CN114285809A - Method and device for isolating switch port - Google Patents
Method and device for isolating switch port Download PDFInfo
- Publication number
- CN114285809A CN114285809A CN202111583662.2A CN202111583662A CN114285809A CN 114285809 A CN114285809 A CN 114285809A CN 202111583662 A CN202111583662 A CN 202111583662A CN 114285809 A CN114285809 A CN 114285809A
- Authority
- CN
- China
- Prior art keywords
- switch
- port
- target
- server
- isolation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 75
- 238000002955 isolation Methods 0.000 claims abstract description 118
- 238000012423 maintenance Methods 0.000 claims abstract description 106
- 238000004590 computer program Methods 0.000 claims description 13
- 238000004891 communication Methods 0.000 abstract description 17
- 230000006870 function Effects 0.000 description 16
- 238000010586 diagram Methods 0.000 description 10
- 238000012545 processing Methods 0.000 description 9
- 230000008878 coupling Effects 0.000 description 5
- 238000010168 coupling process Methods 0.000 description 5
- 238000005859 coupling reaction Methods 0.000 description 5
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000013500 data storage Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Abstract
The application provides a method and a device for isolating a port of a switch, and relates to the technical field of communication. The method comprises the following steps: the operation and maintenance platform generates an isolation instruction based on the identification of the target switch and the identification of the target port input by the user; the target switch is a switch of a port to be isolated in the storage area network, and the target port is the port to be isolated of the target switch; the isolation instruction comprises an identifier of a target switch, an identifier of a target port and a target isolation port command for isolating the port of the target switch, the isolation instruction is used for indicating a first server to issue the target isolation port command to the target switch, and the first server is a server of a storage area network; and the operation and maintenance platform sends an isolation instruction to the first server. The target isolation port command applicable to the switch is determined according to the identifier of the switch by pre-storing the isolation port commands of the switches of different brands and the information of the switches, so that the ports of the switches are automatically isolated, and the efficiency is improved.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for isolating a switch port.
Background
With the evolution of Information Technology (IT) architecture in the financial industry, storage networks have changed, for example, as the size of Storage Area Networks (SANs) is continuously increased, a large number of switches are put into use in the SANs.
During the use process of the switch, the ports of the switch can be isolated according to some production requirements. At present, a known method for isolating a port of a switch is to, after an account of the switch is manually logged in, isolate a port to be isolated of the switch by inputting an isolation port command. However, the isolated port commands of the switches of different brands are different, and errors are easily generated when the isolated port commands are input, so that the processing efficiency is low.
Disclosure of Invention
The application provides a method and a device for isolating ports of a switch, which are used for improving the efficiency of isolating the ports of the switch.
In a first aspect, the present application provides a method for isolating a switch port, the method comprising: the operation and maintenance platform generates an isolation instruction based on the identification of the target switch and the identification of the target port input by the user; the target switch is a switch of a port to be isolated in the SAN, and the target port is the port to be isolated of the target switch; the isolation instruction comprises an identifier of the target switch, an identifier of the target port and a target isolation port command for isolating the port of the target switch, and the isolation instruction is used for instructing a first server to issue the target isolation port command to the target switch, wherein the first server is a server of the SAN; and the operation and maintenance platform sends the isolation instruction to the first server.
Based on the scheme, the server can generate an isolation instruction including a target isolation port command applicable to the target switch according to the identification of the target switch and the identification of the target port input by the user, and sends the isolation instruction to the server so as to indicate the server to isolate the target port of the target switch, the user does not need to manually input the isolation port command, and the processing efficiency is improved.
Optionally, the operation and maintenance platform generates an isolation instruction based on the identifier of the target switch and the identifier of the target port, which are input by the user, and includes: the operation and maintenance platform determines the brand of the target switch based on the switch identification input by the user and the information of at least one switch acquired in advance; the operation and maintenance platform determines the target isolation port command based on a pre-stored corresponding relation between the brand and the isolation port command; and the operation and maintenance platform generates the isolation instruction based on the target isolation port command, the identification of the target switch and the identification of the target plus port.
Optionally, the first server is one of a plurality of servers, each of the plurality of servers corresponding to a SAN; and the method further comprises: the operation and maintenance platform determines a server corresponding to an Internet Protocol (IP) address in the plurality of servers as the first server based on the IP address of the server input by a user.
Optionally, the method further comprises: the operation and maintenance platform determines whether the first server has the authority of isolating the switch port in the SAN according to a preset white list; if the first server belongs to the white list, the first server has the authority of isolating the switch port in the SAN; or, if the first server does not belong to the white list, the first server does not have the authority to isolate the switch port in the SAN.
Optionally, the information of each switch in the pre-acquired information of at least one switch includes a login account and a login password of each switch, and the method further includes: the operation and maintenance platform determines a login account and a login password of the target switch; the operation and maintenance platform logs in the target switch based on the login account and the login password; and in the case of successful login, the operation and maintenance platform determines that the operation and maintenance platform has the operation authority on the target switch.
Optionally, the method further comprises: the operation and maintenance platform acquires information of at least one switch, wherein the information of each switch in the information of the at least one switch comprises: the identification, the brand, the login account number, the login password, the port configuration of each switch, and the IP address of the server managing each switch.
In a second aspect, the present application provides a method for isolating a switch port, the method comprising: the method comprises the steps that a first server receives an isolation instruction from an operation and maintenance platform, wherein the first server is a preset server, the isolation instruction comprises an identification of a target switch, an identification of a target port and a target isolation port command for isolating the port of the target switch, the isolation instruction is used for indicating the first server to issue the target isolation port command to the target switch, the target switch is a switch of a port to be isolated in a SAN, and the target port is the port to be isolated of the target switch; and the first server issues the target isolation port command to the target switch.
Based on the scheme, the isolation instruction received by the server from the operation and maintenance platform comprises a target isolation port command suitable for the target switch, the server can automatically isolate the target port of the target switch according to the isolation instruction, a user does not need to manually input the isolation port command, and the processing efficiency is improved.
In a third aspect, the present application provides an apparatus for isolating a switch port, where the apparatus includes means for implementing the method in the first aspect and any one of the possible implementations of the first aspect, or includes means for implementing the method in the second aspect. The means may comprise modules which may be implemented in software and/or hardware.
In a fourth aspect, the present application provides an apparatus for isolating a port of a switch, the apparatus comprising a processor. The processor is coupled to the memory and is operable to execute the computer program in the memory to implement the method of the first aspect and any of the possible implementations of the first aspect, or to implement the method of the second aspect.
Optionally, the apparatus in the fourth aspect further comprises a memory.
Optionally, the apparatus in the fourth aspect further comprises a communication interface, the processor being coupled to the communication interface.
In a fifth aspect, the present application provides a chip system, which includes at least one processor, and is configured to support implementation of the functions referred to in the first aspect and any one of the possible implementations of the first aspect, or to support implementation of the functions referred to in the second aspect, for example, acquiring or processing data referred to in the method.
In one possible design, the system-on-chip further includes a memory to hold program instructions and data, the memory being located within the processor or external to the processor.
The chip system may be formed by a chip, and may also include a chip and other discrete devices.
In a sixth aspect, the present application provides a computer-readable storage medium having stored thereon a computer program (which may also be referred to as code, or instructions), which when executed by a processor, causes the method of any one of the possible implementations of the first aspect and the first aspect described above to be performed, or causes the method of the second aspect described above to be performed.
In a seventh aspect, the present application provides a computer program product comprising: a computer program (also referred to as code, or instructions), which when executed, causes the method of any one of the possible implementations of the first aspect and the first aspect described above to be performed, or causes the method of the second aspect described above to be performed.
It should be understood that the third to seventh aspects of the present application correspond to the technical solutions of the first and second aspects of the present application, and the advantageous effects obtained by the various aspects and the corresponding possible implementations are similar and will not be described again.
Drawings
Fig. 1 is a schematic diagram of a communication system provided in an embodiment of the present application;
fig. 2 is a schematic flow chart of a method for isolating a switch port according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a user interface of an operation and maintenance platform provided in an embodiment of the present application;
FIG. 4 is a schematic diagram of another user interface of the operation and maintenance platform provided in the embodiment of the present application;
fig. 5 is a schematic block diagram of an apparatus for isolating a switch port according to an embodiment of the present application;
fig. 6 is a schematic block diagram of another apparatus for isolating switch ports provided by an embodiment of the present application;
fig. 7 is a schematic block diagram of another apparatus for isolating a switch port according to an embodiment of the present application.
Detailed Description
The technical solution in the present application will be described below with reference to the accompanying drawings.
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
To facilitate understanding of the embodiments of the present application, some terms or words referred to in the present application will be briefly described below.
1. Storage Area Network (SAN): using mesh channel technology, a switch may connect a storage array and a server to create a local area network dedicated to data storage. Storage area networks may also be referred to as "storage area networks".
The memory array is composed of a large number of memory cells, and each memory cell can store 1-bit binary data. The storage unit is usually arranged in a matrix form of N rows × M columns (N, M is greater than or equal to 1, N, M is an integer), and a plurality of disks are combined into an array to be used as a single disk, data is stored in different disks in a segmented manner, and when the data is accessed, related disks in the array act together, so that the access time of the data is greatly reduced, and meanwhile, the space utilization rate is better.
2. Secure Shell (SSH) protocol: the SSH protocol is a security protocol based on an application layer, and is a reliable protocol that is dedicated to providing security for telnet sessions and other web services. The SSH protocol can effectively prevent the problem of information leakage in the remote management process. SSH clients are applicable to a variety of platforms.
3. Remote terminal protocol (Telnet): is the standard protocol and primary means of internet telnet services. It provides the user with the ability to do remote host work on the local computer. The Telnet program is used on the end user's computer and is used to connect to the server. The end user can enter commands in the Telnet program that will run on the server, and can control the server locally as if entered directly on the server's console. To start a Telnet session, a username and password must be entered to log in to the server. Telnet is a commonly used method of remotely controlling a web server.
With the change of IT architecture in financial industry, storage networks are changed, and IT storage devices have become mainstream storage devices. With the continuous expansion of SAN sizes, a large number of switches are put into use in SANs, resulting in increasingly complex SAN architectures. In the case that a certain link in the SAN has some risk, for example, a certain port of a certain switch in the SAN fails, which may cause the input, I/output (O) (I/O) performance of the corresponding system to be degraded, and affect the normal operation of the service. If the risk potential cannot be timely eliminated, the failed switch forms a slow device in the SAN and can also generate performance influence on all hosts connected to the SAN. Therefore, under the condition that the monitoring system receives the alarm information of the related SAN link, how to quickly and accurately isolate the fault link and timely recover the normal operation of the equipment is the central importance of daily operation and maintenance work.
At present, a method for isolating a port of a switch is known, and a user can manually log in an account of the switch and isolate a port to be isolated of the switch by inputting an isolation port command. However, the isolated port commands of the switches of different brands are different, and errors are easily generated when the isolated port commands are input, so that the processing efficiency is low.
Therefore, the present application provides a method for isolating a switch port, which utilizes the existing operation and maintenance platform to uniformly store and manage information of a switch in an SAN, logs in the switch of a port to be isolated through an Application Programming Interface (API) to perform identity authentication, sends an isolation instruction to a server managing the switch of the port to be isolated to indicate the server managing the switch of the port to be isolated, and issues a corresponding isolation port command to the switch of the port to be isolated, thereby implementing fast isolation of a faulty port, eliminating the need for a user to manually input an isolation port command, and facilitating improvement of processing efficiency.
Fig. 1 is a schematic diagram of a communication system according to an embodiment of the present application. Shown in the communication system 100 of fig. 1 are an operation and maintenance platform 110, a server 120, a switch 131, and a switch 132. The switch 131 and the switch 132 are switches in a SAN, the server 120 is a server in charge of managing the switch 131 and the switch 132, or a SAN in which the switch 131 and the switch 132 are located, and the server 120 and the switch 131 and the switch 132 can communicate; the operation and maintenance platform 110 may be an existing operation and maintenance platform, and the operation and maintenance platform 110 is connected to the server 120, so that the operation and maintenance platform 110 may communicate with the server 120 to facilitate management of the server 120 by the operation and maintenance platform 110.
It should be understood that the communication system 100 of fig. 1 is only an example, and in a practical application scenario, the communication system 100 may include more servers, and one server may manage more or less switches, which is not limited in this application.
It should also be understood that the operation and maintenance platform referred to in the present application may be an existing operation and maintenance platform. The present application is not limited to this, as long as the operation and maintenance platform can establish a connection with a server of the SAN.
Fig. 2 is a schematic flowchart of a method for isolating a switch port according to an embodiment of the present application.
As shown in fig. 2, the method 200 of isolating a switch port includes steps 210 through 230. The following describes steps 210 to 230 in detail.
In step 210, the operation and maintenance platform generates an isolation instruction based on the identification of the target switch and the identification of the target port, which are input by the user.
The target switch is a switch of a port to be isolated in the SAN, and the target port is a port to be isolated by the target switch. The isolation instruction may include an identification of a target switch, an identification of a target port, and a target isolation port command to isolate a port of the target switch, and the isolation instruction may be to instruct a first server to issue the target isolation port command to the target switch, the first server being a server of the SAN.
The identifier of the target switch may be used to identify the target switch, and may be, for example, a name of the target switch, an IP address of the target switch, or the like; the identifier of the destination port may be used to identify the destination port, for example, the port number of the destination port, which is not limited in this application as long as different switches and different ports can be distinguished.
Illustratively, FIG. 3 shows one user interface of a client of the operation and maintenance platform. Under the condition that the user learns the target switch and the target port through the monitoring system, the user may input the identifier of the target switch and the identifier of the target port on the user interface as shown in fig. 3, and the operation and maintenance platform may generate the isolation instruction including the identifier of the target switch, the identifier of the target port, and the target isolation port command in response to an operation of inputting the identifier of the target switch and the identifier of the target port by the user.
In a possible implementation manner, the operation and maintenance platform generates the isolation instruction based on the identifier of the target switch and the identifier of the target port, which are input by the user, and may include: the operation and maintenance platform determines the brand of a target switch based on the switch identification input by a user and the information of at least one switch acquired in advance; the operation and maintenance platform determines a target isolation port command based on a pre-stored corresponding relation between the brand and the isolation port command; and the operation and maintenance platform generates an isolation instruction based on the target isolation port command, the identification of the target switch and the identification of the target port.
As mentioned above, the operation and maintenance platform may establish a connection with a server of the SAN, and the server of the SAN is responsible for managing the switches in the SAN, so that the server of the SAN may obtain information of each switch that is responsible for the server of the SAN. Under the condition that the operation and maintenance platform establishes connection with the server of the SAN, the operation and maintenance platform can acquire the information of the switch managed by the server of the SAN from the server of the SAN.
Under the condition that the information of the switch comprises the brand of the switch, the operation and maintenance platform can determine the brand of the target switch based on the identifier of the switch input by a user and the information of the switch acquired in advance; therefore, the operation and maintenance platform can determine a target isolation port command based on the pre-stored corresponding relation between the brand and the isolation port command, namely, determine the isolation port command applicable to the switch; furthermore, the operation and maintenance platform may generate an isolation instruction based on the target isolation port command, the identifier of the target switch, and the identifier of the target port.
Optionally, the information of each switch in the at least one switch obtained in advance includes a login account and a login password of each switch, and the operation and maintenance platform may further determine the login account and the login password of the target switch; the operation and maintenance platform can log in the target switch based on the login account and the login password; in the case of successful login, the operation and maintenance platform may determine that the operation authority of the target switch is available.
That is to say, under the condition that the information of the switch includes the login account and the login password of the switch, the operation and maintenance platform may determine the login account and the login password of the target switch according to the identifier of the target switch and the information of the switch acquired in advance; therefore, the operation and maintenance platform can log in the target switch based on the login account and the login password of the target switch so as to verify whether the target switch has the operation authority; in the case of successful login, the operation and maintenance platform may determine that the operation authority of the target switch is available. Accordingly, in the case of a login failure, the operation and maintenance platform may determine that the operation authority of the target switch is not available, in which case isolation of the target port of the target switch cannot be achieved.
It should be understood that, the operation and maintenance platform logs in the target switch based on the login account and the login password of the target switch, and may log in the target switch by using SSH protocol, Telnet, or the like, which is not limited in this application.
In step 220, the operation and maintenance platform sends an isolation instruction to the first server. Accordingly, the first server receives the isolation instruction from the operation and maintenance platform.
After generating the isolation instruction, the operation and maintenance platform may send the isolation instruction to the first server. Accordingly, the first server may receive the isolation instructions from the operation and maintenance platform.
As mentioned above, the first server is a server of the SAN, the first server may be a server that previously establishes a connection with the operation and maintenance platform, and the first server may be a server that manages the target switch.
In one possible implementation, the first server is one of a plurality of servers, each of the plurality of servers corresponding to a SAN; and the operation and maintenance platform can also determine a server corresponding to the IP address in the plurality of servers as a first server based on the IP address of the server input by the user.
For example, assuming that there are 10 switches in the SAN, all of the 10 switches may be managed by server a, server B, and server C at the same time, that is, all of server a, server B, and server C may manage the 10 switches.
Optionally, one of the plurality of servers is a main server.
For example, one of the server a, the server B, and the server C may be a main server, the other two servers may be standby servers, the 10 switches may be managed by the main server by default in the case that the main server can normally operate, and the 10 switches may be managed by the standby servers in the case that the main server cannot normally operate. For example, server a is a main server, server B and server C are standby servers, and in the case where server a can normally operate, all 10 switches may be managed by server a by default, and in the case where server a cannot normally operate, all 10 switches may be managed by server B or server C.
Under the condition that the main server can work normally, the main server is a first server; in the case that the primary server cannot work normally, the user may input an IP address of one server, for example, "1 ×. 0.42", on the user interface of the operation and maintenance platform, so that the operation and maintenance server may determine, as the first server, a server corresponding to the IP address in the standby servers of the plurality of servers based on the IP address input by the user.
Optionally, there is no differentiation between the primary and standby servers in the plurality of servers.
Server a, server B, and server C are equal priority servers and can all manage the 10 switches. For example, the user may input an IP address of one server, for example, "1 ×. 0.42", on the user interface of the operation and maintenance platform, so that the operation and maintenance server may determine, as the first server, a server corresponding to the IP address among the plurality of servers based on the IP address input by the user. For example, if the IP address entered by the user is the IP address of the primary server, the operation and maintenance server may determine the primary server as the first server.
By presetting a plurality of servers to manage the switches in the SAN, under the condition that one server cannot work normally, the other server can be started to manage the switches in the SAN, and the influence on normal production work due to the failure of the only one server can be avoided.
Optionally, the operation and maintenance platform may further determine whether the first server has a right to isolate the switch port in the SAN according to a preset white list; if the first server belongs to the white list, the first server has the authority of isolating the switch port in the SAN; or if the first server does not belong to the white list, the first server does not have the authority of isolating the switch port in the SAN.
For example, a white list of servers with switch ports in an isolation SAN may be preset on an operation and maintenance platform, after a user inputs an IP address of one server, the operation and maintenance server may compare the IP address input by the user with an IP of a server in the preset white list, and if a server corresponding to the IP address input by the user is in the preset white list, the operation and maintenance platform may determine that the server has an authority to isolate the switch ports in the SAN; on the contrary, if the server corresponding to the IP address input by the user is not in the preset white list, the operation and maintenance platform may determine that the server does not have the authority to isolate the switch port in the SAN.
In this way, it is possible to verify whether or not the IP address input by the user is correct, and manage a plurality of servers. Only the servers in the white list can realize the isolation of the ports of the switches in the SAN, so that the isolation operation of the ports of the switches is safer.
Optionally, in various implementations described above, the operation and maintenance platform may further obtain information of at least one switch, where the information of each switch in the information of at least one switch includes an identifier, a brand, a login account, a login password, a port configuration of each switch, and an IP address of a server that manages each switch.
As mentioned above, the operation and maintenance platform may establish a connection with a server of the SAN, and the server of the SAN is responsible for managing the switches in the SAN, so that the server of the SAN may obtain information of each switch that is responsible for the server of the SAN. Under the condition that the operation and maintenance platform establishes connection with the server of the SAN, the operation and maintenance platform can acquire the information of the switch managed by the server of the SAN from the server of the SAN.
Therefore, after establishing a connection with a server of the SAN, the operation and maintenance platform may acquire information of a switch managed by the server of the SAN from the server of the SAN, or may periodically acquire information of a switch managed by the server of the SAN from the server of the SAN. The information of the switch may include, but is not limited to: the identity of the switch, the brand, the login account number, the login password, the port configuration, and the IP address of the server that manages the switch, among other things. Among them, the port configuration may include but is not limited to: port identifications of all port numbers possessed by the switch, and a state of each port, etc., the state of the port may include but is not limited to: idle, disabled (or inactive), in-use, and failed, etc.
In step 230, the first server issues a target isolated port command to the target switch.
After receiving the isolation instruction from the operation and maintenance platform, the first server may determine the switch of the port to be isolated and the port to be isolated of the switch of the port to be isolated based on the identifier of the target switch and the identifier of the target port, which are carried in the isolation instruction, and issue an isolation port command applicable to the target switch, so as to implement isolation of the target port.
It should be noted that logic of functions that can be implemented by the operation and maintenance platform in the embodiment of the present application may be written in a script, and the script may be deployed on the operation and maintenance platform, and when the script is triggered to run on the operation and maintenance platform, steps executed by the operation and maintenance platform in the embodiment of the present application may be implemented.
For example, as shown in fig. 4, after the script is deployed on the operation and maintenance platform, a pre-uploaded script named "operation-isolation port" may be found in a relevant location on the operation and maintenance platform, for example, in an "upload file" user interface shown in fig. 4, and the "operation-isolation port" script may be selected on the user interface and an "execute" button may be clicked to trigger the running of the script.
Optionally, in order to ensure the security of the isolation of the ports of the switch and avoid the misoperation of the user, the operation and maintenance platform may further perform an upper-level approval process. The script can be run only after the upper level has approved to achieve isolation of the target port of the target switch.
Based on the scheme, the existing operation and maintenance platform is used for uniformly storing and managing the information of the switch in the SAN, the isolating port command of the switch with different brands and the information of the switch are stored in advance, the brand of the switch is determined according to the identification of the switch, the target isolating port command suitable for the switch can be determined based on the switch, the switch of the port to be isolated is logged in through the API to carry out identity verification, an isolating instruction is sent to the server for managing the switch of the port to be isolated to indicate the server for managing the switch of the port to be isolated, and the corresponding isolating port command is issued to the switch of the port to be isolated, so that the quick isolation of the fault port is realized, the isolating port command is not required to be manually input by a user, the processing efficiency is favorably improved, the operation is simple, and the requirement on the user is lower.
Fig. 5 is a schematic block diagram of an apparatus for isolating a switch port according to an embodiment of the present application.
As shown in fig. 5, the apparatus 500 for isolating a switch port may include: a generating module 510 and a transmitting module 520. The apparatus 500 for isolating a switch port may be configured to implement the function of the operation and maintenance platform in the method 200, where the generating module 510 may be configured to generate an isolation instruction based on the identifier of the target switch and the identifier of the target port, which are input by the user; the target switch is a switch of a port to be isolated in the SAN, and the target port is the port to be isolated of the target switch; the isolation instruction comprises an identifier of the target switch, an identifier of the target port and a target isolation port command for isolating the port of the target switch, and the isolation instruction is used for instructing a first server to issue the target isolation port command to the target switch, wherein the first server is a server of the SAN; the sending module 520 may be configured to send the isolation instruction to the first server.
Optionally, the generating module 510 may be specifically configured to determine the brand of the target switch based on the identifier of the switch input by the user and the information of at least one switch acquired in advance; determining the target isolation port command based on a pre-stored corresponding relation between the brand and the isolation port command; and generating the isolation instruction based on the target isolation port command, the identification of the target switch and the identification of the target plus port.
Optionally, the first server is one of a plurality of servers, each of the plurality of servers corresponding to a SAN; and the apparatus 500 for isolating a switch port may further include a determining module 530, and the determining module 530 may be configured to determine, as the first server, a server corresponding to the IP address in the plurality of servers based on the IP address of the server input by the user.
Optionally, the determining module 530 may be further configured to determine whether the first server has a right to isolate a switch port in the SAN according to a preset white list; if the first server belongs to the white list, the first server has the authority of isolating the switch port in the SAN; or, if the first server does not belong to the white list, the first server does not have the authority to isolate the switch port in the SAN.
Optionally, the information of each switch in the pre-acquired information of at least one switch includes a login account and a login password of each switch, and the determining module 530 may be further configured to determine the login account and the login password of the target switch; the operation and maintenance platform logs in the target switch based on the login account and the login password; and in the case of successful login, the operation and maintenance platform determines that the operation and maintenance platform has the operation authority on the target switch.
Optionally, the apparatus 500 for isolating switch ports may further include an obtaining module 540, where the obtaining module 540 may be configured to obtain information of at least one switch, where the information of each switch in the information of at least one switch includes: the identification, the brand, the login account number, the login password, the port configuration of each switch, and the IP address of the server managing each switch.
Fig. 6 is a schematic block diagram of another apparatus for isolating switch ports according to an embodiment of the present application.
As shown in fig. 6, the apparatus 600 for isolating a switch port may include: a receiving module 610 and a transmitting module 620. The device 600 for isolating a switch port may be configured to implement the function of the first server in the method 200, where the receiving module 610 may be configured to receive an isolation instruction from an operation and maintenance platform, where the first server is a preset server, the isolation instruction includes an identifier of a target switch, an identifier of a target port, and a target isolation port command for isolating the port of the target switch, the isolation instruction is used to instruct the first server to issue the target isolation port command to the target switch, the target switch is a switch of a port to be isolated in a storage area network SAN, and the target port is a port to be isolated by the target switch; the sending module 620 may be configured to issue the target isolated port command to the target switch.
It should be understood that the division of the modules in the embodiments of the present application is illustrative, and is only one logical function division, and there may be other division manners in actual implementation. In addition, functional modules in the embodiments of the present application may be integrated into one processor, may exist alone physically, or two or more modules are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode.
Fig. 7 is a schematic block diagram of another apparatus for isolating a switch port according to an embodiment of the present application.
The apparatus 700 for isolating switch ports can be used to implement the functions of the operation platform or the first server in the method 200. The apparatus 700 for isolating switch ports may be a system-on-chip. In the embodiment of the present application, the chip system may be composed of a chip, and may also include a chip and other discrete devices.
As shown in fig. 7, the apparatus 700 for isolating a switch port may include at least one processor 710 for implementing the functions of the operation platform or the first server in the method 200 according to the embodiment of the present application.
Illustratively, when the apparatus 700 for isolating a switch port is used to implement the functions of the operation and maintenance platform in the method 200 provided by the embodiment of the present application, the processor 710 may be configured to generate an isolation instruction based on the identification of the target switch and the identification of the target port, which are input by a user; the target switch is a switch of a port to be isolated in the SAN, and the target port is the port to be isolated of the target switch; the isolation instruction comprises an identifier of the target switch, an identifier of the target port and a target isolation port command for isolating the port of the target switch, and the isolation instruction is used for instructing a first server to issue the target isolation port command to the target switch, wherein the first server is a server of the SAN; sending the isolation instruction to the first server. For details, reference is made to the detailed description in the method example, which is not repeated herein.
Illustratively, when the apparatus 700 for isolating a switch port is used to implement the function of the first server in the method 200 provided by the embodiment of the present application, the processor 710 may be configured to receive an isolation instruction from an operation and maintenance platform, where the first server is a preset server, the isolation instruction includes an identifier of a target switch, an identifier of a target port, and a target isolation port command for isolating a port of the target switch, the isolation instruction is used to instruct the first server to issue the target isolation port command to the target switch, the target switch is a switch of a port to be isolated in a storage area network SAN, and the target port is a port to be isolated by the target switch; and issuing the target isolation port command to a target switch. For details, reference is made to the detailed description in the method example, which is not repeated herein.
The apparatus 700 for isolating switch ports may also include at least one memory 720 that may be used to store a plurality of transaction functions as well as information and/or data. A memory 720 is coupled to the processor 710. The coupling in the embodiments of the present application is an indirect coupling or a communication connection between devices, units or modules, and may be an electrical, mechanical or other form for information interaction between the devices, units or modules. The processor 710 may operate in conjunction with the memory 720. Processor 710 may execute program instructions stored in memory 720. At least one of the at least one memory may be included in the processor.
The apparatus 700 for isolating a switch port may further include a communication interface 730 for communicating with other devices via a transmission medium, so that the apparatus 700 for isolating a switch port may communicate with other devices, for example, when the apparatus 700 for isolating a switch port is the operation and maintenance platform in fig. 2, the other devices may be the first server in fig. 2; when the apparatus 700 for isolating a switch port is the first server in fig. 2, the other device may be the operation and maintenance platform or the target switch in fig. 2. The communication interface 730 may be, for example, a transceiver, an interface, a bus, a circuit, or a device capable of performing a transceiving function. The processor 710 may utilize the communication interface 730 to send and receive data and/or information and is used to implement the method performed by the operation and maintenance platform or the first server in the embodiment corresponding to fig. 2.
The specific connection medium between the processor 710, the memory 720 and the communication interface 730 is not limited in the embodiments of the present application. In fig. 7, the processor 710, the memory 720 and the communication interface 730 are connected by a bus 740. The bus 740 is shown in fig. 7 by a thick line, and the connection between other components is merely illustrative and not intended to be limiting. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 7, but this is not intended to represent only one bus or type of bus.
The present application further provides a chip system, where the chip system includes at least one processor, and is configured to implement the functions involved in the method executed by the operation and maintenance platform or the first server in the embodiment shown in fig. 2.
In one possible design, the system-on-chip further includes a memory to hold program instructions and data, the memory being located within the processor or external to the processor.
The chip system may be formed by a chip, and may also include a chip and other discrete devices.
The present application further provides a computer program product, the computer program product comprising: a computer program (also referred to as code, or instructions), which when executed, causes a computer to perform the method of the embodiment shown in fig. 2.
The present application also provides a computer-readable storage medium having stored thereon a computer program (also referred to as code, or instructions). When executed, the computer program causes a computer to perform the method of the embodiment shown in fig. 2.
It should be understood that the processor in the embodiments of the present application may be an integrated circuit chip having signal processing capability. In implementation, the steps of the above method embodiments may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The processor may be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, or discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.
It will also be appreciated that the memory in the embodiments of the subject application can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. The non-volatile memory may be a read-only memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an electrically Erasable EPROM (EEPROM), or a flash memory. Volatile memory can be Random Access Memory (RAM), which acts as external cache memory. By way of example, but not limitation, many forms of RAM are available, such as Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic Random Access Memory (SDRAM), double data rate SDRAM, enhanced SDRAM, SLDRAM, Synchronous Link DRAM (SLDRAM), and direct rambus RAM (DR RAM). It should be noted that the memory of the systems and methods described herein is intended to comprise, without being limited to, these and any other suitable types of memory.
As used in this specification, the terms "unit," "module," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, or software in execution.
Those of ordinary skill in the art will appreciate that the various illustrative logical blocks and steps (step) described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application. In the several embodiments provided in the present application, it should be understood that the disclosed apparatus, device and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is merely a logical division, and in actual implementation, there may be other divisions, for example, multiple modules or components may be combined or integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or modules, and may be in an electrical, mechanical or other form.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more units are integrated into one module.
In the above embodiments, the functions of the functional modules may be wholly or partially implemented by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions (programs). The procedures or functions described in accordance with the embodiments of the present application are generated in whole or in part when the computer program instructions (programs) are loaded and executed on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a Digital Versatile Disk (DVD)), or a semiconductor medium (e.g., a Solid State Disk (SSD)), among others.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a U disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A method of isolating a switch port, the method comprising:
the operation and maintenance platform generates an isolation instruction based on the identification of the target switch and the identification of the target port input by the user; the target switch is a switch of a port to be isolated in a Storage Area Network (SAN), and the target port is the port to be isolated of the target switch; the isolation instruction comprises an identifier of the target switch, an identifier of the target port and a target isolation port command for isolating the port of the target switch, and the isolation instruction is used for instructing a first server to issue the target isolation port command to the target switch, wherein the first server is a server of the SAN;
and the operation and maintenance platform sends the isolation instruction to the first server.
2. The method of claim 1, wherein the operation and maintenance platform generates the isolation instruction based on the user-entered identification of the target switch and the identification of the target port, comprising:
the operation and maintenance platform determines the brand of the target switch based on the switch identification input by the user and the information of at least one switch acquired in advance;
the operation and maintenance platform determines the target isolation port command based on a pre-stored corresponding relation between the brand and the isolation port command;
and the operation and maintenance platform generates the isolation instruction based on the target isolation port command, the identification of the target switch and the identification of the target port.
3. The method of claim 1, wherein the first server is one of a plurality of servers, each of the plurality of servers corresponding to a SAN; and
the method further comprises the following steps:
and the operation and maintenance platform determines a server corresponding to the IP address in the plurality of servers as the first server based on the Internet protocol IP address of the server input by the user.
4. The method of claim 3, wherein the method further comprises:
the operation and maintenance platform determines whether the first server has the authority of isolating the switch port in the SAN according to a preset white list;
if the first server belongs to the white list, the first server has the authority of isolating the switch port in the SAN; or, if the first server does not belong to the white list, the first server does not have the authority to isolate the switch port in the SAN.
5. The method of claim 2, wherein the information of each switch in the pre-obtained information of at least one switch comprises a login account number and a login password of each switch, and
the method further comprises the following steps:
the operation and maintenance platform determines a login account and a login password of the target switch;
the operation and maintenance platform logs in the target switch based on the login account and the login password;
and in the case of successful login, the operation and maintenance platform determines that the operation and maintenance platform has the operation authority on the target switch.
6. The method of claims 1 to 5, wherein the method further comprises:
the operation and maintenance platform acquires information of at least one switch, wherein the information of each switch in the information of the at least one switch comprises: the identification, the brand, the login account number, the login password, the port configuration of each switch, and the IP address of the server managing each switch.
7. A method of isolating a switch port, the method comprising:
the method comprises the steps that a first server receives an isolation instruction from an operation and maintenance platform, wherein the first server is a preset server, the isolation instruction comprises an identification of a target switch, an identification of a target port and a target isolation port command for isolating the port of the target switch, the isolation instruction is used for indicating the first server to issue the target isolation port command to the target switch, the target switch is a switch of a port to be isolated in a Storage Area Network (SAN), and the target port is the port to be isolated of the target switch;
and the first server issues the target isolation port command to the target switch.
8. An apparatus for isolating a switch port, comprising means for implementing the method of any one of claims 1 to 6, or comprising means for implementing the method of claim 7.
9. An apparatus to isolate a switch port, comprising a processor to perform the method of any of claims 1 to 6 or to perform the method of claim 7.
10. A computer-readable storage medium, comprising a computer program which, when run on a computer, causes the computer to perform the method of any one of claims 1 to 6, or causes the computer to perform the method of claim 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111583662.2A CN114285809A (en) | 2021-12-22 | 2021-12-22 | Method and device for isolating switch port |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111583662.2A CN114285809A (en) | 2021-12-22 | 2021-12-22 | Method and device for isolating switch port |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114285809A true CN114285809A (en) | 2022-04-05 |
Family
ID=80873985
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111583662.2A Pending CN114285809A (en) | 2021-12-22 | 2021-12-22 | Method and device for isolating switch port |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114285809A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1653847A (en) * | 2002-05-24 | 2005-08-10 | 思科技术公司 | Apparatus and method for preventing disruption of fibre channel fabrics caused by reconfigure fabric (rcf) messages |
| US20060080430A1 (en) * | 2004-10-07 | 2006-04-13 | International Business Machines Corporation | System, method and program to identify failed components in storage area network |
| US7606167B1 (en) * | 2002-04-05 | 2009-10-20 | Cisco Technology, Inc. | Apparatus and method for defining a static fibre channel fabric |
| US20180219755A1 (en) * | 2017-02-02 | 2018-08-02 | Hewlett Packard Enterprise Development Lp | Determination of status of ports in storage area networks |
| US20200396182A1 (en) * | 2019-06-11 | 2020-12-17 | International Business Machines Corporation | Inter-switch link identification and monitoring |
| CN113726572A (en) * | 2021-08-31 | 2021-11-30 | 中国工商银行股份有限公司 | Method, system, equipment and storage medium for automatically modifying switch port |
-
2021
- 2021-12-22 CN CN202111583662.2A patent/CN114285809A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7606167B1 (en) * | 2002-04-05 | 2009-10-20 | Cisco Technology, Inc. | Apparatus and method for defining a static fibre channel fabric |
| CN1653847A (en) * | 2002-05-24 | 2005-08-10 | 思科技术公司 | Apparatus and method for preventing disruption of fibre channel fabrics caused by reconfigure fabric (rcf) messages |
| US20060080430A1 (en) * | 2004-10-07 | 2006-04-13 | International Business Machines Corporation | System, method and program to identify failed components in storage area network |
| US20180219755A1 (en) * | 2017-02-02 | 2018-08-02 | Hewlett Packard Enterprise Development Lp | Determination of status of ports in storage area networks |
| CN108390791A (en) * | 2017-02-02 | 2018-08-10 | 慧与发展有限责任合伙企业 | The determination of port status in storage area network |
| US20200396182A1 (en) * | 2019-06-11 | 2020-12-17 | International Business Machines Corporation | Inter-switch link identification and monitoring |
| CN113726572A (en) * | 2021-08-31 | 2021-11-30 | 中国工商银行股份有限公司 | Method, system, equipment and storage medium for automatically modifying switch port |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108243106B (en) | Method for controlling network slicing, forwarding device, control device and communication system | |
| US10798218B2 (en) | Environment isolation method and device | |
| CN107623698B (en) | Method and device for remotely debugging network equipment | |
| KR102349038B1 (en) | Tunneling and gateway access system optimized for distributed gateway environment and method therefor | |
| US8788724B2 (en) | Storage device to provide access to storage resources over a data storage fabric | |
| US7596083B2 (en) | Network element recovery process | |
| CN110602108B (en) | Data communication method, device, equipment and storage medium based on block chain network | |
| KR102191176B1 (en) | Method and a server for managing profiles | |
| US10244392B2 (en) | Over-the-air personalization of network devices | |
| US11716251B2 (en) | Communication system, provider node, communication node, and method for providing a virtual network function to a customer node | |
| CN109002312A (en) | Method for upgrading software, device and upgrade server and equipment | |
| TW201509151A (en) | A method and computer program product for providing a remote diagnosis with a secure connection for an appliance and an appliance performing the method | |
| WO2015088324A2 (en) | System and method for managing a faulty node in a distributed computing system | |
| CN109982065B (en) | Method, device and storage medium for equipment fault recovery in video monitoring network | |
| US11961074B2 (en) | Method and system for a network device to obtain a trusted state representation of the state of the distributed ledger technology network | |
| KR20190003256A (en) | Method and apparatus for vpn manegenment for ip camera | |
| CN108366087B (en) | ISCSI service realization method and device based on distributed file system | |
| KR20190003424A (en) | Method and apparatus for vpn manegenment for ip camera | |
| US20210044965A1 (en) | Cloud controlled secure bluetooth pairing for network device management | |
| US11108588B2 (en) | Configuration information to an internet of things multiplexer | |
| CN114285809A (en) | Method and device for isolating switch port | |
| CN111404897A (en) | Message distribution method and device, storage medium and electronic equipment | |
| CN116170274A (en) | Web application access method, device, system and computing equipment | |
| US10049013B2 (en) | Supervising and recovering software components associated with medical diagnostics instruments | |
| US10880168B2 (en) | Switch configuration |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |