CN115664948B - Method, device, system and storage medium for automatic configuration and issuing of virtual resources - Google Patents
Method, device, system and storage medium for automatic configuration and issuing of virtual resources Download PDFInfo
- Publication number
- CN115664948B CN115664948B CN202211689119.5A CN202211689119A CN115664948B CN 115664948 B CN115664948 B CN 115664948B CN 202211689119 A CN202211689119 A CN 202211689119A CN 115664948 B CN115664948 B CN 115664948B
- Authority
- CN
- China
- Prior art keywords
- configuration
- security
- issuing
- security component
- automatic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention discloses a method, a device, a system and a storage medium for automatically configuring and issuing virtual resources, wherein the method comprises the following steps: when a cloud security resource pool system deploys security components, acquiring the types and configuration information of the security components; selecting a corresponding security component configuration template according to the type of the security component; generating a corresponding configuration statement according to the security component configuration template; and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component. The scheme solves the problem that the security component similar to the cloud security resource pool cannot automatically configure and issue. In addition, the scheme of the invention can also add delayed retransmission in the configuration flow, thereby improving the system stability and reducing the resource consumption by adding abnormal stop transmission.
Description
Technical Field
The invention relates to the technical field of cloud computing, in particular to a method, a device and a system for automatically configuring and issuing virtual resources and a storage medium.
Background
With the rapid development of cloud computing technology and the gradual falling of all industries, the safety problem of virtual machines in the cloud also becomes the most concerned topic of enterprises in the world. In order to realize reasonable distribution of security resources in the cloud and perform multi-layer security protection on the virtual machine, various virtualization security components need to be deployed in the cloud, so that the distributed protection security components are integrally formed, and all the distributed security components are uniformly managed and configured through a cloud security resource pool system.
Because the cloud security resource pool system provides convenient and sufficient guarantee for the security of the service in the cloud by integrating a plurality of security components, the security components comprise: the system comprises ten security components such as a virtual log auditing system, a virtual firewall, a virtual intrusion detection system, a virtual database auditing system and a virtual bastion machine, but an effective method for automatically configuring and issuing the components does not exist in a cloud security resource pool system.
Disclosure of Invention
The application mainly aims to provide a method, a device, a system and a storage medium for issuing automatic configuration of virtual resources, and aims to solve the problem that the virtual resources in a cloud security resource pool cannot be automatically configured and issued.
In order to achieve the above object, the present application provides a virtual resource automatic configuration issuing method, including the following steps:
when a cloud security resource pool system deploys security components, acquiring the types and configuration information of the security components;
selecting a corresponding security component configuration template according to the type of the security component;
generating a corresponding configuration statement according to the security component configuration template;
and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component.
Optionally, the type of security component comprises: the step of generating a corresponding configuration statement according to the security component configuration template comprises the following steps:
and generating a corresponding system configuration statement and a corresponding strategy configuration statement according to the security component configuration template.
Optionally, the step of filling the configuration information according to the corresponding configuration statement and issuing the security component by automatic configuration includes:
obtaining VNC interface information of the security component;
calling a VNC interface of the security component, and starting a background Web process of the VNC interface of the security component through a Webdriver;
and filling the configuration information according to the corresponding configuration statement through the background Web process, automatically positioning and writing a system configuration statement and a strategy configuration statement based on a seleguim, and automatically configuring and issuing the security component.
Optionally, after the step of filling the configuration information according to the corresponding configuration statement through the background Web process, automatically positioning and writing a system configuration statement and a policy configuration statement based on seleuim, and automatically configuring and issuing the security component, the method further includes:
judging whether the automatic configuration is successfully issued;
if the automatic configuration is successfully issued, recording a configuration and issuing success log;
and if the automatic configuration is failed to be issued, recording the reason of the failure of the configuration and issuing again after delaying the preset time.
Optionally, the method further comprises:
after the security component is deployed in the cloud security resource pool system, configuration information is filled in the cloud security resource pool system, and configuration is delivered during delivery.
Optionally, the method further comprises:
in the cloud security resource pool, deploying and installing each security component in a virtual machine mode;
after the security component is deployed in the cloud security resource pool system, after the cloud security resource pool system is started, automatic network configuration and automatic strategy issuing operation are carried out according to configuration information filled in during deployment.
Optionally, the step of filling the configuration information according to the corresponding configuration statement and automatically configuring and issuing the security component further includes:
checking whether the state of the safety component is normal;
if the state of the safety component is normal, the following steps are executed: filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component;
and if the state of the safety component is abnormal, recording an error log through the controller, and reconfiguring and issuing when the state is normal.
The embodiment of the present invention further provides an automatic virtual resource configuration issuing device, where the automatic virtual resource configuration issuing device includes:
the system comprises an acquisition module, a configuration module and a management module, wherein the acquisition module is used for acquiring the type and configuration information of a security component when the security component is deployed in a cloud security resource pool system;
the template selection module is used for selecting a corresponding security component configuration template according to the type of the security component;
the generating module is used for generating a corresponding configuration statement according to the security component configuration template;
and the configuration issuing module is used for filling the configuration information according to the corresponding configuration statement and automatically configuring and issuing the security component.
The embodiment of the invention also provides a cloud security resource pool system, which comprises a memory, a processor and a virtual resource automatic configuration issuing program which is stored on the memory and can run on the processor, wherein the virtual resource automatic configuration issuing program is executed by the processor to realize the virtual resource automatic configuration issuing method.
The embodiment of the invention also provides a storage medium, wherein the storage medium is stored with a virtual resource automatic configuration issuing program, and the virtual resource automatic configuration issuing program is executed by a processor to realize the virtual resource automatic configuration issuing method.
The embodiment of the invention provides a method, a device, a system and a storage medium for issuing automatic configuration of virtual resources, wherein when a cloud security resource pool system deploys security components, the type and configuration information of the security components are obtained; selecting a corresponding security component configuration template according to the type of the security component; generating a corresponding configuration statement according to the security component configuration template; and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component. The scheme is different from the existing scheme in that: according to the existing process, the security component needs to be deployed firstly, after the deployment is completed, a VNC window of the security component is logged in the cloud platform, the configuration setting of the security component is opened, the configuration is edited, the configuration is stored, the interface is quitted and the like. In addition, the scheme of the invention can also add delayed retransmission in the configuration flow, thereby improving the system stability, and reducing the resource consumption by adding abnormal retransmission stop. It should be noted that the scheme of the present invention is also applicable to the case of automatic configuration and issue of the Linux and Windows operating system virtual machines in the cloud platform.
Drawings
Fig. 1 is a schematic diagram of a functional module of a device to which a virtual resource automatic configuration issuing method of the present application belongs;
fig. 2 is a flowchart illustrating a first exemplary embodiment of a virtual resource automatic configuration issuing method according to the present application;
fig. 3 is a detailed flowchart of an embodiment of a virtual resource automatic configuration issuing method according to the present application.
The implementation, functional features and advantages of the objectives of the present application will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The main solution of the embodiment of the application is as follows: when a cloud security resource pool system deploys security components, acquiring the types and configuration information of the security components; selecting a corresponding security component configuration template according to the type of the security component; generating a corresponding configuration statement according to the security component configuration template; and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component. The scheme is different from the existing scheme in that: according to the existing process, the security component needs to be deployed firstly, after the deployment is completed, a VNC window of the security component is logged in the cloud platform, the configuration setting of the security component is opened, the configuration is edited, the configuration is stored, the interface is quitted and the like. In addition, the scheme of the invention can also add delayed retransmission in the configuration flow, thereby improving the system stability, and reducing the resource consumption by adding abnormal stop transmission. It should be noted that the scheme of the present invention is also applicable to the case of automatic configuration and issue of the Linux and Windows operating system virtual machines in the cloud platform.
The technical terms related to the embodiment of the invention are as follows:
a selenim: the test tool is a tool for testing the Web application program and can simulate user operation.
And the Webdriver is used for driving the browser, the Selenuim can start a Web process through the Webdriver, and various operations on the browser can be realized by using the Selenuim + the Webdriver.
VNC: (Virtual Network Console) is an abbreviation for Virtual Network Console.
Cloud security resource pool and security component: mainly, the security provider clouds the security capability to be provided for the user in a flexible and on-demand manner, which can also be regarded as security capability Saas, and the component having the security capability in the security resource pool is called a security component.
The present embodiment takes into account: the cloud security resource pool system provides convenient and sufficient guarantee for the security of the service in the cloud by integrating a plurality of security components, wherein the security components are as follows: the system comprises ten security components such as a virtual log auditing system, a virtual firewall, a virtual intrusion detection system, a virtual database auditing system and a virtual bastion machine, but an effective method for automatically configuring and issuing the components does not exist in a cloud security resource pool system.
Therefore, the embodiment of the invention provides a solution, which can solve the problem that the security component similar to the cloud security resource pool cannot be automatically configured and issued, and is also suitable for the condition that the common Linux and Windows operating system virtual machines in the cloud platform are automatically configured and issued.
The main idea of the embodiment of the invention is as follows: in a cloud environment, configuration automatic issuing is carried out on a security component in the cloud through a cloud security resource pool system, and the optimal solution is that in the cloud security resource pool system, a configuration field is automatically generated in a background according to a security component system type and a type needing to be configured, then a background Web process of a security component VNC is started through a Webdriver by calling a security component VNC interface in the cloud security resource pool, and configuration automatic issuing based on Web is realized on the security component needing to be configured according to a configuration statement automatically generated by a template.
Specifically, referring to fig. 1, fig. 1 is a schematic diagram of a functional module of a device to which a virtual resource automatic configuration issuing apparatus belongs according to the present application. The virtual resource automatic configuration issuing device may be a device for implementing virtual resource processing, and may be borne on the device or the system in a form of hardware or software.
In this embodiment, the device to which the virtual resource automatic configuration issuing apparatus belongs at least includes an output module 110, a processor 120, a memory 130 and a communication module 140.
The memory 130 stores an operating system and an automatic configuration and issuing program of virtual resources; the output module 110 may be a display screen or the like. The communication module 140 may include a WIFI module, a mobile communication module, a bluetooth module, and the like, and communicates with an external device or a server through the communication module 140.
The virtual resource automatic configuration issuing program in the memory 130 realizes the following steps when executed by the processor:
when a cloud security resource pool system deploys security components, acquiring the types and configuration information of the security components;
selecting a corresponding security component configuration template according to the type of the security component;
generating a corresponding configuration statement according to the security component configuration template;
and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component.
Further, the automatic configuration issuing program of the virtual resource in the memory 130 further realizes the following steps when executed by the processor:
and generating a corresponding system configuration statement and a corresponding strategy configuration statement according to the security component configuration template.
Further, the automatic configuration issuing program of the virtual resource in the memory 130, when executed by the processor, further implements the following steps:
obtaining VNC interface information of the security component;
calling a VNC interface of the security component, and starting a background Web process of the VNC interface of the security component through a Webdriver;
and filling the configuration information according to the corresponding configuration statement through the background Web process, automatically positioning and writing a system configuration statement and a strategy configuration statement based on a seleguim, and automatically configuring and issuing the security component.
Further, the automatic configuration issuing program of the virtual resource in the memory 130, when executed by the processor, further implements the following steps:
judging whether the automatic configuration is successfully issued;
if the automatic configuration is successfully issued, recording a configuration and issuing success log;
and if the automatic configuration is failed to be issued, recording the reason of the failure of the configuration and issuing again after delaying the preset time.
Further, the automatic configuration issuing program of the virtual resource in the memory 130, when executed by the processor, further implements the following steps:
after the security component is deployed in the cloud security resource pool system, configuration information is filled in the cloud security resource pool system, and configuration is delivered during delivery.
Further, the automatic configuration issuing program of the virtual resource in the memory 130, when executed by the processor, further implements the following steps:
in the cloud security resource pool, deploying and installing each security component in a virtual machine mode;
after the security component is deployed in the cloud security resource pool system, after the cloud security resource pool system is started, automatic network configuration and automatic strategy issuing operation are carried out according to configuration information filled in during deployment.
Further, the automatic configuration issuing program of the virtual resource in the memory 130, when executed by the processor, further implements the following steps:
checking whether the state of the safety component is normal;
if the state of the safety component is normal, executing the following steps: filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component;
and if the state of the safety component is abnormal, recording an error log through the controller, and reconfiguring and issuing when the state is normal.
According to the scheme, when the cloud security resource pool system deploys the security components, the type and configuration information of the security components are acquired; selecting a corresponding security component configuration template according to the type of the security component; generating a corresponding configuration statement according to the security component configuration template; and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component. The scheme is different from the existing scheme in that: according to the existing process, the security component needs to be deployed firstly, after the deployment is completed, a VNC window of the security component is logged in the cloud platform, the configuration setting of the security component is opened, the configuration is edited, the configuration is stored, the interface is quitted and the like. In addition, the scheme of the invention can also add delayed retransmission in the configuration flow, thereby improving the system stability, and reducing the resource consumption by adding abnormal stop transmission. It should be noted that the scheme of the present invention is also applicable to the case of automatic configuration and issue of the Linux and Windows operating system virtual machines in the cloud platform.
Based on the above device architecture but not limited to the above architecture, embodiments of the method of the present application are presented.
The scheme of the embodiment of the invention aims to realize that the configuration and the issuing are automatically completed when the security component is deployed by the techniques of the Selenuim, the webdriver, the VNC and the like in a cloud security resource pool system, so that the complex operation of a user is reduced, the startup and the use are realized, the delayed retransmission is added, the system stability is improved, and the controller resource consumption is saved when the security component is added and abnormally stopped.
Specifically, referring to fig. 2, fig. 2 is a flowchart illustrating a first exemplary embodiment of a virtual resource automatic configuration issuing method according to the present invention. The automatic configuration issuing method of the virtual resources comprises the following steps:
step S101, when a cloud security resource pool system deploys security components, acquiring types and configuration information of the security components;
the cloud security resource system may be an in-cloud controller database.
As described above, to implement reasonable allocation of security resources in a cloud and perform multi-layer security protection on a virtual machine, various types of virtualized security components need to be deployed in the cloud, so as to integrally form a distributed protection security component, and a cloud security resource pool system is used to uniformly manage and configure and issue all distributed security components.
In this embodiment, the types of security components may include: system configuration, policy configuration, and the like.
Wherein different types of security components have different configuration information.
The configuration information may include relevant configuration information such as system configuration, policy configuration, and the like.
As an embodiment, when the cloud security resource pool system deploys the security components, the type and configuration information of the security components may be acquired in the cloud security resource system, that is, the controller database.
In one embodiment, each security component is deployed and installed in a virtual machine form in the cloud security resource pool.
Step S102, selecting a corresponding security component configuration template according to the type of the security component;
wherein different types of security components may configure different security component configuration templates.
For example, a security component of a system configuration type may configure a corresponding security component configuration template, and a security component of a policy configuration type may configure a corresponding security component configuration template.
Step S103, generating a corresponding configuration statement according to the security component configuration template;
for different types of security components, such as system configuration and policy configuration, corresponding system configuration statements and policy configuration statements may be generated according to the security component configuration template.
And step S104, filling the configuration information according to the corresponding configuration statement, and performing automatic configuration and issuing on the security component.
Specifically, as an implementation manner, the step of filling the configuration information according to the corresponding configuration statement and automatically configuring and issuing the security component may include:
obtaining VNC interface information of the security component;
calling a VNC interface of the security component, and starting a background Web process of the VNC interface of the security component through a Webdriver;
and filling the configuration information according to the corresponding configuration statement through the background Web process, automatically positioning and writing a system configuration statement and a strategy configuration statement based on a seleguim, and automatically configuring and issuing the security component.
According to the scheme, when the cloud security resource pool system deploys the security components, the type and configuration information of the security components are acquired; selecting a corresponding security component configuration template according to the type of the security component; generating a corresponding configuration statement according to the security component configuration template; and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component. The scheme is different from the existing scheme in that: according to the existing process, the security component needs to be deployed firstly, after deployment is completed, a VNC window of the security component is logged in the cloud platform, the configuration setting of the security component is opened, configuration is edited, configuration is saved, an interface exits and other operations are carried out, and the operation is complex.
The detailed flow for implementing automatic configuration and issuing of the virtual resources according to the embodiment of the present invention can be shown in fig. 3.
With reference to fig. 3, further, after the step of filling, by the background Web process, the configuration information according to the corresponding configuration statement, automatically positioning and writing a system configuration statement and a policy configuration statement based on selenuim, and issuing the security component by automatic configuration, the step of:
judging whether the automatic configuration is successfully issued;
if the automatic configuration is successfully issued, recording a configuration and issuing success log;
and if the automatic configuration is failed to be issued, recording the reason of the failure of the configuration and issuing again after delaying the preset time.
Therefore, by adding delayed retransmission in the configuration flow, the stability of the system can be improved, and resource consumption can be reduced by adding abnormal retransmission stop. It should be noted that the scheme of the present invention is also applicable to the case of automatic configuration and issue of the Linux and Windows operating system virtual machines in the cloud platform.
Further, the step of filling the configuration information according to the corresponding configuration statement and automatically configuring and issuing the security component may further include:
checking whether the state of the safety component is normal;
if the state of the safety component is normal, executing the following steps: filling the configuration information according to the corresponding configuration statement, and performing automatic configuration and issuing on the security component;
and if the state of the safety component is abnormal, recording an error log through the controller, and reconfiguring and issuing when the state is normal.
The controller system can regularly carry out heartbeat monitoring with all safety assemblies, when the safety assemblies are abnormal and can not be communicated, the controller can cancel configuration issuing of the safety assemblies, and when the safety assemblies are communicated again, the configuration issuing is carried out again.
Specifically, as shown in fig. 3, first, a component type and configuration information are obtained from a cloud security resource system, that is, a controller database, and a corresponding configuration template is selected according to the security component type to construct a system configuration and policy configuration statement, where it is determined whether the state of the security component is normal, and if the state of the security component is normal, a controller calls a cloud platform interface to obtain VNC interface information of the security component, and then a controller background starts a Web process of the security component VNC through a webdriver, and opens a system configuration and policy configuration interface.
Then, based on a selenim automatic positioning write-in system, namely a policy configuration statement, whether automatic configuration delivery is successful or not is judged, if so, a configuration success log is recorded and written into a database, a configuration flow is completed, if not, a configuration delivery failure reason is recorded and written into the database, and after 1 minute (time can be set according to actual conditions), automatic configuration delivery is carried out again. If the state of the security component is abnormal, the controller records an error log and writes the error log into a database for later check, and the configuration is reconfigured and issued when the state of the security component is changed to be normal.
Further, the method may further include:
after the security component is deployed in the cloud security resource pool system, configuration information is filled in the cloud security resource pool system, and configuration is delivered during delivery.
In this embodiment, when the security component is deployed in the cloud security resource pool system, the configuration issue will not be automatically performed when the security component is not configured. The configuration information can be filled in the cloud security resource pool system after deployment is completed, configuration issuing can be performed during issuing, the principle of the configuration information is consistent with the process of filling the configuration information and deploying the security components, the controller system can perform heartbeat monitoring with all the security components at regular time, when the security components are abnormal and cannot be communicated, the controller can cancel the configuration issuing of the security components, and when the security components are communicated again, the configuration issuing is performed again.
Further, the method may further include:
after the security component is deployed in the cloud security resource pool system, after the cloud security resource pool system is started, automatic network configuration and automatic strategy issuing operation are carried out according to configuration information filled in during deployment.
The operation process can be simplified into the input of the configuration information of the security component through the scheme of the invention, the security component is deployed, and the security component is used after being started, thereby solving the problem that the security component similar to the cloud security resource pool cannot be automatically configured and issued.
The following details the embodiments of the present invention:
the principle of the embodiment of the invention is as follows: when the cloud security resource pool system deploys the security component, configuration information such as network and strategy configuration is filled, the configuration information is recorded in a database of the cloud security resource pool controller, and the security component is automatically configured and issued according to the filled configuration information.
In the cloud security resource pool, all the security components are deployed and installed in a virtual machine mode, deployment of the security components in the cloud security resource pool is completed, after the system is started, automatic network configuration and automatic strategy issuing operation can be performed according to configuration information filled in during deployment, and the effect that the deployment is completed and the system is ready to use when started is achieved.
When the configuration and the deployment of the security components in the cloud security resource pool system are completed, firstly, the configuration information of the security components in the database is inquired, the configuration information is divided into two categories of system configuration and strategy configuration, the two categories are stored in the database in a classified mode, and corresponding configuration statements are generated for the security components according to the security component configuration templates of the cloud security resource pool system.
VNC addresses of all security components are stored in a database, a background starts a Web process corresponding to the VNC addresses of the security components through a Webdriver, and a controller automatically positions and inputs configuration statements through a Selenuim to complete automatic configuration of the security components.
When the security component is not configured during deployment, the configuration and the issuing cannot be automatically performed, the configuration information can be filled in the cloud security resource pool system after the deployment is completed, and the configuration and the issuing can be performed during the issuing, and the principle of the configuration and the issuing is consistent with the flow when the configuration information is filled in and the security component is deployed.
The controller system can regularly carry out heartbeat monitoring with all safety assemblies, when the safety assemblies are abnormal and can not be communicated, the controller can cancel configuration issuing of the safety assemblies, and when the safety assemblies are communicated again, the configuration issuing is carried out again.
Compared with the existing scheme, the scheme of the embodiment of the invention has the following differences: according to the existing process, the security component needs to be deployed firstly, after the deployment is completed, a VNC window of the security component is logged in a cloud platform, the configuration setting of the security component is opened, the configuration is edited, the configuration is stored, an interface exits and other operations are carried out, the operation is complex, the operation process can be simplified into the operation of inputting the configuration information of the security component, the security component is deployed, the security component is used when the security component is started, time delay retransmission is added in the configuration process, the system stability is improved, and the resource consumption is reduced by adding abnormal transmission stopping.
Compared with the existing scheme, the embodiment of the invention realizes the automatic configuration function of the security component, realizes the ready use of the component when the component is started, and simplifies the configuration operation of a user side; considering the situation that the security component may fail to issue configuration, the time delay retransmission is added, and logs are recorded for later check, so as to ensure the stability of the automatic configuration of the security component; in addition, the cloud security resource pool controller system can regularly carry out heartbeat monitoring with all security components, when the situation that some security components are abnormal and cannot be communicated is found, the controller can cancel configuration issuing on the security components, and when the security components are communicated again, configuration issuing is carried out again, so that useless resource consumption is saved.
It should be noted that the solution of the embodiment of the present invention is applicable to automatic configuration issue solutions of distributed NFV products and common security components of the same types such as virtual firewall, virtual IPS, virtual IDS, virtual WAF, and the like in a cloud security resource pool system; the method can also be used for solving the automatic configuration of other common Linux and Windows systems and virtual machines in the cloud.
In addition, an embodiment of the present application further provides an apparatus for automatically configuring and issuing virtual resources, where the apparatus for automatically configuring and issuing virtual resources includes:
the system comprises an acquisition module, a configuration module and a management module, wherein the acquisition module is used for acquiring the type and configuration information of a security component when the security component is deployed in a cloud security resource pool system;
the template selection module is used for selecting a corresponding security component configuration template according to the type of the security component;
the generating module is used for generating a corresponding configuration statement according to the security component configuration template;
and the configuration issuing module is used for filling the configuration information according to the corresponding configuration statement and automatically configuring and issuing the security component.
Since the virtual resource automatic configuration issuing program is executed by the processor, all technical solutions of all the embodiments are adopted, so that at least all the beneficial effects brought by all the technical solutions of all the embodiments are achieved, and detailed description is omitted here.
In addition, the embodiment of the application also provides a cloud security resource pool system, which comprises a memory, a processor and a virtual resource automatic configuration issuing program which is stored on the memory and can run on the processor, wherein the virtual resource automatic configuration issuing program is executed by the processor to realize the virtual resource automatic configuration issuing method.
Since the virtual resource automatic configuration issuing program is executed by the processor, all technical solutions of all the foregoing embodiments are adopted, so that at least all the beneficial effects brought by all the technical solutions of all the foregoing embodiments are achieved, and details are not repeated herein.
In addition, an embodiment of the present application further provides a storage medium, where a virtual resource automatic configuration issuing program is stored on the storage medium, and the virtual resource automatic configuration issuing program is executed by a processor to implement the virtual resource automatic configuration issuing method described above.
Since the virtual resource automatic configuration issuing program is executed by the processor, all technical solutions of all the embodiments are adopted, so that at least all the beneficial effects brought by all the technical solutions of all the embodiments are achieved, and detailed description is omitted here.
The embodiment of the invention provides a method, a device, a system and a storage medium for issuing automatic configuration of virtual resources, wherein when a cloud security resource pool system deploys security components, the type and configuration information of the security components are acquired; selecting a corresponding security component configuration template according to the type of the security component; generating a corresponding configuration statement according to the security component configuration template; and filling the configuration information according to the corresponding configuration statement, and automatically configuring and issuing the security component. The scheme is different from the existing scheme in that: according to the existing process, the security component needs to be deployed firstly, after the deployment is completed, a VNC window of the security component is logged in the cloud platform, the configuration setting of the security component is opened, the configuration is edited, the configuration is stored, the interface is quitted and the like. In addition, the scheme of the invention can also add delayed retransmission in the configuration flow, thereby improving the system stability, and reducing the resource consumption by adding abnormal stop transmission. It should be noted that the scheme of the present invention is also applicable to the case of automatic configuration and issue of the Linux and Windows operating system virtual machines in the cloud platform.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present application or portions contributing to the prior art may be embodied in the form of a software product, where the computer software product is stored in a storage medium (such as a ROM/RAM, a magnetic disk, and an optical disk) as above, and includes several instructions to enable a terminal device (which may be a mobile phone, a computer, a server, a controlled terminal, or a network device) to execute the method of each embodiment of the present application.
The above description is only a preferred embodiment of the present application, and not intended to limit the scope of the present application, and all the equivalent structures or equivalent processes that can be directly or indirectly applied to other related technical fields by using the contents of the specification and the drawings of the present application are also included in the scope of the present application.
Claims (9)
1. A virtual resource automatic configuration issuing method is characterized by comprising the following steps:
when a cloud security resource pool system deploys security components, acquiring the types and configuration information of the security components;
selecting a corresponding security component configuration template according to the type of the security component;
generating a corresponding configuration statement according to the security component configuration template;
checking whether the state of the safety component is normal;
if the state of the security component is normal, filling the configuration information according to the corresponding configuration statement, and performing automatic configuration and issuing on the security component;
and if the state of the safety component is abnormal, recording an error log through the controller, and reconfiguring and issuing when the state is normal.
2. The method of claim 1, wherein the type of security component comprises: the step of generating a corresponding configuration statement according to the security component configuration template comprises the following steps:
and generating a corresponding system configuration statement and a corresponding strategy configuration statement according to the security component configuration template.
3. The method of claim 2, wherein the step of automatically configuring and issuing the security component by filling the configuration information according to the corresponding configuration statement comprises:
obtaining VNC interface information of the security component;
calling a VNC interface of the security component, and starting a background Web process of the VNC interface of the security component through a Webdriver;
and filling the configuration information according to the corresponding configuration statement through the background Web process, automatically positioning and writing system configuration statements and strategy configuration statements based on selenuim, and automatically configuring and issuing the security component.
4. The method according to claim 3, wherein the step of filling in the configuration information according to the corresponding configuration statement through the background Web process, automatically locating and writing in a system configuration statement and a policy configuration statement based on seleuim, and automatically configuring and issuing the security component further comprises:
judging whether the automatic configuration is successfully issued;
if the automatic configuration is successfully issued, recording a configuration and issuing success log;
and if the automatic configuration is failed to be issued, recording the reason of the failure of the configuration and issuing again after delaying the preset time.
5. The method according to any one of claims 1-4, further comprising:
after the security component is deployed in the cloud security resource pool system, configuration information is filled in the cloud security resource pool system, and configuration is delivered during delivery.
6. The method according to any one of claims 1-4, further comprising:
in the cloud security resource pool, deploying and installing each security component in a virtual machine mode;
after the security component is deployed in the cloud security resource pool system, after the cloud security resource pool system is started, automatic network configuration and automatic strategy issuing operation are carried out according to configuration information filled in during deployment.
7. An automatic virtual resource configuration issuing device is characterized in that the automatic virtual resource configuration issuing device comprises:
the system comprises an acquisition module, a configuration module and a management module, wherein the acquisition module is used for acquiring the type and configuration information of a security component when the security component is deployed in a cloud security resource pool system;
the template selection module is used for selecting a corresponding security component configuration template according to the type of the security component;
the generating module is used for generating a corresponding configuration statement according to the security component configuration template;
the configuration issuing module is used for checking whether the state of the security component is normal or not; if the state of the security component is normal, filling the configuration information according to the corresponding configuration statement, and performing automatic configuration and issuing on the security component; and if the state of the safety component is abnormal, recording an error log through the controller, and reconfiguring and issuing when the state is normal.
8. A cloud security resource pool system, wherein the system comprises a memory, a processor and a virtual resource automatic configuration issuing program stored in the memory and capable of running on the processor, and when the virtual resource automatic configuration issuing program is executed by the processor, the virtual resource automatic configuration issuing method according to any one of claims 1 to 6 is implemented.
9. A storage medium, wherein the storage medium stores thereon a virtual resource automatic configuration issuing program, and the virtual resource automatic configuration issuing program, when executed by a processor, implements the virtual resource automatic configuration issuing method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211689119.5A CN115664948B (en) | 2022-12-28 | 2022-12-28 | Method, device, system and storage medium for automatic configuration and issuing of virtual resources |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211689119.5A CN115664948B (en) | 2022-12-28 | 2022-12-28 | Method, device, system and storage medium for automatic configuration and issuing of virtual resources |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115664948A CN115664948A (en) | 2023-01-31 |
| CN115664948B true CN115664948B (en) | 2023-03-17 |
Family
ID=85022556
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211689119.5A Active CN115664948B (en) | 2022-12-28 | 2022-12-28 | Method, device, system and storage medium for automatic configuration and issuing of virtual resources |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115664948B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112596864A (en) * | 2020-12-29 | 2021-04-02 | 航天开元科技有限公司 | Operation cloud platform cloud resource management system based on virtualization and policy automation |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2504487A (en) * | 2012-07-30 | 2014-02-05 | Ibm | Automated network deployment of cloud services into a network by matching security requirements |
| CN106790091B (en) * | 2016-12-23 | 2020-10-27 | 深信服科技股份有限公司 | Cloud safety protection system and flow cleaning method |
| CN111371595A (en) * | 2020-02-25 | 2020-07-03 | 深信服科技股份有限公司 | Network security deployment method, device, equipment and readable storage medium |
| CN111556047B (en) * | 2020-04-24 | 2022-07-12 | 杭州安恒信息技术股份有限公司 | Deployment method of security service in private cloud environment |
-
2022
- 2022-12-28 CN CN202211689119.5A patent/CN115664948B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112596864A (en) * | 2020-12-29 | 2021-04-02 | 航天开元科技有限公司 | Operation cloud platform cloud resource management system based on virtualization and policy automation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115664948A (en) | 2023-01-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9386079B2 (en) | Method and system of virtual desktop infrastructure deployment studio | |
| US10534915B2 (en) | System for virtual patching security vulnerabilities in software containers | |
| CN110096424B (en) | Test processing method and device, electronic equipment and storage medium | |
| US20150100829A1 (en) | Method and system for selecting and executing test scripts | |
| US20210326196A1 (en) | A remediation system to prevent incompatible program module installation in an information processing system | |
| US20150100832A1 (en) | Method and system for selecting and executing test scripts | |
| US20180006904A1 (en) | Orchestration process template for generation of orchestration process to tolerate errors | |
| US20150100830A1 (en) | Method and system for selecting and executing test scripts | |
| US20150100831A1 (en) | Method and system for selecting and executing test scripts | |
| US20210336995A1 (en) | Methods and apparatus to provide resource security | |
| CN110268378B (en) | Method for creating data backup, storage medium and virtual server | |
| CN111857951A (en) | Containerized deployment platform and deployment method | |
| CN113687858A (en) | Configuration file checking method and device, electronic equipment and storage medium | |
| CN115664948B (en) | Method, device, system and storage medium for automatic configuration and issuing of virtual resources | |
| CN114095498B (en) | Cluster environment deployment method, system, computer equipment and storage medium | |
| CN108053288B (en) | Service arrangement issuing method and device | |
| CN115629856A (en) | Operation and maintenance tool of cloud management platform and system operation and maintenance method of cloud management platform | |
| CN112596750B (en) | Application testing method and device, electronic equipment and computer readable storage medium | |
| EP3151512B1 (en) | Service authentication processing method and apparatus | |
| CN113746676A (en) | Container cluster-based network card management method, device, equipment, medium and product | |
| CN115473799B (en) | System and method for automatically deploying micro-service application of virtual machine | |
| CN115567361B (en) | Cross-platform bottom layer software system, application method, equipment and storage medium | |
| CN114546598B (en) | Control method for processes, files and network access in container | |
| CN112162823B (en) | Container deployment method and device and related equipment | |
| CN114237885A (en) | Container resource adjusting method and device, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |