CN113452806B - Container adaptation SDN network management method and system based on Kubernets system - Google Patents

Container adaptation SDN network management method and system based on Kubernets system Download PDF

Info

Publication number
CN113452806B
CN113452806B CN202110704321.XA CN202110704321A CN113452806B CN 113452806 B CN113452806 B CN 113452806B CN 202110704321 A CN202110704321 A CN 202110704321A CN 113452806 B CN113452806 B CN 113452806B
Authority
CN
China
Prior art keywords
host
container
cni
container group
network card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110704321.XA
Other languages
Chinese (zh)
Other versions
CN113452806A (en
Inventor
戴秋萍
蓝维洲
吴必强
翟怀楼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Daoke Network Technology Co ltd
Original Assignee
Shanghai Daoke Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Daoke Network Technology Co ltd filed Critical Shanghai Daoke Network Technology Co ltd
Priority to CN202110704321.XA priority Critical patent/CN113452806B/en
Publication of CN113452806A publication Critical patent/CN113452806A/en
Application granted granted Critical
Publication of CN113452806B publication Critical patent/CN113452806B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Abstract

The application provides a Kubernetes system-based container adaptation SDN network management method and system. The Kubernetes system is used for managing a host machine, a container group runs on the host machine, and the method comprises the following steps: binding the IP used for container group distribution with the network card of the host machine in a Kubernetes system so as to establish the mapping relation between the IP used for container group distribution and the host machine; the host machine receives an ARP request packet in the SDN, and after the ARP agent deployed on the host machine confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host machine is used as a response of the ARP request packet. Therefore, the data packets can be normally transmitted and routed when the container group running on the host machine uses real IP for communication in the SDN network.

Description

Container adaptation SDN network management method and system based on Kubernetes system
Technical Field
The application relates to the technical field of container cloud, in particular to a Kubernets system-based container adaptation SDN network management method and system.
Background
The container cloud platform has gradually become an important ring in digital transformation of many enterprises, and has become an important choice for the enterprises to realize micro-servitization, unification, standardization and high business elasticity of business applications. When a container cloud platform is built by a plurality of enterprises, multi-cloud scene planning exists, the container cloud platform is required to be deployed on a private cloud, and meanwhile, the container cloud platform is required to be built on a private cloud or a public cloud built in an IT system.
At present, public clouds are Network architectures based on a Soft Defined Network (SDN), most SDN networks check source IP/MAC and destination IP/MAC in data packets according to security policies, and a kubernets container group deployed on the SDN Network must meet registered IP/MAC correspondence in the SDN Network, so that the data packets can be routed correctly. However, in the existing Underlay (infrastructure layer) scheme, the container group IP/MAC allocated by the container platform cannot be identified as a legitimate IP/MAC by the SDN network, and therefore, the SDN network cannot pass such container group communication data packets, so that the container group cannot communicate using a real IP.
Therefore, there is a need to provide an improved solution to the above-mentioned deficiencies of the prior art.
Disclosure of Invention
The present application aims to provide a container adaptation SDN network management method and system based on a Kubernetes system, so as to solve or alleviate the above problems in the prior art.
In order to achieve the above purpose, the present application provides the following technical solutions:
the application provides a container adaptation SDN network management method based on a Kubernetes system, wherein the Kubernetes system is used for managing a host machine, a container group runs on the host machine, and the method comprises the following steps: step S101, binding the IP used for container group distribution and the network card of the host machine in the Kubernets system, thereby establishing the mapping relation between the IP used for container group distribution and the host machine; step S102, the host receives an ARP request packet in an SDN network, and after an ARP agent deployed on the host confirms that a target IP in the ARP request packet is contained in the IP used for container group distribution, the MAC address of a network card of the host is used as a response of the ARP request packet.
Preferably, the Kubernetes system runs on an IaaS platform, the Kubernetes system is deployed with an IP configuration controller and an ETCD, in step S101, the IP configuration controller binds the IP for container group allocation and the network card of the host, writes a mapping relationship between the IP for container group allocation and the host into the ETCD, and synchronizes the mapping relationship to the IaaS platform.
Preferably, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, and the method for managing a container-adaptive SDN network based on the kubernets system further includes: step S201, the CNI Agent collects the configuration information of the network card of the host machine and writes the configuration information of the network card of the host machine into the ETCD; step S202, the CNI Server creates a container subnet according to the configuration information of the network card of the host in the ETCD, and allocates an available IP range for a container group corresponding to the business application when a user creates the business application.
Preferably, the kubernets system includes a CNI scheduler, and after the step S202, the kubernets system further includes: step S203, the CNI dispatcher acquires the available IP range from the CNI Server, and acquires the mapping relation between the IP for container group distribution and the host from the ETCD; screening host machines in the Kubernetes system through comparison, and determining schedulable host machines according to the state of the host machines in the Kubernetes system; wherein, the state of the host in the kubernets system includes: CPU computing power and memory utilization rate of the host machine; the schedulable host is used for deploying the container group corresponding to the service application.
Preferably, in the step S203, the CNI scheduler filters the hosts in the kubernets system according to the CPU computing power and the memory usage rate of the hosts in the kubernets system, and a preset CPU computing power threshold and a preset memory usage rate threshold, and determines a plurality of hosts to be selected; and scoring the multiple hosts to be selected, and determining the schedulable host.
Preferably, in step S202, the CNI Server matches the available IP range from the configuration information of the host network card in the ETCD according to the container subnet information corresponding to the service application.
Preferably, the host is deployed with a network bridge, the network card of the host is a part of the network bridge, in step S102, the host receives an ARP request packet in an SDN network, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP for container group allocation, the ARP request packet is forwarded to the network card of the host according to the MAC address of the network card of the host, so as to ensure that the ARP request packet can be routed correctly.
The embodiment of the present application further provides a container adaptation SDN network management system based on a Kubernetes system, where the Kubernetes system is configured to manage a host, a container group runs on the host, and the container adaptation SDN network management system based on the Kubernetes system includes: an IP binding unit configured to bind, in the kubernets system, an IP used for container group allocation and a web class of the host, thereby establishing a mapping relationship between the IP used for container group allocation and the host; a feedback unit configured to receive an ARP request packet in an SDN network by the host, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP used for container group allocation, use the MAC address of the network card of the host as a response to the ARP request packet.
Preferably, the kubernets system runs on an IaaS platform, the kubernets system is deployed with an IP configuration controller and an ETCD, and the IP binding unit is further configured to bind, by the IP configuration controller, the IP used for container group allocation and the network card of the host, write a mapping relationship between the IP used for container group allocation and the host into the ETCD, and synchronize the mapping relationship to the IaaS platform.
Preferably, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, and the container adaptation SDN network management system based on the kubernets system further includes: the information collection unit is configured to collect the configuration information of the network card of the host machine by the CNI Agent and write the configuration information of the network card of the host machine into the ETCD; and the subnet application unit is configured to establish a container subnet for the CNI Server according to the configuration information of the network card of the host in the ETCD, and allocate an available IP range for a container group corresponding to the business application when the user establishes the business application.
Compared with the closest prior art, the technical scheme of the embodiment of the application has the following beneficial effects:
in the technical solution provided in the embodiment of the present application, the IP used for container group allocation and the network card of the host are bound in the kubernets system, so as to establish a mapping relationship between the IP used for container group allocation and the host. The host machine receives an ARP request packet in the SDN, and after the ARP agent deployed on the host machine confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host machine is used as a response of the ARP request packet. Because the IP allocated to the container group on the host is bound with the network card of the host, the corresponding relation of the target IP/MAC in the ARP request packet can accord with the safety rule of the SDN network, and when the container group running on the host uses the IP for communication, the data packet can be normally transmitted and routed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the application and, together with the description, serve to explain the application and are not intended to limit the application. Wherein:
fig. 1 is a schematic flow chart of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application;
fig. 2 is an architecture diagram of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application;
fig. 3 is a schematic routing diagram of ARP request packets in an SDN network provided according to some embodiments of the present application;
fig. 4 is a schematic structural diagram of a host network card and a network bridge according to some embodiments of the present application;
FIG. 5 is a schematic illustration of a scheduling of a group of containers provided according to some embodiments of the present application;
fig. 6 is a schematic diagram of an example of a container adaptation SDN network management method based on a Kubernetes system according to an embodiment of the present application;
fig. 7 is a schematic diagram of a kubernets system-based container adaptation SDN network management system according to some embodiments of the present application.
Detailed Description
The present application will be described in detail below with reference to the accompanying drawings in conjunction with embodiments. The various examples are provided by way of explanation of the application and are not limiting of the application. In fact, it will be apparent to those skilled in the art that modifications and variations can be made in the present application without departing from the scope or spirit of the application. For instance, features illustrated or described as part of one embodiment, can be used with another embodiment to yield a still further embodiment. It is therefore intended that the present application cover the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents.
Fig. 1 is a schematic flow chart of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application; fig. 2 is an architecture diagram of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application; as shown in fig. 1 and fig. 2, the kubernets system is a container cluster management system of google open source, and is composed of an ETCD (a highly available distributed key-value storage component for storing the state of the whole kubernets system), a control Node, and a service Node (Node). The container adaptation SDN network management method based on the Kubernetes system comprises the following steps:
step S101, binding the IP used for container group distribution and the network card of the host machine in a Kubernetes system, thereby establishing the mapping relation between the IP used for container group distribution and the host machine.
Specifically, cloud service models are generally of three types: the system comprises a Kubernetes system, a Software as a Service (SaaS), a Platform as a Service (PaaS) and an Infrastructure as a Service (IaaS), wherein the Kubernetes system runs on the IaaS, provides a PaaS cloud Service Platform for users, is provided with an IP configuration controller and an Electronic Toll Collection (ETCD), binds an IP (Internet protocol) used for container group allocation and a network card of a host, writes a mapping relation between the IP used for container group allocation and the host into the ETCD, and synchronizes the mapping relation to the IaaS Platform.
Based on the foregoing description, in order to solve the problem that a data packet in an SDN network cannot be routed correctly in the prior art, the embodiment of the present application introduces a new component, i.e., an IP configuration controller, to bind an IP used for container group allocation and a network card of a host, and increases a storage data type in the ETCD, that is, a mapping relationship between the IP used for container group allocation and the host is specifically stored in a key-value form (key-value).
It should be noted that each host runs several container groups, and the IP used for container group allocation in this embodiment is pre-allocated by a container cloud platform administrator, that is, the container cloud platform administrator manually allocates multiple IP addresses to the network card of the host, and the IP is used for container group allocation running on the host.
Specifically, when the container cloud platform administrator binds the IP used for container group allocation to the network card of the host, the IP configuration controller may implement the binding, and then the IP configuration controller binds the IP used for container group allocation to the network card of the host.
In the embodiment of the present application, the kubernets system includes a plurality of hosts, each host runs a plurality of container groups, and in order to ensure that a container group has legal IP and MAC addresses, a plurality of IPs are bound to a network card of each host for the container group running on the host to use.
It should be noted that, in the embodiment of the present application, the IP configuration controller also writes the mapping relationship between the IP for container group allocation and the host into the ETCD, and the ETCD serves as a storage component of the kubernets system and is used for storing the state of the entire kubernets system. And writing the mapping relation into the ETCD, namely, the Kubernets system acquires the IP bound to the host network card and used for container group allocation, and can uniformly manage and control all IP allocation in the system. In addition, the IP configuration controller in the embodiment of the present application further synchronizes the mapping relationship to the IaaS platform, so that the IP information synchronization between the Kubernetes system and the IaaS platform is realized, and the IaaS platform performs resource scheduling.
Step S102, the host receives an ARP request packet in the SDN, and after the ARP agent deployed on the host confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host is used as a response of the ARP request packet.
In the embodiment of the application, an ARP proxy is deployed on each host, and after receiving an ARP request packet in an SDN network, the host is handed over to an ARP (Address Resolution Protocol) proxy deployed on the host for processing, and the ARP proxy analyzes the ARP request packet, mainly to detect destination IP information in the ARP request packet.
It should be understood that, in the SDN network, when the IP/MAC correspondence in the ARP request packet is registered in the SDN network in advance, that is, the IP and the MAC address are bound, the ARP request packet is a valid communication packet and can be normally transmitted and routed, otherwise, the ARP request packet is an invalid packet and will be discarded.
Fig. 3 is a schematic routing diagram of ARP request packets in an SDN network according to some embodiments of the present application. As shown in fig. 3, in step S101, a plurality of IPs and network cards of the hosts are bound, that is, a plurality of IP/MAC correspondences formed by the IPs and the network card MAC addresses of the hosts are registered in the SDN network. The ARP agent detects that the destination IP in the ARP request packet is one of the IPs, i.e. the ARP request packet is identified as a legal communication data packet of the host, and the ARP request packet is not discarded but transmitted and routed.
In summary, the embodiment of the present application provides a container adaptation SDN network management method and system based on a Kubernetes system. The method comprises the following steps: binding the IP used for container group distribution with the network card of the host machine in a Kubernetes system so as to establish the mapping relation between the IP used for container group distribution and the host machine; the host machine receives an ARP request packet in the SDN, and after the ARP agent deployed on the host machine confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host machine is used as a response of the ARP request packet. Therefore, the data packets can be normally transmitted and routed when the container group running on the host machine uses real IP for communication in the SDN network.
It should be further explained that fig. 4 is a schematic structural diagram of a host network card and a network bridge according to some embodiments of the present application. As shown in fig. 4, in the embodiment of the present application, a bridge is deployed in a host, a network card of the host is a part of the bridge, and in step S102, the host receives an ARP request packet in an SDN network, and after an ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in an IP used for container group allocation, the ARP request packet is forwarded to the network card of the host according to an MAC address of the network card of the host, so as to ensure that the ARP request packet can be routed correctly.
It should be understood that, the ARP proxy in the embodiment of the present application is used as a network packet access entry of a host, and is configured to filter a communication packet accessing the host, and if an IP/MAC correspondence of an ARP request packet conforms to a security rule of an SDN network, forward the ARP request packet to a network card of the host, and forward the ARP request packet to a destination container group through the network card of the host.
In addition, the network card is used as a part of the network bridge in the embodiment of the application, so that the network structure can be integrated, and the transmission of the data packet is more efficient and safer.
In some optional embodiments, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on a host, and the method for managing a container adaptation SDN network based on the kubernets system further includes:
step S201, the CNI Agent collects configuration information of the network card of the host machine and writes the configuration information of the network card of the host machine into the ETCD.
It should be noted that, in the embodiment of the present application, a container cloud platform administrator binds an IP used for container group allocation with a network card of a host through an IP configuration controller, but there may be an error between the binding information and an actual situation. For example, the binding of part of the IP and the network card of the host fails, so that the IP actually bound does not conform to the setting of the container cloud platform administrator in the IP configuration controller.
Based on this, the embodiment of the application deploys the CNI Agent on each host machine, and is used for collecting the configuration information of the network card of the host machine, so as to obtain the real situation that the IP for container group allocation and the network card of the host machine are bound, write the configuration information of the network card of the host machine into the etc, and update and perfect the mapping relation between the IP for container group allocation and the host machine recorded by the etc.
Step S202, the CNI Server creates a container subnet according to the configuration information of the network card of the host in the ETCD, and allocates an available IP range for a container group corresponding to the business application when the user creates the business application.
Specifically, the configuration information of the network card of the host machine records the IP bound with the network card of the host machine and used for container group allocation, and the CNI Server needs to know the IP to be used on the host machine when creating the container subnet.
In addition, in step S202, the CNI Server matches the available IP range from the configuration information of the host network card in the ETCD according to the container subnet information corresponding to the service application. Specifically, when a user creates a service application in the Kubernets system, the network type and the specific container subnet information are added under the "annotation" item in the deployed yaml file (application orchestration file, used to define resources), such as:
annotations:
dce, duo, io, excel, net, type sdn-adapted-network # defines a network type
And 2, dacyloud, io/parcel, net, value, wherein the ' subnet, vlan110-default # specifies subnet information CNI Server, inquires ETCD according to the container subnet information ' vlan110-default ' specified under the ' indication ' item and the subnet where the IP to be used is located, and matches the available IP range.
In a specific example, the kubernets system includes a CNI scheduler, and after step S202, the method for SDN network management based on container adaptation of the kubernets system further includes:
step S203, the CNI dispatcher acquires an available IP range from the CNI Server and acquires a mapping relation between an IP used for container group distribution and a host from the ETCD; screening host machines in the Kubernetes system through comparison, and determining schedulable host machines according to the state of the host machines in the Kubernetes system; the state of the host in the Kubernetes system comprises: CPU computing power and memory utilization rate of the host machine; the schedulable host is used for deploying the container group corresponding to the service application.
Specifically, the CNI scheduler filters the hosts in the kubernets system according to the CPU computing power and the memory usage rate of the hosts in the kubernets system, and a preset CPU computing power threshold and a preset memory usage rate threshold, and determines a plurality of hosts to be selected; and scoring the multiple hosts to be selected to determine the dispatchable host.
In the embodiment of the present application, the CNI scheduler is based on the Kubernets scheduler extension, and when implementing the container group deployment, because the Kubernets platform includes a plurality of hosts, and each host runs a plurality of container groups, on one hand, whether there are IP addresses available for allocation on the hosts needs to be considered, and on the other hand, the use condition of hardware resources by the container groups deployed on the hosts needs to be considered. Therefore, as shown in fig. 5, the CNI scheduler compares the available IP range obtained from the CNI Server with the mapping relationship in the ETCD, and filters the multiple hosts in combination with the CPU computing power, the memory usage rate, and other conditions of the hosts to obtain multiple hosts to be selected that meet the requirements, and then scores the multiple hosts to be selected, determines schedulable hosts, and invokes the schedulable hosts to deploy container groups corresponding to the business applications, thereby implementing automatic scheduling of the container groups.
Specifically, when multiple hosts are filtered in combination with the conditions of CPU computing power, memory usage rate, and the like of the hosts, the required hardware resources can be determined according to the types and scenes of the service applications, a preset CPU computing power threshold value, a preset memory usage rate threshold value, and the like are set, and only hosts meeting the threshold value requirements can serve as hosts to be selected, so that the container group deployed on the hosts to be selected can meet the hardware resource requirements of the service applications.
Further, among the screened multiple hosts to be selected, the schedulable host for deploying the container group needs to be finally determined, and a scoring mode can be adopted. The scoring method includes various ways, such as performing weighted scoring on different indexes of each host to be selected from multiple dimensions, calculating a matching degree score of the service application and the operation state of each host to be selected, calculating a score according to the operation condition of the service application running on each host to be selected, and determining a schedulable host from the multiple hosts to be selected according to a scoring result.
In order to more clearly illustrate the container adaptation SDN network management method based on the Kubernetes system in the embodiment of the present application, the following description is made by way of example.
Fig. 6 is a schematic diagram of an example of a container adaptation SDN network management method based on a Kubernetes system according to an embodiment of the present application. A host machine (virtual machine) is established on an IaaS platform, a Kubernetes system is operated to manage the host machine, a container cloud platform administrator starts an ARP agent on the host machine to provide ARP agent service, a CNI service module collects configuration information of a network card of the host machine, container subnets 10.6.0.1/16 and 10.7.0.1/16 are established according to the configuration information of the network card of the host machine, an IP configuration controller distributes IP addresses and synchronizes to the IaaS platform.
When a user creates a service application, the user specifies container subnet information, and a host can be scheduled to deploy a container group to run the service application by a Kubernetes system.
Fig. 7 is a schematic diagram of a kubernets system based container adaptation SDN network management system provided in accordance with some embodiments of the present application; as shown in fig. 7, in the container adaptation SDN network management system based on the Kubernetes system, the Kubernetes system is used for managing a host, a container group runs on the host, and the container adaptation SDN network management system based on the Kubernetes system includes: an IP binding unit 701 and a feedback unit 702. The IP binding unit 701 is configured to bind the IP used for container group allocation and the network course of the host in the kubernets system, thereby establishing a mapping relationship between the IP used for container group allocation and the host; the feedback unit 702 is configured to receive an ARP request packet in the SDN network by a host, and after an ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP used for container group allocation, use the MAC address of the network card of the host as a response of the ARP request packet.
In this embodiment of the present application, the kubernets system runs on an IaaS platform, the kubernets system is deployed with an IP configuration controller and an ETCD, and the IP binding unit 701 is further configured to bind, by the IP configuration controller, an IP used for container group allocation and a network card of a host, write a mapping relationship between the IP used for container group allocation and the host into the ETCD, and synchronize the mapping relationship to the IaaS platform.
In an embodiment of the present application, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on a host, and the container adaptation SDN network management system based on the kubernets system further includes: the information collection unit is configured to collect the configuration information of the network card of the host machine by the CNI Agent and write the configuration information of the network card of the host machine into the ETCD; and the subnet application unit is configured to create a container subnet by the CNI Server according to configuration information of a network card of a host in the ETCD, and allocate an available IP range for a container group corresponding to the service application when a user creates the service application.
The container adaptation SDN network management system based on the kubernets system provided in the embodiment of the present application can achieve the beneficial effects of any of the above embodiments of the container adaptation SDN network management method based on the kubernets system, which are not described in detail herein.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims (10)

1. A container adaptation SDN network management method based on a Kubernets system is characterized in that the Kubernets system is used for managing host machines, a container group runs on the host machines, and the method is used for an Underlay network, and comprises the following steps:
step S101, binding the IP used for container group distribution and the network card of the host machine in the Kubernets system, thereby establishing the mapping relation between the IP used for container group distribution and the host machine;
step S102, the host receives an ARP request packet in an SDN network, and after an ARP agent deployed on the host confirms that a target IP in the ARP request packet is contained in the IP used for container group distribution, the MAC address of a network card of the host is used as a response of the ARP request packet.
2. The Kubernetes system-based container adaptation SDN network management method according to claim 1, wherein the Kubernetes system runs on an IaaS platform, and is deployed with an IP configuration controller and an ETCD,
in step S101, the IP configuration controller binds the IP for container group allocation and the network card of the host, writes a mapping relationship between the IP for container group allocation and the host into the ETCD, and synchronizes the mapping relationship to the IaaS platform.
3. The Kubernetes system-based container adaptation SDN network management method of claim 2, wherein the Kubernetes system comprises a CNI service module, the CNI service module comprises a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, and the Kubernetes system-based container adaptation SDN network management method further comprises:
step S201, the CNI Agent collects configuration information of a network card of the host machine and writes the configuration information of the network card of the host machine into the ETCD;
step S202, the CNI Server creates a container subnet according to the configuration information of the network card of the host in the ETCD, and allocates an available IP range for a container group corresponding to the business application when a user creates the business application.
4. The Kubernets system-based container adaptation SDN network management method according to claim 3, wherein the Kubernets system includes a CNI scheduler,
after the step S202, the method further includes:
step S203, the CNI dispatcher acquires the available IP range from the CNI Server, and acquires the mapping relation between the IP for container group distribution and the host from the ETCD; screening host machines in the Kubernetes system through comparison, and determining schedulable host machines according to the state of the host machines in the Kubernetes system; wherein, the state of the host in the Kubernetes system includes: CPU computing power and memory utilization rate of the host machine; the schedulable host is used for deploying the container group corresponding to the service application.
5. The Kubernets system based container adaptation SDN network management method according to claim 4,
in step S203, the CNI scheduler filters the hosts in the kubernets system according to the CPU computing power and the memory usage of the hosts in the kubernets system, and a preset CPU computing power threshold and a preset memory usage threshold, and determines a plurality of hosts to be selected; and scoring the multiple hosts to be selected, and determining the schedulable host.
6. The Kubernetes system-based container adaptation SDN network management method according to claim 3, wherein in the step S202, the CNI Server matches the available IP range from configuration information of the host network card in the ETCD according to container subnet information corresponding to the service application.
7. The Kubernetes system-based container adaptation SDN network management method according to any one of claims 1-5, wherein a bridge is deployed on the host, a network card of the host is a part of the bridge,
in step S102, the host receives an ARP request packet in the SDN network, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP used for container group allocation, the ARP request packet is forwarded to the network card of the host according to the MAC address of the network card of the host, so as to ensure that the ARP request packet can be routed correctly.
8. A Kubernetes system-based container adaptation SDN network management system is characterized in that the Kubernetes system is used for managing a host machine, a container group runs on the host machine, the system is used for an Underlay network, and the Kubernetes system-based container adaptation SDN network management system comprises:
an IP binding unit configured to bind an IP for container group allocation and a network card of the host in the kubernets system, thereby establishing a mapping relationship between the IP for container group allocation and the host;
a feedback unit configured to configure that the host receives an ARP request packet in an SDN network, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP for container group allocation, use the MAC address of the network card of the host as a response of the ARP request packet.
9. The Kubernets system-based container-adapting SDN network management system of claim 8, wherein the Kubernets system runs on an IaaS platform, the Kubernets system is deployed with an IP configuration controller and an ETCD,
the IP binding unit is further configured to bind the IP for container group allocation and the network card of the host, write a mapping relationship between the IP for container group allocation and the host into the ETCD, and synchronize the mapping relationship to the IaaS platform by the IP configuration controller.
10. The Kubernets system-based container adaptation SDN network management system of claim 9, wherein the Kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, the Kubernets system-based container adaptation SDN network management system further includes:
the information collection unit is configured to collect the configuration information of the network card of the host machine by the CNI Agent and write the configuration information of the network card of the host machine into the ETCD;
and the subnet application unit is configured to create a container subnet by the CNI Server according to the configuration information of the network card of the host in the ETCD, and allocate an available IP range for a container group corresponding to the business application when the user creates the business application.
CN202110704321.XA 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system Active CN113452806B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110704321.XA CN113452806B (en) 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110704321.XA CN113452806B (en) 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system

Publications (2)

Publication Number Publication Date
CN113452806A CN113452806A (en) 2021-09-28
CN113452806B true CN113452806B (en) 2022-10-04

Family

ID=77812506

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110704321.XA Active CN113452806B (en) 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system

Country Status (1)

Country Link
CN (1) CN113452806B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113835846B (en) * 2021-11-26 2022-04-08 深圳市明源云科技有限公司 Method and device for creating k8s cluster and computer-readable storage medium
CN114389886B (en) * 2022-01-14 2024-03-08 平安科技(深圳)有限公司 Access method, device, equipment and storage medium of virtual private cloud service
CN114338594B (en) * 2022-03-14 2022-05-17 江苏博云科技股份有限公司 ARP (Address resolution protocol) response-substituting method, device, equipment and storage medium in Kubernetes environment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104639372A (en) * 2015-02-13 2015-05-20 中国联合网络通信集团有限公司 Correlation method and system for overlay network based on SDN (Software Defined Network) and physical network
CN107070691A (en) * 2017-01-12 2017-08-18 阿里巴巴集团控股有限公司 Docker containers across host communication method and system
CN110138606A (en) * 2019-05-06 2019-08-16 携程旅游信息技术(上海)有限公司 Capacitor network configuration method and system
CN112202615A (en) * 2020-09-30 2021-01-08 上海道客网络科技有限公司 Multi-CNI cooperative work system and method

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105099779B (en) * 2015-07-29 2018-10-12 北京京东尚科信息技术有限公司 Multi-tenant cloud platform framework
CN105763670B (en) * 2016-04-08 2019-01-29 北京搜狐新媒体信息技术有限公司 A kind of method and device for container allocation IP address
CN108574705A (en) * 2017-03-09 2018-09-25 中国移动通信集团湖北有限公司 Communication means, apparatus and system between a kind of container
US10831920B2 (en) * 2018-01-05 2020-11-10 Nicira, Inc. Filter-based control information query in software-defined networking (SDN) environments
CN110858821B (en) * 2018-08-23 2022-01-07 阿里巴巴集团控股有限公司 Container communication method and device
CN111654559B (en) * 2020-05-29 2023-04-07 深圳前海微众银行股份有限公司 Container data transmission method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104639372A (en) * 2015-02-13 2015-05-20 中国联合网络通信集团有限公司 Correlation method and system for overlay network based on SDN (Software Defined Network) and physical network
CN107070691A (en) * 2017-01-12 2017-08-18 阿里巴巴集团控股有限公司 Docker containers across host communication method and system
CN110138606A (en) * 2019-05-06 2019-08-16 携程旅游信息技术(上海)有限公司 Capacitor network configuration method and system
CN112202615A (en) * 2020-09-30 2021-01-08 上海道客网络科技有限公司 Multi-CNI cooperative work system and method

Also Published As

Publication number Publication date
CN113452806A (en) 2021-09-28

Similar Documents

Publication Publication Date Title
CN113452806B (en) Container adaptation SDN network management method and system based on Kubernets system
CN108924268B (en) Container cloud service system and pod creation method and device
WO2019157955A1 (en) Device access method, related platform and computer storage medium
CN102137014B (en) Resource management method, system and resource manager
US10397132B2 (en) System and method for granting virtualized network function life cycle management
US7359387B2 (en) Systems and methods for implementing virtual router
US8417929B2 (en) System for selecting a server from a plurality of server groups to provide a service to a user terminal based on a boot mode indicated in a boot information from the user terminal
CN111404753B (en) Flat network configuration method, computer equipment and storage medium
CN113641311B (en) Method and system for dynamically allocating container storage resources based on local disk
US20110302265A1 (en) Leader arbitration for provisioning services
US20220318071A1 (en) Load balancing method and related device
CN105704042A (en) Message processing method, BNG and BNG cluster system
CN102148715A (en) Method and device for virtual network configuration migration
CN106302861B (en) Address allocation method and device
WO2021115183A1 (en) Address management method, server and computer-readable storage medium
CN110798507B (en) Method and system for DHCP address allocation memory
EP2549387A1 (en) Management layer method and apparatus for dynamic assignment of users to computer resources
CN103841200A (en) Method and device for controlling software licensing
CN112468458B (en) Scheduling method based on neutron layering mechanism
CN110958326B (en) Load balancing method, device, system, equipment and medium
CN110347473B (en) Method and device for distributing virtual machines of virtualized network elements distributed across data centers
CN108259634B (en) Virtual machine MAC address multiplexing method and device
CN117319212B (en) Multi-tenant isolated password resource automatic scheduling system and method in cloud environment
CN111988446B (en) Message processing method and device, electronic equipment and storage medium
CN113014680B (en) Broadband access method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder

Address after: 200433 floor 7, building 6, No. 99, jiangwancheng Road, Yangpu District, Shanghai

Patentee after: Shanghai Daoke Network Technology Co.,Ltd.

Address before: Room 1305-12, No.6 Weide Road, Yangpu District, Shanghai 200433

Patentee before: Shanghai Daoke Network Technology Co.,Ltd.

CP02 Change in the address of a patent holder