CN113329101B - Remote login method and login device for edge computing node - Google Patents

Remote login method and login device for edge computing node Download PDF

Info

Publication number
CN113329101B
CN113329101B CN202110881776.9A CN202110881776A CN113329101B CN 113329101 B CN113329101 B CN 113329101B CN 202110881776 A CN202110881776 A CN 202110881776A CN 113329101 B CN113329101 B CN 113329101B
Authority
CN
China
Prior art keywords
port
unit
client
edge computing
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110881776.9A
Other languages
Chinese (zh)
Other versions
CN113329101A (en
Inventor
周鹏
田欢春
赵清飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hefei Zhicheng Shuzhi Technology Co.,Ltd.
Original Assignee
Hangzhou Titanium Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Titanium Technology Co ltd filed Critical Hangzhou Titanium Technology Co ltd
Priority to CN202110881776.9A priority Critical patent/CN113329101B/en
Publication of CN113329101A publication Critical patent/CN113329101A/en
Application granted granted Critical
Publication of CN113329101B publication Critical patent/CN113329101B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/08Protocols specially adapted for terminal emulation, e.g. Telnet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • H04L69/162Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a remote login method and a remote login device for an edge computing node, wherein the method comprises the following steps: after receiving a bridging instruction initiated by a user side, a gateway management and control server registers a session and allocates an intranet 20XX port to wait for pairing; the gateway control server informs the gateway client of the current port pairing request, and simultaneously starts a server bridging tool to establish a forwarding node B with a 20XX port and requests data forwarding processing to an IP port of an external network; after receiving the notification instruction, the gateway client starts an edge computing node end bridging tool to establish a forwarding node A of the remote login port and requests the same external network IP port for data forwarding processing; the gateway control server receives data forwarding processing requests of two tools through an external network IP port and then completes port pairing between the remote login port and the 20XX port; the user accesses the 20XX port of the edge computing node through the SSH terminal to connect to the telnet port. The invention realizes the high-safety intranet penetration of the edge computing node.

Description

Remote login method and login device for edge computing node
Technical Field
The invention relates to the technical field of remote operation and maintenance management of equipment, in particular to a remote login method and a login device for an edge computing node.
Background
The edge computing node is a mini server provided with a Linux operating system, and generally accesses the internet through wireless without fixed IP. The server has the characteristics that the server node can access an external network address, but the external network cannot directly access the node through an IP or domain name mode, so that remote login (SSH) to the server cannot be achieved, great inconvenience is brought to remote operation and maintenance work of the server, and an intranet penetrating tool is required to establish a tunnel, so that an external network user can indirectly access the server node.
Currently, intranet penetration is generally performed by adopting charging software like 'peanut shell', 'ngrok' and the like and free tools like 'autossh', but the existing intranet penetration scheme has the following defects and shortcomings:
1. the use cost of commercial software such as peanut shells is high, small micro-enterprises are difficult to bear, and a special client tool is required to support only the HTTP protocol.
2. The free software such as 'autossh' exposes the internal network port to the external network for a long time, is easy to be attacked by lawless persons, needs an access certificate provided for the external network server node, and is poor in safety.
3. The persistent intranet penetration scheme occupies a large number of ports, and port resources are wasted due to the fact that the number of the ports of a single server node is limited.
Disclosure of Invention
The invention provides a remote login method and a remote login device for an edge computing node, aiming at realizing the purpose of penetrating an intranet of the edge computing node with low cost, high security and less port resource occupation.
In order to achieve the purpose, the invention adopts the following technical scheme:
provided is a remote login method for an edge computing node, comprising the following steps:
step S1, the gateway management and control server receives the bridge building instruction initiated by the user end and registers the conversation, and allocates an intranet open port to wait for the port pairing, wherein the intranet open port is marked as a 20XX port;
step S2, the gateway management and control server informs the gateway client that there is a port pairing request currently, and simultaneously starts a server bridging tool to establish a forwarding node B of the 20XX port so as to construct a bidirectional data forwarding channel Y from the 20XX port to the forwarding node B, and then the server bridging tool requests the outer network IP port of the edge computing node for data forwarding processing;
step S3, after receiving the notification instruction, the gateway client starts an edge computing node bridging tool to establish a forwarding node A of a remote login port of the edge computing node to construct a bidirectional data forwarding channel X from the remote login port to the forwarding node A, and then the edge computing node bridging tool requests the same external network IP port for data forwarding processing;
step S4, the gateway management and control server receives, through the external network IP port, data forwarding processing requests from the server bridging tool and the edge computing node bridging tool, and then constructs a bidirectional data forwarding channel Z of the forwarding node a, the external network IP port, and the forwarding node B, thereby completing port pairing between the telnet port and the internal network open port;
and step S5, the user accesses the 20XX port allocated to the edge computing node through an SSH terminal and finally connects to the remote login port of the edge computing node along the communication path of the channel Y-the channel Z-the channel X, so as to realize remote operation and maintenance of the edge computing node.
As a preferred scheme of the present invention, the external network IP port is a 9022 port of the edge computing node.
As a preferred solution of the present invention, the remote login port is an SSH service 22 port of the edge computing node.
As a preferred scheme of the present invention, the gateway management and control server internally includes an instruction processing module and a pairing forwarding module, and the method for processing the bridge building instruction initiated by the user by the instruction processing module includes:
step A1, receiving the bridge building instruction initiated by the user;
step A2, parsing sessionId and gateway number boxId from the bridge building instruction, and allocating the 20XX port;
step a3, registering said sessionId and initializing a session state to "state = INIT";
step A4, issuing the bridge building instruction to the gateway client corresponding to the boxId;
step A5, locally invoking the server bridging tool, and assigning one of the 20XX ports to each edge compute node from the allocated 20XX ports;
step A6, waiting for the subsequent bridge construction process of the pairing forwarding module, and updating the session state of the session according to the bridge construction result of the pairing forwarding module;
step a7, determining whether the session status changes to "stat = SUCC" for a duration period,
if so, indicating that the port pairing is successful and informing the user that the bridge building is successful;
if not, indicating that the port pairing is failed and informing the user that the bridge building is failed.
As a preferred scheme of the present invention, the step of bridging the paired forwarding modules includes:
step B1, creating a socket client, and receiving the data forwarding processing requests of the forwarding node A and the forwarding node B from the external network IP port of the edge computing node through the socket client;
step B2, parsing sessionId and request source type of the session from the data forwarding processing request, where the request source type is the server-side bridging tool and/or the edge computing node-side bridging tool;
step B3, determining whether the parsed sessionId is already registered,
if not, notifying a user that bridge building fails and closing the socket client;
if yes, go to step B4;
step B4, if the analyzed request source type is the server bridging tool, registering the socket client to the current server client under the sessionId;
if the analyzed request source type is the edge computing node end bridging tool, registering the socket client to the box client under the current sessionId;
step B5, waiting for the server client and the box client to register, and judging whether the registration is successful,
if all the registrations are successful, determining that the 20XX port of the edge computing node is successfully paired with the SSH service 22 port, generating a session state update instruction, sending the session state update instruction to the instruction processing module, and performing step B6;
if the server client or the box client fails to register, logging off the sessionId;
step B6, notifying the forwarding node a and the forwarding node B that the bridge establishment is successful can start data forwarding.
As a preferred aspect of the present invention, the bridge building process of the server bridging tool includes:
step C1, the server bridging tool parses the sessionId of the session and the allocated port information of the 20XX port from the instruction sent by the gateway management and control server;
step C2, starting a socket server to monitor the 20XX port;
step C3, establishing the forwarding node B of the 20XX port monitored;
step C4, a socket client is started to send the data forwarding processing request to the extranet IP port of the edge computing node, wherein the data forwarding processing request contains the sessionId and the request source type of the session;
step C5, waiting for the response of the gateway management and control service end to the data forwarding processing request,
if the response is successful, the step C6 is carried out;
if the response fails, closing the monitored 20XX port, and exiting the bridge building process;
step C6, waiting for the SSH terminal to connect the 20XX port listened to,
if the connection is successful, establishing a data forwarding channel between the 20XX port, the forwarding node B and the external network IP port, and starting data forwarding of the 20XX port and the external network IP port;
and if the connection fails, closing the 20XX port and exiting the bridge building process.
As a preferred aspect of the present invention, the bridge building process of the edge computing node-side bridging tool includes:
step D1, the edge computing node end bridging tool resolves sessionId of the session from the instruction sent by the gateway client;
step D2, starting a socket client to connect the remote login port of the edge computing node;
step D3, establishing the forwarding node A of the remote login port;
step D4, sending the data forwarding processing request to the extranet IP port of the edge computing node by using the socket client, wherein the data forwarding processing request contains the sessionId and the request source type of the session;
a step D5, waiting for the response of the gateway management and control server to the data forwarding processing request,
if the response is successful, establishing a data forwarding channel between the remote login port, the forwarding node A and the external network IP port, and starting data forwarding between the remote login port and the external network IP port;
and if the response fails, closing the socket client and exiting the bridge building process.
The invention also provides an edge computing node remote login device which can realize the remote login method and is characterized by comprising a management and control server and a gateway end in communication connection with the management and control server, wherein the management and control server comprises a gateway management and control server and a server bridging tool, the gateway end comprises a gateway client and an edge computing node bridging tool, the gateway management and control server registers a session after receiving a bridging instruction initiated by a user end, and allocates an intranet open port to wait for port pairing, and the intranet open port is marked as a 20XX port;
the gateway management and control server informs the gateway client that a port pairing request exists currently, simultaneously starts the server bridging tool to establish a forwarding node B of the 20XX port so as to establish a bidirectional data forwarding channel Y from the 20XX port to the forwarding node B, and then the server bridging tool requests data forwarding processing to an external network IP port of an edge computing node;
after the gateway client receives the notification instruction, the gateway client starts the edge computing node end bridging tool to establish a forwarding node A of a remote login port of the edge computing node so as to establish a bidirectional data forwarding channel X from the remote login port to the forwarding node, and then the edge computing node end bridging tool requests the same external network IP port for data forwarding processing;
the gateway management and control server receives data forwarding processing requests of the server bridging tool and the edge computing node bridging tool through the external network IP port, then a bidirectional data forwarding channel Z of the forwarding node A, the external network IP port and the forwarding node B is constructed, and port pairing between the remote login port and the 20XX port is completed;
and a user accesses the 20XX port distributed to the edge computing node through an SSH terminal and is finally connected to the remote login port of the edge computing node along a communication path of the channel Y-the channel Z-the channel X, so that remote operation and maintenance of the edge computing node are realized.
As a preferred scheme of the present invention, the gateway management and control server internally includes an instruction processing module and a pairing forwarding module, where the instruction processing module includes:
the bridge building instruction receiving unit is used for receiving the bridge building instruction initiated by a user;
the instruction analysis unit is connected with the bridge building instruction receiving unit and used for analyzing the sessionId and the boxId from the bridge building instruction;
an intranet open port allocation unit, configured to allocate the 20XX port;
a session registration and initialization unit, connected to the instruction parsing unit, configured to register a session according to the parsed sessionId, and initialize a session state of the session to "state = INIT";
the bridge building instruction issuing unit is connected with the bridge building instruction receiving unit and the instruction analyzing unit and is used for issuing the bridge building instruction to the gateway client corresponding to the boxId;
an intranet open port assigning unit connected to the intranet open port assigning unit, configured to locally invoke the server bridging tool, and assign one 20XX port from the allocated 20XX ports for each edge computing node;
the session state updating unit is connected with the session registration and initialization unit and used for updating the session state of the session according to the session state updating instruction generated by the pairing forwarding module;
a unit for judging whether bridge building is successful or not, connected to the session state updating unit, and used for judging whether the session state of the session is updated to 'stat = SUCC',
if so, indicating that the port pairing is successful and informing the user that the bridge building is successful;
if not, indicating that the port pairing is failed and informing the user that the bridge building is failed.
As a preferred aspect of the present invention, the pairing forwarding module includes:
a socket client creating unit for creating a socket client;
a data forwarding processing request receiving unit connected to the socket client creating unit and configured to receive the data forwarding processing requests of the forwarding node a and the forwarding node B through the external network IP port of the edge computing node;
a request content parsing unit, connected to the data forwarding processing request receiving unit, configured to parse the sessionId and a request source type of the session from the data forwarding processing request, where the request source type is the server-side bridging tool and/or the edge computing node-side bridging tool;
an ID registration judging unit connected with the request content analyzing unit and used for judging whether the analyzed sessionId is registered;
the socket client closing unit is connected with the ID registration judging unit and used for closing the socket client when the sessionId is judged to be unregistered;
a socket client registration unit, connected to the ID registration judgment unit and the request content parsing unit, and configured to register the socket client to a server client and/or a box client under the current sessionId according to a parsed request source type when it is judged that the sessionId is registered;
the server client registration unit is connected with the socket client registration unit and used for registering the server client;
the box client registration unit is connected with the socket client registration unit and used for registering the box client;
a registration judging unit, respectively connected to the server client registration unit and the box client registration unit, for judging whether the server client or the box client is successfully registered;
a session state update instruction generating and sending unit, connected to the registration judging unit, for generating the session state update instruction and sending the session state update instruction to the session state update unit in the instruction processing module after judging that all the server client and the box client are successfully registered,
a sessionId deregistration unit, connected to the registration judgment unit, for deregistering the sessionId when the server client or the box client is judged to be failed to register;
the notification unit is connected with the registration judging unit, and is used for generating a bridge establishment success notification to be pushed to a user after judging that the server client and the box client are all successfully registered, generating response success information to be sent to the server side bridging tool and the edge computing node side bridging tool, and generating a bridge establishment failure notification to be pushed to the user when judging that the server client or the box client is failed to be registered, generating response failure information to be sent to the server side bridging tool and the edge computing node side bridging tool;
and the open data forwarding notification unit is connected with the registration judging unit and used for generating an open data forwarding notification and sending the open data forwarding notification to the forwarding node A and the forwarding node B after judging that the server client and the box client are all successfully registered.
As a preferred aspect of the present invention, the server bridging tool includes:
the instruction analysis unit is used for analyzing the sessionId of the session and the allocated port information of the 20XX port from an instruction sent by the gateway management and control server to the server bridging tool;
the socket server creation unit is connected with the instruction analysis unit and used for creating and starting a socket server;
the port monitoring unit is connected with the socket server creation unit and the instruction analysis unit and is used for monitoring the 20XX port through the socket server;
a forwarding node establishing unit connected to the port monitoring unit, configured to establish the forwarding node B of the monitored 20XX port;
a data forwarding processing request generating unit, configured to generate the data forwarding processing request associated with the server bridging tool;
a data forwarding processing request sending unit, connected to the data forwarding processing request generating unit and the socket server creating unit, configured to send the data forwarding processing request to the extranet IP port of the edge computing node, where the data forwarding processing request includes the sessionId and a request source type of the session;
a response information receiving unit, configured to receive response information of the gateway management and control server for the data forwarding processing request;
a first port closing unit, connected to the response information receiving unit and the port monitoring unit, configured to close the monitored 20XX port when the gateway management and control server fails to respond;
a port connection judging unit, configured to judge whether the SSH terminal is connected to the monitored 20XX port;
the data forwarding starting unit is connected with the port connection judging unit and used for starting data forwarding of the 20XX port and the external network IP port after judging that the SSH terminal is successfully connected with the 20XX port;
and the second port closing unit is connected with the port connection judging unit and used for closing the 20XX port to exit the bridge building process after judging that the SSH terminal fails to be connected with the 20XX port.
As a preferred aspect of the present invention, the edge-computing-node-end bridging tool includes:
the instruction analysis unit is used for analyzing sessionId of the session from an instruction sent to the edge computing node end bridging tool by the gateway client;
the socket client creating unit is connected with the instruction analyzing unit and used for creating and starting a socket client;
the remote login port connecting unit is connected with the socket client creating unit and is used for connecting the remote login port of the edge computing node through the socket client;
a forwarding node establishing unit connected to the telnet port connecting unit, for establishing the forwarding node a of the telnet port connected thereto;
a data forwarding processing request generating unit, configured to generate the data forwarding processing request associated with the edge computing node-side bridging tool;
a data forwarding processing request sending unit, connected to the data forwarding processing request generating unit and the socket client creating unit, and configured to send the data forwarding processing request to the extranet IP port of the edge computing node through the socket client, where the data forwarding processing request includes the sessionId and a request source type of the session;
a response information receiving unit, configured to receive response information of the gateway management and control server for the data forwarding processing request;
the socket client closing unit is connected with the response information receiving unit and used for closing the socket client when the gateway management and control server fails to respond so as to quit the bridge building process;
and the data forwarding starting unit is connected with the response information receiving unit and used for starting data forwarding between the remote login port and the external network IP port when the gateway control server side successfully responds.
The invention has the following beneficial effects:
1. the remote login method for the edge computing node is realized by utilizing an open source programming technology, is low in cost and can be customized;
2. the bridge is built according to the requirement, the bridge is built to realize intranet penetration when the remote login to the edge computing node is required, and the bridge is closed when the login exits, so that the port resource of the edge computing node is not occupied for a long time;
3. the single bridge is only connected with a single user, and is safe and controllable;
4. only one external network IP port is provided to keep network connection with a plurality of edge computing nodes, and the remote login port is only accessed by an internal network user, so that the remote login safety of the edge computing nodes is ensured.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below. It is obvious that the drawings described below are only some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive effort.
FIG. 1 is a schematic structural diagram of an edge computing node telnet apparatus according to an embodiment of the present invention;
FIG. 2 is a flow chart of bridge establishment for a gateway management and control server;
FIG. 3 is a flow chart of a bridge building process of the server side bridging tool;
FIG. 4 is a flow chart of a bridge building process for an edge compute node-side bridging tool;
fig. 5 is a schematic internal structure diagram of an instruction processing module of a gateway management and control server;
fig. 6 is a schematic internal structural diagram of a pairing forwarding module of a gateway management and control server;
FIG. 7 is a schematic diagram of the internal structure of the server-side bridging tool;
FIG. 8 is a schematic diagram of the internal structure of an edge compute node-side bridging tool;
fig. 9 is a flowchart illustrating implementation steps of a method for remotely logging in an edge computing node according to an embodiment of the present invention.
Detailed Description
The technical scheme of the invention is further explained by the specific implementation mode in combination with the attached drawings.
Wherein the showings are for the purpose of illustration only and are shown by way of illustration only and not in actual form, and are not to be construed as limiting the present patent; to better illustrate the embodiments of the present invention, some parts of the drawings may be omitted, enlarged or reduced, and do not represent the size of an actual product; it will be understood by those skilled in the art that certain well-known structures in the drawings and descriptions thereof may be omitted.
The same or similar reference numerals in the drawings of the embodiments of the present invention correspond to the same or similar components; in the description of the present invention, it should be understood that if the terms "upper", "lower", "left", "right", "inner", "outer", etc. are used for indicating the orientation or positional relationship based on the orientation or positional relationship shown in the drawings, it is only for convenience of description and simplification of description, but it is not indicated or implied that the referred device or element must have a specific orientation, be constructed in a specific orientation and be operated, and therefore, the terms describing the positional relationship in the drawings are only used for illustrative purposes and are not to be construed as limitations of the present patent, and the specific meanings of the terms may be understood by those skilled in the art according to specific situations.
In the description of the present invention, unless otherwise explicitly specified or limited, the term "connected" or the like, if appearing to indicate a connection relationship between the components, is to be understood broadly, for example, as being fixed or detachable or integral; can be mechanically or electrically connected; they may be directly connected or indirectly connected through intervening media, or may be connected through one or more other components or may be in an interactive relationship with one another. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Fig. 1 is a schematic structural diagram illustrating an edge computing node telnet apparatus according to an embodiment of the present invention. As shown in fig. 1, the apparatus includes a management and control server 1 and a gateway 2 communicatively connected to the management and control server 1, where the management and control server 1 includes a gateway management and control server 11 and a server bridging tool 12, the gateway 2 includes a gateway client 21 and an edge computing node bridging tool 22 (the "box bridging tool" shown in fig. 1 is an edge computing node bridging tool), the gateway management and control server 11 registers a session after receiving a bridge building (bridge) instruction initiated by a user side, and allocates an intranet open port to wait for port pairing, and the intranet open port is denoted as a 20XX port;
the gateway management and control server 11 notifies the gateway client 21 that a port pairing request is currently provided, and simultaneously starts the server bridging tool 12 to establish the forwarding node B with the 20XX port, so as to establish a bidirectional data forwarding channel Y from the 20XX port to the forwarding node B (communication data can be bidirectionally forwarded between the 20XX port and the forwarding node B), and the server bridging tool 12 completes requesting data forwarding processing to an external network IP port 3 of an edge computing node (in this embodiment, the external network IP port 3 adopts a 9022 port of the edge computing node) after establishing the channel Y;
after receiving the notification instruction, the gateway client 21 starts the edge-computing-node-side bridging tool 22 to establish a forwarding node a of the telnet port 4 of the edge computing node (in this embodiment, the telnet port 4 uses an SSH service 22 port of the edge computing node), so as to establish a bidirectional data forwarding channel X from the telnet port 4 to the forwarding node a (communication data can be bidirectionally forwarded between the telnet port 4 and the forwarding node a), and the edge-computing-node-side bridging tool 22 requests the same external network IP port 3 for data forwarding after completing establishment of the channel X;
after receiving a data forwarding processing request of a server side bridging tool 12 and an edge computing node side bridging tool 22 through an external network IP port 3, a gateway management and control server 11 establishes a bidirectional data forwarding channel Z of a forwarding node A-an external network IP port-a forwarding node B (communication data can be bidirectionally forwarded between the forwarding node A-the external network IP port-the forwarding node B), thereby completing port pairing between a remote login port 4 and a 20XX port;
the user accesses the 20XX port allocated to the edge computing node through the SSH terminal and finally connects to the remote login port 4 of the edge computing node along the communication path of the channel Y-channel Z-channel X, so as to realize the remote operation and maintenance of the edge computing node.
The gateway management and control server 11 internally includes an instruction processing module 111 and a pairing forwarding module 112. Fig. 5 shows a schematic diagram of an internal structure of the instruction processing module, and as shown in fig. 5, the instruction processing module specifically includes:
the bridge building instruction receiving unit is used for receiving the bridge building instruction initiated by a user;
the instruction analysis unit is connected with the bridge building instruction receiving unit and used for analyzing sessionId (session ID) and boxId (gateway number) from the bridge building instruction;
the intranet open port distribution unit is used for distributing a 20XX port for connecting the SSH terminal;
a session registration and initialization unit connected to the instruction parsing unit, configured to register a session according to the parsed sessionId, and initialize a session state of the session to "state = INIT";
the bridge building instruction issuing unit is connected with the bridge building instruction receiving unit and the instruction analyzing unit and is used for issuing a bridge building instruction to the gateway client corresponding to the boxId;
the internal network open port assigning unit is connected with the internal network open port assigning unit and is used for locally calling a server bridging tool and assigning a 20XX port from each assigned 20XX port for each edge computing node;
the session state updating unit is used for updating the session state of the session according to the session state updating instruction generated by the pairing forwarding module;
a unit for judging whether the bridge is built successfully or not, a session state updating unit is connected, and is used for judging whether the session state of the session is updated to 'stat = SUCC',
if so, indicating that the port pairing is successful and informing the user that the bridge building is successful;
if not, indicating that the port pairing is failed and informing the user that the bridge building is failed.
Fig. 6 shows a schematic internal structure diagram of the pairing forwarding module. As shown in fig. 6, the pairing forwarding module includes:
a socket client creating unit for creating a socket client;
the data forwarding processing request receiving unit is connected with the socket client creating unit and used for receiving data forwarding processing requests of the forwarding node A and the forwarding node B through the external network IP port of the edge computing node;
the request content analyzing unit is connected with the data forwarding processing request receiving unit and is used for analyzing the sessionId and the request source type of the session from the data forwarding processing request, and the request source type is a service end bridging tool and/or an edge computing node end bridging tool;
an ID registration judging unit, a connection request content analyzing unit, for judging whether the analyzed sessionId is registered;
the socket client closing unit is connected with the ID registration judging unit and used for closing the socket client when the sessionId is judged to be unregistered;
a socket client registration unit connected with the ID registration judgment unit and the request content analysis unit and used for registering the socket client to the server client and/or the box client (gateway client corresponding to the boxID) under the current sessionId according to the analyzed request source type when the sessionId is judged to be registered; registering the socket client to the server client and the boxID client under the current sessionId is a 'bridging' process, the management and control server already establishes a data forwarding channel Y, the gateway already establishes a data forwarding channel X, and the purpose of registering the socket client to the server client and the boxID client under the current sessionId is to establish a third bridging channel Z between the channel X and the channel Y to complete bridging between the channel X and the channel Y.
The server client registration unit is connected with the socket client registration unit and used for registering the server client;
the box client registration unit is connected with the socket client registration unit and used for registering a box client (a gateway client corresponding to the boxID);
the system comprises a server client registration unit, a box client registration unit and a registration judging unit, wherein the server client registration unit and the box client registration unit are respectively connected with the server client registration unit and the box client registration unit and are used for judging whether the server client or the box client is successfully registered;
a session state update instruction generating and sending unit connected with the registration judging unit for generating a session state update instruction and sending the session state update instruction to the session state update unit in the instruction processing module after judging that the server client and the box client are all successfully registered,
the sessionId logout unit is connected with the registration judgment unit and used for logging off the sessionId when judging that the server client or the box client fails to register;
the notification unit is connected with the registration judging unit, is used for generating a bridge construction success notification to be pushed to a user and generating response success information to be sent to the server side bridging tool and the edge computing node side bridging tool after judging that the server client side and the box client side are completely registered successfully, and is used for generating a bridge construction failure notification to be pushed to the user and generating response failure information to be sent to the server side bridging tool and the edge computing node side bridging tool when judging that the server client side or the box client side is not registered successfully;
and the opening data forwarding notification unit is connected with the registration judging unit and is used for generating opening data forwarding notification and sending the opening data forwarding notification to the forwarding node A and the forwarding node B after judging that the server client and the box client are completely registered successfully.
Fig. 7 shows an internal structural diagram of the service-side bridging tool. As shown in fig. 7, the server bridging tool includes:
the instruction analysis unit is used for analyzing sessionId of the session and the allocated port information of the 20XX port from an instruction sent by the gateway management and control server to the server bridging tool;
the socket server creation unit is used for creating and starting a socket server;
the port monitoring unit is connected with the socket server creation unit and used for monitoring the 20XX port through the socket server;
the forwarding node establishing unit is connected with the port monitoring unit and used for establishing a forwarding node B of the monitored 20XX port;
the data forwarding processing request generating unit is used for generating a data forwarding processing request of the bridging tool of the associated service end;
a data forwarding processing request sending unit, connected to the data forwarding processing request generating unit and the socket server creating unit, configured to send a data forwarding processing request to an extranet IP port of the edge computing node, where the data forwarding processing request includes a sessionId of a session and a request source type (where the request source type is a server bridging tool);
a response information receiving unit, configured to receive response information of the gateway management and control server for the data forwarding processing request (the response information includes response success information and response failure information);
the first port closing unit is connected with the response information receiving unit and the port monitoring unit and is used for closing the monitored 20XX port when the response of the gateway management and control server fails;
a port connection judging unit, configured to judge whether the SSH terminal is connected to the monitored 20XX port;
the data forwarding starting unit is used for starting data forwarding of the 20XX port and the IP port of the external network after judging that the SSH terminal is successfully connected with the 20XX port;
and the second port closing unit is connected with the judging unit for judging whether the port is connected with the port, and is used for closing the 20XX port to exit the bridge building process after judging that the SSH terminal is failed to be connected with the 20XX port.
Fig. 8 shows an internal structural diagram of the edge computing node-side bridging tool. As shown in fig. 8, the edge-computing-node-side bridging tool includes:
the instruction analysis unit is used for analyzing sessionId of the session from an instruction sent by the gateway client to the bridging tool of the edge computing node end;
the socket client creating unit is used for creating and starting a socket client;
the remote login port connecting unit is connected with the socket client creating unit and is used for connecting a remote login port of the edge computing node through the socket client;
a forwarding node establishing unit connected with the remote login port connecting unit and used for establishing a forwarding node A of the connected remote login port;
the data forwarding processing request generating unit is used for generating a data forwarding processing request of a bridging tool of the associated edge computing node end;
the data forwarding processing request sending unit is connected with the data forwarding processing request generating unit and the socket client creating unit and is used for sending a data forwarding processing request to an extranet IP port of the edge computing node through the socket client, wherein the data forwarding processing request contains a sessionId of a session and a request source type (the request source is an edge computing node end bridging tool);
a response information receiving unit, configured to receive response information of the gateway management and control server for the data forwarding processing request (the response information includes response success information and response failure information, and if sessionId carried in the data forwarding processing request from the server bridging tool and from the edge computing node bridging tool is consistent, the gateway management and control server generates response success information, otherwise, the gateway management and control server generates response failure information);
the Socket client closing unit is connected with the response information receiving unit and used for closing the Socket client when the gateway management and control server fails to respond so as to quit the bridge building process;
and the data forwarding starting unit is connected with the response information receiving unit and used for starting data forwarding between the remote login port and the external network IP port when the gateway control server side successfully responds.
The method for realizing the remote login of the edge computing node by the device is specifically described as follows:
an instruction processing module in the gateway management and control server is responsible for receiving a bridge building instruction of a user, issuing the bridge building instruction, registering a session after receiving the bridge building instruction, allocating an intranet open port (20 XX port) and waiting for port pairing.
The server bridging tool is used for establishing a forwarding node B and realizing data forwarding from a 20XX port to a 9022 port, and the specific implementation mode is as follows:
and establishing a forwarding node B with a 20XX port, and establishing a bidirectional data forwarding channel Y between the 20XX port and the forwarding node B. The create socket service listens for the 20XX port to wait for SSH terminals to connect to the 20XX port (only one SSH terminal is connected to one 20XX port to improve the security of telnet). And creating a socket client to establish connection between the forwarding node B and the 9022 port, so that the communication connection between the 20XX port and the 9022 port is realized, and mutual forwarding of messages is realized.
And the gateway client is communicated with the gateway management and control server through a wireless communication network (such as a 4G network) and is responsible for receiving the instruction.
The edge computing node end bridging tool is used for establishing a forwarding node A and realizing data forwarding from an SSH service 22 port to a 9022 port, and the specific implementation mode is as follows:
the establishment socket client establishes connection between the forwarding node A and the 9022 port, and establishes connection between the forwarding node A and the SSH service 22 port, so that communication connection between the SSH service 22 port and the 9022 port is realized, and mutual forwarding of messages between the two ports is realized.
After receiving the data forwarding processing request of the forwarding node a and the forwarding node B, the pairing forwarding module in the gateway management and control server completes pairing of the SSH service 22 port and the 20XX port according to the session, and the specific implementation manner is as follows:
a socket server monitoring 9022 port is created, data forwarding processing requests of a forwarding node A and a forwarding node B are waited, when the forwarding node A and the forwarding node B are connected with the 9022 port for the first time, session IDs and request sources are carried (the request source is a server bridging tool or an edge computing node bridging tool), a gateway management and control server judges whether the session IDs carried in the data forwarding processing requests from the server bridging tool and the edge computing node bridging tool are consistent or not,
and if the two ports are consistent, completing the port pairing of the forwarding node A and the forwarding node B, and establishing a communication channel between the 20XX port of the edge computing node, the forwarding node B-9022 port and the forwarding node A-SSH service 22 port.
Finally, the user accesses the 20XX port of the edge computing node through the SSH terminal to connect with the SSH service 22 port, so as to realize the remote operation and maintenance of the edge computing node.
Fig. 2 shows a bridge building flow chart of the gateway management and control server. More specifically, as shown in fig. 2, the gateway management and control server 11 includes an instruction processing module 111 and a pairing forwarding module 112, and the method for processing the bridge building instruction initiated by the user by the instruction processing module 111 includes:
step A1, receiving a bridge building instruction initiated by a user;
step A2, parsing sessionId and boxId from the bridge building instruction, and allocating 20XX ports;
step a3, registering sessionId and initializing session state as "stat = INIT";
step A4, issuing a bridge building instruction to a gateway client corresponding to the gateway number boxId;
step A5, locally calling a server bridging tool, and assigning a 20XX port from the distributed 20XX ports for each edge computing node;
step A6, waiting for the subsequent bridge construction process of the pairing forwarding module, and updating the session state according to the bridge construction result of the pairing forwarding module;
step a7, determining whether the session status changes to "stat = SUCC" for a duration period,
if so, indicating that the port pairing is successful and informing the user that the bridge building is successful;
if not, indicating that the port pairing is failed and informing the user that the bridge building is failed.
Referring to fig. 2, the bridge establishment process of the pairing forwarding module 112 includes:
step B1, creating a socket client, and receiving data forwarding processing requests of a forwarding node A and a forwarding node B from an external network IP port (9022 port) of an edge computing node through the socket client;
step B2, parsing sessionId and request source type from the data forwarding processing request (the request source type is a service-side bridging tool or an edge-computing node-side bridging tool);
step B3, determine whether the parsed sessionId is already registered,
if not, notifying the user that the bridge building is failed and closing the socket client created in the step B1;
if yes, go to step B4;
step B4, if the analyzed request source type is a server bridging tool, registering the socket client to the server client (serverclinet) under the current sessionId;
if the analyzed request source type is an edge computing node end bridging tool, registering the socket client to a box client (boxclinet) under the current sessionId;
step B5, waiting for the server client and box client to register, and judging whether the registration is successful,
if all the registrations are successful, judging that the 20XX port of the edge computing node is successfully paired with the SSH service 22 port, generating a session state updating instruction, sending the session state updating instruction to the instruction processing module, and turning to the step B6;
if the server client or the box client fails to register (for example, if the server client or the box client registers overtime, the client is determined to be failed to register), the sessionId is cancelled;
step B6, informing forwarding node a and forwarding node B that the bridge establishment is successful can start data forwarding.
Fig. 3 shows a bridge building flow diagram of the server side bridging tool. As shown in fig. 3, the bridge building process of the server-side bridge tool includes:
step C1, the server bridging tool resolves sessionId of the session and the allocated port information of the 20XX port from the instruction sent by the gateway control server;
step C2, starting the socket server to monitor the 20XX port;
step C3, establishing the data forwarding node B of the monitored 20XX port;
step C4, starting the socket client to send a data forwarding processing request to the extranet IP port (9022 port) of the edge computing node, where the data forwarding processing request includes the sessionId of the session and the request source type (where the request source type is a server bridging tool);
step C5, waiting for the response of the gateway management and control service end to the data forwarding processing request,
if the response is successful, the step C6 is carried out;
if the response fails, closing the monitored 20XX port and exiting the bridge building process;
step C6, wait for the SSH terminal to connect the listened 20XX port,
if the connection is successful, establishing a data forwarding channel between the 20XX port and the forwarding node B-9022 port, and starting data forwarding of the 20XX port and the 9022 port;
if the connection fails (for example, if the connection fails if the connection is not connected after time out), closing the 20XX port and exiting the bridge building process.
In the technical scheme, the gateway client is responsible for communication between the SSH terminal and the edge computing node, and long connection with the gateway management and control server is kept through wireless communication networks such as 4G and the like. Meanwhile, the gateway client is also used for receiving an instruction to call the bridging tool of the edge computing node segment.
FIG. 4 shows a bridge building flow diagram of the edge compute node-side bridging tool. As shown in fig. 4, the process of building a bridge by the edge computing node-side bridging tool includes:
step D1, the edge computing node end bridging tool analyzes sessionId of the session from the instruction sent by the gateway client;
step D2, starting the SSH service 22 port (remote login port) of the socket client connecting edge computing node;
step D3, establishing a forwarding node A of the SSH service 22 port, and establishing a communication channel between the SSH service 22 port and the forwarding node A;
step D4, sending a data forwarding processing request to the 9022 port of the edge computing node by using the socket client, where the data forwarding processing request includes a sessionId of the session and a request source type (where the request source type is an edge computing node-side bridging tool);
step D5, waiting for the response of the gateway management and control server to the data forwarding processing request,
if the response is successful, establishing a data forwarding channel between the SSH 22 port and the forwarding node A-9022 port, and starting data forwarding of the SSH 22 port and the 9022 port;
if the response fails, closing the socket client and exiting the bridge building process.
In summary, the edge computing node remote login apparatus provided by the present invention only needs to provide one extranet IP port (9022 port), and the port is not a port of the direct proxy edge computing node, and data accessing the port needs to be forwarded by the forwarding node a or the forwarding node B, so that the communication security is high. In addition, the 20XX port is an internal network open port, is not exposed to an external network, is only accessed by an internal network user, and ensures the safety of remote operation and maintenance operation. One agent of one session, namely the port mapping between the established 20XX port and the SSH service 22 port is temporary bridging, only one user is allowed to pass through each time, the session is closed, the port resources are immediately released, and the port resources of the edge computing node are not occupied for a long time.
The present invention also provides a remote login method for an edge computing node, as shown in fig. 9, the remote login method includes:
step S1, the gateway management and control server side registers the conversation after receiving the bridge building instruction initiated by the user side, and allocates an intranet open port to wait for port pairing, and the intranet open port is recorded as a 20XX port;
step S2, the gateway management and control server informs the gateway client that there is a port pairing request currently, and simultaneously starts the server bridging tool to establish a 20XX port forwarding node B to construct a bidirectional data forwarding channel Y from the 20XX port to the forwarding node B, and then the server bridging tool requests the outer network IP port of the edge computing node for data forwarding processing;
step S3, after the gateway client receives the notification instruction, the gateway client starts the edge computing node bridging tool to establish the forwarding node A of the remote login port of the edge computing node so as to construct a bidirectional data forwarding channel X from the remote login port to the forwarding node A, and then the edge computing node bridging tool requests the same external network IP port for data forwarding processing;
step S4, the gateway management and control server receives the data forwarding processing request of the server bridging tool and the edge computing node bridging tool through the external network IP port, and then constructs a bidirectional data forwarding channel Z of a forwarding node A-the external network IP port-a forwarding node B, and completes port pairing between the remote login port and the internal network open port;
in step S5, the user accesses the 20XX port allocated to the edge computing node through the SSH terminal and finally connects to the telnet port of the edge computing node along the communication path of the Y-channel Z-channel X, thereby implementing remote operation and maintenance of the edge computing node.
It should be understood that the above-described embodiments are merely preferred embodiments of the invention and the technical principles applied thereto. It will be understood by those skilled in the art that various modifications, equivalents, changes, and the like can be made to the present invention. However, such variations are within the scope of the invention as long as they do not depart from the spirit of the invention. In addition, certain terms used in the specification and claims of the present application are not limiting, but are used merely for convenience of description.

Claims (10)

1. A method for remote entry of an edge computing node, the method comprising:
step S1, the gateway management and control server receives a bridge building instruction initiated by the user side, registers a session, and allocates an intranet open port to wait for port pairing, wherein the intranet open port is marked as a 20XX port, and the 20XX port represents any port between 2000 and 2099;
step S2, the gateway management and control server informs the gateway client that there is a port pairing request currently, and simultaneously starts a server bridging tool to establish a forwarding node B of the 20XX port so as to construct a bidirectional data forwarding channel Y from the 20XX port to the forwarding node B, and then the server bridging tool requests the outer network IP port of the edge computing node for data forwarding processing;
step S3, after receiving the notification instruction, the gateway client starts an edge computing node bridging tool to establish a forwarding node A of a remote login port of the edge computing node to construct a bidirectional data forwarding channel X from the remote login port to the forwarding node A, and then the edge computing node bridging tool requests the same external network IP port for data forwarding processing;
step S4, the gateway management and control server receives, through the external network IP port, data forwarding processing requests from the server bridging tool and the edge computing node bridging tool, and then constructs a bidirectional data forwarding channel Z of the forwarding node a, the external network IP port, and the forwarding node B, thereby completing port pairing between the telnet port and the internal network open port;
step S5, the user accesses the 20XX port allocated to the edge computing node through SSH terminal and finally connects to the remote login port of the edge computing node along the communication path of the channel Y-the channel Z-the channel X, so as to realize remote operation and maintenance of the edge computing node;
the gateway management and control server internally comprises an instruction processing module and a pairing forwarding module, and the method for processing the bridge building instruction initiated by the user by the instruction processing module comprises the following steps:
step A1, receiving the bridge building instruction initiated by the user;
step A2, parsing sessionId and gateway number boxId from the bridge building instruction, and allocating the 20XX port;
step a3, registering said sessionId and initializing a session state to "state = INIT";
step A4, issuing the bridge building instruction to the gateway client corresponding to the boxId;
step A5, locally invoking the server bridging tool, and assigning one of the 20XX ports to each edge compute node from the allocated 20XX ports;
step A6, waiting for the subsequent bridge construction process of the pairing forwarding module, and updating the session state of the session according to the bridge construction result of the pairing forwarding module;
step a7, determining whether the session status changes to "stat = SUCC" for a duration period,
if so, indicating that the port pairing is successful and informing the user that the bridge building is successful;
if not, indicating that the port pairing is failed and informing the user that the bridge building is failed.
2. The edge computing node telnet method of claim 1, wherein the extranet IP port is a 9022 port of the edge computing node.
3. The edge computing node telnet method of claim 1, wherein the telnet port is an SSH services 22 port of the edge computing node.
4. The method of claim 1, wherein the step of bridging the paired forwarding modules comprises:
step B1, creating a socket client, and receiving the data forwarding processing requests of the forwarding node A and the forwarding node B from the external network IP port of the edge computing node through the socket client;
step B2, parsing sessionId and request source type of the session from the data forwarding processing request, where the request source type is the server-side bridging tool and/or the edge computing node-side bridging tool;
step B3, determining whether the parsed sessionId is already registered,
if not, notifying a user that bridge building fails and closing the socket client;
if yes, go to step B4;
step B4, if the analyzed request source type is the server bridging tool, registering the socket client to the current server client under the sessionId;
if the analyzed request source type is the edge computing node end bridging tool, registering the socket client to the box client under the current sessionId;
step B5, waiting for the server client and the box client to register, and judging whether the registration is successful,
if all the registrations are successful, judging that the 20XX port of the edge computing node is successfully paired with the SSH service 22 port, generating a session state updating instruction, sending the session state updating instruction to the instruction processing module, and turning to the step B6;
if the server client or the box client fails to register, logging off the sessionId;
step B6, notifying the forwarding node a and the forwarding node B that the bridge establishment is successful can start data forwarding.
5. The edge computing node telnet method of claim 1, wherein the bridge building process of the server-side bridging tool comprises:
step C1, the server bridging tool parses the sessionId of the session and the allocated port information of the 20XX port from the instruction sent by the gateway management and control server;
step C2, starting a socket server to monitor the 20XX port;
step C3, establishing the forwarding node B of the 20XX port monitored;
step C4, a socket client is started to send the data forwarding processing request to the extranet IP port of the edge computing node, wherein the data forwarding processing request contains the sessionId and the request source type of the session;
step C5, waiting for the response of the gateway management and control service end to the data forwarding processing request,
if the response is successful, the step C6 is carried out;
if the response fails, closing the monitored 20XX port, and exiting the bridge building process;
step C6, waiting for the SSH terminal to connect the 20XX port listened to,
if the connection is successful, establishing a data forwarding channel between the 20XX port, the forwarding node B and the external network IP port, and starting data forwarding of the 20XX port and the external network IP port;
and if the connection fails, closing the 20XX port and exiting the bridge building process.
6. The telnet method of claim 1, wherein the bridging process of the edge computing node-side bridging tool comprises:
step D1, the edge computing node end bridging tool resolves sessionId of the session from the instruction sent by the gateway client;
step D2, starting a socket client to connect the remote login port of the edge computing node;
step D3, establishing the forwarding node A of the remote login port;
step D4, sending the data forwarding processing request to the extranet IP port of the edge computing node by using the socket client, wherein the data forwarding processing request contains the sessionId and the request source type of the session;
a step D5, waiting for the response of the gateway management and control server to the data forwarding processing request,
if the response is successful, establishing a data forwarding channel between the remote login port, the forwarding node A and the external network IP port, and starting data forwarding between the remote login port and the external network IP port;
and if the response fails, closing the socket client and exiting the bridge building process.
7. An edge computing node remote login device capable of implementing the remote login method according to any one of claims 1 to 6, wherein the device includes a management and control server and a gateway of a communication connection management and control server, the management and control server includes a gateway management and control server and a server bridging tool, the gateway includes a gateway client and an edge computing node bridging tool, the gateway management and control server registers a session after receiving a bridge establishment instruction initiated by a user terminal, and allocates an intranet open port to wait for port pairing, the intranet open port is denoted as a 20XX port, and the 20XX port represents any port between 2000-minus 2099;
the gateway management and control server informs the gateway client that a port pairing request exists currently, simultaneously starts the server bridging tool to establish a forwarding node B of the 20XX port so as to establish a bidirectional data forwarding channel Y from the 20XX port to the forwarding node B, and then the server bridging tool requests data forwarding processing to an external network IP port of an edge computing node;
after the gateway client receives the notification instruction, the gateway client starts the edge computing node end bridging tool to establish a forwarding node A of a remote login port of the edge computing node so as to establish a bidirectional data forwarding channel X from the remote login port to the forwarding node, and then the edge computing node end bridging tool requests the same external network IP port for data forwarding processing;
the gateway management and control server receives data forwarding processing requests of the server bridging tool and the edge computing node bridging tool through the external network IP port, then a bidirectional data forwarding channel Z of the forwarding node A, the external network IP port and the forwarding node B is constructed, and port pairing between the remote login port and the 20XX port is completed;
a user accesses the 20XX port distributed to the edge computing node through an SSH terminal and is finally connected to the remote login port of the edge computing node along a communication path of the channel Y-the channel Z-the channel X, so that remote operation and maintenance of the edge computing node are realized;
the gateway management and control server side comprises an instruction processing module and a pairing forwarding module, wherein the instruction processing module comprises:
the bridge building instruction receiving unit is used for receiving the bridge building instruction initiated by a user;
the instruction analysis unit is connected with the bridge building instruction receiving unit and used for analyzing the sessionId and the gateway number boxId from the bridge building instruction;
an intranet open port allocation unit, configured to allocate the 20XX port;
a session registration and initialization unit, connected to the instruction parsing unit, configured to register a session according to the parsed sessionId, and initialize a session state of the session to "state = INIT";
the bridge building instruction issuing unit is connected with the bridge building instruction receiving unit and the instruction analyzing unit and is used for issuing the bridge building instruction to the gateway client corresponding to the boxId;
an intranet open port assigning unit connected to the intranet open port assigning unit, configured to locally invoke the server bridging tool, and assign one 20XX port from the allocated 20XX ports for each edge computing node;
the session state updating unit is connected with the session registration and initialization unit and used for updating the session state of the session according to the session state updating instruction generated by the pairing forwarding module;
a unit for judging whether bridge building is successful or not, connected to the session state updating unit, and used for judging whether the session state of the session is updated to 'stat = SUCC',
if so, indicating that the port pairing is successful and informing the user that the bridge building is successful;
if not, indicating that the port pairing is failed and informing the user that the bridge building is failed.
8. The telnet apparatus of claim 7, wherein the pairing forwarding module comprises:
a socket client creating unit for creating a socket client;
a data forwarding processing request receiving unit connected to the socket client creating unit and configured to receive the data forwarding processing requests of the forwarding node a and the forwarding node B through the external network IP port of the edge computing node;
a request content parsing unit, connected to the data forwarding processing request receiving unit, configured to parse the sessionId and a request source type of the session from the data forwarding processing request, where the request source type is the server-side bridging tool and/or the edge computing node-side bridging tool;
an ID registration judging unit connected with the request content analyzing unit and used for judging whether the analyzed sessionId is registered;
the socket client closing unit is connected with the ID registration judging unit and used for closing the socket client when the sessionId is judged to be unregistered;
the socket client registration unit is connected with the ID registration judging unit and the request content analyzing unit and is used for registering the socket client to the current server client and/or box client under the sessionId according to the analyzed request source type when the sessionId is judged to be registered;
the server client registration unit is connected with the socket client registration unit and used for registering the server client;
the box client registration unit is connected with the socket client registration unit and used for registering the box client;
a registration judging unit, respectively connected to the server client registration unit and the box client registration unit, for judging whether the server client or the box client is successfully registered;
a session state update instruction generating and sending unit, connected to the registration judging unit, for generating the session state update instruction and sending the session state update instruction to the session state update unit in the instruction processing module after judging that all the server client and the box client are successfully registered,
a sessionId deregistration unit, connected to the registration judgment unit, for deregistering the sessionId when the server client or the box client is judged to be failed to register;
the notification unit is connected with the registration judging unit, and is used for generating a bridge establishment success notification to be pushed to a user after judging that the server client and the box client are all successfully registered, generating response success information to be sent to the server side bridging tool and the edge computing node side bridging tool, and generating a bridge establishment failure notification to be pushed to the user when judging that the server client or the box client is failed to be registered, generating response failure information to be sent to the server side bridging tool and the edge computing node side bridging tool;
and the open data forwarding notification unit is connected with the registration judging unit and used for generating an open data forwarding notification and sending the open data forwarding notification to the forwarding node A and the forwarding node B after judging that the server client and the box client are all successfully registered.
9. The telnet apparatus of claim 7, wherein the server bridging tool comprises:
the instruction analysis unit is used for analyzing the sessionId of the session and the allocated port information of the 20XX port from an instruction sent by the gateway management and control server to the server bridging tool;
the socket server creation unit is connected with the instruction analysis unit and used for creating and starting a socket server;
the port monitoring unit is connected with the socket server creation unit and the instruction analysis unit and is used for monitoring the 20XX port through the socket server;
a forwarding node establishing unit connected to the port monitoring unit, configured to establish the forwarding node B of the monitored 20XX port;
a data forwarding processing request generating unit, configured to generate the data forwarding processing request associated with the server bridging tool;
a data forwarding processing request sending unit, connected to the data forwarding processing request generating unit and the socket server creating unit, configured to send the data forwarding processing request to the extranet IP port of the edge computing node, where the data forwarding processing request includes the sessionId and a request source type of the session;
a response information receiving unit, configured to receive response information of the gateway management and control server for the data forwarding processing request;
a first port closing unit, connected to the response information receiving unit and the port monitoring unit, configured to close the monitored 20XX port when the gateway management and control server fails to respond;
a port connection judging unit, configured to judge whether the SSH terminal is connected to the monitored 20XX port;
the data forwarding starting unit is connected with the port connection judging unit and used for starting data forwarding of the 20XX port and the external network IP port after judging that the SSH terminal is successfully connected with the 20XX port;
and the second port closing unit is connected with the port connection judging unit and used for closing the 20XX port to exit the bridge building process after judging that the SSH terminal fails to be connected with the 20XX port.
10. The telnet apparatus of claim 7, wherein the edge compute node-side bridging means comprises:
the instruction analysis unit is used for analyzing sessionId of the session from an instruction sent to the edge computing node end bridging tool by the gateway client;
the socket client creating unit is connected with the instruction analyzing unit and used for creating and starting a socket client;
the remote login port connecting unit is connected with the socket client creating unit and is used for connecting the remote login port of the edge computing node through the socket client;
a forwarding node establishing unit connected to the telnet port connecting unit, for establishing the forwarding node a of the telnet port connected thereto;
a data forwarding processing request generating unit, configured to generate the data forwarding processing request associated with the edge computing node-side bridging tool;
a data forwarding processing request sending unit, connected to the data forwarding processing request generating unit and the socket client creating unit, and configured to send the data forwarding processing request to the extranet IP port of the edge computing node through the socket client, where the data forwarding processing request includes the sessionId and a request source type of the session;
a response information receiving unit, configured to receive response information of the gateway management and control server for the data forwarding processing request;
the socket client closing unit is connected with the response information receiving unit and used for closing the socket client when the gateway management and control server fails to respond so as to quit the bridge building process;
and the data forwarding starting unit is connected with the response information receiving unit and used for starting data forwarding between the remote login port and the external network IP port when the gateway control server side successfully responds.
CN202110881776.9A 2021-08-02 2021-08-02 Remote login method and login device for edge computing node Active CN113329101B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110881776.9A CN113329101B (en) 2021-08-02 2021-08-02 Remote login method and login device for edge computing node

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110881776.9A CN113329101B (en) 2021-08-02 2021-08-02 Remote login method and login device for edge computing node

Publications (2)

Publication Number Publication Date
CN113329101A CN113329101A (en) 2021-08-31
CN113329101B true CN113329101B (en) 2021-11-02

Family

ID=77426723

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110881776.9A Active CN113329101B (en) 2021-08-02 2021-08-02 Remote login method and login device for edge computing node

Country Status (1)

Country Link
CN (1) CN113329101B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114095490A (en) * 2021-11-01 2022-02-25 常州欣华天泰安全信息系统工程有限公司 Remote management method of intranet equipment based on intranet penetration technology
CN114598498B (en) * 2022-01-28 2024-06-14 杭州亿格云科技有限公司 Access method, access system, computer device, and storage medium
CN114448700B (en) * 2022-01-28 2024-06-14 杭州亿格云科技有限公司 Data access method, data access system, computer device, and storage medium
CN114640672A (en) * 2022-02-11 2022-06-17 网宿科技股份有限公司 Method, device and system for remotely accessing edge device
CN114598689A (en) * 2022-03-08 2022-06-07 深圳市火火兔智慧科技有限公司 Interactive method and device of IOT (input/output) equipment, computer equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108881518A (en) * 2018-08-01 2018-11-23 上海华测导航技术股份有限公司 A kind of method, apparatus, storage medium and system accessing Intranet equipment
CN109005179A (en) * 2018-08-10 2018-12-14 常州中价之星软件技术有限公司 Network security tunnel establishing method based on port controlling
CN109788075A (en) * 2019-03-19 2019-05-21 网宿科技股份有限公司 The acquisition methods and Edge Server of the private network network architecture, data
CN110365741A (en) * 2019-06-13 2019-10-22 网宿科技股份有限公司 A kind of connection method for building up and transfer server
CN111526223A (en) * 2020-04-23 2020-08-11 腾讯科技(深圳)有限公司 Management method of edge service server, service data processing method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108881518A (en) * 2018-08-01 2018-11-23 上海华测导航技术股份有限公司 A kind of method, apparatus, storage medium and system accessing Intranet equipment
CN109005179A (en) * 2018-08-10 2018-12-14 常州中价之星软件技术有限公司 Network security tunnel establishing method based on port controlling
CN109788075A (en) * 2019-03-19 2019-05-21 网宿科技股份有限公司 The acquisition methods and Edge Server of the private network network architecture, data
CN110365741A (en) * 2019-06-13 2019-10-22 网宿科技股份有限公司 A kind of connection method for building up and transfer server
CN111526223A (en) * 2020-04-23 2020-08-11 腾讯科技(深圳)有限公司 Management method of edge service server, service data processing method and device

Also Published As

Publication number Publication date
CN113329101A (en) 2021-08-31

Similar Documents

Publication Publication Date Title
CN113329101B (en) Remote login method and login device for edge computing node
US11122027B2 (en) End-to-end M2M service layer sessions
CN109756450B (en) Method, device and system for communication of Internet of things and storage medium
EP3726806B1 (en) Method for remotely controlling vehicle on the basis of smart apparatus
EP3195566B1 (en) Service layer interworking using mqtt protocol
CN104429037B8 (en) Method, equipment and system for being connected to communication equipment
US9331967B2 (en) Browser/HTML friendly protocol for real-time communication signaling
US9294519B2 (en) File server device
CN105656847B (en) The SIP/MQTT protocol conversion gateway systems and its control method of facing mobile apparatus
WO2021082715A1 (en) Direct communication processing method, device, relay terminal, and remote terminal
CN101116337B (en) Method of monitoring and configuring
US9998543B2 (en) Remote monitoring of user appliances
CN105933198A (en) Device for establishing direct connection VPN tunnel
CN112291514B (en) Remote audio and video call method and device and OTT platform system
US20100241710A1 (en) Method and system for videoconferencing or data transfer between clients behind different network address translators
EP2077024A2 (en) Communication system
US20220407897A1 (en) Systems and methods for performing automatic session control function change over
US20070073891A1 (en) MGCP fallback mechanism enhancement
JP5173865B2 (en) Location registration method and system for connecting SIP client compatible device to IP subsystem network
CN107343285A (en) Management equipment and equipment management method
CN107454178B (en) Data transmission method and device
US9015246B2 (en) Session collaboration
JP6186066B1 (en) System and method for notifying event occurrence
CN105516121B (en) The method and system that AC is communicated with AP in WLAN
CN116527733A (en) Differentiated control method, device, equipment and storage of user terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20240627

Address after: 230031 East 203, 2nd Floor, Phase I, Intelligent Software Industrial Park, Building 1, Huafeng Road, Shushan Economic Development Zone, Shushan District, Hefei City, Anhui Province

Patentee after: Hefei Zhicheng Shuzhi Technology Co.,Ltd.

Country or region after: China

Address before: 310051 room 5059, 5 / F, building 1, No. 105, BINKANG Road, Xixing street, Binjiang District, Hangzhou, Zhejiang Province

Patentee before: Hangzhou Titanium Technology Co.,Ltd.

Country or region before: China