CN115604315A - Remote processing device and method of server and electronic equipment - Google Patents

Remote processing device and method of server and electronic equipment Download PDF

Info

Publication number
CN115604315A
CN115604315A CN202211214640.3A CN202211214640A CN115604315A CN 115604315 A CN115604315 A CN 115604315A CN 202211214640 A CN202211214640 A CN 202211214640A CN 115604315 A CN115604315 A CN 115604315A
Authority
CN
China
Prior art keywords
remote
maintenance management
recovery device
processor
instruction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211214640.3A
Other languages
Chinese (zh)
Inventor
刘威
周慧恒
江波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202211214640.3A priority Critical patent/CN115604315A/en
Publication of CN115604315A publication Critical patent/CN115604315A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones

Abstract

The invention discloses a remote processing device and method of a server and electronic equipment. Relates to the technical field of financial science and technology. Wherein, the device includes: the system comprises a client, wherein the client is a user terminal for performing remote operation and maintenance management on an application server and is used for initiating a remote operation and maintenance management instruction, and the remote operation and maintenance management instruction at least comprises one of the following instructions: switching on and off, restarting and operating system backup recovery; the remote recovery device at least comprises a network gate, is connected with the client, receives a remote operation and maintenance management instruction, switches the internal network processing state and the external network processing state of the remote recovery device through the network gate, and performs remote operation and maintenance management on the application server by using a target management interface protocol. The invention solves the technical problem that the operation and maintenance management of the server is difficult to be carried out in a remote processing mode in the related technology.

Description

Remote processing device and method of server and electronic equipment
Technical Field
The invention relates to the technical field of financial science and technology, in particular to a remote processing device and method of a server and electronic equipment.
Background
At present, in the operation and maintenance of an IT system, a server crash and an operating system crash caused by software exception often occur, and the most effective method for solving the problems is to restart the server or restore the system by using backup data.
Under the conditions of server crash and operating system crash, the network service of the server is invalid, so that operation and maintenance personnel cannot perform remote operation and maintenance management in a remote connection mode and can only perform operation and maintenance on site, and the recovery time and operation and maintenance working pressure of production and application are greatly increased.
In addition, because the server is generally located in an intranet, and the remote operation and maintenance command, the script and the program must be transmitted through extranet communication, especially in a unit with higher data security requirements such as a bank, a security, a government agency and the like, the problem of security isolation of the intranet and the extranet is considered, the intranet and extranet data are not allowed to be stored on the same disk, and the intranet and extranet data are prohibited to be accessed and processed simultaneously, so that the server is located in the intranet, and the operation and maintenance management efficiency of the operation and maintenance manager for restarting or recovering the server is further increased.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides a remote processing device and method of a server and electronic equipment, which are used for at least solving the technical problem that the operation and maintenance management of the server is difficult to perform in a remote processing mode in the related art.
According to an aspect of an embodiment of the present invention, there is provided a remote processing apparatus of a server, including: the system comprises a client, wherein the client is a user terminal for performing remote operation and maintenance management on an application server and is used for initiating a remote operation and maintenance management instruction, and the remote operation and maintenance management instruction at least comprises one of the following instructions: switching on and off, restarting and operating system backup recovery; the remote recovery device at least comprises a network gate, is connected with the client, receives the remote operation and maintenance management instruction, switches the internal network processing state and the external network processing state of the remote recovery device through the network gate, and performs remote operation and maintenance management on the application server by using a target management interface protocol.
Further, the remote restoring apparatus further includes: a hard disk, wherein the hard disk comprises at least: the intranet hard disk is used for storing intranet data of the remote operation and maintenance management, and the extranet hard disk is used for storing extranet data of the remote operation and maintenance management; a processor, wherein the processor comprises at least: the intranet processor is used for processing intranet data, the extranet processor is used for processing extranet data, the network gate is connected with the intranet processor and the extranet processor and used for controlling the availability of the intranet hard disk through the intranet processor and controlling the availability of the extranet hard disk through the extranet processor, carrying out physical isolation on the intranet and the extranet and controlling the intranet processor and the extranet processor to work in a time-sharing mode; and the switching area memory is connected with the internal network processor and the external network processor and is used for providing a buffer area for data switching for the internal network data and the external network data.
Further, the remote restoring apparatus further includes: a plurality of communication interfaces, wherein the plurality of communication interfaces includes at least: an intranet communication interface and an extranet communication interface; a plurality of data interfaces, wherein the plurality of data interfaces are used for performing maintenance management on the remote recovery device, and the maintenance management at least comprises: upgrading device programs and detecting and debugging devices.
According to another aspect of the embodiments of the present invention, there is also provided a remote processing method of a server, where the method is applied to any one of the remote processing apparatuses described above, and includes: receiving a remote operation and maintenance management instruction sent by a client through a remote recovery device, and storing the remote operation and maintenance management instruction under the condition that the remote recovery device is in an extranet processing state; and after the remote operation and maintenance management instruction is stored, switching the internal and external network processing states through a network gate in the remote recovery device, switching the external network processing state into the internal network processing state, and performing remote operation and maintenance management on an application server through the remote operation and maintenance management instruction by using a target management interface protocol.
Further, receiving a remote operation and maintenance management instruction sent by a client through a remote recovery device, and storing the remote operation and maintenance management instruction under the condition that the remote recovery device is in an extranet processing state, including: receiving a remote operation and maintenance management instruction sent by a client, storing the remote operation and maintenance management instruction into an external network hard disk of the remote recovery device under the condition that the remote recovery device is in an external network processing state, and performing instruction verification on the remote operation and maintenance management instruction in the external network hard disk through an external network processor; and storing the remote operation and maintenance management instruction into a swap area memory of the remote recovery device under the condition that the instruction passes verification.
Further, using a target management interface protocol, performing remote operation and maintenance management on the application server through the remote operation and maintenance management instruction, including: repackaging the operation and maintenance management instruction through the target management interface protocol to obtain a target operation and maintenance management instruction, and sending the target operation and maintenance management instruction to an intranet hard disk of the remote recovery device; and calling the target operation and maintenance management instruction in the intranet hard disk through an intranet processor of the remote recovery device, and performing remote operation and maintenance management on the application server.
Further, receiving a remote operation and maintenance management instruction sent by a client through a remote recovery device, and before storing the remote operation and maintenance management instruction by using a target management interface protocol under the condition that the remote recovery device is in an extranet processing state, the method includes: receiving the remote operation and maintenance management instruction triggered by a target object, and performing identity authentication on the target object through the client; after the identity authentication is passed, performing security detection on the remote operation and maintenance management instruction, wherein the security detection at least comprises: detecting viruses; and after the safety detection is passed, sending the remote operation and maintenance management instruction to the remote recovery device.
Further, after performing remote operation and maintenance management on the application server, the method includes: acquiring an operation log of the remote operation and maintenance management through an intranet processor of the remote recovery device, and sending the operation log to the swap area memory, wherein the operation log at least comprises: operation and maintenance results of the remote operation and maintenance management; the remote recovery device switches the internal network processing state and the external network processing state through the network gate, and switches the internal network processing state into the external network processing state; reading the operation log in the memory of the exchange area through an external network processor of the remote recovery device, and encrypting the operation log to obtain a target operation log; and storing the target operation log into the external network hard disk, and pushing the target operation log to the client.
Further, the switching of the internal network processing state and the external network processing state of the remote recovery device through the gatekeeper includes: writing state data of an internal and external network processing state into a watchdog in the remote recovery device through the gatekeeper, and monitoring the state data through the watchdog, wherein the watchdog is used for determining whether the working state of the gatekeeper is abnormal according to the state data, and sending a reset signal to the gatekeeper under the condition that the working state of the gatekeeper is abnormal; reading the status data in the watchdog when the gatekeeper receives the reset signal; according to the state data, sending a blocking instruction to the internal network processor, sending a starting instruction to the external network processor, and switching the internal network processing state into the external network processing state; or sending a blocking instruction to the external network processor and sending a starting instruction to the internal network processor according to the state data, and switching the external network processing state into the internal network processing state.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including: a processor; and a memory for storing executable instructions for the processor; wherein the processor is configured to perform the remote processing method of the server of any of the above via execution of the executable instructions.
According to another aspect of the embodiments of the present invention, there is also provided a computer-readable storage medium storing a computer program, wherein when the computer program runs, the apparatus where the computer-readable storage medium is located is controlled to execute the remote processing method of the server in any one of the above.
In the present invention, a remote processing apparatus of a server includes: the system comprises a client, wherein the client is a user terminal for performing remote operation and maintenance management on an application server and is used for initiating a remote operation and maintenance management instruction, and the remote operation and maintenance management instruction at least comprises one of the following instructions: switching on and off, restarting and operating system backup recovery; the remote recovery device at least comprises a network gate, is connected with the client, receives a remote operation and maintenance management instruction, switches the internal network processing state and the external network processing state of the remote recovery device through the network gate, and performs remote operation and maintenance management on the application server by using a target management interface protocol. And the technical problem that the operation and maintenance management of the server is difficult to perform in a remote processing mode in the related art is solved. In the invention, a remote operation and maintenance management instruction for the application server is sent to the remote recovery device through the client, and then the remote recovery device with the network gate is used for carrying out remote operation and maintenance management on the application server by using a target management interface protocol, so that the operation and maintenance management of the application server on site by operation and maintenance management personnel, particularly the operation and maintenance management condition of the application server in an enterprise intranet, is avoided, and the technical effect of improving the operation and maintenance management efficiency of the application server is realized.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention and do not constitute a limitation of the invention. In the drawings:
FIG. 1 is a schematic diagram of an alternative server remote processing device in accordance with an embodiment of the present invention;
FIG. 2 is a schematic diagram of a connection configuration of an alternative server remote processing device according to an embodiment of the present invention;
FIG. 3 is a system block diagram of an alternative remote recovery device according to an embodiment of the present invention;
FIG. 4 is a front view of an alternative form factor of a remote retrieval device in accordance with embodiments of the present invention;
FIG. 5 is a rear view of an alternative form factor of a remote recovery device in accordance with embodiments of the present invention;
FIG. 6 is a flow chart of an alternative server remote processing method according to an embodiment of the present invention;
FIG. 7 is a schematic diagram of the circuit connections of an alternative gatekeeper in accordance with embodiments of the present invention;
FIG. 8 is a flowchart illustrating an alternative operation of a remote server according to an embodiment of the present invention;
FIG. 9 is a schematic diagram of an alternative electronic device according to embodiments of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For convenience of description, some terms or nouns to which the present invention relates are explained below.
An IPMI, an Intelligent Platform Management Interface, is an open standard hardware Management Interface protocol, defines a specific method for communication of an embedded Management subsystem, which can be used for controlling and operating a server, and allows a user to perform operation and maintenance Management on the server through a Management port only if a power supply of a main board is normal and no matter what state (power-on, power-off, and power-off) the server is.
vxworks, an embedded real-time operating system.
The E2PROM, namely EEPROM, electrically Erasable Programmable read only memory, is a memory chip with no data loss after power failure.
SPI, serial Peripheral Interface, abbreviated as SPI, is a high-speed, full-duplex, synchronous communication bus.
It should be noted that the remote processing apparatus and method of the server in the present disclosure may be used in the financial technology field for performing remote operation and maintenance management on the application server, and may also be used in any field other than the financial technology field for performing remote operation and maintenance management on the application server.
It should be noted that the relevant information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for presentation, analyzed data, etc.) referred to in the present disclosure are information and data authorized by the user or sufficiently authorized by each party. For example, an interface is provided between the system and the relevant user or organization, before obtaining the relevant information, an obtaining request needs to be sent to the user or organization through the interface, and after receiving the consent information fed back by the user or organization, the relevant information is obtained.
The invention is further illustrated below with reference to examples.
Example one
According to an embodiment of the present invention, an embodiment of an optional server remote processing apparatus is provided, and fig. 1 is a schematic diagram of an optional server remote processing apparatus according to an embodiment of the present invention, as shown in fig. 1, the apparatus includes:
the system comprises a client 1 and a client, wherein the client is a user terminal for performing remote operation and maintenance management on an application server and is used for initiating a remote operation and maintenance management instruction, and the remote operation and maintenance management instruction at least comprises one of the following instructions: switching on and shutting down, restarting and operating system backup and recovery.
Fig. 2 is a schematic diagram of a connection structure of an optional remote processing device of a server according to an embodiment of the present invention, as shown in fig. 2, a client 1 is connected to a remote recovery device 2 through an external communication network (e.g., a telecommunication operator network), and an operation and maintenance technician may initiate a remote operation and maintenance management command using the client 1, send the remote operation and maintenance management command to the remote recovery device 2 through the external communication network, and apply remote operation and maintenance of an application server 3 through the remote recovery device 2.
The remote operation and maintenance management instruction may include power on and off, restart, backup and recovery of an operating system, and may further include server status check, where the remote operation and maintenance management instruction is described as follows:
(1) and checking the state of the server, namely checking the physical health characteristics of the application server, such as temperature, voltage, the working state of a fan, the power state, the state of a network card and the like.
(2) The server restarts the operating system of the application server 3. The operation and maintenance technician can set the application program to be started up and self-started in the operating system of the application server 3, so that the application program can be automatically started after the application server is restarted, and the production system is recovered.
(3) And (4) backup recovery of the operating system of the server, if the operating system or the application program is damaged, the problem cannot be solved by restarting the server, and a backup recovery function of the server can be used. The application server 3 can use maintenance personnel to rebuild the system through the server system backup files (such as ISO mirroring problem) uploaded by the client 1, and automatically restart the server after completion, and restore the production application.
And the remote recovery device 2 is a remote recovery device, wherein the remote recovery device at least comprises a network gate, is connected with the client, receives a remote operation and maintenance management instruction, switches the internal network processing state and the external network processing state of the remote recovery device through the network gate, and performs remote operation and maintenance management on the application server by using a target management interface protocol.
The remote recovery device may at least include a gatekeeper, the gatekeeper may be configured to switch an intranet processing state and an extranet processing state of the remote recovery device, so as to physically isolate intranet data and extranet data of an enterprise and ensure intranet security of the enterprise, and the gatekeeper may be a single chip, such as: AT89S51 single chip microcomputer chip.
The target management interface protocol can be an IPMI intelligent platform management interface protocol, and the remote recovery device controls and operates the application server according to the IPMI intelligent platform management interface protocol through a vxworks embedded operating system of a server mainboard based on a remote operation and maintenance management instruction, so as to realize remote operation and maintenance management on the application server.
In this embodiment, a remote operation and maintenance management command for the application server may be initiated to the remote recovery device through the client, and then, through the remote recovery device with the gatekeeper, remote operation and maintenance management is performed on the application server by using the target management interface protocol, so that an operation and maintenance manager is prevented from needing to go to the field to perform operation and maintenance management on the application server, especially, the operation and maintenance management of the application server in an enterprise intranet, thereby achieving a technical effect of improving the operation and maintenance management efficiency of the application server. And the technical problem that the operation and maintenance management of the server is difficult to perform in a remote processing mode in the related art is solved.
In order to ensure that the remote recovery device performs accurate physical isolation on the internal network and the external network and ensure the security of remote operation and maintenance management, in an embodiment, the remote recovery device further includes: a hard disk, wherein the hard disk comprises at least: the intranet hard disk is used for storing intranet data of remote operation and maintenance management, and the extranet hard disk is used for storing extranet data of remote operation and maintenance management; a processor, wherein the processor comprises at least: the system comprises an internal network processor and an external network processor, wherein the internal network processor is used for processing internal network data, the external network processor is used for processing external network data, and a network gate is connected with the internal network processor and the external network processor and is used for controlling the availability of an internal network hard disk through the internal network processor and the availability of an external network hard disk through the external network processor, physically isolating the internal network and the external network and controlling the internal network processor and the external network processor to work in a time-sharing manner; and the switching area memory is connected with the internal network processor and the external network processor and is used for providing a buffer area for data exchange for the internal network data and the external network data.
The above-mentioned remote recovery device may further include a hard disk, a processor, and a switching area memory, fig. 3 is a schematic diagram of a system module of an optional remote recovery device according to an embodiment of the present invention, as shown in fig. 3, the hard disk may be divided into an internal network hard disk S7 and an external network hard disk S8, the processor may be divided into an internal network processor S1 and an external network processor S2, and the system module of the remote recovery device may further include a gatekeeper S3, a watchdog S4, a switching area memory S5, an RJ45 interface S6, an external network communication network card S9, a hard disk power supply control S10, and an internal network interface S11, where the following describes each part in fig. 3:
the network gate S3 controls the usability of the double hard disks (namely, when the internal network processor works, the external network hard disk is powered off, only the internal network hard disk is available, and when the external network processor works, the internal network hard disk is powered off, only the external network hard disk is available) through the hard disk power supply control unit S10, so that the physical isolation of the data storage of the internal network and the external network is ensured. Meanwhile, the network gate S3 is connected with the internal network processor S1 and the external network processor S2 through signal lines, so that the two processors can be controlled to work in a time-sharing manner, and physical isolation of internal and external network data processing is realized.
A watchdog S4. The gatekeeper is the core for realizing the physical isolation of internal and external network data, and when the program of the gatekeeper S3 is abnormal, the watchdog S4 can send out a reset pulse to force the gatekeeper S3 system to reset so as to ensure the reliability of the gatekeeper.
The switching area memory S5 is a general flash memory and is used as a buffer area for internal and external network data exchange.
And the RJ45 interface S6 is connected to a management port of the application server 3, so that the operation and maintenance of the application server 3 by the remote recovery device 2 are realized. The internal network processor S1 calls an operation and maintenance program on the internal network hard disk S7, analyzes a remote operation and maintenance management instruction and a data packet of a maintainer, and sends an instruction to the server management port through the RJ45 interface to realize operation and maintenance management operation.
And the hard disk power supply control S10 is used for selectively supplying power to the intranet hard disk S7 and the extranet hard disk S8 under the control of the network gate S3.
Through the components in the remote recovery device, the remote recovery device can realize the accurate physical isolation of the internal network and the external network, and the technical effect of providing the support for the remote operation and maintenance management of the application server.
In order to ensure that the remote recovery device performs data interaction with the outside, in this embodiment, the remote recovery device further includes: a plurality of communication interfaces, wherein the plurality of communication interfaces includes at least: an intranet communication interface and an extranet communication interface; a plurality of data interfaces, wherein the plurality of data interfaces are used for performing maintenance management on the remote recovery device, and the maintenance management at least comprises: upgrading device programs and detecting and debugging devices.
The plurality of communication interfaces may include an intranet communication interface and an extranet communication interface for the remote recovery device to perform network communication, and may further include a plurality of data interfaces for performing maintenance management on the remote recovery device.
Fig. 4 is a front view of an external configuration of an alternative remote recovery device according to an embodiment of the present invention, and fig. 5 is a rear view of an external configuration of an alternative remote recovery device according to an embodiment of the present invention, and as shown in fig. 4 and fig. 5, the external configuration of the remote recovery device may include an external network hard disk 11 and an internal network hard disk 12, an internal network interface 22 (corresponding to the above internal network communication interface) and an external network communication card 13 (corresponding to the above external network communication interface), a management port 21, a consolid interface 23 (debugging configuration interface of the device), and a data interface 14, wherein the above data interfaces may include the consolid interface 23 and the data interface 14, and the above internal network interface 22 may not be provided in the remote recovery device. The front view of the remote recovery apparatus and various portions of the test chart will be described below.
(1) And a power switch 10 for controlling the power supply of the device.
(2) And the external network hard disk 11 is used for storing an external network service operation program of the device and data and programs uploaded by the external network in the operation and maintenance process.
(3) The intranet hard disk 12 stores the intranet service running program of the device, the operating system of the application server 3 and the backup of the application software, and in addition, the data and the program uploaded by the extranet are stored in the exchange area memory after safety detection and then are imported into the intranet hard disk.
(4) And the external network communication card 13 is responsible for the communication connection between the device and the client 1.
(5) The data interface 14 is a data interface (for example, a USB interface) used for upgrading and maintaining the program of the device itself.
(6) And a power supply 20 for supplying power to the device.
(7) The management port 21 is connected to access the remote management port of the application server 3 through the management port of the device, controls the start, shutdown and restart of the application server 3 through an IPMI interface protocol, remotely reinstalls the server operating system, and can monitor the physical health characteristics of the server, such as temperature, voltage, fan working state, power state and the like.
(8) The intranet network interface 22 allows the remote recovery apparatus 2 to access an intranet, and facilitates upgrading of the application recovery apparatus and data backup of the application server 3 (such as an operating system image and an application software backup package). If the function is not selected, the field operation and maintenance can be carried out only through the CONSOLE interface 23 and the data interface 14.
(9) The CONSOLE interface 23 is used as a control interface by connecting a notebook computer with the CONSOLE interface, and is used as a data source by connecting media such as a mobile hard disk, an optical drive, a U disk and the like with the data interface 14, so that the device can be detected, debugged, upgraded and the like.
Through each part in the appearance structure of the remote recovery device, the technical effects of management of the remote recovery device and efficiency of providing services for the outside by the remote recovery device can be achieved.
The remote processing device of the server may further include a processor and a memory, the client 1, the remote recovery device 2, and the like are stored in the memory as program units, and the processor executes the program units stored in the memory to implement corresponding functions.
The processor comprises a kernel, and the kernel calls a corresponding program unit from the memory. The kernel can be set to be one or more than one, a remote operation and maintenance management instruction for the application server is initiated to the remote recovery device through the client by adjusting kernel parameters, then, the remote operation and maintenance management is carried out on the application server by using a target management interface protocol through the remote recovery device with the network gate, the operation and maintenance management condition that operation and maintenance management personnel need to go to the site to manage the operation and maintenance of the application server, especially the operation and maintenance management condition of the application server in an enterprise intranet is avoided, and therefore the technical effect of improving the operation and maintenance management efficiency of the application server is achieved.
Example two
According to an embodiment of the present invention, an alternative server remote processing method is provided, which is applied to a remote processing device in the first embodiment, and it should be noted that the steps shown in the flowchart of the figure may be executed in a computer system such as a set of computer executable instructions, and that although a logical order is shown in the flowchart, in some cases, the steps shown or described may be executed in an order different from the order shown.
Fig. 6 is a flowchart of an alternative server remote processing method according to an embodiment of the present invention, as shown in fig. 6, the method includes the following steps:
step S601, receiving, by the remote recovery device, a remote operation and maintenance management instruction sent by the client, and storing the remote operation and maintenance management instruction when the remote recovery device is in an extranet processing state.
The remote recovery device receives the remote operation and maintenance management command sent by the client, and when the remote recovery device is in an extranet processing state, the remote operation and maintenance management command can be temporarily cached in a swap area memory of the remote recovery device.
Step S602, after storing the remote operation and maintenance management instruction, switching the internal and external network processing states through the network gate in the remote recovery device, switching the external network processing state into the internal network processing state, and performing remote operation and maintenance management on the application server through the remote operation and maintenance management instruction by using a target management interface protocol.
After the remote recovery device temporarily caches the remote operation and maintenance management instruction in a memory of a switching area of the remote recovery device, the internal and external network processing states can be switched through a network gate in the remote recovery device, the external network processing state is switched to an internal network processing state, and remote operation and maintenance management is performed on the application server through the remote operation and maintenance management instruction in the internal network by using a target management interface protocol.
The switching of the intranet and extranet processing states may be switching an extranet processor state to an intranet processing state, or switching an intranet processing state to an extranet processing state.
In this embodiment, a remote operation and maintenance management command for the application server may be initiated to the remote recovery device through the client, and then, the remote recovery device with the gatekeeper is used to perform remote operation and maintenance management for the application server by using the target management interface protocol, so that an operation and maintenance manager is prevented from needing to go to the site to perform operation and maintenance management on the application server, especially the operation and maintenance management situation of the application server in an enterprise intranet, and thus, the technical effect of improving the operation and maintenance management efficiency of the application server is achieved. And further, the technical problem that operation and maintenance management of the server is difficult to perform in a remote processing mode in the related art is solved.
In order to ensure the accuracy of data processing of the remote recovery device in the external network, in this embodiment, the remote operation and maintenance management instruction sent by the client is received by the remote recovery device, and the remote operation and maintenance management instruction is stored in the case that the remote recovery device is in the external network processing state, where the remote recovery device further includes the following contents: receiving a remote operation and maintenance management instruction sent by a client, storing the remote operation and maintenance management instruction into an external network hard disk of a remote recovery device under the condition that the remote recovery device is in an external network processing state, and verifying the remote operation and maintenance management instruction in the external network hard disk through an external network processor; and in the case that the instruction verification is passed, storing the remote operation and maintenance management instruction into a swap area memory of the remote recovery device.
In this embodiment, the remote operation and maintenance management instruction sent by the client may be sent in the form of a data packet, and after receiving the data packet including the remote operation and maintenance management instruction sent by the client, the data packet including the remote operation and maintenance management instruction may be stored in an external network hard disk of the remote recovery device, and the data packet may further include a digital signature to send client information of the remote operation and maintenance management instruction. The command verification may be performed on the remote operation and maintenance management command in the extranet hard disk by the extranet processor, and the command verification may include, but is not limited to, verifying a digital signature, and in the case that the command verification passes, the remote operation and maintenance management command may be stored in the swap area memory of the remote recovery apparatus.
Specifically, in the remote recovery device, the data packet (instruction, data, digital signature, client information) sent by the client 1 is received by the extranet processor S2 and stored in the extranet hard disk S8, the extranet processor S2 verifies the digital signature, if not, deletes the data packet, and returns error information to the client; and if the digital signature is correct, unpacking and copying the external network hard disk S8 to the exchange area memory S5.
After the external network hard disk S8 is unpacked and copied to the switching area memory S5, the 'blocking' state information can be written into a 'guide state area' of the external network hard disk S8 (the log processing program is called when the external network processor S2 is restarted next time), and a 'external network is switched to an internal network' signal is sent to the network gate S3 through a signal line P1.5, so that the technical effect of improving the accuracy of data processing of the remote recovery device on the external network is achieved.
In order to ensure the accuracy of the remote recovery device performing operation and maintenance management on the application server in the intranet, in this embodiment, a target management interface protocol is used, and the following contents are further included in the remote operation and maintenance management performed on the application server through a remote operation and maintenance management instruction: repackaging the operation and maintenance management instruction through a target management interface protocol to obtain a target operation and maintenance management instruction, and sending the target operation and maintenance management instruction to an intranet hard disk of the remote recovery device; and calling a target operation and maintenance management instruction in the intranet hard disk through an intranet processor of the remote recovery device, and performing remote operation and maintenance management on the application server.
For example: the intranet processor S1 repacks the data in the exchange area memory S5 according to the IPMI interface specification, stores the repacked data in the intranet hard disk S7, and simultaneously clears the data in the exchange area memory S5. The intranet processor S1 calls a server operation and maintenance program on the intranet hard disk S7, remote operation and maintenance instructions and data packets of maintenance personnel are analyzed, and the instructions are sent to the server management port through the RJ45 interface S7 to achieve operation and maintenance operation, so that the technical effect of improving the accuracy of operation and maintenance management of the remote recovery device on the application server in the intranet is achieved.
In order to ensure the data security of the remote operation and maintenance management of the remote recovery device on the application server, the remote operation and maintenance management instruction sent by the client is received by the remote recovery device, and under the condition that the remote recovery device is in an extranet processing state, before the remote operation and maintenance management instruction is stored by using a target management interface protocol, the method comprises the following steps: receiving a remote operation and maintenance management instruction triggered by a target object, and performing identity authentication on the target object through a client; after the identity authentication is passed, carrying out security detection on the remote operation and maintenance management instruction, wherein the security detection at least comprises the following steps: virus detection; and after the safety detection is passed, sending the remote operation and maintenance management instruction to the remote recovery device.
The identity authentication may be secure real-name authentication, and the authentication means may include but is not limited to a biometric identification manner such as a human face and a fingerprint, or a function such as reserved password identification, short message identification, dynamic password identification is adopted to authenticate the identity of the target object, where the target object may be an operation and maintenance technician. After the authentication is passed, the client 1 establishes a connection with the remote recovery device 2 through a telecommunication carrier communication network (e.g. a 5G network). The operation and maintenance technician can send remote operation and maintenance management instructions (detection, restart, recovery, etc.) and data (script files, programs, system backup files, etc. of the recovery system) to the remote recovery device through the client 1.
In the process of sending the remote operation and maintenance management instruction through the client 1, the client 1 can also perform security detection on the remote operation and maintenance management instruction and data through a security detection program and virus database data of the client 1, such as: the safety analysis and the virus detection are carried out, the digital signature is carried out on the information capable of carrying out the remote operation and maintenance management instruction and the data after the detection, and then the instruction, the data, the digital signature and the client information (used for pushing the server log after the execution of the operation and maintenance instruction is finished) are sent to the remote recovery device 2 together, so that the technical effect of improving the data safety of the remote operation and maintenance management of the application server by the remote recovery device is realized.
In order to ensure the integrity of the operation data and the log security of the remote operation and maintenance management, in this embodiment, after performing the remote operation and maintenance management on the application server, the method includes: the method comprises the steps of obtaining an operation log of remote operation and maintenance management through an intranet processor of a remote recovery device, and sending the operation log to a memory of a switching area, wherein the operation log at least comprises the following steps: operation and maintenance results of remote operation and maintenance management; the remote recovery device switches the processing state of the internal network and the processing state of the external network through the network gate; reading an operation log in a memory of the exchange area through an external network processor of the remote recovery device, and encrypting the operation log to obtain a target operation log; the target operation log is stored in the external network hard disk, and the target operation log is pushed to the client, so that the completeness of the operation data of remote operation and maintenance management is guaranteed.
In this embodiment, after the remote operation and maintenance management is performed on the application server, that is, after the operation of the remote operation and maintenance management instruction is completed, the intranet processor S1 decodes the log file of the intranet hard disk and copies the decoded log file to the swap area memory S5, and sends an "intranet switch to extranet" instruction to the gatekeeper S5, and switches the intranet processing state to the extranet processing state, and the gatekeeper S3 writes state data of the gatekeeper S3 "intranet switch to extranet" into the E2PROM built in the watchdog chip. Then, the network gate S3 sends a "blocking" instruction to the internal network processor S1, controls the internal network hard disk to lose power, supplies power to the external network hard disk, and sends a restart instruction to the external network processor S2 already in the "blocking" state, the external network processor S2 reads the state information in the "boot state area" of the external network hard disk S8 to restart, and the external network processor S2 can only recognize and access the external network hard disk and the switching area memory due to the power loss of the internal network hard disk.
After the intranet processing state is switched to the extranet processing state, the extranet processor S2 may read a log file of the exchange area memory, analyze the log file, and obtain client information and a server log, and because the server log file includes sensitive information such as a server and network configuration information, the log (corresponding to the operation log) may be encrypted, and then packaged to form a new log file (corresponding to the target operation log), and copied to the extranet hard disk, and the contents of the exchange area memory are removed. The extranet processor S2 initiates a log reconnection retransmission request to the client 1.
After the extranet processor S2 initiates a log reconnection and retransmission request to the client 1, the client 1 receives the connection request, can decrypt and check after downloading the log file, and can quit logging and release the connection between the client and the remote recovery device 2 if the operation and maintenance is successful. Because the remote recovery device 2 needs to switch the network and restart the intranet processor S1 and the extranet processor S2 many times to realize the isolation between the intranet and the extranet in the recovery process of the processing server, this embodiment can support a single task mode, that is, only a single user can perform operation and maintenance operations on a single server at the same time.
The technical effects of ensuring the integrity of the operation data of the remote operation and maintenance management and the safety of the log are achieved.
In order to guarantee the physical isolation of intranet and extranet, guarantee data security, in this embodiment, carry out intranet and extranet processing state switching to intranet processing state, extranet processing state of remote recovery device through the gatekeeper, include: writing state data of an internal and external network processing state into a watchdog in a remote recovery device through a gatekeeper, and monitoring the state data through the watchdog, wherein the watchdog is used for determining whether the working state of the gatekeeper is abnormal according to the state data, and sending a reset signal to the gatekeeper under the condition that the working state of the gatekeeper is abnormal; reading state data in the watchdog under the condition that the gatekeeper receives a reset signal; according to the state data, sending a blocking instruction to the internal network processor, sending a starting instruction to the external network processor, and switching the internal network processing state into the external network processing state; or, according to the state data, sending a blocking instruction to the external network processor, sending a starting instruction to the internal network processor, and switching the external network processing state into the internal network processing state.
The watchdog may adopt an X5045 chip, the chip adopted by the watchdog is not limited herein, the watchdog S4 (X5045 chip) may mainly provide a reset pulse for the gatekeeper S3 (AT 89S51 chip), after the gatekeeper S3 initiates state data switching from the external network processing state to the internal network processing state, the gatekeeper S3 may write state data of the gatekeeper S3 operation to the E2PROM built in the watchdog chip through SPI bus control, if the gatekeeper detects abnormal operation of the gatekeeper during the subsequent operation, that is, the state data of the E2PROM built in the watchdog chip is different from the actually operated state data, the gatekeeper may send a (reset) signal to the gatekeeper to restart, when the gatekeeper restarts, the state data of the E2PROM built in the watchdog chip is read in to ensure that the gatekeeper itself is in a correct operating state, and the external network processor S2 may send a "blocking" signal, the external network processor S2 may interrupt a session with the client, enter a "blocking state" and provide no blocking service to the external. The session of the client is interrupted, the external service is stopped, and the risk that the remote recovery device 2 is exposed to attack on the external network can be effectively reduced; after the remote operation and maintenance management instruction is completed, the extranet server 2 can actively initiate connection through client information in the data packet in the last session, so that network attacks such as IP (Internet protocol) threat and the like are avoided.
When the network gate S3 is switched from the internal network processing state to the external network processing state, the principle of state switching is the same as the switching principle of the external network processing state to the internal network processing state, and the network gate S3 writes state data of the network gate S3, namely the internal network processing state is switched to the external network processing state, into the E2PROM built in the watchdog chip. Subsequently, the network gate S3 sends a "blocking" instruction to the internal network processor S1, controls the internal network hard disk to lose power, supplies power to the external network hard disk, and simultaneously sends a restart instruction to the external network processor S2 already in the "blocking" state, the external network processor S2 reads the state information in the "boot state area" of the external network hard disk S8 to restart, and the external network processor S2 can only recognize and access the external network hard disk and the switching area memory due to the power loss of the internal network hard disk.
The switching of the processing states of the internal network and the external network is carried out through the gatekeeper, so that the physical isolation of the internal network and the external network is realized, and the technical effect of data security is ensured.
EXAMPLE III
The embodiment provides a remote processing method of an optional server, the remote recovery method of the server can physically isolate an intranet from an extranet through a gatekeeper in a remote recovery device, so as to ensure the safety of intranet data, and the remote operation and maintenance and system recovery of an application server of the intranet are realized through a wireless network communication technology and a server remote management port.
The remote recovery device has two operation modes of 'extranet service' and 'intranet processing', namely two processing states of intranet processing state and extranet processing state. The switching between the two operating modes is performed by the gatekeeper S3. The extranet service mode is used for receiving and sending and processing operation and maintenance instructions and data (script files, programs, system backup files and the like of a recovery system) submitted by operation and maintenance technicians through the client 1, and the operation and maintenance management is performed on the application server in the intranet processing mode.
Fig. 7 is a schematic diagram of the circuit connection of an alternative gatekeeper according to an embodiment of the present invention, the schematic diagram of the circuit connection of the gatekeeper being shown in fig. 7, and two modes of operation are described below in conjunction with fig. 7. In the extranet service mode, the intranet processor S1 is blocked, the intranet hard disk S7 loses power, the extranet processor S2 runs, but only the electrified extranet hard disk S8 and the switching area memory S5 can be accessed for data processing. In the "intranet processing" mode of operation, the intranet processor S2 is blocked, the intranet hard disk S8 is powered off, and the intranet processor S1 is running, but only the powered intranet hard disk S7 and the swap area memory S5 can be accessed for data processing.
In fig. 7, the AT89S51 chip is a gatekeeper S3, the corresponding X5045 is a watchdog S4, and two IRFB4410 chips and circuits form a hard disk power control module S10. The P1.6 and P1.7 ends of the network gate are respectively used for controlling an external network hard disk power supply and an internal network hard disk power supply. When the network brake working state is an external network processing state, the output of P1.6 is 0 (low level), the output of P1.7 is 1 (high level), at the time, the IRFB4410 connected with the external network hard disk power supply is switched on, the IRFB4410 connected with the internal network hard disk power supply is switched off, the external network hard disk S8 power supply is powered on, and the internal network hard disk S7 is powered off; when the working state of the network gate is an internal network processing state, the output of P1.6 is 1 (high level), the output of P1.7 is 0 (low level), at this time, the IRFB4410 connected with the power supply of the internal network hard disk S7 is switched on, the IRFB4410 connected with the power supply of the external network hard disk S8 is switched off, the power supply of the internal network hard disk is switched on, and the power supply of the external network hard disk is switched off.
The watchdog S4 (X5045 chip) mainly provides reset pulses for the gatekeeper S3 (AT 89S51 chip), and the main working principle is: when the network gate S3 is switched from an external network state to an internal network state, the network gate S3 writes working state data of the network gate S3 into an E2PROM built in a watchdog chip through the control of an SPI bus, if the watchdog detects that the network gate works abnormally in the running process, RST signals are sent to the watchdog to restart the watchdog, and when the network gate is restarted, state parameters of the E2PROM built in the watchdog chip are read in to ensure that the network gate is in a correct working state; the same is true when gatekeeper S3 is switched from intranet state to extranet state.
When the network gate S3 switches between the internal and external processing states, it can also communicate with the external network processor S2 and the internal network processor S1 through P1.4 and P1.5 to control the time-sharing operation.
Fig. 8 is a flowchart of an optional remote operation and maintenance of the server according to an embodiment of the present invention, and a workflow of a remote processing method of the server according to the embodiment is described below with reference to fig. 8.
(1) And (4) authenticating the client.
The client 1 is an IT terminal (such as a mobile phone, a computer, a PAD, etc.) used by an operation and maintenance technician who performs remote operation and maintenance management by using the server 3. The terminal can perform safe real-name authentication, and the authentication means includes but is not limited to biological identification means such as human faces and fingerprints, or the identity of the operation and maintenance technician is authenticated by adopting functions such as reserved password identification, short message identification and dynamic password identification.
(2) And sending an operation and maintenance instruction (corresponding to the remote operation and maintenance management instruction).
After the authentication is passed, the client 1 establishes a connection with the remote recovery device 2 through a telecommunication carrier communication network (e.g., a 5G network). The operation and maintenance technicians can carry out remote operation and maintenance by sending instructions (detection, restart, recovery and the like) and data (script files, programs, system backup files and the like of the recovery system) through the client 1.
(3) And detecting instruction data.
The client 1 calls a self security detection program and virus library data to perform security analysis and virus detection on the instruction and the data, performs digital signature on the information after detection, and sends the instruction, the data, the digital signature and client information (used for pushing a server log after the execution of the operation and maintenance command is finished) to the remote recovery device 2.
(4) And receiving and verifying the instruction.
The extranet processor S2 receives a data packet (instruction, data, digital signature and client information) sent by the client 1 and stores the data packet in the extranet hard disk S8, the extranet processor S2 verifies the digital signature, if the digital signature is incorrect, the data packet is deleted, and error information is returned to the client; if the digital signature is correct, the external network hard disk S8 is unpacked and then copied to the switching area memory S5, then the 'blocking' state information is written into a 'boot state area' of the external network hard disk S8 (the log processing program is called when the external network processor S2 is restarted next time is ensured), and a 'external network is switched to the internal network' signal is sent to the network gate S3 through a signal line P1.5.
(4) The extranet switches to the intranet (corresponding to the extranet processing state switching to the intranet processing state described above).
The gatekeeper S3 writes status data (the data is used for maintaining a correct state after the gatekeeper S3 is restarted due to a fault) of the gatekeeper S3 "switching from the extranet to the intranet (corresponding to the switching of the extranet processing state to the intranet processing state)" into the E2PROM built in the watchdog chip, the extranet processor S2 sends a "blocking" signal, the extranet processor S2 interrupts the session connection with the client, enters the "blocking" state, and no service is provided to the outside. The risk that the remote recovery device 2 is exposed to attack on the external network can be effectively reduced by interrupting the session of the client and stopping external service; after the remote operation and maintenance instruction is completed, the extranet server 2 actively initiates connection through client information in the data packet in the last session, so that network attacks such as IP (Internet protocol) threat and the like are avoided.
The output of the network gate S3 to the P1.6 is 1 (high level), the output of the P1.7 is 0 (low level), at the moment, the power supply of the internal network hard disk S7 is connected for power on, and the power supply of the external network hard disk S8 is disconnected for power off.
The gatekeeper S3 sends an "activate" signal to the intranet processor S1, and the intranet processor S1 in the "blocking" state restarts.
(5) The instructions are run.
The intranet processor S1 repacks the data in the switch area memory S5 according to the IPMI interface specification, stores the repacked data in the intranet hard disk S7, and simultaneously clears the data in the switch area memory S5. The intranet processor S1 calls a server operation and maintenance program on the intranet hard disk S7, analyzes remote operation and maintenance instructions and data packets of maintenance personnel, and sends instructions to the server management port through the RJ45 interface S7 to achieve operation and maintenance operation.
And the operation and maintenance operation instruction realizes the operation and maintenance of the server according to the IPMI intelligent platform management interface specification. The IPMI can control the power on, off, and restart of the server, remotely reinstall the operating system of the server, and monitor the physical health characteristics of the server, such as temperature, voltage, fan operating status, power status, and so on. In brief, the remote management port is a high-level remote KVM system, and can remotely control a server without network support, redirect server feedback information to a log file for storage, and map and load an optical disc image and a folder of the remote control terminal into the server as a virtual optical drive.
Examples of commonly used operation and maintenance instructions are as follows:
(1) and (4) checking the state of the server, wherein the remote operation and maintenance instruction is used for checking physical health characteristics of the server, such as temperature, voltage, fan working state, power supply state, network card state and the like.
(2) The server is restarted, and the remote operation and maintenance instruction restarts the operating system of the application server 3. The operation and maintenance personnel can set the application program to be started up and self-started in the operating system, so that the application program can be automatically started after the server is restarted, and the production system is recovered.
(3) If the operating system or the application program is damaged, the problem cannot be solved by restarting the server in the previous step, and the server backup recovery function can be used. The application server 3 can rebuild the system by using the server system backup files (such as ISO mirror image problem) uploaded by the maintenance personnel through the client, and automatically restart the server after completion to recover the production application.
When the operation and maintenance instruction runs, the input script and the output result are redirected to a log file of the intranet hard disk, and the log file contains the extranet IP address information of the client 1 and is used for pushing the log file.
(6) Switching from intranet to extranet (corresponding to switching from intranet to extranet processing state as described above)
After the operation and maintenance instruction is finished, the internal network processor S1 decodes the log file of the internal network hard disk and copies the log file to the switching area memory S5, and sends an instruction of switching the internal network to the external network to the network gate S5, and the network gate S3 writes state data of switching the internal network to the external network of the network gate S3 into the E2PROM built in the watchdog chip. Subsequently, the network gate S3 sends a "blocking" instruction to the internal network processor S1, controls the internal network hard disk to lose power, supplies power to the external network hard disk, and sends a restart instruction to the external network processor S2 already in the "blocking" state, the external network processor S2 reads the state information in the "boot state area" of the external network hard disk S8 to restart, and the external network processor S2 can only identify and access the external network hard disk and the switching area memory due to the power loss of the internal network hard disk.
(7) And pushing the log.
The extranet processor S2 reads the log file of the memory of the exchange area, analyzes the log file, and obtains client information and server logs, because the log file contains sensitive information such as server and network configuration information, the logs need to be encrypted, and then packaged to form a new log file, which is copied to the extranet hard disk, and the memory content of the exchange area is removed. The extranet processor S2 initiates a log reconnection retransmission request to the client 1.
(8) The connection is released.
The client 1 receives the connection request, can decrypt and check after downloading the log file, and can quit logging and release the connection between the client and the remote recovery device 2 if the operation and maintenance is successful.
Because the remote recovery device 2 needs to switch the network and restart the intranet processor S1 and the extranet processor S2 many times to realize the isolation between the intranet and the extranet in the recovery process of the processing server, only a single task mode is supported, that is, only a single user can perform operation and maintenance operations on a single server at the same time.
According to the embodiment, the application server is remotely operated and maintained and the system is recovered through a remote management port of a wireless network communication technology (IPMI) and the server, the problem that network support is lacked in remote operation and maintenance management of the application server in the related technology is solved, and the technical effects of reducing recovery time of production and application and working pressure of operation and maintenance personnel are achieved. The remote recovery device in this embodiment implements, on a hardware level, component redundancy, physical isolation, and time-sharing switching between the internal and external network memories, the processor, and the network connection, and ensures complete isolation of data storage and processing procedures.
In addition, in the embodiment, the client side adopts a multiple authentication mode to ensure the validity of remote operators, and performs security analysis, virus detection and digital signature on the instructions and data to ensure the security of instruction and data transmission; the remote recovery device effectively reduces the penetration and attack of the external network to the internal network by time-sharing switching, information encryption transmission, log reconnection and return transmission and other mechanisms during the operation and maintenance instruction operation period; in data management, the data formats of the internal network hard disk and the external network memory are different, and the program file in the memory of the exchange area is also set to have no 'operation' authority, so that the safety of the internal network is further protected.
The memory may include volatile memory in a computer readable medium, random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including: a processor; and a memory for storing executable instructions for the processor; wherein the processor is configured to perform the remote processing method of the server of any of the above via execution of the executable instructions.
According to another aspect of the embodiments of the present invention, there is also provided a computer-readable storage medium storing a computer program, wherein when the computer program runs, the apparatus where the computer-readable storage medium is located is controlled to execute the remote processing method of the server in any one of the above.
Fig. 9 is a schematic diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 9, an embodiment of the present invention provides an electronic device 90, which includes a processor, a memory, and a program stored in the memory and running on the processor, and when the processor executes the program, the processor implements a remote processing method of a server according to any one of the above items.
The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages and disadvantages of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described apparatus embodiments are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or may not be executed. In addition, the shown or discussed coupling or direct coupling or communication connection between each other may be an indirect coupling or communication connection through some interfaces, units or modules, and may be electrical or in other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk, and various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (10)

1. A remote processing device for a server, comprising:
the client is a user terminal for performing remote operation and maintenance management on the application server, and is used for initiating a remote operation and maintenance management instruction, wherein the remote operation and maintenance management instruction at least comprises one of the following instructions: switching on and off, restarting and operating system backup recovery;
the remote recovery device at least comprises a network gate, is connected with the client, receives the remote operation and maintenance management instruction, switches the internal network processing state and the external network processing state of the remote recovery device through the network gate, and performs remote operation and maintenance management on the application server by using a target management interface protocol.
2. The remote processing device of claim 1, wherein the remote recovery device further comprises:
a hard disk, wherein the hard disk comprises at least: the intranet hard disk is used for storing intranet data of the remote operation and maintenance management, and the extranet hard disk is used for storing extranet data of the remote operation and maintenance management;
a processor, wherein the processor comprises at least: the intranet processor is used for processing intranet data, the extranet processor is used for processing extranet data, the network gate is connected with the intranet processor and the extranet processor and used for controlling the availability of the intranet hard disk through the intranet processor and controlling the availability of the extranet hard disk through the extranet processor, carrying out physical isolation on the intranet and the extranet and controlling the intranet processor and the extranet processor to work in a time-sharing mode;
and the switching area memory is connected with the internal network processor and the external network processor and is used for providing a buffer area for data exchange for the internal network data and the external network data.
3. The remote processing device of claim 1, wherein the remote recovery device further comprises:
a plurality of communication interfaces, wherein the plurality of communication interfaces includes at least: an intranet communication interface and an extranet communication interface;
a plurality of data interfaces, wherein the plurality of data interfaces are used for performing maintenance management on the remote recovery device, and the maintenance management at least comprises: upgrading device programs and detecting and debugging devices.
4. A remote processing method of a server, applied to the remote processing apparatus of any one of claims 1 to 3, comprising:
receiving a remote operation and maintenance management instruction sent by a client through a remote recovery device, and storing the remote operation and maintenance management instruction under the condition that the remote recovery device is in an extranet processing state;
and after the remote operation and maintenance management instruction is stored, switching the internal and external network processing states through a network gate in the remote recovery device, switching the external network processing state into the internal network processing state, and performing remote operation and maintenance management on an application server through the remote operation and maintenance management instruction by using a target management interface protocol.
5. The remote processing method according to claim 4, wherein the receiving, by a remote recovery device, a remote operation and maintenance management command sent by a client, and in a case that the remote recovery device is in an extranet processing state, storing the remote operation and maintenance management command comprises:
receiving a remote operation and maintenance management instruction sent by a client, storing the remote operation and maintenance management instruction into an external network hard disk of the remote recovery device under the condition that the remote recovery device is in an external network processing state, and performing instruction verification on the remote operation and maintenance management instruction in the external network hard disk through an external network processor;
and storing the remote operation and maintenance management instruction into a switching area memory of the remote recovery device under the condition that the instruction passes verification.
6. The remote processing method according to claim 5, wherein the performing remote operation and maintenance management on the application server through the remote operation and maintenance management instruction by using a target management interface protocol comprises:
repackaging the operation and maintenance management instruction through the target management interface protocol to obtain a target operation and maintenance management instruction, and sending the target operation and maintenance management instruction to an intranet hard disk of the remote recovery device;
and calling the target operation and maintenance management instruction in the intranet hard disk through an intranet processor of the remote recovery device, and performing remote operation and maintenance management on the application server.
7. The remote processing method according to claim 4, wherein the receiving, by the remote recovery device, the remote operation and maintenance management command sent by the client, and in a case that the remote recovery device is in an extranet processing state, before storing the remote operation and maintenance management command by using a target management interface protocol, the method includes:
receiving the remote operation and maintenance management instruction triggered by a target object, and performing identity authentication on the target object through the client;
after the identity authentication is passed, performing security detection on the remote operation and maintenance management instruction, wherein the security detection at least comprises: virus detection;
and after the safety detection is passed, sending the remote operation and maintenance management instruction to the remote recovery device.
8. The remote processing method according to claim 6, wherein after performing the remote operation and maintenance management on the application server, the method comprises:
acquiring an operation log of the remote operation and maintenance management through an intranet processor of the remote recovery device, and sending the operation log to the swap area memory, wherein the operation log at least comprises: operation and maintenance results of the remote operation and maintenance management;
the remote recovery device switches the internal network processing state and the external network processing state through the network gate;
reading the operation log in the memory of the exchange area through an extranet processor of the remote recovery device, and encrypting the operation log to obtain a target operation log;
and storing the target operation log into the external network hard disk, and pushing the target operation log to the client.
9. The remote processing method according to claim 4, wherein switching the intranet processing state and the extranet processing state of the remote recovery apparatus by the gatekeeper comprises:
writing state data of an internal and external network processing state into a watchdog in the remote recovery device through the gatekeeper, and monitoring the state data through the watchdog, wherein the watchdog is used for determining whether the working state of the gatekeeper is abnormal according to the state data, and sending a reset signal to the gatekeeper under the condition that the working state of the gatekeeper is abnormal;
reading the status data in the watchdog when the gatekeeper receives the reset signal;
according to the state data, sending a blocking instruction to the internal network processor, sending a starting instruction to the external network processor, and switching the internal network processing state into the external network processing state; or the like, or, alternatively,
and sending a blocking instruction to the outer network processor according to the state data, sending a starting instruction to the inner network processor, and switching the outer network processing state into the inner network processing state.
10. An electronic device comprising one or more processors and memory for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the remote processing method of the server of any of claims 4 to 9.
CN202211214640.3A 2022-09-30 2022-09-30 Remote processing device and method of server and electronic equipment Pending CN115604315A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211214640.3A CN115604315A (en) 2022-09-30 2022-09-30 Remote processing device and method of server and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211214640.3A CN115604315A (en) 2022-09-30 2022-09-30 Remote processing device and method of server and electronic equipment

Publications (1)

Publication Number Publication Date
CN115604315A true CN115604315A (en) 2023-01-13

Family

ID=84845287

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211214640.3A Pending CN115604315A (en) 2022-09-30 2022-09-30 Remote processing device and method of server and electronic equipment

Country Status (1)

Country Link
CN (1) CN115604315A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116578311A (en) * 2023-07-13 2023-08-11 海马云(天津)信息技术有限公司 System recovery method and device, server device and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116578311A (en) * 2023-07-13 2023-08-11 海马云(天津)信息技术有限公司 System recovery method and device, server device and storage medium
CN116578311B (en) * 2023-07-13 2023-10-03 海马云(天津)信息技术有限公司 System recovery method and device, server device and storage medium

Similar Documents

Publication Publication Date Title
US10078754B1 (en) Volume cryptographic key management
RU2321055C2 (en) Device for protecting information from unsanctioned access for computers of informational and computing systems
US9864655B2 (en) Methods and apparatus for mobile computing device security in testing facilities
KR20100087336A (en) Computer storage device having separate read-only space and read-write space, removable media component, system management interface, and network interface
CN101281570B (en) Credible computing system
WO2021052191A1 (en) Computer starting method, controller, storage medium and system
JPH10333902A (en) Computer system with alteration detecting function
JP2011243231A (en) Capsulation of highly reliable platform module function by tcpa within server management co-processor subsystem
CN110321713B (en) Dynamic measurement method and device of trusted computing platform based on dual-system architecture
JP2008047085A (en) Data security system, apparatus and method using usb device
US9262631B2 (en) Embedded device and control method thereof
CN111414612B (en) Security protection method and device for operating system mirror image and electronic equipment
CN109583212B (en) Firmware file protection method and system based on Intel Whitley platform
CN107368384A (en) A kind of Linux server abnormal information dump system and method
CN100419719C (en) Method for automatic protection of U disc by using filtering driver and intelligent key device
CN110688653A (en) Client security protection method and device and terminal equipment
CN111125707A (en) BMC (baseboard management controller) safe starting method, system and equipment based on trusted password module
CN114329496A (en) Trusted starting method of operating system and electronic equipment
CN115604315A (en) Remote processing device and method of server and electronic equipment
CN110990124B (en) Cloud host recovery method and device
TW201804354A (en) Storage device, data protection method therefor, and data protection system
CN112202727B (en) Server-side verification user management method, system, terminal and storage medium
WO2024045909A1 (en) Storage device with built-in independent data
CN104361298A (en) Method and device for information safety and confidentiality
CN111783120A (en) Data interaction method, computing device, BMC chip and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination