described and illustrated with respect to a particular bus, the invention contemplates any suitable bus or interconnect.
The storage system access device may perform the storage system access method in the embodiment of the present invention, thereby implementing the storage system access method and apparatus described in connection with fig. 3 and 11.
In addition, in combination with the storage system access method in the above embodiment, the embodiment of the present invention may be implemented by providing a computer storage medium. The computer storage medium has stored thereon computer program instructions; the computer program instructions, when executed by a processor, implement any of the storage system access methods of the above embodiments.
It should be understood that the invention is not limited to the particular arrangements and instrumentality described above and shown in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and shown, and those skilled in the art can make various changes, modifications and additions, or change the order between steps, after appreciating the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this disclosure describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, or may be performed in a different order from the order in the embodiments, or several steps may be performed simultaneously.
In the foregoing, only the specific embodiments of the present invention are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present invention is not limited thereto, and any equivalent modifications or substitutions can be easily made by those skilled in the art within the technical scope of the present invention, and they should be included in the scope of the present invention.

Claims (12)

1. A storage system access method, comprising:
receiving a first request sent by a first target access object, wherein the first request is used for requesting to connect to a storage system, and the first request comprises first identification information which is used for identifying the use authority of the first target access object on a disk in the storage system;
Determining whether the first identification information is matched with preset identification information or not, and whether a second target object which is connected with the storage system already exists or not, so as to obtain a determination result; the preset identification information is used for identifying the use authority of the operation and maintenance tool on the disk in the storage system;
and accessing the first target access object to the storage system according to the determination result.
2. The method of claim 1, wherein the accessing the first target access object to the storage system according to the determination result comprises:
acquiring second identification information of the second target object when the determination result includes that the first identification information is not matched with the preset identification information and the second target object exists, wherein the second identification information is used for identifying the use authority of the second target object on a disk in the storage system;
matching the second identification information with the first identification information and the preset identification information respectively;
and allowing the first target access object to multiplex the connection of the second target object and the storage system under the condition that the second identification information is not matched with the preset identification information and the second identification information is matched with the first identification information, so that the first target access object is accessed to the storage system.
3. The method of claim 2, wherein after the matching the second identification information with the first identification information and the preset identification information, the method further comprises:
and under the condition that the second identification information is not matched with the preset identification information and the second identification information is not matched with the first identification information, the first target access object is forbidden to multiplex the connection of the second target object and the storage system.
4. The method of claim 2, wherein after the matching the second identification information with the first identification information and the preset identification information, the method further comprises:
and under the condition that the second identification information is matched with the preset identification information, the first target access object is forbidden to multiplex the connection of the second target object and the storage system.
5. The method of claim 4, further comprising, in the case that the second identification information matches the preset identification information:
and sending a second request to the second target object, wherein the second request is used for informing the second target object to release the connection with the storage system.
6. The method of claim 4, further comprising, in the case that the second identification information matches the preset identification information:
detecting whether the second target object releases the connection with the storage system or not at preset time intervals;
and sending a third request to the storage system when the second target object is detected to release the connection with the storage system, wherein the third request is used for establishing the connection between the first target access object and the storage system.
7. The method of claim 1, wherein the accessing the first target access object to the storage system according to the determination result comprises:
and if the determined result comprises that the second target object does not exist, sending a fourth request to the storage system, wherein the fourth request is used for establishing connection between the first target access object and the storage system.
8. The method of claim 1, wherein the accessing the first target access object to the storage system according to the determination result comprises:
and allowing the first target access object to multiplex the connection of the second target object and the storage system under the condition that the determination result comprises that the first identification information is matched with the preset identification information and the second target object exists, so that the first target access object is accessed to the storage system.
9. The method of claim 1, wherein the first identification information is a first version number and the preset identification information is a preset version number;
the determining whether the first identification information is matched with preset identification information includes:
detecting whether the first version number is consistent with the preset version number;
determining that the first identification information is matched with the preset identification information under the condition that the first version number is consistent with the preset version number;
and under the condition that the first version number is inconsistent with the preset version number, determining that the first identification information is not matched with the preset identification information.
10. A storage system access device, comprising:
the first request receiving module is used for receiving a first request sent by a first target access object, wherein the first request is used for requesting to be connected to a storage system, and the first request comprises first identification information which is used for identifying the use permission of the first target access object on a disk in the storage system;
the determining module is used for determining whether the first identification information is matched with preset identification information or not and whether a second target object which is connected with the storage system already exists or not, so that a determining result is obtained; the preset identification information is used for identifying the use authority of the operation and maintenance tool on the disk in the storage system;
And the access module is used for accessing the first target access object to the storage system according to the determination result.
11. A storage system access device, the device comprising: a processor and a memory storing computer program instructions;
the storage system access method of any of claims 1-9 when executed by the processor.
12. A computer storage medium having stored thereon computer program instructions which, when executed by a processor, implement the storage system access method of any of claims 1-9.
CN202010742004.2A 2020-07-29 2020-07-29 Storage system access method, device, equipment and storage medium Active CN113301090B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010742004.2A CN113301090B (en) 2020-07-29 2020-07-29 Storage system access method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010742004.2A CN113301090B (en) 2020-07-29 2020-07-29 Storage system access method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113301090A CN113301090A (en) 2021-08-24
CN113301090B true CN113301090B (en) 2024-03-29

Family

ID=77318198

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010742004.2A Active CN113301090B (en) 2020-07-29 2020-07-29 Storage system access method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113301090B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7685123B1 (en) * 2006-08-30 2010-03-23 Network Appliance, Inc. Method and system for controlling access to dynamically specified resources
CN105159846A (en) * 2015-07-02 2015-12-16 浙江宇视科技有限公司 Method for supporting dual-control switching of virtualized disk and storage system
CN106936797A (en) * 2015-12-31 2017-07-07 北京网御星云信息技术有限公司 The management method and system of magnetic disk of virtual machine and file encryption key in a kind of cloud
CN107292441A (en) * 2017-06-26 2017-10-24 北京容联光辉科技有限公司 A kind of O&M cooperative system
CN111079104A (en) * 2019-11-21 2020-04-28 腾讯科技(深圳)有限公司 Authority control method, device, equipment and storage medium
CN111382008A (en) * 2018-12-28 2020-07-07 北京金山云网络技术有限公司 Virtual machine data backup method, device and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4585217B2 (en) * 2004-03-29 2010-11-24 株式会社日立製作所 Storage system and control method thereof

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7685123B1 (en) * 2006-08-30 2010-03-23 Network Appliance, Inc. Method and system for controlling access to dynamically specified resources
CN105159846A (en) * 2015-07-02 2015-12-16 浙江宇视科技有限公司 Method for supporting dual-control switching of virtualized disk and storage system
CN106936797A (en) * 2015-12-31 2017-07-07 北京网御星云信息技术有限公司 The management method and system of magnetic disk of virtual machine and file encryption key in a kind of cloud
CN107292441A (en) * 2017-06-26 2017-10-24 北京容联光辉科技有限公司 A kind of O&M cooperative system
CN111382008A (en) * 2018-12-28 2020-07-07 北京金山云网络技术有限公司 Virtual machine data backup method, device and system
CN111079104A (en) * 2019-11-21 2020-04-28 腾讯科技(深圳)有限公司 Authority control method, device, equipment and storage medium

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
基于IP的以太网存储系统接入技术的研究;杨涛, 施亮, 吴智铭;微型电脑应用;20030920(第09期);全文 *
智慧校园统一运维监控服务平台的设计与实现;阮晓龙;许成刚;刘明哲;;网络安全技术与应用;20180215(第02期);全文 *
磁光阵列:一种新型数据存储模式的实现;刘建梅;宋林峰;冯剑楠;唐建华;徐宏;邵征宇;许长江;朱明;;红外与激光工程;20160925(第09期);全文 *
类Unix系统服务器文件夹磁盘空间监视及自动维护软件的研制;李挺;邓科;张焕青;蔡昂;冯凝;刘晓华;李炜;洪叶;;重庆理工大学学报(自然科学);20171215(第12期);全文 *

Also Published As

Publication number Publication date
CN113301090A (en) 2021-08-24

Similar Documents

Publication Publication Date Title
EP0350005A2 (en) Security system
CN106462674A (en) Resource access control using validation token
CN112822160B (en) Equipment identification method, device, equipment and machine-readable storage medium
CN110545272B (en) Identity authentication method, authority authentication method, device, user management system and storage medium
US9076011B2 (en) Secret information leakage prevention system, secret information leakage prevention method and secret information leakage prevention program
CN113301090B (en) Storage system access method, device, equipment and storage medium
CN105183799A (en) Authority management method and client
CN109699030B (en) Unmanned aerial vehicle authentication method, device, equipment and computer readable storage medium
CN108965108B (en) Message pushing method and related equipment
CN114928552B (en) Communication equipment management method and device, electronic equipment and storage medium
CN108268796B (en) Offline management method and device based on offline password
CN113285929B (en) Terminal validity detection method and device
CN112491830B (en) Ceph distributed block storage access authentication method, medium and device
CN110347632B (en) Communication method and device
CN116366317A (en) Remote memory access protection mechanism construction method, remote memory node and equipment
CN102224507B (en) Method and device for diagnosing the first reception of an identifier, detection method, storage medium and computer software for said method
CN109150797B (en) Security authentication method and device for private network terminal
CN117492950A (en) Acquisition card multi-process method and device, electronic equipment and storage medium
CN116032889A (en) IP address allocation method and device
CN111212086A (en) Computer network protection method and system
CN117473481A (en) Communication method, device, domain controller and readable storage medium
CN117592097A (en) Data processing method and device, electronic equipment and storage medium
CN115114601A (en) Authentication method, system, equipment and computer readable storage medium for data center station
CN116866021A (en) Method, device and storage medium for authenticating monitoring data
CN117215627A (en) Data interface management method, device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40059159

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant