CN116501448A

CN116501448A - Container packaging method and device applied to multiple virtual machines

Info

Publication number: CN116501448A
Application number: CN202310736973.0A
Authority: CN
Inventors: 傅荣会; 余永武; 文琴; 代伟; 侯红英; 王丹; 周维斌; 文丽
Original assignee: Neijiang Normal University
Current assignee: Neijiang Normal University
Priority date: 2023-06-21
Filing date: 2023-06-21
Publication date: 2023-07-28
Anticipated expiration: 2043-06-21
Also published as: CN116501448B

Abstract

Before the virtual machine cluster is packaged into a container, an application entity can trigger a verification entity in a network where the application entity is located to initiate a trusted measurement on the virtual machine cluster, for example, the trusted measurement on the virtual machine cluster by a measurement entity in the network where the virtual machine cluster is located is used for verifying whether the virtual machine cluster is trusted or not, so that the virtual machine cluster is packaged into the container only under the condition that the virtual machine cluster is trusted, and the packaging safety of the container is ensured.

Description

Container packaging method and device applied to multiple virtual machines

Technical Field

The present disclosure relates to the field of virtualization technologies, and in particular, to a method and an apparatus for packaging containers applied to multiple virtual machines.

Background

The Virtual Machine (VM) is an important component of the virtualization technology, and by virtualizing one or more VMs on the device of the entity, the decoupling of the service can be achieved, so that the service can be provided for the user more flexibly under the condition of ensuring the data security. As technology evolves, VMs may be deployed in clusters and packaged as containers to provide a unified large-scale service.

However, as VM deployment scale expands, security risks are also greater, in which case how to secure the packaging of the container is a hotspot problem in current research.

Disclosure of Invention

The embodiment of the application provides a container packaging method and device applied to multiple virtual machines, so as to ensure the packaging safety of containers.

In order to achieve the above purpose, the present application adopts the following technical scheme:

in a first aspect, a container packaging method applied to multiple virtual machines is provided, and the method is applied to an application entity, and includes: under the condition that an application entity needs to encapsulate a virtual machine cluster into a container, the application entity sends a measurement request message to a verification entity, wherein the measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster; the application entity receives a measurement response message returned by the verification entity aiming at the measurement request message, wherein the measurement response message carries a measurement result; and in the case that the measurement result represents that the virtual machine cluster is trusted, the application entity packages the virtual machine cluster into a container.

Based on the method of the first aspect, before the virtual machine cluster is packaged as the container, the application entity may trigger the verification entity in the network where the application entity is located to initiate the trusted measurement on the virtual machine cluster, for example, by using the trusted measurement on the virtual machine cluster by the measurement entity in the network where the virtual machine cluster is located, so as to verify whether the virtual machine cluster is trusted, so that the virtual machine cluster is packaged as the container only when the virtual machine cluster is trusted, so as to ensure the packaging security of the container.

It will be appreciated that a container may be understood as a cup, a virtual machine may be understood as something inside the cup, and after the virtual machine cluster is packaged as a container, no external view (or no perception) of the virtual machine cluster is made, only the ports provided by the container can be seen. Therefore, the virtual machine cluster can be conveniently scheduled, and meanwhile, the safety of the virtual machine cluster can be ensured.

In one possible design, the application entity encapsulates the virtual machine cluster as a container, including: and the application entity encapsulates the virtual machines with matched functions in the virtual machine cluster into the same container according to the functions of the virtual machines in the virtual machine cluster, and encapsulates the virtual machines with unmatched functions in the virtual machine cluster into different containers respectively. For example, a function-matched virtual machine may be understood as a virtual machine that is functionally identical. Or, the virtual machine with the matched functions can be understood as a virtual machine with a logic sequence of executing the functions successively, for example, after the port A is scheduled, the virtual machine 1 executes the step 1 to obtain an intermediate result, and the intermediate result is given to the virtual machine 2 to execute the step 2 to obtain a final result, so that the virtual machine 1 and the virtual machine 2 are virtual machines with the matched functions.

In one possible design, the application entity encapsulates the virtual machine cluster as a container, including: and the application entity encapsulates the virtual machines positioned in the same software layer in the virtual machine cluster into the same container according to the positions of the virtual machines in the virtual machine cluster, and encapsulates the virtual machines positioned in different software layers in the virtual machine cluster into different containers respectively. The location of the virtual machine may be a logical location, such as deployed within the same network, or may be a physical location, such as deployed on a device in the same machine room, which is not particularly limited.

In a second aspect, there is provided a container packaging method applied to multiple virtual machines, applied to a verification entity, the method comprising: under the condition that an application entity needs to encapsulate a virtual machine cluster into a container, a verification entity receives a measurement request message from the application entity, wherein the measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster; the verification entity sends a measurement message to the measurement entity according to the measurement request message, wherein the measurement entity and the virtual machine cluster are positioned in the same network, and the measurement message is used for indicating the measurement entity to initiate the trusted measurement of the virtual machine cluster; the verification entity receives a measurement receiving message returned by the measurement entity according to the measurement message, wherein the measurement receiving message carries a measurement result which is used for representing whether the virtual machine cluster is credible or not; the verification entity sends a metric response message for responding to the metric request message to the verification entity, wherein the metric response message carries a metric result, and the application entity can package the virtual machine cluster into a container under the condition that the metric result characterizes the virtual machine cluster as being credible.

In one possible design, the metric request message is further used to indicate that the virtual machine clusters are respectively located in M networks, where M is an integer greater than 1; the verification entity sends a measurement message to the measurement entity according to the measurement request message, and the verification entity comprises: the verification entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among M networks, wherein N is an integer greater than or equal to 1; the verification entity sends a measurement message to the measurement entity for the N virtual machines, wherein the measurement message is used for indicating the measurement entity to initiate the trusted measurement for the N virtual machines. That is, for N virtual machines, the metric entity may be plural and located in the network where the N virtual machines are located.

Optionally, the relationship between the M networks is specifically a subscription relationship between the M networks. For a network of the M networks that is subscribed to each other, the N virtual machines include virtual machines that are deployed in one of the subscribed networks, and the N virtual machines do not include virtual machines that are deployed in other of the subscribed networks than the one of the networks. That is, for networks that have subscriptions to each other, the networks are related to each other, so long as the virtual machine in one network is trusted, the virtual machines in the other networks can be considered to be trusted, so that the measurement overhead can be reduced, and the measurement efficiency can be improved. And/or; for an island network of the M networks that is not subscribed to other networks of the M networks, the N virtual machines include virtual machines deployed in the island network. For example, for network 1, network 2, network 3, network 4, and network 5, network 1, network 2, and network 3 are mutually contracted, only the virtual machines deployed in network 1 may be measured, and the virtual machines deployed in network 2 and network 3 may not be measured. Network 4 and network 5 are island networks, so that virtual machines deployed in both network 4 and network 5 need to be measured.

Optionally, the relationship between the M networks is specifically a hierarchical relationship between the M networks; the M networks have a hierarchical relationship of M layers, M being an integer greater than 1. For an i-th level network and an i+1-th level network of the M networks, i is any integer from 1 to M-1, the network level of the i-th level network is higher than the network level of the i+1-th level network, the N virtual machines include virtual machines deployed in the i+1-th level network, and the N virtual machines do not include virtual machines deployed in the i-th level network. It will be appreciated that in general, the lower the hierarchy the network, the higher its security risk and vice versa, based on this feature, only the virtual machines in the lower hierarchy network may be measured, and if the virtual machines in the lower hierarchy network are trusted, the virtual machines in the higher hierarchy network are also trusted. Further, a hierarchical relationship between networks may be understood to include a relationship, and a network of a higher hierarchy may include at least one network of a lower hierarchy. For example, a public network may include at least one private network, where the inclusion relationship may refer to the private network being established on hardware attached to the public network, and the service area of the private network being within the service area of the public network. For example, where network 1 and network 2 are public networks, network 3 and network 4 contained within network 1 are private networks, and network 5 contained within network 2 is a private network, metrics may be made only for virtual machines deployed in network 3, network 4, and network 5, and not for virtual machines deployed in network 1 and network 2. By metrics, as long as the virtual machines deployed in network 3, network 4, and network 5 are trusted, the virtual machines deployed in network 1 and network 2 are also trusted, otherwise, not trusted.

In one possible design, the metric request message is also used to indicate relationships between virtual machines in the virtual machine cluster. The verification entity sends a measurement message to the measurement entity according to the measurement request message, and the verification entity comprises: the verification entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among the virtual machines, wherein N is an integer greater than or equal to 1; the verification entity sends a measurement message to the measurement entity for the N virtual machines, wherein the measurement message is used for indicating the measurement entity to initiate the trusted measurement for the N virtual machines.

Optionally, the relationship between the virtual machines is a relationship between a central node and a forwarding node, the N virtual machines include virtual machines that are forwarding nodes in the virtual machine cluster, and the N virtual machines do not include virtual machines that are central nodes in the virtual machine cluster; the virtual machine that is the central node is used to consume the message and the virtual machine that is the forwarding node is used to forward the message. In general, the performance of the virtual machine that is the central node is stronger, and the security protection mechanism is better, so that the reliability is higher and safer, whereas the performance of the virtual machine that is the forwarding node is more general, and the security protection mechanism is also more general, so that the reliability is also general, and thus, the reliability measurement needs to be performed on the virtual machine that is the forwarding node. Of course, since the number of virtual machines serving as the central node is smaller than the number of virtual machines serving as the forwarding nodes, only the virtual machines serving as the central node may be subjected to the trust measurement in consideration of overhead. For example, the virtual machine cluster includes virtual machine 1, virtual machine 2, virtual machine 3, virtual machine 4, virtual machine 5, and virtual machine 6, where virtual machine 3 and virtual machine 5 are central nodes, and the rest are forwarding nodes, and only the virtual machine 1, virtual machine 2, virtual machine 4, and virtual machine 6 may be trusted. By way of the metrics, as long as virtual machine 1, virtual machine 2, virtual machine 4, and virtual machine 6 are trusted, then virtual machine 3 and virtual machine 5 are also trusted, otherwise not trusted.

Optionally, the relationship between the virtual machines is a relationship between a parent node and a child node, the N virtual machines include virtual machines that are child nodes in the virtual machine cluster, and the N virtual machines do not include virtual machines that are parent nodes in the virtual machine cluster. It will be appreciated that, in general, the virtual machine as a child node is less trusted than the virtual machine as a parent node, and based on this feature, only the virtual machine as a child node may be measured, and if the virtual machine as a child node is trusted, the virtual machine as a parent node is also trusted. For example, the virtual machine cluster includes virtual machine 1, virtual machine 2, virtual machine 3, virtual machine 4, virtual machine 5, and virtual machine 6. Virtual machine 1 acts as a parent node, with its child nodes including virtual machine 2 and virtual machine 3. Virtual machine 4 acts as a parent node, with its child nodes comprising virtual machine 5. Virtual machine 3 as a parent node whose child nodes include virtual machine 6, only the final child nodes, virtual machine 5 and virtual machine 6, may be measured. By way of the metrics, virtual machine 1, virtual machine 2, virtual machine 3, and virtual machine 4 are also trusted as long as virtual machine 5 and virtual machine 6 are trusted, and otherwise not trusted.

Optionally, the metrology entity is located in the same network as the N virtual machines. If the measurement entity is deployed in the software layer, the hardware layer supporting the software layer where the measurement entity is located and the hardware layer supporting the N virtual machines are different hardware layers. In this case, for safety, since the software is easy to be attacked and has low reliability, the measurement entity and the measured virtual machine are respectively deployed in different software isolated by hardware, so as to ensure safety. For example, the measurement entity is deployed at the software layer of the server #1, such as an operating system, and the measured virtual machine is deployed at the software layer of the server #2, so as to realize hardware isolation. Or the measurement entity is deployed on the hardware layer, and the hardware layer where the measurement entity is located and the hardware layer supporting the N virtual machines are the same hardware layer. In this case, since the hardware itself is safer and more trusted, a metrology entity deployed on the hardware where the virtual machine being measured is located may be selected for cost-saving reasons. For example, the measurement entity is disposed in a hardware layer, such as a CPU, of the server #1, and the measured virtual machine is disposed in a software layer, such as an operating system, of the server # 1.

Optionally, the measurement result is used for representing whether the N virtual machines are trusted or not; if the N virtual machines are trusted, the virtual machine cluster is trusted, or if the N virtual machines are not trusted, the virtual machine cluster is not trusted.

In a third aspect, there is provided a container encapsulation device for use with multiple virtual machines, for use with an application entity, the device comprising: the processing module is used for controlling the receiving and sending module to send a measurement request message to the verification entity by the application entity under the condition that the application entity needs to package the virtual machine cluster into a container, wherein the measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster; the receiving and transmitting module is used for receiving a measurement response message returned by the verification entity aiming at the measurement request message, wherein the measurement response message carries a measurement result; and the processing module is also used for encapsulating the virtual machine cluster into a container by the application entity under the condition that the measurement result represents that the virtual machine cluster is credible.

In a possible design, the processing module is further configured to encapsulate virtual machines with matched functions in the virtual machine cluster into a same container according to the functions of each virtual machine in the virtual machine cluster, and encapsulate virtual machines with unmatched functions in the virtual machine cluster into different containers respectively.

In a possible design, the processing module is further configured to encapsulate virtual machines located in a same software layer in the virtual machine cluster into a same container according to a position of each virtual machine in the virtual machine cluster, and encapsulate virtual machines located in different software layers in the virtual machine cluster into different containers respectively.

In addition, the technical effects of the container packaging apparatus applied to multiple virtual machines according to the third aspect may refer to the technical effects of the container packaging method applied to multiple virtual machines according to the first aspect, which are not described herein.

In a fourth aspect, there is provided a container packaging apparatus for use with a multi-virtual machine, for use with a validation entity, the apparatus comprising: the receiving and transmitting module is used for verifying that the entity receives a measurement request message from the application entity under the condition that the application entity needs to package the virtual machine cluster into a container, wherein the measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster; the processing module is used for verifying that the entity sends a measurement message to the measurement entity according to the measurement request message, wherein the measurement entity and the virtual machine cluster are positioned in the same network domain, and the measurement message is used for indicating the measurement entity to initiate the trusted measurement of the virtual machine cluster; the receiving and transmitting module is also used for verifying that the entity receives a measurement receiving message returned by the measurement entity according to the measurement message, wherein the measurement receiving message carries a measurement result which is used for representing whether the virtual machine cluster is credible or not; the processing module is further configured to enable the verification entity to control the transceiver module to send a metric response message for responding to the metric request message to the verification entity, where the metric response message carries a metric result, and the application entity can package the virtual machine cluster into a container if the metric result characterizes that the virtual machine cluster is trusted.

In one possible design, the metric request message is further used to indicate that the virtual machine clusters are located in M networks, where M is an integer greater than 1. The processing module is also used for verifying that an entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among M networks, wherein N is an integer greater than or equal to 1; the processing module is further used for verifying that the entity aims at the N virtual machines, and controlling the transceiver module to send a measurement message to the measurement entity, wherein the measurement message is used for indicating the measurement entity to initiate the trusted measurement of the N virtual machines. That is, for N virtual machines, the metric entity may be plural and located in the network where the N virtual machines are located.

Optionally, the relationship between the M networks is specifically a subscription relationship between the M networks. For a network of the M networks that is subscribed to each other, the N virtual machines include virtual machines that are deployed in one of the subscribed networks, and the N virtual machines do not include virtual machines that are deployed in other of the subscribed networks than the one of the networks. And/or; for an island network of the M networks that is not subscribed to other networks of the M networks, the N virtual machines include virtual machines deployed in the island network.

Optionally, the relationship between the M networks is specifically a hierarchical relationship between the M networks; the M networks have a hierarchical relationship of M layers, M being an integer greater than 1. For an i-th level network and an i+1-th level network of the M networks, i is any integer from 1 to M-1, the network level of the i-th level network is higher than the network level of the i+1-th level network, the N virtual machines include virtual machines deployed in the i+1-th level network, and the N virtual machines do not include virtual machines deployed in the i-th level network.

In one possible design, the metric request message is also used to indicate relationships between virtual machines in the virtual machine cluster. The processing module is also used for verifying that the entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among the virtual machines, wherein N is an integer greater than or equal to 1; the processing module is further used for verifying that the entity aims at the N virtual machines, and controlling the transceiver module to send a measurement message to the measurement entity, wherein the measurement message is used for indicating the measurement entity to initiate the trusted measurement of the N virtual machines.

Optionally, the relationship between the virtual machines is a relationship between a central node and a forwarding node, the N virtual machines include virtual machines that are forwarding nodes in the virtual machine cluster, and the N virtual machines do not include virtual machines that are central nodes in the virtual machine cluster; the virtual machine that is the central node is used to consume the message and the virtual machine that is the forwarding node is used to forward the message.

Optionally, the relationship between the virtual machines is a relationship between a parent node and a child node, the N virtual machines include virtual machines that are child nodes in the virtual machine cluster, and the N virtual machines do not include virtual machines that are parent nodes in the virtual machine cluster.

Optionally, the metrology entity is located in the same network as the N virtual machines. If the measurement entity is deployed in the software layer, the hardware layer supporting the software layer where the measurement entity is located and the hardware layer supporting the N virtual machines are different hardware layers. Or the measurement entity is deployed on the hardware layer, and the hardware layer where the measurement entity is located and the hardware layer supporting the N virtual machines are the same hardware layer.

In addition, the technical effects of the container packaging apparatus applied to multiple virtual machines described in the fourth aspect may refer to the technical effects of the container packaging method applied to multiple virtual machines described in the second aspect, which are not described herein.

In a fifth aspect, there is provided a container packaging apparatus applied to a multi-virtual machine, including: a processor and a memory; the memory is configured to store a computer program, which when executed by the processor, causes the container packaging apparatus applied to the multiple virtual machines to execute a container packaging method applied to the multiple virtual machines according to the first aspect or the second aspect.

In one possible design, the container packaging device applied to the multiple virtual machines according to the fifth aspect may further include a transceiver. The transceiver may be a transceiver circuit or an interface circuit. The transceiver may be used for the communication between a container packaging device applied to the multiple virtual machines according to the first aspect or the second aspect and another container packaging device applied to the multiple virtual machines.

In this application, a container packaging device applied to a multiple virtual machine according to the fifth aspect may be a terminal, or a chip (system) or other parts or components that may be disposed in the terminal, or a device including the terminal.

In addition, the technical effects of the container packaging apparatus applied to multiple virtual machines according to the fifth aspect may refer to the technical effects of the container packaging method applied to multiple virtual machines according to the first aspect, which are not described herein.

In a sixth aspect, there is provided a computer readable storage medium comprising: computer programs or instructions; the computer program or instructions, when executed on a computer, cause the computer to perform a container encapsulation method as described in the first or second aspect for a multi-virtual machine.

In a seventh aspect, there is provided a computer program product comprising: computer program or instructions which, when run on a computer, cause the computer to perform a container encapsulation method for a multi-virtual machine as described in the first or second aspect.

Drawings

Fig. 1 is a schematic architecture diagram of a communication system according to an embodiment of the present application;

fig. 2 is a flowchart of a method for packaging containers applied to multiple virtual machines according to an embodiment of the present application;

fig. 3 is a schematic structural diagram of a container packaging device applied to multiple virtual machines according to an embodiment of the present application;

fig. 4 is a schematic structural diagram of a container packaging device applied to multiple virtual machines according to an embodiment of the present application.

Detailed Description

The present application will present various aspects, embodiments, or features about a system that may include multiple devices, components, modules, etc. It is to be understood and appreciated that the various systems may include additional devices, components, modules, etc. and/or may not include all of the devices, components, modules etc. discussed in connection with the figures. Furthermore, combinations of these schemes may also be used.

In addition, in the embodiments of the present application, words such as "exemplary," "for example," and the like are used to indicate an example, instance, or illustration. Any embodiment or design described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, the term use of an example is intended to present concepts in a concrete fashion.

In the embodiment of the present application, "information", "signal", "message", "channel", and "signaling" may be used in a mixed manner, and it should be noted that the meaning of the expression is matched when the distinction is not emphasized. "of", "corresponding" and "corresponding" are sometimes used in combination, and it should be noted that the meanings to be expressed are matched when the distinction is not emphasized. Furthermore, references to "/" herein may be used to indicate a relationship of "or".

The network architecture and the service scenario described in the embodiments of the present application are for more clearly describing the technical solution of the embodiments of the present application, and do not constitute a limitation on the technical solution provided in the embodiments of the present application, and those skilled in the art can know that, with the evolution of the network architecture and the appearance of the new service scenario, the technical solution provided in the embodiments of the present application is also applicable to similar technical problems.

The method provided by the embodiment of the application can be applied to a communication system, and the communication system can comprise the following steps as shown in fig. 1: an application entity, a verification entity and a measurement entity.

In particular, the application entity may be a network element in the core network, such as an AF, i.e. an application function.

The communication system may be a management system under a network function virtualization (network functions virtualization, NFV) architecture. The validation entity may be deployed in management, automation and network orchestration (management and orchestration, MANO), for example, the cloud computing management entity may be a network function virtualization orchestrator (network functions virtualization orchestrator, NFVO), virtualization infrastructure management (virtualizedinfrastructure management, VIM), and virtual network function manager (network functions virtualization manager, VNFM) in MANO, or may also be a function in NFVO, VIM, or VNFM. The metrology entity may be a software or hardware implementation, accompanied by a cluster deployment of the virtual machines being measured. The virtual machine cluster may be deployed in a plurality of networks, which may be administrative domain networks, or the networks may also be operator networks, such as public land mobile networks (public land mobile network, PLMNs). The virtual machines in the virtual machine cluster may be implemented by virtualizing the electronic device.

The electronic device may be a terminal, such as a User Equipment (UE), an access terminal, a subscriber unit (subscriber unit), a subscriber station, a Mobile Station (MS), a mobile station, a remote terminal, a mobile device, a user terminal, a wireless communication device, a user agent, or a user equipment. The terminals in embodiments of the present application may be mobile phones (mobile phones), cellular phones (cellular phones), smart phones (smart phones), tablet computers (pads), wireless data cards, personal digital assistants (personal digital assistant, PDAs), wireless modems (modems), handheld devices (handsets), laptop computers (laptop computers), machine type communication (machine type communication, MTC) terminals, computers with wireless transceiving functions, virtual Reality (VR) terminals, augmented reality (augmented reality, AR) terminals, wireless terminals in industrial control (industrial control), wireless terminals in unmanned aerial vehicle (self driving), wireless terminals in telemedicine (remote media), wireless terminals in smart grid (smart grid), wireless terminals in transportation security (transportation safety), wireless terminals in smart city (smart city), wireless terminals in smart home (smart city), vehicle-side units (RSU) with roadside functions, etc. The terminal of the present application may also be an in-vehicle module, an in-vehicle component, an in-vehicle chip, or an in-vehicle unit built into a vehicle as one or more components or units.

For ease of understanding, a method embodiment will be described in detail below in connection with fig. 2.

Fig. 2 is a schematic flow chart of a container packaging method applied to multiple virtual machines according to an embodiment of the present application.

Specifically, as shown in fig. 2, the flow of the method is as follows:

s201, in the case that the application entity needs to encapsulate the virtual machine cluster into a container, the application entity sends a measurement request message to the verification entity, and the verification entity receives the measurement request message from the application entity.

The measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster. The metric request message may carry an address, such as an internet protocol address, or any other possible address, for each virtual machine in the cluster of virtual machines.

In one possible design, the metric request message may also be used to indicate that the virtual machine clusters are respectively located in M networks, where M is an integer greater than 1, for example, to indicate a correspondence between each virtual machine in the virtual machine cluster and the network in which the virtual machine is located.

In another possible design, the metric request message may also be used to indicate relationships between virtual machines in the virtual machine cluster. The relationship between the virtual machines may be a relationship between a central node and a forwarding node, where the virtual machine that is the central node is used to consume the message, and the virtual machine that is the forwarding node is used to forward the message. Alternatively, the relationship between virtual machines may be a relationship between a parent node and a child node.

S202, the verification entity sends a measurement message to the measurement entity according to the measurement request message.

The measurement entity and the virtual machine cluster are located in the same network, and the measurement message is used for indicating the measurement entity to initiate the trusted measurement of the virtual machine cluster.

In one possible design, if the metric request message indicates that the virtual machine clusters are respectively located in M networks, where M is an integer greater than 1, the verifying entity sends the metric message to the metric entity according to the metric request message, and may include: the verification entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among M networks, wherein N is an integer greater than or equal to 1; the verification entity sends a measurement message to the measurement entity for the N virtual machines, wherein the measurement message is used for indicating the measurement entity to initiate the trusted measurement for the N virtual machines. That is, for N virtual machines, the metric entity may be plural and located in the network where the N virtual machines are located.

Alternatively, the relationship between the M networks may specifically be a subscription relationship between the M networks. For a network of the M networks that is subscribed to each other, the N virtual machines include virtual machines that are deployed in one of the subscribed networks, and the N virtual machines do not include virtual machines that are deployed in other of the subscribed networks than the one of the networks. That is, for networks that have subscriptions to each other, the networks are related to each other, so long as the virtual machine in one network is trusted, the virtual machines in the other networks can be considered to be trusted, so that the measurement overhead can be reduced, and the measurement efficiency can be improved. And/or; for an island network of the M networks that is not subscribed to other networks of the M networks, the N virtual machines include virtual machines deployed in the island network. For example, for network 1, network 2, network 3, network 4, and network 5, network 1, network 2, and network 3 are mutually contracted, only the virtual machines deployed in network 1 may be measured, and the virtual machines deployed in network 2 and network 3 may not be measured. Network 4 and network 5 are island networks, so that virtual machines deployed in both network 4 and network 5 need to be measured.

Alternatively, the relationship between the M networks may specifically be a hierarchical relationship between the M networks; the M networks have a hierarchical relationship of M layers, M being an integer greater than 1. For an i-th level network and an i+1-th level network of the M networks, i is any integer from 1 to M-1, the network level of the i-th level network is higher than the network level of the i+1-th level network, the N virtual machines include virtual machines deployed in the i+1-th level network, and the N virtual machines do not include virtual machines deployed in the i-th level network. It will be appreciated that in general, the lower the hierarchy the network, the higher its security risk and vice versa, based on this feature, only the virtual machines in the lower hierarchy network may be measured, and if the virtual machines in the lower hierarchy network are trusted, the virtual machines in the higher hierarchy network are also trusted. Further, a hierarchical relationship between networks may be understood to include a relationship, and a network of a higher hierarchy may include at least one network of a lower hierarchy. For example, a public network may include at least one private network, where the inclusion relationship may refer to the private network being established on hardware attached to the public network, and the service area of the private network being within the service area of the public network. For example, where network 1 and network 2 are public networks, network 3 and network 4 contained within network 1 are private networks, and network 5 contained within network 2 is a private network, metrics may be made only for virtual machines deployed in network 3, network 4, and network 5, and not for virtual machines deployed in network 1 and network 2. By metrics, as long as the virtual machines deployed in network 3, network 4, and network 5 are trusted, the virtual machines deployed in network 1 and network 2 are also trusted, otherwise, not trusted.

In another possible design, if the metric request message indicates a relationship between virtual machines in the virtual machine cluster, the verifying entity sends the metric message to the metric entity according to the metric request message, and may include: the verification entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among the virtual machines, wherein N is an integer greater than or equal to 1; the verification entity sends a measurement message to the measurement entity for the N virtual machines, wherein the measurement message is used for indicating the measurement entity to initiate the trusted measurement for the N virtual machines.

Optionally, if the relationship between the virtual machines is a relationship between the central node and the forwarding node, the N virtual machines may include virtual machines that are forwarding nodes in the virtual machine cluster, and the N virtual machines may not include virtual machines that are central nodes in the virtual machine cluster. In general, the performance of the virtual machine that is the central node is stronger, and the security protection mechanism is better, so that the reliability is higher and safer, whereas the performance of the virtual machine that is the forwarding node is more general, and the security protection mechanism is also more general, so that the reliability is also general, and thus, the reliability measurement needs to be performed on the virtual machine that is the forwarding node. Of course, since the number of virtual machines serving as the central node is smaller than the number of virtual machines serving as the forwarding nodes, only the virtual machines serving as the central node may be subjected to the trust measurement in consideration of overhead. For example, the virtual machine cluster includes virtual machine 1, virtual machine 2, virtual machine 3, virtual machine 4, virtual machine 5, and virtual machine 6, where virtual machine 3 and virtual machine 5 are central nodes, and the rest are forwarding nodes, and only the virtual machine 1, virtual machine 2, virtual machine 4, and virtual machine 6 may be trusted. By way of the metrics, as long as virtual machine 1, virtual machine 2, virtual machine 4, and virtual machine 6 are trusted, then virtual machine 3 and virtual machine 5 are also trusted, otherwise not trusted.

Optionally, if the relationship between the virtual machines is a relationship between a parent node and a child node, the N virtual machines may include virtual machines that are child nodes in the virtual machine cluster, and the N virtual machines may not include virtual machines that are parent nodes in the virtual machine cluster. It will be appreciated that, in general, the virtual machine as a child node is less trusted than the virtual machine as a parent node, and based on this feature, only the virtual machine as a child node may be measured, and if the virtual machine as a child node is trusted, the virtual machine as a parent node is also trusted. For example, the virtual machine cluster includes virtual machine 1, virtual machine 2, virtual machine 3, virtual machine 4, virtual machine 5, and virtual machine 6. Virtual machine 1 acts as a parent node, with its child nodes including virtual machine 2 and virtual machine 3. Virtual machine 4 acts as a parent node, with its child nodes comprising virtual machine 5. Virtual machine 3 as a parent node whose child nodes include virtual machine 6, only the final child nodes, virtual machine 5 and virtual machine 6, may be measured. By way of the metrics, virtual machine 1, virtual machine 2, virtual machine 3, and virtual machine 4 are also trusted as long as virtual machine 5 and virtual machine 6 are trusted, and otherwise not trusted.

The measurement entity may measure the virtual machine by using the prior art, for example, the trusted starting sequence of the virtual machine, internal operation data of the virtual machine, such as memory read-write data, CPU scheduling data, and the like, and communication data of the virtual machine may refer to the implementation defined by the 3GPP standard, which is not specifically limited in the embodiments of the present application.

S203, the verification entity receives the measurement receiving message returned by the measurement entity according to the measurement message.

The measurement receiving message carries a measurement result, and the measurement result is used for representing whether the virtual machine cluster is trusted or not. For example, the metrics are used to characterize whether the N virtual machines are trusted; if the N virtual machines are trusted, the virtual machine cluster is trusted, or if the N virtual machines are not trusted, the virtual machine cluster is not trusted.

S204, the verification entity sends a measurement response message for responding to the measurement request message to the verification entity, and the application entity receives the measurement response message returned by the verification entity aiming at the measurement request message.

Wherein the metric response message carries the metric result.

S205, in the case that the measurement result represents that the virtual machine cluster is trusted, the application entity packages the virtual machine cluster into a container.

It will be appreciated that a container may be understood as a cup, a virtual machine may be understood as something inside the cup, and after the virtual machine cluster is packaged as a container, no external view (or no perception) of the virtual machine cluster is made, only the ports provided by the container can be seen. Therefore, the virtual machine cluster can be conveniently scheduled, and meanwhile, the safety of the virtual machine cluster can be ensured. In addition, the packaging technology of the container can be implemented by adopting the prior art, and the embodiment of the application is not particularly limited.

In summary, before the virtual machine cluster is packaged as the container, the application entity may trigger the verification entity in the network where the application entity is located to initiate a trusted measurement on the virtual machine cluster, for example, by using the trusted measurement on the virtual machine cluster by the measurement entity in the network where the virtual machine cluster is located, so as to verify whether the virtual machine cluster is trusted, so that the virtual machine cluster is packaged as the container only when the virtual machine cluster is trusted, and packaging security of the container is ensured.

In addition, the method provided in the embodiment of the present application may also have other application scenarios, for example, including the following flows:

step 1, in the process of carrying out data transmission between the virtual machine cluster and the application entity, the verification entity receives a measurement request message from the application entity.

And 2, the verification entity sends a measurement message to the measurement entity according to the measurement request message.

And 3, verifying that the entity receives the measurement receiving message returned by the measurement entity according to the measurement message.

And step 4, the verification entity sends a measurement response message for responding to the measurement request message to the application entity.

Wherein the metric response message carries the metric result.

In summary, when the virtual machine cluster provides a service for the application entity through data transmission, the application entity may trigger the verification entity in the network where the application entity is located to initiate a trusted measurement on the virtual machine cluster, for example, through the trusted measurement on the virtual machine cluster by the measurement entity in the network where the virtual machine cluster is located, to verify whether the virtual machine cluster is trusted, so that the application entity receives the service of the virtual machine cluster only when the virtual machine cluster is trusted, thereby ensuring service security.

The above details about the method for encapsulating containers applied to multiple virtual machines according to the embodiment of the present application are described in connection with fig. 2. A container packaging apparatus for implementing the embodiment of the present application is described in detail below with reference to fig. 3 to 4. The container packaging device 300 applied to multiple virtual machines is suitable for the terminal, and comprises a transceiver module 301 and a processing module 302.

In some embodiments, the container packaging apparatus 300 of multiple virtual machines may be applied to the application entities described above.

The processing module 302 is configured to, when the application entity needs to encapsulate the virtual machine cluster into a container, control the transceiver module 301 to send a measurement request message to the verification entity, where the measurement request message is used to request to perform trusted measurement on the virtual machine cluster; the transceiver module 301 is configured to receive a metric response message returned by the verification entity for the metric request message, where the metric response message carries a metric result; the processing module 302 is further configured to, in case the measurement result characterizes that the virtual machine cluster is trusted, encapsulate the virtual machine cluster into a container by the application entity.

In a possible design, the processing module 302 is further configured to encapsulate virtual machines with matched functions in the virtual machine cluster into the same container according to the functions of each virtual machine in the virtual machine cluster, and encapsulate virtual machines with unmatched functions in the virtual machine cluster into different containers respectively.

In a possible design, the processing module 302 is further configured to encapsulate virtual machines located in a same software layer in the virtual machine cluster into a same container according to a location of each virtual machine in the virtual machine cluster, and encapsulate virtual machines located in different software layers in the virtual machine cluster into different containers respectively.

In other embodiments, the multi-virtual machine container packaging apparatus 300 may be applied to the verification entity described above.

The transceiver module 301 is configured to, when the application entity needs to encapsulate the virtual machine cluster into a container, verify that the entity receives a measurement request message from the application entity, where the measurement request message is used to request that trusted measurement be performed on the virtual machine cluster; the processing module 302 is configured to verify that the entity sends a measurement message to the measurement entity according to the measurement request message, where the measurement entity and the virtual machine cluster are located in the same network domain, and the measurement message is used to instruct the measurement entity to initiate a trusted measurement on the virtual machine cluster; the transceiver module 301 is further configured to verify that the entity receives a metric reception message returned by the metric entity according to the metric message, where the metric reception message carries a metric result, and the metric result is used to characterize whether the virtual machine cluster is trusted; the processing module 302 is further configured to enable the verification entity to control the transceiver module 301 to send a metric response message for responding to the metric request message to the verification entity, where the metric response message carries a metric result, and where the metric result characterizes the virtual machine cluster as being trusted, the application entity can package the virtual machine cluster as a container.

In one possible design, the metric request message is further used to indicate that the virtual machine clusters are located in M networks, where M is an integer greater than 1. The processing module 302 is further configured to determine, by the verification entity, N virtual machines that need to be measured in the virtual machine cluster according to a relationship between M networks, where N is an integer greater than or equal to 1; the processing module 302 is further configured to verify that the entity is for the N virtual machines, and control the transceiver module 301 to send a metric message to the metric entity, where the metric message is used to instruct the metric entity to initiate trusted metrics for the N virtual machines. That is, for N virtual machines, the metric entity may be plural and located in the network where the N virtual machines are located.

In one possible design, the metric request message is also used to indicate relationships between virtual machines in the virtual machine cluster. The processing module 302 is further configured to verify that the entity determines N virtual machines to be measured in the virtual machine cluster according to a relationship between virtual machines, where N is an integer greater than or equal to 1; the processing module 302 is further configured to verify that the entity is for the N virtual machines, and control the transceiver module 301 to send a metric message to the metric entity, where the metric message is used to instruct the metric entity to initiate trusted metrics for the N virtual machines.

Alternatively, the transceiver module 301 may include a transmitting module (not shown in fig. 3) and a receiving module (not shown in fig. 3). The transmitting module is configured to implement a transmitting function of the apparatus 300, and the receiving module is configured to implement a receiving function of the apparatus 300.

Optionally, the apparatus 300 may further comprise a storage module (not shown in fig. 3) storing a program or instructions. The processing module 702, when executing the program or instructions, enables the apparatus 300 to perform the method of fig. 2 described above.

It is understood that the apparatus 300 may be a terminal, a chip (system) or other parts or components that may be disposed in the terminal, or an apparatus including the foregoing, which is not limited in this application.

In addition, the technical effects of the apparatus 300 may refer to the technical effects of the method shown in fig. 2, which are not described herein.

Fig. 3 is a schematic structural diagram of a container packaging device applied to multiple virtual machines according to an embodiment of the present application. The container packaging device applied to the multiple virtual machines can be a terminal, or can be a chip (system) or other parts or components which can be arranged on the terminal. As shown in fig. 4, a container packaging apparatus 400 applied to a multi-virtual machine may include a processor 401. Optionally, a container packaging apparatus 400 applied to multiple virtual machines may further include a memory 402 and/or a transceiver 403. Wherein the processor 401 is coupled to the memory 402 and the transceiver 403, e.g. may be connected by a communication bus.

The following describes in detail the respective constituent components of a container packaging apparatus 400 applied to multiple virtual machines with reference to fig. 4:

the processor 401 is a control center of the container packaging apparatus 400 applied to multiple virtual machines, and may be one processor or a generic name of multiple processing elements. For example, processor 401 is one or more central processing units (central processing unit, CPU), but may also be an integrated circuit (application specific integrated circuit, ASIC), or one or more integrated circuits configured to implement embodiments of the present application, such as: one or more microprocessors (digitalsignal processor, DSPs), or one or more field programmable gate arrays (field programmable gate array, FPGAs).

Alternatively, the processor 401 may execute various functions of a container packing apparatus 400 applied to multiple virtual machines, for example, perform a container packing method applied to multiple virtual machines as shown in fig. 2 described above, by running or executing a software program stored in the memory 402 and calling data stored in the memory 402.

In a particular implementation, processor 401 may include one or more CPUs, such as CPU0 and CPU1 shown in FIG. 4, as an embodiment.

In a specific implementation, as an embodiment, a container packaging apparatus 400 applied to a multi-virtual machine may also include a plurality of processors, such as a processor 401 and a processor 404 shown in fig. 4. Each of these processors may be a single-core processor (single-CPU) or a multi-core processor (multi-CPU). A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (e.g., computer program instructions).

The memory 402 is configured to store a software program for executing the solution of the present application, and the processor 401 controls the execution of the software program, and the specific implementation may refer to the above method embodiment, which is not described herein again.

Alternatively, memory 402 may be, but is not limited to, read-only memory (ROM) or other type of static storage device that may store static information and instructions, random access memory (randomaccess memory, RAM) or other type of dynamic storage device that may store information and instructions, but may also be electrically erasable programmable read-only memory (electrically erasable programmable read-only memory, EEPROM), compact disc read-only memory (compact disc read-only memory) or other optical disk storage, optical disk storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory 402 may be integrated with the processor 401 or may exist separately and be coupled to the processor 401 through an interface circuit (not shown in fig. 4) of the container packaging apparatus 400 applied to multiple virtual machines, which is not specifically limited in the embodiment of the present application.

A transceiver 403 for communicating with another container encapsulation device applied to the multiple virtual machines. For example, one container encapsulation device 400 applied to multiple virtual machines is a terminal, and the transceiver 403 may be used to communicate with a network device or another terminal device. For another example, a container encapsulation apparatus 400 applied to multiple virtual machines is a network device, and a transceiver 403 may be used to communicate with a terminal or with another network device.

Alternatively, the transceiver 403 may include a receiver and a transmitter (not separately shown in fig. 4). The receiver is used for realizing the receiving function, and the transmitter is used for realizing the transmitting function.

Alternatively, the transceiver 403 may be integrated with the processor 401, or may exist separately, and be coupled to the processor 401 through an interface circuit (not shown in fig. 4) of the container packaging device 400 applied to multiple virtual machines, which is not specifically limited in this embodiment of the present application.

It should be noted that the structure of the container packaging device 400 applied to the multiple virtual machines shown in fig. 4 does not constitute a limitation of the container packaging device applied to the multiple virtual machines, and an actual container packaging device applied to the multiple virtual machines may include more or fewer components than those shown, or may combine some components, or may have different arrangements of components.

In addition, the technical effects of the container packaging device 400 applied to multiple virtual machines may refer to the technical effects of the container packaging method applied to multiple virtual machines described in the above method embodiments, and are not described herein again.

It should be appreciated that the processor in embodiments of the present application may be a central processing unit (central processing unit, CPU), which may also be other general purpose processors, digital signal processors (digital signal processor, DSP), application specific integrated circuits (application specific integrated circuit, ASIC), off-the-shelf programmable gate arrays (fieldprogrammable gate array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

It should also be appreciated that the memory in embodiments of the present application may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The nonvolatile memory may be a read-only memory (ROM), a programmable read-only memory (programmableROM, PROM), an erasable programmable read-only memory (EPROM), an electrically erasable programmable read-only memory (electricallyEPROM, EEPROM), or a flash memory, among others. The volatile memory may be random access memory (random access memory, RAM) which acts as an external cache. By way of example but not limitation, many forms of random access memory (randomaccess memory, RAM) are available, such as Static RAM (SRAM), dynamic Random Access Memory (DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate synchronous dynamic random access memory (DDR SDRAM), enhanced synchronous dynamic random access memory (enhancedSDRAM, ESDRAM), synchronous Link DRAM (SLDRAM), and direct memory bus RAM (DR RAM).

The above embodiments may be implemented in whole or in part by software, hardware (e.g., circuitry), firmware, or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer instructions or computer programs. When the computer instructions or computer program are loaded or executed on a computer, the processes or functions described in accordance with the embodiments of the present application are all or partially produced. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website site, computer, server, or data center to another website site, computer, server, or data center by wired (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains one or more sets of available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium. The semiconductor medium may be a solid state disk.

It should be understood that the term "and/or" is merely an association relationship describing the associated object, and means that three relationships may exist, for example, a and/or B may mean: there are three cases, a alone, a and B together, and B alone, wherein a, B may be singular or plural. In addition, the character "/" herein generally indicates that the associated object is an "or" relationship, but may also indicate an "and/or" relationship, and may be understood by referring to the context.

In the present application, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.

It should be understood that, in various embodiments of the present application, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic thereof, and should not constitute any limitation on the implementation process of the embodiments of the present application.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.

In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.

The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (random access memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.

The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A container encapsulation method applied to multiple virtual machines, characterized in that it is applied to an application entity, the method comprising:

in the case that the application entity needs to encapsulate the virtual machine cluster into a container, the application entity sends a measurement request message to the verification entity, where the measurement request message is used to request for performing trusted measurement on the virtual machine cluster;

the application entity receives a measurement response message returned by the verification entity aiming at the measurement request message, wherein the measurement response message carries a measurement result;

and the application entity encapsulates the virtual machine cluster into a container under the condition that the measurement result represents that the virtual machine cluster is trusted.

2. The method of claim 1, wherein the application entity encapsulates the virtual machine cluster as a container, comprising:

And the application entity encapsulates the virtual machines with matched functions in the virtual machine cluster into the same container according to the functions of the virtual machines in the virtual machine cluster, and encapsulates the virtual machines with unmatched functions in the virtual machine cluster into different containers respectively.

3. The method of claim 1, wherein the application entity encapsulates the virtual machine cluster as a container, comprising:

and the application entity encapsulates the virtual machines positioned in the same software layer in the virtual machine cluster into the same container according to the positions of the virtual machines in the virtual machine cluster, and encapsulates the virtual machines positioned in different software layers in the virtual machine cluster into different containers respectively.

4. A container packaging method applied to multiple virtual machines, characterized in that it is applied to a verification entity, the method comprising:

in the case that an application entity needs to encapsulate a virtual machine cluster into a container, the verification entity receives a measurement request message from the application entity, wherein the measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster;

the verification entity sends a measurement message to a measurement entity according to the measurement request message, wherein the measurement entity and the virtual machine cluster are positioned in the same network, and the measurement message is used for indicating the measurement entity to initiate the trusted measurement of the virtual machine cluster;

The verification entity receives a measurement receiving message returned by the measurement entity according to the measurement message, wherein the measurement receiving message carries a measurement result, and the measurement result is used for representing whether the virtual machine cluster is credible or not;

the verification entity sends a measurement response message for responding to the measurement request message to the verification entity, wherein the measurement response message carries the measurement result, and the application entity can package the virtual machine cluster into a container under the condition that the measurement result characterizes the virtual machine cluster to be trusted.

5. The method of claim 4, wherein the metric request message is further used to indicate that the virtual machine clusters are located in M networks, M being an integer greater than 1, respectively; the verification entity sends a measurement message to a measurement entity according to the measurement request message, and the measurement message comprises:

the verification entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among the M networks, wherein N is an integer greater than or equal to 1;

the verification entity sends the measurement message to the measurement entity aiming at the N virtual machines, wherein the measurement message is used for indicating the measurement entity to initiate the trusted measurement of the N virtual machines.

6. The method of claim 4, wherein the metric request message is further used to indicate a relationship between virtual machines in the cluster of virtual machines; the verification entity sends a measurement message to a measurement entity according to the measurement request message, and the measurement message comprises:

the verification entity determines N virtual machines to be measured in the virtual machine cluster according to the relation among the virtual machines, wherein N is an integer greater than or equal to 1;

7. The method according to claim 5 or 6, characterized in that:

the measuring entity and the N virtual machines are located in the same network;

if the measurement entity is deployed in the software layer, the hardware layer supporting the software layer where the measurement entity is located and the hardware layer supporting the N virtual machines are different hardware layers; or the measurement entity is deployed at a hardware layer, and the hardware layer where the measurement entity is located and the hardware layer supporting the N virtual machines are the same hardware layer.

8. The method according to claim 5 or 6, characterized in that:

The measurement result is used for representing whether the N virtual machines are trusted or not; if the N virtual machines are trusted, the virtual machine cluster is trusted, or if the N virtual machines are not trusted, the virtual machine cluster is not trusted.

9. A container encapsulation device for use with multiple virtual machines, the device comprising:

the processing module is used for controlling a measurement request message sent to the verification entity by the receiving and sending module under the condition that the application entity needs to package the virtual machine cluster into a container, wherein the measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster;

the receiving and transmitting module is configured to receive a metric response message returned by the verification entity for the metric request message, where the metric response message carries a metric result;

the processing module is further configured to, when the measurement result characterizes that the virtual machine cluster is trusted, encapsulate the virtual machine cluster into a container by the application entity.

10. A container packaging apparatus for use with multiple virtual machines, the apparatus comprising:

The system comprises a receiving and transmitting module, a verification module and a verification module, wherein the receiving and transmitting module is used for receiving a measurement request message from an application entity under the condition that the application entity needs to package a virtual machine cluster into a container, and the measurement request message is used for requesting to perform trusted measurement on the virtual machine cluster;

the processing module is used for controlling the receiving-transmitting module to send a measurement message to the measurement entity according to the measurement request message by the verification entity, wherein the measurement entity and the virtual machine cluster are positioned in the same network domain, and the measurement message is used for indicating the measurement entity to initiate the trusted measurement to the virtual machine cluster;

the receiving and transmitting module is further configured to receive a metric receiving message returned by the metric entity according to the metric message, where the metric receiving message carries a metric result, and the metric result is used to characterize whether the virtual machine cluster is trusted;

the processing module is further configured to control, by the verification entity, the transceiver module to send a metric response message for responding to the metric request message to the verification entity, where the metric response message carries the metric result, and in a case where the metric result characterizes that the virtual machine cluster is trusted, the application entity can package the virtual machine cluster as a container.