CN116545985A - Container reconstruction method and device - Google Patents
Container reconstruction method and device Download PDFInfo
- Publication number
- CN116545985A CN116545985A CN202210087233.4A CN202210087233A CN116545985A CN 116545985 A CN116545985 A CN 116545985A CN 202210087233 A CN202210087233 A CN 202210087233A CN 116545985 A CN116545985 A CN 116545985A
- Authority
- CN
- China
- Prior art keywords
- container
- fault
- network information
- cri
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 150
- 230000008569 process Effects 0.000 claims abstract description 101
- 230000004044 response Effects 0.000 claims abstract description 60
- 230000006870 function Effects 0.000 claims description 24
- 238000012545 processing Methods 0.000 claims description 15
- 238000003860 storage Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 abstract description 4
- 230000009471 action Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000011065 in-situ storage Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a container reconstruction method and device, and relates to the technical field of communication, wherein the method is applied to an address fixing proxy device and comprises the following steps: acquiring an operating system signal for terminating a process; deleting the fault container based on the operating system signal; receiving a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of a fault container; and sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI reconstructs the fault container based on the network information. According to the scheme, the address fixing agent device is arranged in the node, so that when the container fault is monitored, the fault container is deleted by terminating the process of the container, and the network information of the fault container is provided for CRI in the process of reconstructing the container, so that the network information of the reconstructed container is kept unchanged, and the continuity of the service is ensured.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a method and an apparatus for reconstructing a container.
Background
In the prior art, the internet protocol (Internet Protocol, IP) address of a container (pod) is obtained through the dynamic host configuration protocol (Dynamic Host Configuration Protocol, DHCP), and after the container is reset due to a failure or the like, the IP address of the container changes, so that the service bound to the IP address is greatly affected.
Disclosure of Invention
An objective of the embodiments of the present application is to provide a method and an apparatus for reconstructing a container, so as to solve the problem that an IP address is changed after an existing container is reset.
To achieve the above object, an embodiment of the present application provides a container rebuilding method applied to an address fixing agent device, the method including:
acquiring an operating system signal for terminating a process;
deleting a fault container based on the operating system signal;
receiving a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of the fault container;
and sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI reconstructs the fault container based on the network information.
Optionally, deleting the fault container based on the operating system signal includes:
capturing a sigma signal corresponding to the operating system signal based on the operating system signal;
and deleting the fault container by terminating the process of the fault container based on the capturing result of the sigma signal.
Optionally, capturing a sigma signal corresponding to the operating system signal based on the operating system signal, including:
Under the condition that the operating system signal is a sigkill signal or a sigstop signal, converting the operating system signal into a sigterm signal;
capturing the sigterm signal.
Optionally, based on a result of capturing the sign signal, deleting the fault container by terminating a process of the fault container, including:
registering a handle function in case the sign signal is captured;
sending a process termination signal to a process of the fault container based on the sigma signal and the handle function;
and responding to the process termination signal by the process of the fault container, and terminating the process of the fault container, wherein the fault container is deleted when all processes of the fault container are terminated.
Optionally, sending a first response message to the CRI includes:
acquiring the identification information of the fault container based on the first request message;
acquiring network information corresponding to the identification information according to the corresponding relation between the prestored identification and the network information;
the first response message is sent to the CRI based on the network information.
To achieve the above object, an embodiment of the present application provides a container rebuilding method applied to a node proxy device, the method including:
In case that the fault container is deleted is detected, sending a first request message to an address fixing agent device by calling CRI, wherein the first request message is used for requesting network information of the fault container;
receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
reconstructing the failure container based on the network information.
To achieve the above object, an embodiment of the present application further provides a container rebuilding apparatus, which is applied to an address fixing agent apparatus, including:
the acquisition module is used for acquiring an operating system signal for terminating the process;
the processing module is used for deleting the fault container based on the operating system signal;
the receiving module is used for receiving a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of the fault container;
and the sending module is used for sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI rebuilds the fault container based on the network information.
To achieve the above object, an embodiment of the present application further provides a container rebuilding apparatus, applied to a node proxy apparatus, including:
The sending module is used for sending a first request message to the address fixing agent device by calling CRI under the condition that the fault container is detected to be deleted, wherein the first request message is used for requesting network information of the fault container;
the receiving module is used for receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
and the processing module is used for reconstructing the fault container based on the network information.
To achieve the above object, an embodiment of the present application further provides an address fixing agent device, including: a transceiver and a processor;
the processor is used for acquiring an operating system signal for terminating the process;
deleting a fault container based on the operating system signal;
the processor is used for receiving a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of the fault container;
and sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI reconstructs the fault container based on the network information.
To achieve the above object, an embodiment of the present application further provides a node proxy device, including: a transceiver and a processor;
The transceiver is used for sending a first request message to the address fixing agent device by calling CRI (CRI) under the condition that the fault container is detected to be deleted, wherein the first request message is used for requesting network information of the fault container;
receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
the processor is configured to reconstruct the failure container based on the network information.
To achieve the above object, an embodiment of the present application further provides an address fixing agent device, including: a transceiver, a processor, a memory, and a program or instructions stored on the memory and executable on the processor; the processor, when executing the program or instructions, implements the container rebuilding method steps as described above for the address fixing agent device.
To achieve the above object, an embodiment of the present application further provides a node proxy device, including: a transceiver, a processor, a memory, and a program or instructions stored on the memory and executable on the processor; the processor, when executing the program or instructions, implements the container reconstruction method steps as described above for the node proxy device.
To achieve the above-described object, the present embodiments also provide a readable storage medium having stored thereon a program or instructions which, when executed by a processor, implement the steps of the container rebuilding method applied to an address fixing agent device as described above, or implement the steps of the container rebuilding method applied to a node agent device as described above.
The technical scheme of the invention has the following beneficial effects:
according to the container creation method, an address fixing agent device is arranged in a node, so that the address fixing agent device obtains an operating system signal for terminating a process, a fault container is deleted based on the operating system signal to prepare for reconstruction of the fault container, and then the address fixing agent device receives a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of the fault container; finally, the address fixing agent device sends a first response message to the CRI, wherein the first response message carries network information of the fault container, so that the CRI rebuilds the fault container based on the network information. Therefore, the address fixing agent device provides the network information of the fault container for the CRI in the fault container reconstruction process, and reconstructs the fault container based on the network information, so that the CRI does not need to call the CNI to redistribute the network information for the reconstructed fault container, the network information of the reconstructed fault container is ensured to be unchanged, and the continuity of the service related to the network information in the fault container is ensured.
Drawings
FIG. 1 is a schematic diagram of a prior art communication of containers within a node;
FIG. 2 is a schematic flow chart of a method for reconstructing a container according to an embodiment of the present application;
FIG. 3 is a second flow chart of a method for reconstructing a container according to an embodiment of the present disclosure;
FIG. 4 is a schematic structural view of a container reconstruction device according to an embodiment of the present application;
FIG. 5 is a second schematic view of a container rebuilding apparatus according to an embodiment of the present disclosure;
FIG. 6 is a schematic diagram of an address fixing agent device according to an embodiment of the present application;
FIG. 7 is a second schematic diagram of an address fixing agent device according to an embodiment of the present application.
Detailed Description
In order to make the technical problems, technical solutions and advantages to be solved more apparent, the following detailed description will be given with reference to the accompanying drawings and specific embodiments.
It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
In various embodiments of the present invention, it should be understood that the sequence numbers of the following processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
In addition, the terms "system" and "network" are often used interchangeably herein.
In the examples provided herein, it should be understood that "B corresponding to a" means that B is associated with a from which B may be determined. It should also be understood that determining B from a does not mean determining B from a alone, but may also determine B from a and/or other information.
Prior to the description of the embodiments of the present application, the related art will be described:
kubernetes: abbreviated as K8s, is an abbreviation in which 8 replaces the 8 characters "ubernete" in the middle of the name. Is an open source for managing containerized applications on multiple hosts in a cloud platform, and the goal of Kubernetes is to make deploying containerized applications simple and efficient, kubernetes provides a mechanism for application deployment, planning, updating, and maintenance.
One of the core requirements of the Kubernetes network model is that each Pod has its own IP address and can use that IP address for communication. In the Kubernetes and applicator engine (Docker) environment, as shown in fig. 1, a method of containers (containers 1) running on the same host (node) communicating with each other through IP addresses is to use a Bridge (Linux Bridge), which may be cni Bridge as in fig. 1, by creating a virtual Ethernet (veth) device, one end of which is connected to the container network namespace and the other end of which is connected to the Linux Bridge on the host network. All containers on the same host connect one end of a virtual ethernet device pair (veth pair) to a Linux Bridge, which can communicate with each other using IP addresses through the Bridge. Wherein the Linux Bridge is also assigned an IP address (e.g. IP address 10.244.0.1 of Bridge (cni) in fig. 1), which acts as a gateway for Pod outgoing traffic from the destination to different nodes, which communicate with other nodes via ethernet devices (eth 0).
Container runtime interface CRI: CRI (Container Runtimes Interface, CRI) is a plug-in interface that allows proxy components of kubernetes (e.g., kubrelet) to run using different containers (container runtimes). Various container runtimes implement CRI application programming interfaces (Application Programming Interface, API) that allow users to use container runtimes they want in Kubernetes installations.
Container network interface (Container Network Interface, CNI): contains a rule that provides a generic plug-in network based solution for Linux containers. It consists of various plug-ins that perform different functions when configuring the Pod network. CNI plug-ins are executable files that follow the CNI specification.
Wherein each network provider (network provider) has a CNI plug-in that container runtime invokes to configure the network at Pod start-up. Using containerization as container runtime, the containerized CRI plug-in will call the CNI plug-in. Each network provider installs one proxy on each Kubernetes node to configure the Pod network. Upon installation network provider agent, it will be configured with the CNI or created on the node, and the CRI plug-in will use this agent to determine which CNI plug-in to call.
A run-time management controller (Kube-controller-manager) assigns a container group no-category inter-domain route (pod Classless Inter Domain Routing, podcdr) to each compute node. An IP address is assigned from the subnet value in the podcdr for the Pod on the compute node. Since the podcdr on all compute nodes is a disjoint subnet, it allows each pod to be assigned a unique IP address. Kubernetes cluster administrators can configure and install kubrelet, container runtime, network provider, and distribute CNI plug-ins on each node. Network provider agent, upon startup, will generate a CNI configuration. After scheduling the Pod on the node, kubelet will call the CRI plug-in to create the Pod. In the case of a container, the CRI plug-in of the container invokes the CNI plug-in specified in the CNI configuration to configure the Pod network.
As shown in fig. 2, the container rebuilding method of the embodiment of the present application is applied to an address fixing agent device, which may be a component or a device disposed in a node, and includes:
step 201, acquiring an operating system signal for terminating a process;
here, the operating system signal may be a signal related to an operation command written by a worker when confirming that there is a container failure currently; for example, the operation command written by the user is a kill-9 1 command, or a kill 1 command, etc.; more specifically, the operator may write the operation command in the logged failure container, so that the failure container may generate a corresponding log, so that the address fixing agent device may determine the failure container by looking up the relevant log, thereby logging in the failure container to obtain the operating system signal.
Step 202, deleting a fault container based on the operating system signal;
here, the failure container is a failure container currently confirmed by a worker.
In addition, as described above, the address fixing agent device may determine the fault container by looking up the log, or the address fixing agent device may have a monitoring function, so as to implement monitoring on the container in the node, so as to determine the fault container, and the manner in which the address fixing agent device determines the fault container is not limited in the embodiment of the present application.
In this step, the address fixing agent device may log in the failure container after determining the failure container, and terminate the process of the failure container based on the operating system signal in the failure container.
Step 203, receiving a first request message sent by a container runtime interface CRI, where the first request message is used to request network information of the faulty container;
the first request message in the step is a first request message sent to the address fixing proxy device when the proxy component kubelet of kubeletes calls CRI to regenerate the fault container when the kubeletes detects that the fault container is deleted.
Here, the network information includes at least an IP address of the failure container, but not limited to this, and for example, the network information may further include at least one of a mask, a gateway, a domain name system (Domain Name System, DNS), a route, a media access control (Media Access Control, MAC) address, and a type.
Step 204, a first response message is sent to the CRI, where the first response message carries network information of the failure container, so that the CRI reconstructs the failure container based on the network information.
In the container rebuilding method of the embodiment of the application, firstly, the address fixing agent device acquires an operating system signal for terminating a container, and secondly, based on the operating system signal, the fault container is deleted, so that preparation is made for rebuilding the fault container; again, the address fixing proxy device receives a first request message sent by the CRI and used for requesting the network information of the fault container, and sends a first response message carrying the network information of the fault container to the CRI based on the first request message, so that the CRI rebuilds the fault container based on the first response message, and in this way, the address fixing proxy device provides the network information of the fault container for the CRI in the process of rebuilding the fault container, and rebuilds the fault container based on the network information, so that the CRI does not need to call a CNI to redistribute the network information for the rebuilt fault container, and in this way, the network information of the rebuilt fault container is ensured to be unchanged, namely: the reconstructed network information of the fault container is consistent with the original network information of the fault container, so that the continuity of the service related to the network information in the fault container is ensured.
As an optional implementation manner, step 202, based on the operating system signal, deletes the fault container, including:
(1) Capturing a sigma signal corresponding to the operating system signal based on the operating system signal;
here, it should be noted that the nature of capturing the sign signal is to change the behavior (action), where action is a function pointer, and changing this function pointer to point to the custom function. That is, in this step, after the sign signal corresponding to the operating system signal is obtained, the capturing action is performed on the sign signal, so as to change the pointing direction of the function pointer in the program, so as to change the execution sequence of the program, and the program directly executes the function pointed by the changed function pointer.
(2) And deleting the fault container by terminating the process of the fault container based on the capturing result of the sigma signal.
Because the process does not respond to the privilege signal, in this alternative implementation manner, when the process of the fault container is terminated based on the operating system signal, a sign signal corresponding to the operating system signal and to which the process can respond needs to be captured according to the operating system signal, so as to implement that the process of the fault container is dropped based on the sign signal.
Here, it should be noted that, in this step, specifically, after determining the failure container, the address fixing agent device logs in to the failure container, checks the process thereof, and obtains the operating system signal, so as to capture the corresponding sign signal based on the operating system signal, thereby terminating all the processes of the failure container based on the sign signal in the failure container, so as to delete the failure container.
As a specific implementation manner, the step (1) captures, based on the operating system signal, a sign signal corresponding to the operating system signal, including:
under the condition that the operating system signal is a sigkill signal or a sigstop signal, converting the operating system signal into a sigterm signal;
capturing the sigterm signal.
Here, it should be noted that the operating system has 31 basic signals, and these basic signals are classified into three types of ignore, capture, and default. Where Sigkill and Sigstop are privileged signals that cannot be ignored or captured, the operating system signal needs to be converted to a sigterm signal that can be captured when it is privileged to facilitate kill of the corresponding process.
That is, the specific implementation manner is as follows: after the address fixing agent device acquires the operating system signal, the address fixing agent device firstly judges the operating system signal, and when the operating system signal is determined to be a sigkill signal or a sigstop signal, the address fixing agent device automatically converts the operating system signal into a sigterm signal so as to capture the sigterm signal.
For example, in the case where the operating system signal is a kill-9 1 command signal (the command signal is a sigkill signal), the address fixing agent device automatically converts the signal to a kill 1 command signal (the command signal is a sigterm signal) and re-captures the sigterm signal.
If the operating system signal is determined to be a sign signal, it is indicated that the sign signal has been captured at this time, and the capturing operation may be performed again or may be directly not performed.
As another specific implementation, based on the capturing result of the sign signal, deleting the fault container by terminating the process of the fault container includes:
(1) A registration handler (handler) function in the event that the sign signal is captured;
(2) Sending a process termination signal to a process of the fault container based on the sigma signal and the handle function;
And responding to the process termination signal by the process of the fault container, and terminating the process of the fault container, wherein the fault container is deleted when all processes of the fault container are terminated.
Here, the termination process signal is a signal that can be responded to by a process, for example, a sign signal, and specifically, the termination process signal may be, for example, a kill 1 command signal.
Here, it should also be noted that, the process No. 1 (init 1 process) is the first user state process of the operating system, other processes in the system are evolved by the init 1 process, and are parent processes of other processes, and when the init 1 process is terminated (kill) and the other child processes are cleared. That is, this step may specifically be a process No. 1 of the failure container that is broken down to further break down other sub-processes of the failure container, and when all the processes of the failure container are broken down, the failure container is deleted.
That is, after the address fixing agent device captures the sign signal, the address fixing agent device registers a handler function, and after the address fixing agent device has the handler function, the address fixing agent device sends a process termination signal according to the captured sign signal, so that a process of the fault container responds to the process termination signal, and thus the process is broken down, for example, the process termination signal is broken down to be broken down 1, and when all processes of the fault container are broken down, the fault container is deleted.
As an optional implementation, step 204, sending a first response message to the CRI includes:
acquiring the identification information of the fault container based on the first request message; wherein the identification information may be a network namespace (Network Namespace) of the failure container;
acquiring network information corresponding to the identification information according to the corresponding relation between the prestored identification and the network information;
the first response message is sent to the CRI based on the network information.
That is, the address fixing agent device stores the correspondence between the identifier of each container in the node where the address fixing agent device is located and the network information in advance, so when the first request message is received, the network information of the fault container can be obtained based on the correspondence stored in advance, and the network information is carried in the first response message and sent to the CRI, so that the CRI rebuilds the fault container based on the received network information, and the reconstructed network information of the fault container is consistent with the original network information, so that the stability and usability of the system are enhanced, and the service related to the network information is ensured not to be interrupted.
As shown in fig. 3, the embodiment of the present application further provides a container rebuilding method, which is applied to a node proxy device, and the node proxy device may be a kubrelet component in kubrennetes, where the method includes:
step 301, in the case that the fault container is detected to be deleted, sending a first request message to an address fixing agent device by calling CRI, wherein the first request message is used for requesting network information of the fault container;
here, it should be noted that, the node proxy device has a monitoring mechanism, which can monitor whether the fault container in the node where the node proxy device is located is deleted, if so, the node proxy device will call CRI to reconstruct the fault container; when the proxy device calls CRI to rebuild the fault container, the CRI sends a first request message for requesting network information of the fault container to the address fixing proxy device, and skips the step of calling CNI to reassign the IP address, so that the fault container can be rebuilt in situ, and the rebuilt IP address of the fault container is prevented from changing.
Step 302, receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
Step 303, reconstructing the fault container based on the network information.
According to the container rebuilding method, when the node proxy device detects that the fault container is deleted, a first request message is sent to the address fixing proxy device by calling CRI, and the first request message is used for requesting network information of the fault container; then, receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container; finally, reconstructing the fault container based on the network information. Therefore, the reconstructed network information of the fault container is consistent with the network information before the fault container, the fault container is reconstructed on the basis of not changing the network information, and the service continuity of the fault container is ensured.
The following describes the procedure of the container reconstruction method according to the embodiment of the present application:
when the user determines that a fault container exists in the node, logging in the fault container, and writing a command of a kill process in the fault container;
after logging in the fault container, the address fixing agent device acquires the kill process command, judges the command, converts the command into a sigterm signal when determining that the command is a sigkill signal or a sigstop signal, and captures the converted command; when the signal is determined to be the sigterm signal, processing is not performed or capturing action is executed; after the sigma signal is captured, registering a handler function, and sending a process termination signal to a process of the fault container so that the process responds to the process termination signal and kills the process; therefore, the fault container is deleted when all processes are dropped by kill;
When Kubernetes monitors that a fault container is deleted, a node proxy device (kubrelet) is triggered to call CRI for container reconstruction: in the reconstruction process, CRI sends a first request message for requesting the network information of the fault container to the address fixing proxy device, the address fixing proxy device responds to the first request message after deleting the fault container through a kill process, the network information of the fault container is determined, and the network information of the fault container is fed back to CRI through the first response message, so that the CRI can skip the process of calling CNI to distribute the network information for the reconstructed fault container;
after the CRI receives the network information of the fault container, creating a pause container;
kubelet invokes CRI to obtain the mirror image of the failed container;
kubelet further invokes CRI launch application container;
kubelet invokes the CRI configuration container and namespace.
As shown in fig. 4, an embodiment of the present application further provides a container rebuilding apparatus, applied to an address fixing agent apparatus, where the apparatus includes:
an obtaining module 401, configured to obtain an operating system signal for terminating a process;
a processing module 402, configured to delete a failure container based on the operating system signal;
a receiving module 403, configured to receive a first request message sent by a container runtime interface CRI, where the first request message is used to request network information of the faulty container;
A sending module 404, configured to send a first response message to the CRI, where the first response message carries network information of the failure container, so that the CRI reconstructs the failure container based on the network information.
In the container creation device of the embodiment of the present application, firstly, the obtaining module 401 obtains an operating system signal for terminating a process, secondly, the processing module 402 deletes a faulty container based on the operating system signal, prepares for resetting the faulty container, and then, the receiving module 403 receives a first request message sent by the container runtime interface CRI, where the first request message is used for requesting network information of the faulty container; finally, the sending module 404 sends a first reply message to the CRI, the first reply message carrying network information of the failure container, so that the CRI reconstructs the failure container based on the network information. Therefore, the container reconstruction device provides the network information of the fault container for the CRI in the fault container reconstruction process, and reconstructs the fault container based on the network information, so that the CRI does not need to call CNI to redistribute the network information for the reconstructed fault container, the network information of the reconstructed fault container is kept unchanged, and the continuity of the service related to the network information in the fault container is ensured.
Optionally, the processing module 402 includes:
the capturing submodule is used for capturing a sigma signal corresponding to the operating system signal based on the operating system signal;
and the processing sub-module is used for deleting the fault container by stopping the process of the fault container based on the capturing result of the sigma signal, wherein the sigma signal is used for stopping the process of the fault container.
Optionally, the capturing submodule includes:
the conversion unit is used for converting the operating system signal into a sigma signal under the condition that the operating system signal is a sigkill signal or a sigstop signal;
and the capturing unit is used for capturing the sigma signal.
Optionally, the processing submodule includes:
a registration unit, configured to register a handle function in a case where the sign signal is captured;
a sending unit, configured to send a process termination signal to a process of the failure container based on the signature signal and the handle function;
and the processing unit is used for responding to the process termination signal through the process of the fault container and terminating the process of the fault container, wherein the fault container is deleted when all the processes of the fault container are terminated.
Optionally, the sending module 404 includes:
the first acquisition sub-module is used for acquiring the identification information of the fault container based on the first request message;
the second acquisition sub-module is used for acquiring the network information corresponding to the identification information according to the corresponding relation between the prestored identification and the network information;
and the sending sub-module is used for sending the first response message to the CRI based on the network information.
It should be noted that, the above-mentioned container reconstruction device provided by the embodiment of the present invention can implement all the method steps implemented by the above-mentioned container reconstruction method embodiment, and can achieve the same technical effects, and detailed descriptions of the same parts and beneficial effects as those of the method embodiment in the present embodiment are omitted herein.
As shown in fig. 5, an embodiment of the present application further provides a container rebuilding apparatus, which is applied to a node proxy apparatus, where the apparatus includes:
a sending module 501, configured to send, when it is detected that the faulty container is deleted, a first request message to the address fixing agent device by calling CRI, where the first request message is used to request network information of the faulty container;
a receiving module 502, configured to receive a first response message sent by the address fixing agent device, where the first response message carries network information of the failure container;
A processing module 503, configured to reconstruct the failure container based on the network information.
In the container rebuilding device of the embodiment of the present application, when the sending module 501 detects that the failed container is deleted, by calling CRI, the sending module sends a first request message to the address fixing agent device, where the first request message is used to request network information of the failed container; then, the receiving module 502 receives a first response message sent by the address fixing agent device, where the first response message carries network information of the fault container; finally, the processing module 503 rebuilds the failure container based on the network information. Therefore, the reconstructed network information of the fault container is consistent with the network information before the fault container, the fault container is reconstructed on the basis of not changing the network information, and the service continuity of the fault container is ensured.
It should be noted that, the above-mentioned container reconstruction device provided by the embodiment of the present invention can implement all the method steps implemented by the above-mentioned container reconstruction method embodiment, and can achieve the same technical effects, and detailed descriptions of the same parts and beneficial effects as those of the method embodiment in the present embodiment are omitted herein.
As shown in fig. 6, an embodiment of the present application further provides an address fixing agent apparatus, including: a transceiver 620 and a processor 610;
the processor 610 is configured to obtain an operating system signal for terminating a process;
deleting a fault container based on the operating system signal;
the processor 620 is configured to receive a first request message sent by a container runtime interface CRI, where the first request message is used to request network information of the faulty container;
and sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI reconstructs the fault container based on the network information.
The processor 610 of the address fixing agent device of the embodiment of the present application obtains an operating system signal for terminating a process, deletes a failure container based on the operating system signal, prepares for resetting the failure container, and then, the transceiver 620 of the address fixing agent device receives a first request message sent by the container runtime interface CRI, where the first request message is used for requesting network information of the failure container; finally, the address fixing agent device sends a first response message to the CRI, wherein the first response message carries network information of the fault container, so that the CRI rebuilds the fault container based on the network information. Therefore, the address fixing agent device provides the network information of the fault container for the CRI in the fault container reconstruction process, and reconstructs the fault container based on the network information, so that the CRI does not need to call the CNI to redistribute the network information for the reconstructed fault container, the network information of the reconstructed fault container is kept unchanged, and the continuity of the service related to the network information of the fault container is ensured.
Optionally, the processor 610 is configured to, when configured to delete a failure container based on the operating system signal, specifically:
capturing a sigma signal corresponding to the operating system signal based on the operating system signal;
and deleting the fault container by terminating the process of the fault container based on the capturing result of the sigma signal.
Optionally, the processor 610 is configured, when configured to capture a signal pattern signal corresponding to the operating system signal based on the operating system signal, specifically to:
under the condition that the operating system signal is a sigkill signal or a sigstop signal, converting the operating system signal into a sigterm signal;
capturing the sigterm signal.
Optionally, the processor 610 is configured to, when configured to delete the failure container by terminating the process of the failure container based on the capturing result of the sign signal, specifically:
registering a handle function in case the sign signal is captured;
sending a process termination signal to a process of the fault container based on the sigma signal and the handle function;
and responding to the process termination signal by the process of the fault container, and terminating the process of the fault container, wherein the fault container is deleted when all processes of the fault container are terminated.
Optionally, the transceiver 620, when configured to send a first reply message to the CRI, is specifically configured to:
acquiring the identification information of the fault container based on the first request message;
acquiring network information corresponding to the identification information according to the corresponding relation between the prestored identification and the network information;
the first response message is sent to the CRI based on the network information.
The embodiment of the application also provides a node proxy device, which comprises: a transceiver and a processor;
the transceiver is used for sending a first request message to the address fixing agent device by calling CRI under the condition that the fault container is detected to be deleted, wherein the first request message is used for requesting network information of the fault container;
receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
the processor is configured to reconstruct the failure container based on the network information.
Here, the node proxy device according to the embodiment of the present application has a similar structure to the address fixing proxy device, and therefore, the structure of the node proxy device can refer to the structure of the address fixing proxy device of fig. 6.
The transceiver of the node proxy device in the embodiment of the application sends a first request message to the address fixing proxy device by calling CRI under the condition that the fault container is detected to be deleted, wherein the first request message is used for requesting network information of the fault container; then, receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container; finally, a processor reconstructs the failure container based on the network information. Therefore, the reconstructed network information of the fault container is consistent with the network information before the fault container, the fault container is reconstructed on the basis of not changing the network information, and the service continuity of the fault container is ensured.
As shown in fig. 7, the embodiment of the present application further provides an address fixing agent device, which includes a transceiver 710, a processor 700, a memory 720, and a program or an instruction stored in the memory 720 and executable on the processor 700; the processor 700, when executing the program or instructions, implements the container rebuilding method as applied to the address fixing agent device as described above.
The transceiver 710 is configured to receive and transmit data under the control of the processor 700.
Wherein in fig. 7, a bus architecture may comprise any number of interconnected buses and bridges, and in particular one or more processors represented by processor 700 and various circuits of memory represented by memory 720, linked together. The bus architecture may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. The bus interface provides an interface. The transceiver 710 may be a number of elements, i.e. comprising a transmitter and a receiver, providing a unit for communicating with various other apparatus over a transmission medium. The processor 700 is responsible for managing the bus architecture and general processing, and the memory 720 may store data used by the processor 700 in performing operations.
The embodiment of the application also provides a node proxy device, which comprises: a transceiver, a processor, a memory, and a program or instructions stored on the memory and executable on the processor; the processor, when executing the program or instructions, implements the container reconstruction method steps as described above for the node proxy device.
The transceiver is used for receiving and transmitting data under the control of the processor.
The structure of the node proxy device is similar to that of the address fixing proxy device, and thus, the interface of the node proxy device may refer to the structure of the address fixing proxy device in fig. 7, where in the node proxy device, the bus architecture may include any number of buses and bridges interconnected, and in particular, various circuits of the memory represented by one or more processors and the memory represented by the processor are linked together. The bus architecture may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. The bus interface provides an interface. The transceiver may be a plurality of elements, i.e. comprising a transmitter and a receiver, providing a unit for communicating with various other apparatus over a transmission medium. The processor is responsible for managing the bus architecture and general processing, and the memory may store data used by the processor in performing operations.
The readable storage medium of the embodiment of the present invention stores a program or an instruction, where the program or the instruction when executed by a processor implements a container rebuilding method as applied to an address fixing agent device or steps in a container rebuilding method as applied to a node agent device, and the steps can achieve the same technical effects, so that repetition is avoided and redundant description is omitted herein. Wherein the computer readable storage medium is selected from Read-Only Memory (ROM), random access Memory (Random Access Memory, RAM), magnetic disk or optical disk.
It is further noted that the user devices described in this specification include, but are not limited to, smartphones, tablets, etc., and that many of the functional components described are referred to as modules in order to more particularly emphasize their implementation independence.
In an embodiment of the invention, the modules may be implemented in software for execution by various types of processors. An identified module of executable code may, for instance, comprise one or more physical or logical blocks of computer instructions which may, for instance, be organized as an object, procedure, or function. Nevertheless, the executables of an identified module need not be physically located together, but may comprise disparate instructions stored in different bits which, when joined logically together, comprise the module and achieve the stated purpose for the module.
Indeed, a module of executable code may be a single instruction, or many instructions, and may even be distributed over several different code segments, among different programs, and across several memory devices. Likewise, operational data may be identified within modules and may be embodied in any suitable form and organized within any suitable type of data structure. The operational data may be collected as a single data set, or may be distributed over different locations including over different storage devices.
Where a module may be implemented in software, taking into account the level of existing hardware technology, a module may be implemented in software, and one skilled in the art may, without regard to cost, build corresponding hardware circuitry, including conventional Very Large Scale Integration (VLSI) circuits or gate arrays, and existing semiconductors such as logic chips, transistors, or other discrete components, to achieve the corresponding functions. A module may also be implemented in programmable hardware devices such as field programmable gate arrays, programmable array logic, programmable logic devices or the like.
The exemplary embodiments described above are described with reference to the drawings, many different forms and embodiments are possible without departing from the spirit and teachings of the present invention, and therefore, the present invention should not be construed as limited to the exemplary embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will convey the scope of the invention to those skilled in the art. In the drawings, the size of the elements and relative sizes may be exaggerated for clarity. The terminology used herein is for the purpose of describing particular example embodiments only and is not intended to be limiting. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. Unless otherwise indicated, a range of values includes the upper and lower limits of the range and any subranges therebetween.
While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that various modifications and adaptations can be made without departing from the principles of the present invention, and such modifications and adaptations are intended to be comprehended within the scope of the present invention.
Claims (13)
1. A container rebuilding method applied to an address fixing agent apparatus, the method comprising:
acquiring an operating system signal for terminating a process;
deleting a fault container based on the operating system signal;
receiving a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of the fault container;
and sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI reconstructs the fault container based on the network information.
2. The method of claim 1, wherein deleting the failure container based on the operating system signal comprises:
capturing a sigma signal corresponding to the operating system signal based on the operating system signal;
and deleting the fault container by terminating the process of the fault container based on the capturing result of the sigma signal.
3. The method of claim 2, wherein capturing a sign signal corresponding to the operating system signal based on the operating system signal comprises:
under the condition that the operating system signal is a sigkill signal or a sigstop signal, converting the operating system signal into a sigterm signal;
capturing the sigterm signal.
4. The method of claim 2, wherein deleting the fault container by terminating the process of the fault container based on the capture of the sign signal comprises:
registering a handle function in case the sign signal is captured;
sending a process termination signal to a process of the fault container based on the sigma signal and the handle function;
and responding to the process termination signal by the process of the fault container, and terminating the process of the fault container, wherein the fault container is deleted when all processes of the fault container are terminated.
5. The method of claim 1, wherein sending a first response message to the CRI comprises:
acquiring the identification information of the fault container based on the first request message;
Acquiring network information corresponding to the identification information according to the corresponding relation between the prestored identification and the network information;
the first response message is sent to the CRI based on the network information.
6. A container rebuilding method, applied to a node proxy device, comprising:
in case that the fault container is deleted is detected, sending a first request message to an address fixing agent device by calling CRI, wherein the first request message is used for requesting network information of the fault container;
receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
reconstructing the failure container based on the network information.
7. A container rebuilding apparatus, applied to an address fixing agent apparatus, comprising:
the acquisition module is used for acquiring an operating system signal for terminating the process;
the processing module is used for deleting the fault container based on the operating system signal;
the receiving module is used for receiving a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of the fault container;
And the sending module is used for sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI rebuilds the fault container based on the network information.
8. A container rebuilding apparatus, applied to a node proxy apparatus, comprising:
the sending module is used for sending a first request message to the address fixing agent device by calling CRI under the condition that the fault container is detected to be deleted, wherein the first request message is used for requesting network information of the fault container;
the receiving module is used for receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
and the processing module is used for reconstructing the fault container based on the network information.
9. An address fixing agent apparatus, comprising: a transceiver and a processor;
the processor is used for acquiring an operating system signal for terminating the process;
deleting a fault container based on the operating system signal;
the processor is used for receiving a first request message sent by a container runtime interface CRI, wherein the first request message is used for requesting network information of the fault container;
And sending a first response message to the CRI, wherein the first response message carries network information of the fault container so that the CRI reconstructs the fault container based on the network information.
10. A node proxy device, comprising: a transceiver and a processor;
the transceiver is used for sending a first request message to the address fixing agent device by calling CRI (CRI) under the condition that the fault container is detected to be deleted, wherein the first request message is used for requesting network information of the fault container;
receiving a first response message sent by the address fixing agent device, wherein the first response message carries network information of the fault container;
the processor is configured to reconstruct the failure container based on the network information.
11. An address fixing agent apparatus comprising: a transceiver, a processor, a memory, and a program or instructions stored on the memory and executable on the processor; the method steps of the container reconstruction method according to any one of claims 1 to 5 are carried out when the processor executes the program or instructions.
12. A node proxy apparatus comprising: a transceiver, a processor, a memory, and a program or instructions stored on the memory and executable on the processor; wherein the processor, when executing the program or instructions, implements the container reconstruction method steps of claim 6.
13. A readable storage medium having stored thereon a program or instructions, which when executed by a processor, realizes the steps of the container reconstruction method according to any one of claims 1 to 5 or the steps of the container reconstruction method according to claim 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210087233.4A CN116545985A (en) | 2022-01-25 | 2022-01-25 | Container reconstruction method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210087233.4A CN116545985A (en) | 2022-01-25 | 2022-01-25 | Container reconstruction method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116545985A true CN116545985A (en) | 2023-08-04 |
Family
ID=87442290
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210087233.4A Pending CN116545985A (en) | 2022-01-25 | 2022-01-25 | Container reconstruction method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116545985A (en) |
-
2022
- 2022-01-25 CN CN202210087233.4A patent/CN116545985A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4503225B2 (en) | Virtual network with adaptive dispatcher | |
US7502851B1 (en) | Facility to transmit network management data to an umbrella management system | |
JP3595783B2 (en) | Load test execution device and system, method therefor, and program therefor | |
US7165087B1 (en) | System and method for installing and configuring computing agents | |
US20100058329A1 (en) | Method and apparatus for dynamically instantiating services using a service insertion architecture | |
EP0762281B1 (en) | Network management with acquisition of formatted dump data from remote process | |
CN105024855A (en) | Distributed cluster management system and method | |
US20030009657A1 (en) | Method and system for booting of a target device in a network management system | |
JPH07319793A (en) | Method and apparatus for execution of distributed algorithm or service on computer network based on simple network management protocol | |
JP2004519024A (en) | System and method for managing a cluster containing multiple nodes | |
US20020188713A1 (en) | Distributed architecture for a telecommunications system | |
CN112637332B (en) | Service registration discovery method and system | |
CN106941420B (en) | cluster application environment upgrading method and device | |
US20040255287A1 (en) | Method and apparatus for updating inter-server communication software | |
US11500690B2 (en) | Dynamic load balancing in network centric process control systems | |
CN116545985A (en) | Container reconstruction method and device | |
US6173319B1 (en) | Using a systems network architecture logical unit activation request unit as a dynamic configuration definition in a gateway | |
JPH09331325A (en) | Network management system | |
KR20060121237A (en) | Method of automatically transferring router functionality | |
US6601184B1 (en) | System crash network access | |
CN111857759A (en) | Technical method for realizing honeypot service container distributed deployment based on kubernets | |
CN112448854A (en) | Kubernetes complex network policy system and implementation method thereof | |
JP3256506B2 (en) | Fault-tolerant network management system | |
CN118656854B (en) | Process authorization and access control method and system for integrated monitoring system of rail transit | |
CN117395316B (en) | Outlet flow management method, device and readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |