CN116506400A - Communication method and device - Google Patents

Communication method and device Download PDF

Info

Publication number
CN116506400A
CN116506400A CN202310424121.8A CN202310424121A CN116506400A CN 116506400 A CN116506400 A CN 116506400A CN 202310424121 A CN202310424121 A CN 202310424121A CN 116506400 A CN116506400 A CN 116506400A
Authority
CN
China
Prior art keywords
host
container
label
flow label
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310424121.8A
Other languages
Chinese (zh)
Inventor
陈可
陈钱
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd
Original Assignee
New H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd filed Critical New H3C Technologies Co Ltd
Priority to CN202310424121.8A priority Critical patent/CN116506400A/en
Publication of CN116506400A publication Critical patent/CN116506400A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2596Translation of addresses of the same type other than IP, e.g. translation from MAC to MAC addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The application provides a communication method and a device, wherein the method comprises the following steps: acquiring a second flow label of a second container; acquiring a matched first label forwarding table item from a label forwarding table according to the second flow label, wherein the first label forwarding table item comprises an IP address of a second host where the second container is located and an MAC address of the second host; the method comprises the steps of sending a first message to a second host, wherein the first message comprises a destination address field, a destination MAC address field and a flow label field, the IP address of the second host is stored in the destination address field, the MAC address of the second host is stored in the destination MAC address field, the second flow label is stored in the flow label field, and after the second host receives the first message, the first message is sent to a second container according to the second flow label.

Description

Communication method and device
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a communications method and apparatus.
Background
Container technology, particularly the open source container tool dock, is now widely used in some data centers. The container technology realizes mutual isolation between applications by standardized packaging of software and its dependent environments, and the container can run in most mainstream operating systems.
In the construction of a container cloud platform, the network and security implementation of the container become the most important challenges in the construction of the container cloud platform, and when enterprises begin to migrate important enterprise core applications to the container platform, the lack of sufficient network and security management can pose a potentially huge threat to business online.
Flannel is a network solution proposed by CoreOS for addressing the communication of container clusters across hosts. Flannel is essentially an Overlay network, i.e., TCP packets are encapsulated within another network packet for routing and communication. Flannel now supports data forwarding modes such as UDP, VXLAN, AWS VPC, GCE routing, etc., with the VXLAN technology being the most popular, most data centers also consider a VXLAN network implementation that switches networks to Flannel when introducing containers.
The Flannel allocates a subnet for each host, the container can allocate an IP address from the subnet, the allocated IP address can be routed among the hosts, and the inter-host communication can be realized without NAT and port mapping among the containers. The VXLAN technology supported by Flannel can be well combined with SDN, is worthy of realizing automatic deployment of the whole network, intelligent operation and management, and is suitable for newly built data center network deployment.
However, when Flannel is employed to enable communication of container clusters across hosts, the following drawbacks are also exposed: 1) In the data forwarding process, an Overlay encapsulation technology is required to be introduced, so that a large amount of encapsulation and decapsulation work is generated, the CPU pressure is high, and the forwarding efficiency is low; 2) When networking, complex network problems such as networking of address planning Overlay and Underlay and the like still need to be considered, and complex deployment is difficult; 3) The fusion degree with cloud/SDN is low, and no integral cloud fusion safety isolation management and control scheme exists at present.
Disclosure of Invention
In view of this, the application provides a communication method and device, which are used for solving the problems that in the existing process of realizing cross-host communication of a container cluster by adopting Flannel, a large amount of encapsulation and decapsulation work is generated, so that the CPU pressure is large, the forwarding efficiency is low, the networking deployment is complex, the fusion degree with cloud/SDN is low, and no integral cloud fusion safety isolation management and control scheme exists at present.
In a first aspect, the present application provides a communication method applied to a first host, the first host including a first container, the first container having a first flow label, the method comprising:
acquiring a second flow label of a second container;
acquiring a matched first label forwarding table item from a label forwarding table according to the second flow label, wherein the first label forwarding table item comprises an IP address of a second host where the second container is located and an MAC address of the second host;
the method comprises the steps of sending a first message to a second host, wherein the first message comprises a destination address field, a destination MAC address field and a flow label field, the IP address of the second host is stored in the destination address field, the MAC address of the second host is stored in the destination MAC address field, the second flow label is stored in the flow label field, and after the second host receives the first message, the first message is sent to a second container according to the second flow label.
In a second aspect, the present application provides a communications apparatus for use with a first host, the first host comprising a first container having a first flow label, the apparatus comprising:
a first acquisition unit configured to acquire a second flow label of a second container;
a second obtaining unit, configured to obtain, according to the second flow label, a matched first label forwarding table entry from a label forwarding table, where the first label forwarding table entry includes an IP address of a second host where the second container is located and a MAC address of the second host;
the sending unit is configured to send a first packet to a second host, where the first packet includes a destination address field, a destination MAC address field, and a flow label field, where the destination address field stores an IP address of the second host, the destination MAC address field stores a MAC address of the second host, and the flow label field stores the second flow label, so that after the second host receives the first packet, the second host sends the first packet to the second container according to the second flow label.
In a third aspect, the present application provides a network device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor to cause the processor to perform the method provided in the first aspect of the present application.
Therefore, by applying the communication method and the communication device provided by the application, the first host acquires the second flow label of the second container; according to the second flow label, the first host acquires a matched first label forwarding table item from a label forwarding table, wherein the first label forwarding table item comprises an IP address of a second host where a second container is located and an MAC address of the second host; the first host sends a first message to the second host, wherein the first message comprises a destination address field, a destination MAC address field and a flow label field, the destination address field stores an IP address of the second host, the flow label field stores a second flow label, and the second host sends the first message to the second container according to the second flow label after receiving the first message.
So, the container in each host computer in this application can realize the communication between the interior containers of different host computers with the help of the flow label of container, has solved current adoption Flannel and has realized that the container cluster spans the host computer communication in-process, produces a large amount of encapsulation, decapsulation work, leads to CPU pressure great, and forwarding efficiency is low, the network deployment is complicated and with cloud/SDN fusion degree low, does not have holistic cloud fusion safety isolation management and control scheme's problem at present. The forwarding efficiency is improved, the host performance is optimized, and the complexity is reduced.
Drawings
Fig. 1 is a flowchart of a communication method provided in an embodiment of the present application;
fig. 2 is a flow label field format diagram provided in an embodiment of the present application;
fig. 3 is a block diagram of a switching device according to an embodiment of the present application;
fig. 4 is a hardware structure of a network device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present application as detailed in the accompanying claims.
The terminology used in the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the present application. As used in this application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the corresponding listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first message may also be referred to as a second message, and similarly, a second message may also be referred to as a first message, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.
The communication method provided in the embodiment of the present application is described in detail below. Referring to fig. 1, fig. 1 is a flowchart of a communication method provided in an embodiment of the present application. The method is applied to a first host, and the communication method provided by the embodiment of the application can comprise the following steps.
Step 110, obtaining a second flow label of a second container;
specifically, the first host includes a plurality of containers therein, each container having a flow label. For example, a first container has a first flow label. The second host also includes a plurality of containers, each container also having a flow label. For example, the second container has a second flow label.
The first host obtains a second flow label for the second container when the first container is pre-in interactive communication with the second container. The first host may obtain a second stream tag for the second container via a locally established tag database.
Step 120, according to the second flow label, a matched first label forwarding table item is obtained from a label forwarding table, where the first label forwarding table item includes an IP address of a second host where the second container is located and a MAC address of the second host;
specifically, according to the description of step 110, after the first host obtains the second flow label of the second container, the first host searches the locally established label forwarding table according to the second flow label. If a first label forwarding table item matched with the second stream label exists in the label forwarding table, the first host acquires the IP address of the second host where the second container is located and the MAC address of the second host from the first label forwarding table item.
Step 130, a first message is sent to a second host, where the first message includes a destination address field, a destination MAC address field, and a flow label field, where the destination address field stores an IP address of the second host, the destination MAC address stores a MAC address of the second host, and the flow label field stores the second flow label, so that after the second host receives the first message, the second host sends the first message to the second container according to the second flow label.
Specifically, according to the description of step 120, the first host generates the first message after obtaining the IP address of the second host and the MAC address of the second host. The first message includes a destination address field, a destination MAC address field, and a Flow Label (Flow-Label) field. The destination address field stores the IP address of the second host, the destination MAC address field stores the MAC address of the second host, and the stream label field stores the second stream label.
It should be noted that the first packet includes an IPv6 header and an ethernet header. The destination address field and the flow label field are positioned in the IPv6 header, and the destination MAC address field is positioned in the Ethernet header.
After the second host receives the first message, it first identifies whether the MAC address in the destination MAC address field is the MAC address of the second host. If so, identifying whether the IP address in the destination address field is the IP address of the user. If so, a second flow label is obtained.
According to the second stream label, the second host acquires the container number of the container; and the second host sends the first message to the second container by using the container number of the container.
Therefore, by applying the communication method and the communication device provided by the application, the first host acquires the second flow label of the second container; according to the second flow label, the first host acquires a matched first label forwarding table item from a label forwarding table, wherein the first label forwarding table item comprises an IP address of a second host where a second container is located and an MAC address of the second host; the first host sends a first message to the second host, wherein the first message comprises a destination address field, a destination MAC address field and a flow label field, the destination address field stores an IP address of the second host, the flow label field stores a second flow label, and the second host sends the first message to the second container according to the second flow label after receiving the first message.
So, the container in each host computer in this application can realize the communication between the interior containers of different host computers with the help of the flow label of container, has solved current adoption Flannel and has realized that the container cluster spans the host computer communication in-process, produces a large amount of encapsulation, decapsulation work, leads to CPU pressure great, and forwarding efficiency is low, the network deployment is complicated and with cloud/SDN fusion degree low, does not have holistic cloud fusion safety isolation management and control scheme's problem at present. The forwarding efficiency is improved, the host performance is optimized, and the complexity is reduced.
Optionally, in an embodiment of the present application, a process of generating the tag database by the first host is further included.
Specifically, after all hosts in the two-layer network are started, each host starts an IPv6 function and automatically generates a local link address (the local link address can be formed according to the own link layer address and a default prefix (FE 80::/10)). At this time, no network planning is required, and the local link address is used for each host to communicate with each other in the two-layer network.
Simultaneously, each host acquires the flow label of each container in the host. In the embodiment of the present application, a plurality of third hosts will be described as an example. Each third host includes a third container therein, the third container having a third stream tag.
Each third host generates a first neighbor advertisement message that includes the IP address of the third host and a third flow label of the third container.
Each third host sends a first neighbor advertisement message to the first host. After the first host receives the plurality of first neighbor advertisement messages, the first host acquires the IP address of the third host and the third stream label of the third container from each first neighbor advertisement message.
The first host acquires the MAC address of each third host from the IP address of each third host. For each third container, the first host generates corresponding tag information table items respectively, and stores a plurality of tag information table items into a tag database. Wherein each tag information entry includes an IP address of the third host, a MAC address of the third host, and a third stream tag.
Optionally, in the embodiment of the present application, the method further includes a process that the first host generates a tag information table entry corresponding to the local container.
Specifically, for each first container included in the first host, the first host generates corresponding tag information entries respectively, and stores a plurality of tag information entries into the tag database. Wherein each tag information entry includes an IP address of the first host, a MAC address of the first host, and a first flow tag.
It will be appreciated that the tag information entry includes an IP address field, a MAC address field, and a flow tag field. And the first host generates a tag information table entry according to the acquired/received content and stores the tag information table entry in a tag database.
In this embodiment of the present application, the first host may also send a neighbor advertisement packet to other hosts, so that the other hosts generate the tag database locally.
Optionally, in the embodiment of the present application, a process that the first host generates the local label forwarding table by using the management policy and the label database is further included.
Specifically, after the first host locally establishes the tag database, the first host acquires the management and control policy. The management and control strategy is issued to the inside of the host by a manager through a configuration instruction. Included within the management policies are a plurality of policies, e.g., access policies, forwarding policies, etc.
And using the management and control strategy, the first host screens out a plurality of tag information table items conforming to the management and control strategy from a plurality of tag information table items stored in the tag database. And generating a label forwarding table by the first host according to the screened multiple label information table items. The label forwarding table includes at least one label forwarding table entry, each label forwarding table entry including a first identification of a first host, an IP address of a fourth host, a MAC address of the fourth host, and a fourth flow label of a container in the fourth host.
The fourth host is used to refer to the host generally, and according to the foregoing examples, the fourth host includes a third host and a first host.
Optionally, in an embodiment of the present application, as an implementation manner, an access policy may be included in the management policy, where the access policy is configured such that the first container may access networks having the same VPC number, and networks having different VPC numbers may not be accessed.
Further, the flow label comprises a Virtual Private Cloud (VPC) number; according to a plurality of label information table items stored in a label database, a first host generates a label forwarding table, and the specific process is as follows:
the first host acquires a fourth stream tag with the same VPC number from the plurality of third stream tags and the plurality of first stream tags; the first host adds a user identification field for the acquired label information table item of each fourth flow label to obtain a plurality of label forwarding table items, and the user identification field stores a first identification; the first host stores the plurality of label forwarding table entries to the label forwarding table.
Optionally, in an embodiment of the present application, the method further includes a process that the first host creates a container locally according to the container creation instruction, and binds the flow label with the container.
Specifically, the flow label further includes a host number and a container number;
the manager creates a VPC on the cloud and assigns a number after creating the VPC. The Nova component in the cloud selects hosts from within the network according to the resource usage of each host and creates at least one container on the selected hosts. The Nova component assigns host numbers to the selected hosts; at the same time, the Nova component also assigns a unique container number to each container to be created.
After the cloud or SDN controller obtains the VPC number, the host number, and the container number, a container creation instruction is generated. The cloud or SDN controller sends a container creation instruction to the first host. After receiving the container creation instruction, the first host obtains the VPC number, the host number and the container number from the first host. It will be appreciated that the container creation instructions may also include the number of containers to be created, container information (e.g., container name, occupied software resource case, etc.), each container number corresponding to one container to be created.
The first host creates a container locally and takes the combination of the VPC number, the host number and the container number as a flow label of the created container.
As shown in fig. 2, fig. 2 is a flow label field format diagram provided in an embodiment of the present application. In fig. 2, the flow label includes a VPC number, a node number, and a container number. Wherein, the total length of the stream label is 20 bits, and the VPC number occupies 5 bits; the node number occupies 5 bits; the container number occupies 12 bits.
It can be understood that the division of the three numbers is not fixed, and the cloud or SDN controller can perform custom allocation of bits occupied by the three numbers according to actual network conditions, so as to realize effective utilization of flow label resources.
Optionally, in the embodiment of the present application, a process of updating, by the first host, the local tag database and the corresponding table entry in the tag forwarding table during the container migration process is further included.
Specifically, the administrator inputs a first container migration instruction on the cloud or within the SDN controller, the first migration instruction including a flow label (e.g., a fifth flow label) of a container to be migrated, a pre-migration host number, and a post-migration host (e.g., a fifth host) number. And the cloud or SDN controller sends a second container migration instruction to a fifth host indicated by the number of the migrated host according to the first container migration instruction. It is understood that the second container migration instruction includes a fifth flow label.
The fifth host may create a container locally and bind the fifth flow label with the created container according to the description of the previous embodiments. When the container is created online, the fifth host generates a second neighbor advertisement message. The second neighbor advertisement message includes an IP address of a fifth host and a fifth flow label of a container in the fifth host.
And after the first host receives the second neighbor advertisement message, the first host acquires the IP address of the fifth host and the fifth flow label from the second neighbor advertisement message. According to the fifth stream tag, the first host acquires a first tag information table item corresponding to the fifth stream tag from the tag database. And updating the IP address of the host and the MAC address of the host, which are included in the first label information table item, according to the IP address of the fifth host. According to the fifth flow label, the first host acquires a second label forwarding table item corresponding to the fifth flow label from the label forwarding table. According to the IP address of the fifth host, the first host updates the IP address of the host and the MAC address of the host, which are included in the second label forwarding table item.
It should be noted that the pre-migration host may include the first host, or other hosts besides the first host and the fifth host.
Optionally, in the embodiment of the present application, the first host may also be used as a process of creating a container locally by the migrated host and sending a neighbor advertisement message to the neighbor.
Specifically, the cloud or SDN controller sends a container third container migration instruction to the first host, the third container migration instruction including a sixth flow label for the container. After receiving the third container migration instruction, the first host may create a container locally according to the description of the foregoing embodiment, and bind the sixth flow label with the created container.
When the created container starts, the first host generates a third neighbor advertisement message that includes the IP address of the first host and a sixth flow label of the created container.
The first host sends a third neighbor advertisement message to the neighbor. After each neighbor receives the second neighbor advertisement message, the IP address of the first host and the sixth flow label are obtained from the second neighbor advertisement message. And according to the sixth flow label, each neighbor acquires a label information table item corresponding to the sixth flow label from the label database. And updating the IP address of the host and the MAC address of the host, which are included in the label information table item, according to the IP address of the first host. And according to the sixth flow label, each neighbor acquires a label forwarding table item corresponding to the sixth flow label from the label forwarding table. And according to the IP address of the sixth host, each neighbor updates the IP address of the host and the MAC address of the host, which are included in the label forwarding table entry.
Optionally, in the embodiment of the present application, the method further includes a process that the first host receives the message sent by the second host, and forwards the message to the corresponding container.
Specifically, when the second container in the second host is in pre-interaction communication with the first container in the first host, the second host may generate and send the second message to the first host according to the description of the foregoing embodiment. The second message includes a first flow label.
It is understood that the second message also includes a destination address field and a destination MAC address field. The above-mentioned fields can be configured with reference to the description of the foregoing embodiments and existing protocol specifications, and will not be repeated here.
After the first host receives the second message, when the value stored in each field is determined to be the MAC address and the IP address of the first host according to the destination MAC address and the destination address field, the first host acquires the first flow label from the second message.
According to the first flow label, the first host acquires a container number of the container, for example, the container number indicates as the first container; the first host sends a second message to the first container.
Based on the same inventive concept, the embodiment of the application also provides a communication device corresponding to the communication method. Referring to fig. 3, fig. 3 is a communication device provided in an embodiment of the present application, where the device is applied to a first host, and the first host includes a first container, and the first container has a first flow label, and the device includes:
a first acquiring unit 310 for acquiring a second flow label of a second container;
a second obtaining unit 320, configured to obtain, according to the second flow label, a matched first label forwarding table entry from a label forwarding table, where the first label forwarding table entry includes an IP address of a second host where the second container is located and a MAC address of the second host;
the sending unit 330 is configured to send a first packet to a second host, where the first packet includes a destination address field, a destination MAC address field, and a flow label field, where the destination address field stores an IP address of the second host, the destination MAC address field stores a MAC address of the second host, and the flow label field stores the second flow label, so that after the second host receives the first packet, the second host sends the first packet to the second container according to the second flow label.
Optionally, the apparatus further comprises: a receiving unit (not shown in the figure) configured to receive first neighbor advertisement messages sent by a plurality of third hosts, where each first neighbor advertisement message includes an IP address of the third host and a third flow label of a third container included in the third host;
a third acquiring unit (not shown in the figure) for acquiring a MAC address of each third host from the IP address of each third host;
a storage unit (not shown in the figure) configured to generate, for each third container, a corresponding tag information table entry, and store a plurality of tag information table entries in a tag database, where each tag information table entry includes an IP address of the third host, a MAC address of the third host, and the third stream tag.
Optionally, the storage unit (not shown in the figure) is further configured to generate, for each first container included in the first host, a corresponding tag information table entry, and store a plurality of tag information table entries in the tag database, where each tag information table entry includes an IP address of the first host, a MAC address of the first host, and the first flow tag.
Optionally, the apparatus further comprises: a generating unit (not shown in the figure) configured to generate the label forwarding table according to a plurality of label information table entries stored in the label database, where the label forwarding table includes at least one label forwarding table entry, and each label forwarding table entry includes a first identifier of the first host, an IP address of the fourth host, a MAC address of the fourth host, and a fourth flow label of a container in the fourth host.
Optionally, the flow label includes a virtual private cloud VPC number;
the generating unit (not shown in the figure) is specifically configured to obtain a fourth flow label with the same VPC number from the plurality of third flow labels and the plurality of first flow labels;
adding a user identification field for the acquired label information table item of each fourth flow label to obtain a plurality of label forwarding table items, wherein the first identifications are stored in the user identification field;
and storing a plurality of label forwarding table entries to the label forwarding table.
Optionally, the flow label further includes a host number and a container number;
the receiving unit (not shown in the figure) is further configured to receive a container creation instruction sent by a cloud or SDN controller, where the container creation instruction includes the VPC number, the host number, and the container number;
the apparatus further comprises: a creation unit (not shown in the figure) for creating a container locally and taking the combination of the VPC number, the host number, and the container number as a created flow label of the container;
wherein the VPC number is configured by an administrator after creating a VPC on the cloud, and the host number and the container number are assigned by a Nova component included by the cloud.
Optionally, the receiving unit (not shown in the figure) is further configured to receive a second neighbor advertisement packet sent by a fifth host, where the second neighbor advertisement packet includes an IP address of the fifth host and a fifth flow label of a container in the fifth host;
the first obtaining unit 310 is further configured to obtain, according to the fifth flow label, a first label information table entry corresponding to the fifth flow label from the label database;
the apparatus further comprises: an updating unit (not shown in the figure) configured to update the IP address of the host and the MAC address of the host included in the first tag information table entry according to the IP address of the fifth host;
the second obtaining unit 320 is further configured to obtain, according to the fifth flow label, a second label forwarding table entry corresponding to the fifth flow label from the label forwarding table;
the updating unit (not shown in the figure) is further configured to update, according to the IP address of the fifth host, the IP address of the host and the MAC address of the host included in the second label forwarding table entry.
Optionally, the receiving unit (not shown in the figure) is further configured to receive a container migration instruction sent by the cloud or the SDN controller, where the container migration instruction includes a sixth flow label of the container;
the creation unit (not shown in the figure) is further configured to create a container locally and bind the created container with the sixth flow label;
the sending unit 330 is further configured to send, when the created container starts, a third neighbor advertisement packet, where the third neighbor advertisement packet includes an IP address of the first host and a sixth flow label of the created container.
Optionally, the receiving unit (not shown in the figure) is further configured to receive a second packet sent by the second host, where the second packet includes the first flow label;
the apparatus further comprises: a fourth acquisition unit (not shown) for acquiring a container number of the container based on the first flow label;
the sending unit 330 is further configured to send the second packet to the first container by using the container number of the container.
Therefore, by applying the communication device provided by the application, the first host acquires the second flow label of the second container; according to the second flow label, the first host acquires a matched first label forwarding table item from a label forwarding table, wherein the first label forwarding table item comprises an IP address of a second host where a second container is located and an MAC address of the second host; the first host sends a first message to the second host, wherein the first message comprises a destination address field, a destination MAC address field and a flow label field, the destination address field stores an IP address of the second host, the flow label field stores a second flow label, and the second host sends the first message to the second container according to the second flow label after receiving the first message.
So, the container in each host computer in this application can realize the communication between the interior containers of different host computers with the help of the flow label of container, has solved current adoption Flannel and has realized that the container cluster spans the host computer communication in-process, produces a large amount of encapsulation, decapsulation work, leads to CPU pressure great, and forwarding efficiency is low, the network deployment is complicated and with cloud/SDN fusion degree low, does not have holistic cloud fusion safety isolation management and control scheme's problem at present. The forwarding efficiency is improved, the host performance is optimized, and the complexity is reduced.
Based on the same inventive concept, the present embodiment also provides a network device, as shown in fig. 4, including a processor 410, a transceiver 420, and a machine-readable storage medium 430, where the machine-readable storage medium 430 stores machine-executable instructions capable of being executed by the processor 410, and the processor 410 is caused to perform the communication method provided by the present embodiment by the machine-executable instructions. The communication device shown in fig. 3 may be implemented by using a hardware structure of a network device as shown in fig. 4.
The computer readable storage medium 430 may include a random access Memory (in english: random Access Memory, abbreviated as RAM) or a nonvolatile Memory (in english: non-volatile Memory, abbreviated as NVM), such as at least one magnetic disk Memory. Optionally, the computer readable storage medium 430 may also be at least one storage device located remotely from the aforementioned processor 410.
The processor 410 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; it may also be a digital signal processor (English: digital Signal Processor; DSP; for short), an application specific integrated circuit (English: application Specific Integrated Circuit; ASIC; for short), a Field programmable gate array (English: field-Programmable Gate Array; FPGA; for short), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components.
In this embodiment, processor 410 is enabled by reading machine-executable instructions stored in machine-readable storage medium 430, which cause processor 410 itself to be implemented and transceiver 420 to perform the communication methods described in the embodiments of the present application.
Additionally, embodiments of the present application provide a machine-readable storage medium 430, the machine-readable storage medium 430 storing machine-executable instructions that, when invoked and executed by the processor 410, cause the processor 410 itself and the invoking transceiver 420 to perform the communication methods described in the embodiments of the present application previously.
The implementation process of the functions and roles of each unit in the above device is specifically shown in the implementation process of the corresponding steps in the above method, and will not be described herein again.
For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purposes of the present application. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
For the communication device and the machine-readable storage medium embodiments, since the method content involved is substantially similar to the method embodiments described above, the description is relatively simple, and reference will only be made to part of the description of the method embodiments.
The foregoing description of the preferred embodiments of the present invention is not intended to limit the invention to the precise form disclosed, and any modifications, equivalents, improvements and alternatives falling within the spirit and principles of the present invention are intended to be included within the scope of the present invention.

Claims (10)

1. A method of communication, the method being applied to a first host, the first host comprising a first container, the first container having a first flow label, the method comprising:
acquiring a second flow label of a second container;
acquiring a matched first label forwarding table item from a label forwarding table according to the second flow label, wherein the first label forwarding table item comprises an IP address of a second host where the second container is located and an MAC address of the second host;
the method comprises the steps of sending a first message to a second host, wherein the first message comprises a destination address field, a destination MAC address field and a flow label field, the IP address of the second host is stored in the destination address field, the MAC address of the second host is stored in the destination MAC address field, the second flow label is stored in the flow label field, and after the second host receives the first message, the first message is sent to a second container according to the second flow label.
2. The method of claim 1, wherein prior to the obtaining the second flow label for the second container, the method further comprises:
receiving first neighbor advertisement messages sent by a plurality of third hosts, wherein each first neighbor advertisement message comprises an IP address of the third host and a third stream label of a third container included in the third host;
acquiring the MAC address of each third host from the IP address of each third host;
and generating a corresponding tag information table item for each third container, and storing a plurality of tag information table items into a tag database, wherein each tag information table item comprises the IP address of the third host, the MAC address of the third host and the third stream tag.
3. The method of claim 2, wherein prior to the obtaining the second flow label for the second container, the method further comprises:
generating a corresponding tag information table item for each first container included by the first host, and storing a plurality of tag information table items into the tag database, wherein each tag information table item comprises an IP address of the first host, an MAC address of the first host and the first flow tag.
4. A method according to claim 3, wherein after storing the plurality of tag information entries in a tag database, the method further comprises:
generating a label forwarding table according to a plurality of label information table items stored in the label database, wherein the label forwarding table comprises at least one label forwarding table item, and each label forwarding table item comprises a first identifier of the first host, an IP address of the fourth host, an MAC address of the fourth host and a fourth flow label of a container in the fourth host.
5. The method of claim 4, wherein the flow label comprises a virtual private cloud VPC number;
the generating the tag forwarding table according to the plurality of tag information table items stored in the tag database specifically includes:
acquiring a fourth flow label with the same VPC number from the plurality of third flow labels and the plurality of first flow labels;
adding a user identification field for the acquired label information table item of each fourth flow label to obtain a plurality of label forwarding table items, wherein the first identifications are stored in the user identification field;
and storing a plurality of label forwarding table entries to the label forwarding table.
6. The method of claim 5, wherein the flow label further comprises a host number and a container number;
before the obtaining the second flow label of the second container, the method further comprises:
receiving a container creation instruction sent by a cloud or an SDN controller, wherein the container creation instruction comprises the VPC number, the host number and the container number;
creating a container locally, and taking the combination of the VPC number, the host number and the container number as a created flow label of the container;
wherein the VPC number is configured by an administrator after creating a VPC on the cloud, and the host number and the container number are assigned by a Nova component included by the cloud.
7. The method according to claim 2, wherein the method further comprises:
receiving a second neighbor advertisement message sent by a fifth host, wherein the second neighbor advertisement message comprises an IP address of the fifth host and a fifth flow label of a container in the fifth host;
according to the fifth flow label, a first label information table item corresponding to the fifth flow label is obtained from the label database;
updating the IP address of the host and the MAC address of the host, which are included in the first tag information table item, according to the IP address of the fifth host; acquiring a second label forwarding table item corresponding to the fifth flow label from the label forwarding table according to the fifth flow label;
and updating the IP address of the host and the MAC address of the host, which are included in the second label forwarding table item, according to the IP address of the fifth host.
8. The method according to claim 1, wherein the method further comprises:
receiving a container migration instruction sent by a cloud or SDN controller, wherein the container migration instruction comprises a sixth flow label of a container;
creating a container locally and binding the created container with the sixth flow label;
and when the created container starts, sending a third neighbor advertisement message, wherein the third neighbor advertisement message comprises the IP address of the first host and a sixth flow label of the created container.
9. The method according to claim 1, wherein the method further comprises:
receiving a second message sent by the second host, wherein the second message comprises the first flow label;
acquiring a container number of the container according to the first flow label;
and sending the second message to the first container by using the container number of the container.
10. A communication device, the device being applied to a first host, the first host comprising a first container, the first container having a first flow label, the device comprising:
a first acquisition unit configured to acquire a second flow label of a second container;
a second obtaining unit, configured to obtain, according to the second flow label, a matched first label forwarding table entry from a label forwarding table, where the first label forwarding table entry includes an IP address of a second host where the second container is located and a MAC address of the second host;
the sending unit is configured to send a first packet to a second host, where the first packet includes a destination address field, a destination MAC address field, and a flow label field, where the destination address field stores an IP address of the second host, the destination MAC address field stores a MAC address of the second host, and the flow label field stores the second flow label, so that after the second host receives the first packet, the second host sends the first packet to the second container according to the second flow label.
CN202310424121.8A 2023-04-17 2023-04-17 Communication method and device Pending CN116506400A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310424121.8A CN116506400A (en) 2023-04-17 2023-04-17 Communication method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310424121.8A CN116506400A (en) 2023-04-17 2023-04-17 Communication method and device

Publications (1)

Publication Number Publication Date
CN116506400A true CN116506400A (en) 2023-07-28

Family

ID=87315989

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310424121.8A Pending CN116506400A (en) 2023-04-17 2023-04-17 Communication method and device

Country Status (1)

Country Link
CN (1) CN116506400A (en)

Similar Documents

Publication Publication Date Title
CN111885075B (en) Container communication method, device, network equipment and storage medium
CN112470436B (en) Systems, methods, and computer-readable media for providing multi-cloud connectivity
US10826829B2 (en) Scalable handling of BGP route information in VXLAN with EVPN control plane
US10541836B2 (en) Virtual gateways and implicit routing in distributed overlay virtual environments
US12081451B2 (en) Resource placement templates for virtual networks
US10530657B2 (en) Providing virtual networking functionality for managed computer networks
CN106464528B (en) For the contactless method allocated, medium and the device in communication network
CN103200069B (en) A kind of method and apparatus of Message processing
KR101912073B1 (en) Virtualization gateway between virtualized and non-virtualized networks
US8705513B2 (en) Methods and apparatus to communicatively couple virtual private networks to virtual machines within distributive computing networks
CN112688814B (en) Equipment access method, device, equipment and machine readable storage medium
CN109937400A (en) Streaming state transfer for live migration of virtual machines
CN110213391B (en) Method and device for configuring network protocol address
CN115686729A (en) Container cluster network system, data processing method, device and computer program product
CN111327509B (en) Information updating method and device
CN109768909B (en) Message forwarding method and device
US20230023429A1 (en) Overlay broadcast network for management traffic
CN111404797A (en) Control method, SDN controller, SDN access point, SDN gateway and CE
EP3369217B1 (en) Multiple gateway operation on single operating system
US20230113654A1 (en) Managing virtual local area networks (vlans) in multiple data centers
CN116506400A (en) Communication method and device
CN116132542B (en) Container network management method, container network plug-in and related equipment
US20240223515A1 (en) Managing processing queue allocation using sequence number bits of an ipsec packet
CN117439946A (en) Message transmission method, device and storage medium
CN115865865A (en) Cloud native dual-stack communication method and system based on macvlan

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination