TWI833501B - Assets and configuration management system and method for multi-cloud and computer program product thereof - Google Patents
Assets and configuration management system and method for multi-cloud and computer program product thereof Download PDFInfo
- Publication number
- TWI833501B TWI833501B TW111148268A TW111148268A TWI833501B TW I833501 B TWI833501 B TW I833501B TW 111148268 A TW111148268 A TW 111148268A TW 111148268 A TW111148268 A TW 111148268A TW I833501 B TWI833501 B TW I833501B
- Authority
- TW
- Taiwan
- Prior art keywords
- asset
- query
- cloud
- configuration
- public cloud
- Prior art date
Links
- 238000004590 computer program Methods 0.000 title claims abstract description 14
- 238000000034 method Methods 0.000 title abstract description 35
- 238000007726 management method Methods 0.000 claims description 269
- 238000012545 processing Methods 0.000 claims description 23
- 230000004913 activation Effects 0.000 claims description 17
- 230000000694 effects Effects 0.000 claims description 10
- 238000005516 engineering process Methods 0.000 claims description 9
- 230000008569 process Effects 0.000 description 20
- 230000006870 function Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
本案係關於一種用於多雲的資產與組態之管理技術,詳言之,係關於一種用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品。 This case is about an asset and configuration management technology for multi-cloud. Specifically, it is about an asset and configuration management system, asset and configuration management method and computer program product for multiple public clouds.
目前雲端平台可例如有Amazon Web Services(AWS)、Microsoft Azure、Google Cloud Platform(GCP)等,可供使用者透過網際網路來使用公有雲上的雲端資源,例如虛擬主機(Virtual Machine,VM)、儲存空間、應用程式等。 Current cloud platforms include Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), etc., which allow users to use cloud resources on public clouds through the Internet, such as virtual machines (VM), Storage space, applications, etc.
不同的雲端平台提供不同的管理機制,以供使用者了解自己在雲端上使用的作業環境或軟體服務等。然而,當使用者或企業擁有多個公有雲的帳號時,且多個公有雲上還有不同類型的服務或資源,管理這些服務或資源之資產及他們的組態配置時,提供整合性和即時的管理系統與方法,對於使用者而言甚為重要。 Different cloud platforms provide different management mechanisms for users to understand the operating environment or software services they use on the cloud. However, when a user or enterprise has multiple public cloud accounts, and there are different types of services or resources on the multiple public clouds, it provides integration and real-time management of the assets of these services or resources and their configuration. Management systems and methods are very important to users.
因此,如何提供一種便利管理技術,讓使用者能方便地在多個公有雲上管理自己的資產和組態,為目前待解決的議題。 Therefore, how to provide a convenient management technology that allows users to easily manage their assets and configurations on multiple public clouds is an issue that needs to be solved.
為解決上述問題及其他問題,本案揭示一種用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品。 In order to solve the above problems and other problems, this case discloses an asset and configuration management system, asset and configuration management method and computer program product for multiple public clouds.
本案所揭之用於多個公有雲之資產與組態管理系統,係包括:多雲資產管理資料庫;多雲資產管理核心單元,用於根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略;資產查詢策略單元,係根據該多雲資產管理核心單元所取得之該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢,以將所查詢到之資產查詢結果傳送至該多雲資產管理核心單元彙整為資產資訊而儲存至該多雲資產管理資料庫;以及多雲組態管理核心單元,係響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在該公有雲上進行組態查詢,以將所查詢到之組態查詢結果彙整為組態資訊而回傳該組態資訊。 The asset and configuration management system for multiple public clouds disclosed in this case includes: a multi-cloud asset management database; a multi-cloud asset management core unit used to obtain the user's public cloud account and assets based on an asset query request Query strategy; the asset query strategy unit performs asset query on the public cloud based on the public cloud account and the asset query strategy obtained by the multi-cloud asset management core unit, so as to transmit the queried asset query results to the multi-cloud asset The management core unit collects asset information and stores it in the multi-cloud asset management database; and the multi-cloud configuration management core unit responds to a configuration query request for a given asset in the asset information, and performs the configuration query on Configuration query is performed on the public cloud, and the configuration query results are compiled into configuration information and the configuration information is returned.
本案所揭之用於多個公有雲之資產與組態管理系統,更包括:外部公有雲事件接收單元,係用於接收更新事件;以及工作排程與事件管理單元,係產生由工作排程所啟動之該資產查詢請求和由更新事件所驅動之該資產查詢請求,其中,該多雲資產管理核心單元根據由該工作排程所啟動之該資產查詢請求,至該多雲資產管理資料庫中取得該公有雲帳號及該資產查詢策略,或者其中,該多雲資產管理核心單元根據由該更新事件所驅動之該資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略,其中,該工作排程與事件管理單元、該多雲資產管理核心單元、及該資產查詢策略單元係構成多雲 資產管理子系統,且該多雲資產管理子系統係以叢集化容器技術部屬於電子裝置中。 The asset and configuration management system used in multiple public clouds disclosed in this case also includes: an external public cloud event receiving unit, which is used to receive update events; and a work scheduling and event management unit, which is generated by the work schedule The asset query request initiated and the asset query request driven by the update event, wherein the multi-cloud asset management core unit obtains the asset query request from the multi-cloud asset management database according to the asset query request initiated by the work schedule. The public cloud account and the asset query strategy, or the multi-cloud asset management core unit obtains the public cloud account and the asset query strategy from the activity record of the update event based on the asset query request driven by the update event , wherein the work scheduling and event management unit, the multi-cloud asset management core unit, and the asset query strategy unit constitute a multi-cloud Asset management subsystem, and the multi-cloud asset management subsystem is based on clustered container technology and is part of the electronic device.
本案所揭之用於多個公有雲之資產與組態管理系統,更包括:外部公有雲介面單元,用於介接多個公有雲;以及組態大數據處理單元,於該多雲組態管理核心單元藉由該外部公有雲介面單元在該公有雲所查詢到的組態查詢結果為批次時,該組態大數據處理單元將批次之組態查詢結果組合為完整的組態資訊,其中,該多雲組態管理核心單元及該組態大數據處理單元係構成多雲組態管理子系統,且該多雲組態管理子系統係以叢集化容器技術部屬於電子裝置中。 The asset and configuration management system for multiple public clouds disclosed in this case also includes: an external public cloud interface unit for connecting multiple public clouds; and a configuration big data processing unit for configuration management of the multi-cloud When the configuration query results queried by the core unit in the public cloud through the external public cloud interface unit are batches, the configuration big data processing unit combines the configuration query results of the batches into complete configuration information. Among them, the multi-cloud configuration management core unit and the configuration big data processing unit constitute a multi-cloud configuration management subsystem, and the multi-cloud configuration management subsystem is based on clustered container technology and is part of an electronic device.
於一實施例中,該資產查詢策略單元包括:設定檔(Config)資產管理單元,其用於呼叫該設定檔(Config)資產所對應之外部公有雲介面,以查詢設定檔(Config)型資產資訊;資源群組與標籤(Resource Group & Tag)資產管理單元,其用於呼叫該資源群組與標籤(Resource Group & Tag)資產所對應之外部公有雲介面,以查詢資源群組與標籤(Resource Group & Tag)型資產資訊;軟體開發工具套件(software development kit,SDK)資產管理單元,其用於在該公有雲查詢SDK型資產資訊;以及資源圖譜(Resource Graph)資產管理單元,其用於呼叫該資源圖譜(Resource Graph)產所對應之外部公有雲介面,以查詢資源圖譜(Resource Graph)型資產資訊。 In one embodiment, the asset query strategy unit includes: a configuration file (Config) asset management unit, which is used to call an external public cloud interface corresponding to the configuration file (Config) asset to query the configuration file (Config) type asset. Information; resource group and tag (Resource Group & Tag) asset management unit, which is used to call the external public cloud interface corresponding to the resource group and tag (Resource Group & Tag) assets to query the resource group and tag ( Resource Group & Tag) type asset information; a software development kit (SDK) asset management unit, which is used to query SDK type asset information in the public cloud; and a Resource Graph (Resource Graph) asset management unit, which is used to query SDK type asset information in the public cloud. Call the external public cloud interface corresponding to the resource graph (Resource Graph) product to query the resource graph (Resource Graph) type asset information.
於一實施例中,該多雲資產管理資料庫係儲存公有雲區域清單資料表、公有雲資產查詢策略資料表、公有雲服務或資源類型資料表、公有雲平台種類資料表、使用者多雲帳號資料表、多雲帳號資產排程啟動與事件驅動管理紀錄表、及/或資產查詢結果之服務或資源識別碼資料表,且其中,該資產查詢結 果之服務或資源識別碼資料表與該多雲帳號資產排程啟動與事件驅動管理紀錄表為多對多的關係,該多雲帳號資產排程啟動與事件驅動管理紀錄表與該使用者多雲帳號資料表為多對一的關係,該使用者多雲帳號資料表與該公有雲平台種類資料表為多對一的關係,而該公有雲平台種類資料表與該公有雲資產查詢策略資料表為一對多的關係,該公有雲平台種類資料表與該公有雲區域清單資料表為一對多的關係,該公有雲平台種類資料表與該公有雲服務或資源類型資料表為一對多的關係。 In one embodiment, the multi-cloud asset management database stores a public cloud region list data table, a public cloud asset query strategy data table, a public cloud service or resource type data table, a public cloud platform type data table, and user multi-cloud account data. table, multi-cloud account asset schedule activation and event-driven management record table, and/or service or resource identification data table of asset query results, and among them, the asset query result If the service or resource identifier data table has a many-to-many relationship with the multi-cloud account asset schedule activation and event-driven management record table, the multi-cloud account asset schedule activation and event-driven management record table has the user multi-cloud account information. The table has a many-to-one relationship, the user multi-cloud account data table and the public cloud platform type data table have a many-to-one relationship, and the public cloud platform type data table and the public cloud asset query strategy data table have a one-to-one relationship. There is a many-to-many relationship. The public cloud platform type data table has a one-to-many relationship with the public cloud region list data table. The public cloud platform type data table has a one-to-many relationship with the public cloud service or resource type data table.
本案所揭之用於多個公有雲之資產與組態管理方法,係包括:根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略;根據該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢;將所查詢到之資產查詢結果彙整為資產資訊而儲存在多雲資產管理資料庫;響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在該公有雲上進行組態查詢;以及將所查詢到之組態查詢結果彙整為組態資訊,以回傳該給定資產之該組態資訊。 The asset and configuration management method for multiple public clouds disclosed in this case includes: obtaining the user's public cloud account and asset query strategy based on an asset query request; based on the public cloud account and the asset query strategy, Perform asset query on the public cloud; compile the queried asset query results into asset information and store them in the multi-cloud asset management database; respond to a configuration query request for a given asset in the asset information, query according to the configuration Request a configuration query on the public cloud; and compile the configuration query results into configuration information to return the configuration information of the given asset.
於一實施例中,所述根據一資產查詢請求,取得使用者的公有雲帳號及資產查詢策略之步驟係包括:於該資產查詢請求係由工作排程所啟動時,根據由該工作排程所啟動之該資產查詢請求,至該多雲資產管理資料庫中取得該公有雲帳號及該資產查詢策略;以及於該資產查詢請求係由更新事件所驅動時,根據由該更新事件所驅動之該資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略。 In one embodiment, the step of obtaining the user's public cloud account and asset query strategy according to an asset query request includes: when the asset query request is initiated by a work schedule, according to the work schedule The initiated asset query request obtains the public cloud account and the asset query policy from the multi-cloud asset management database; and when the asset query request is driven by an update event, the The asset query request obtains the public cloud account and the asset query policy from the activity record of the update event.
於一實施例中,所述將所查詢到之組態查詢結果彙整為組態資訊,以回傳該給定資產之該組態資訊之步驟係包括:於所查詢到的該組態資訊為批次時,將批次之組態資訊組合為完整組態資訊再回傳。 In one embodiment, the step of compiling the queried configuration query results into configuration information to return the configuration information of the given asset includes: when the queried configuration information is When batching, combine the configuration information of the batch into complete configuration information and then return it.
於一實施例中,所述根據該公有雲帳號及該資產查詢策略,在公有雲上進行資產查詢之步驟係包括:於該資產查詢策略包括設定檔(Config)資產查詢策略時,呼叫該設定檔(Config)資產所對應之外部公有雲介面,以查詢設定檔(Config)型資產資訊;於該資產查詢策略包括資源群組與標籤(Resource Group & Tag)資產查詢策略時,呼叫該資源群組與標籤(Resource Group & Tag)資產所對應之外部公有雲介面,以查詢資源群組與標籤(Resource Group & Tag)型資產資訊;於該資產查詢策略包括軟體開發工具套件(software development kit,SDK)資產查詢策略時,在該公有雲查詢SDK型資產資訊;以及於該資產查詢策略包括資源圖譜(Resource Graph)資產查詢策略時,呼叫該資源圖譜(Resource Graph)產所對應之外部公有雲介面,以查詢資源圖譜(Resource Graph)型資產資訊。 In one embodiment, the step of performing asset query on the public cloud according to the public cloud account and the asset query strategy includes: when the asset query strategy includes a configuration file (Config) asset query strategy, calling the configuration file (Config) The external public cloud interface corresponding to the asset to query the configuration file (Config) asset information; when the asset query strategy includes the resource group and tag (Resource Group & Tag) asset query strategy, call the resource group The external public cloud interface corresponding to the resource group & tag asset is used to query resource group and tag asset information; the asset query strategy includes software development kit (SDK) ) asset query strategy, query SDK asset information in the public cloud; and when the asset query strategy includes a Resource Graph asset query strategy, call the external public cloud interface corresponding to the Resource Graph product. , to query resource graph (Resource Graph) asset information.
於一實施例中,該多雲資產管理資料庫係儲存公有雲區域清單資料表、公有雲資產查詢策略資料表、公有雲服務或資源類型資料表、公有雲平台種類資料表、使用者多雲帳號資料表、多雲帳號資產排程啟動與事件驅動管理紀錄表、及/或資產查詢結果之服務或資源識別碼資料表,且其中,該資產查詢結果之服務或資源識別碼資料表與該多雲帳號資產排程啟動與事件驅動管理紀錄表為多對多的關係,該多雲帳號資產排程啟動與事件驅動管理紀錄表與該使用者多雲帳號資料表為多對一的關係,該使用者多雲帳號資料表與該公有雲平台種類資料表為多對一的關係,而該公有雲平台種類資料表與該公有雲資產查詢策略資料表為一對多的關係,該公有雲平台種類資料表與該公有雲區域清單資料表為一對多的關係,該公有雲平台種類資料表與該公有雲服務或資源類型資料表為一對多的關係。 In one embodiment, the multi-cloud asset management database stores a public cloud region list data table, a public cloud asset query strategy data table, a public cloud service or resource type data table, a public cloud platform type data table, and user multi-cloud account data. table, the multi-cloud account asset schedule activation and event-driven management record table, and/or the service or resource identification code data table of the asset query results, and among them, the service or resource identification code data table of the asset query results and the multi-cloud account assets The schedule activation and event-driven management record table are in a many-to-many relationship. The multi-cloud account asset schedule activation and event-driven management record table are in a many-to-one relationship with the user multi-cloud account data table. The user multi-cloud account data is in a many-to-one relationship. The table has a many-to-one relationship with the public cloud platform type data table, and the public cloud platform type data table has a one-to-many relationship with the public cloud asset query strategy data table. The public cloud platform type data table has a one-to-one relationship with the public cloud platform type data table. The cloud region list data table has a one-to-many relationship, and the public cloud platform type data table has a one-to-many relationship with the public cloud service or resource type data table.
本案所揭之電腦程式產品係經電腦載入程式以執行本案所揭之用於多個公有雲之資產與組態管理方法。 The computer program product disclosed in this case is loaded into the computer to execute the asset and configuration management method disclosed in this case for multiple public clouds.
本案所揭之電腦可讀取媒體係儲存本案所揭之電腦程式產品。 The computer-readable media disclosed in this case stores the computer program product disclosed in this case.
藉由本案所揭之用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品,係於多雲資產與組態管理服務範疇中設計一套多雲資產與組態管理,藉以提供查詢公有雲上複數區域上異質型服務或資源之識別碼、數量與組態。首先,可由工作排程啟動時觸發查詢,取得使用者授權之公有雲帳號,參照資料庫記載之可用公有雲區域清單,依續針對各個區域中不同類型服務或資源進行資產數量查詢,資產之查詢策略可包含但不限於SDK型資產、ResourceGroup&Tag型資產、Config型資產與Resource Graph型資產,資產數量查詢之結果亦提供依據服務或資源類種類分類查詢與管理,當複數種公有雲區域上之服務或資源資產數量更新時,亦將觸發進行最新服務或資源之數量更新,以提供使用者最新之多雲資產結果。此外,更可針對已有記載之特定服務或資源進一步提供組態資料查訊,組態資訊將透過大數據處理機制,以提升查詢效率,提供即時之多雲資產與組態管理服務。 Through the asset and configuration management system, asset and configuration management methods and computer program products for multiple public clouds disclosed in this case, a set of multi-cloud assets and configuration management services are designed. State management provides the ability to query the identification, quantity, and configuration of heterogeneous services or resources in multiple regions on the public cloud. First, the query can be triggered when the work schedule is started, obtain the public cloud account authorized by the user, refer to the list of available public cloud regions recorded in the database, and continue to query the asset quantity and asset query for different types of services or resources in each region. Strategies can include but are not limited to SDK-type assets, ResourceGroup&Tag-type assets, Config-type assets, and Resource Graph-type assets. The results of asset quantity query also provide classification query and management based on service or resource type. When services on multiple public cloud regions Or when the quantity of resource assets is updated, it will also trigger an update of the quantity of the latest services or resources to provide users with the latest multi-cloud asset results. In addition, configuration data query can be further provided for specific services or resources that have been recorded. Configuration information will be processed through big data processing mechanisms to improve query efficiency and provide real-time multi-cloud asset and configuration management services.
100:資產與組態管理系統 100:Asset and configuration management system
1:多雲資產管理子系統 1: Multi-cloud asset management subsystem
2:多雲組態管理子系統 2: Multi-cloud configuration management subsystem
10、10A、10B、10C:使用者終端裝置 10, 10A, 10B, 10C: User terminal device
11:外部公有雲事件收集單元 11: External public cloud event collection unit
12:工作排程與事件管理單元 12: Work scheduling and event management unit
13:多雲資產管理核心單元 13: Multi-cloud asset management core unit
14:資產查詢策略單元 14: Asset query strategy unit
141:設定檔(Config)資產管理單元 141:Config asset management unit
142:資源群組與標籤(Resource Group & Tag)資產管理單元 142: Resource Group & Tag asset management unit
143:軟體開發工具套件(software development kit,SDK)資產管理單元 143: Software development kit (SDK) asset management unit
144:資源圖譜(Resource Graph)資產管理單元 144: Resource Graph asset management unit
15:多雲資產管理資料庫 15:Multi-cloud asset management database
16:多雲組態管理核心單元 16: Multi-cloud configuration management core unit
17:組態大數據處理單元 17:Configuring big data processing unit
18:外部公有雲介面單元 18:External public cloud interface unit
200:資產與組態管理方法 200: Asset and configuration management methods
S21~S23、S231~S234、S24、S241~S244、S25~S27:步驟 S21~S23, S231~S234, S24, S241~S244, S25~S27: steps
300:多雲資產管理資料表 300: Multi-cloud Asset Management Fact Sheet
31:公有雲區域清單資料表 31: Public cloud region list information table
32:公有雲資產查詢策略資料表 32: Public cloud asset query strategy data sheet
33:公有雲服務或資源類型資料表 33: Public cloud service or resource type information table
34:公有雲平台種類資料表 34: Public cloud platform type information table
35:使用者多雲帳號資料表 35: User multi-cloud account information table
36:多雲帳號資產排程啟動與事件驅動管理紀錄表 36: Multi-cloud account asset schedule activation and event-driven management record table
37:資產查詢結果之服務或資源識別碼資料表 37: Service or resource identification code data table of asset query results
400:流程 400:Process
S401~S416:步驟 S401~S416: steps
500:流程 500:Process
S501~S523:步驟 S501~S523: steps
600:流程 600:Process
S601~S612:步驟 S601~S612: steps
700:流程 700:Process
S701~S711:步驟 S701~S711: steps
圖1係本案之用於多個公有雲之資產與組態管理系統的實施例之方塊示意圖。 Figure 1 is a block diagram of an embodiment of the asset and configuration management system for multiple public clouds in this case.
圖2係本案之用於多個公有雲之資產與組態管理方法的步驟實施例的流程示意圖。 Figure 2 is a schematic flowchart of a step embodiment of the asset and configuration management method for multiple public clouds in this case.
圖3係本案之用於多個公有雲之資產與組態管理系統中多雲資產管理資料表的結構關係示意圖。 Figure 3 is a schematic diagram of the structural relationship of the multi-cloud asset management data table in the asset and configuration management system for multiple public clouds in this case.
圖4係本案之用於多個公有雲之資產與組態管理系統及方法的實施例之流程示意圖。 Figure 4 is a flow diagram of an embodiment of the asset and configuration management system and method for multiple public clouds in this case.
圖5係本案之用於多個公有雲之資產與組態管理系統及方法的實施例中排程啟動之流程示意圖。 Figure 5 is a schematic flowchart of scheduled startup in an embodiment of the asset and configuration management system and method for multiple public clouds in this case.
圖6係本案之用於多個公有雲之資產與組態管理系統及方法的實施例中事件驅動之流程示意圖。 Figure 6 is a schematic diagram of an event-driven process in an embodiment of the asset and configuration management system and method for multiple public clouds in this case.
圖7係本案之用於多個公有雲之資產與組態管理系統及方法的實施例中組態查詢之流程示意圖。 Figure 7 is a schematic flowchart of configuration query in an embodiment of the asset and configuration management system and method for multiple public clouds in this case.
以下藉由特定的實施例說明本案之實施方式,熟習此項技藝之人士可由本文所揭示之內容輕易地瞭解本案之其他優點及功效。本說明書所附圖式所繪示之結構、比值、大小等均僅用於配合說明書所揭示之內容,以供熟悉此技藝之人士之瞭解與閱讀,非用於限定本案可實施之限定條件,故任何修飾、改變或調整,在不影響本案所能產生之功效及所能達成之目的下,均應仍落在本案所揭示之技術內容得能涵蓋之範圍內。 The following uses specific examples to illustrate the implementation of the present invention. People familiar with this art can easily understand other advantages and effects of the present invention from the content disclosed in this article. The structures, ratios, sizes, etc. shown in the drawings attached to this manual are only used to coordinate with the content disclosed in the manual for the understanding and reading of those familiar with this art. They are not used to limit the conditions for the implementation of this case. Therefore, any modification, change or adjustment, without affecting the effectiveness and purpose of this case, should still fall within the scope of the technical content disclosed in this case.
於本文中所用之術語「包括」、「包含」、「具有」、「含有」或其任何其他變體都旨在涵蓋非排他性的包含。除非另有說明,單數形式的措辭,如「一」、「一個」、「該」也適用於複數形式,而「或」、「及/或」等措辭可互換使用。 As used herein, the terms "includes," "includes," "has," "contains" or any other variations thereof are intended to cover a non-exclusive inclusion. Unless stated otherwise, singular terms such as "a", "an" and "the" also apply to the plural form and terms such as "or", "and/or" are used interchangeably.
請參閱圖1,其示意說明本案之用於多個公有雲之資產與組態管理系統的實施例。 Please refer to Figure 1, which schematically illustrates an embodiment of the asset and configuration management system for multiple public clouds in this case.
本案之資產與組態管理系統100包括外部公有雲事件收集單元11、工作排程與事件管理單元12、多雲資產管理核心單元13、資產查詢策略單元14、多雲資產管理資料庫15、多雲組態管理核心單元16、組態大數據處理單元17、外部公有雲介面單元18。
The asset and
外部公有雲事件收集單元11用於接收更新事件,即,負責接收多個公有雲上使用者的公有雲帳號之服務或資源的更新事件。
The external public cloud
外部公有雲介面單元18用於介接多個公有雲,即,負責與多個公有雲上之介面進行介接工作。
The external public
多雲資產管理資料庫15主要用於存放資產查詢策略和資產查詢結果等。於一實施例中,多雲資產管理資料庫15儲存:公有雲區域清單資料表31、公有雲資產查詢策略資料表32、公有雲服務或資源類型資料表33、公有雲平台種類資料表34、使用者多雲帳號資料表35、多雲帳號資產排程啟動與事件驅動管理紀錄表36、及/或資產查詢結果之服務或資源識別碼資料表37,如圖3所示。
The multi-cloud
工作排程與事件管理單元12用於產生資產查詢請求。於一實施例,工作排程與事件管理單元12可產生由工作排程所啟動之資產查詢請求。於另一實施例,工作排程與事件管理單元12可產生由外部公有雲事件收集單元11所收集之更新事件所驅動之資產查詢請求。換言之,工作排程與事件管理單元12接收排程啟動和事件驅動兩種模式,以觸發資產查詢任務。
The work scheduling and
多雲資產管理核心單元13用於接收來自工作排程與事件管理單元12之一資產查詢請求,以根據該資產查詢請求取得使用者的公有雲帳號及資產查詢策略。於一實施例,該資產查詢請求可由工作排程所啟動,則多雲資產管理核心單元13根據由該工作排程所啟動之該資產查詢請求,至多雲資產管理資料庫15中取得該公有雲帳號及該資產查詢策略。於另一實施例,該資產查詢請求可由更新事件所驅動,多雲資產管理核心單元13根據由該更新事件所驅動之資產查詢請求,自該更新事件的活動紀錄中取得該公有雲帳號及該資產查詢策略。
The multi-cloud asset
資產查詢策略單元14根據該公有雲帳號及該資產查詢策略,藉由或不藉由外部公有雲介面單原18而在公有雲上進行資產查詢,以將所查詢到之資產查詢結果交付多雲資產管理核心單元13彙整為資產資訊而儲存在多雲資產管理資料庫15,俾供多雲資產管理核心單元13自多雲資產管理資料庫15取出以回傳該使用者的該公有雲帳號之該資產資訊。
The asset
換言之,多雲資產管理核心單元13和資產查詢策略單元14負責查詢或更新使用者的公有雲帳號下的資產資訊,並且取得或決定資產查詢策略,進而彙整所查詢或更新的結果以儲存至多雲資產管理資料庫15,便於當使用者查詢時,即能從多雲資產管理資料庫15中取得以回傳。
In other words, the multi-cloud asset
另外,如圖5所示,資產查詢策略單元14更包括但不限於:設定檔(Config)資產管理單元141、資源群組與標籤(Resource Group & Tag)資產管理單元142、軟體開發工具套件(software development kit,SDK)資產管理單元143、資源圖譜(Resource Graph)資產管理單元144。
In addition, as shown in Figure 5, the asset
設定檔(Config)資產管理單元141用於呼叫該設定檔(Config)資產所對應之外部公有雲介面,以查詢設定檔(Config)型資產資訊。資源群組與標籤(Resource Group & Tag)資產管理單元142於呼叫該資源群組與標籤(Resource Group & Tag)資產所對應之外部公有雲介面,以查詢資源群組與標籤(Resource Group & Tag)型資產資訊。軟體開發工具套件(software development kit,SDK)資產管理單元143用於在該公有雲查詢SDK型資產資訊。資源圖譜(Resource Graph)資產管理單元144用於呼叫該資源圖譜(Resource Graph)產所對應之外部公有雲介面,以查詢資源圖譜(Resource Graph)型資產資訊。
The configuration file (Config)
多雲組態管理核心單元16響應於針對該資產資訊中給定資產之一組態查詢請求,根據該組態查詢請求在公有雲上進行組態查詢,以將所查詢到之組態查詢結果彙整為組態資訊而回傳該組態資訊。換言之,多雲組態管理核心單元16負責即時查詢使用者所指定之服務或資源的組態資訊,以將組態查詢結果彙整為組態資訊。
The multi-cloud configuration
組態大數據處理單元17於多雲組態管理核心單元16藉由外部公有雲介面單元18在公有雲所查詢到的組態查詢結果為批次時,組態大數據處理單元17將批次之組態查詢結果組合為完整的組態資訊,即,於組態查詢結果的量較多時,以大數據機制處理之,可有效提升即時查詢效率。
When the configuration query result queried by the multi-cloud configuration
於一實施例中,工作排程與事件管理單元12、多雲資產管理核心單元13、及資產查詢策略單元14可構成多雲資產管理子系統1,並且多雲資產管理子系統1係以叢集化容器技術部屬於電子裝置中。
In one embodiment, the work scheduling and
於另一實施例中,多雲組態管理核心單元16及組態大數據處理單元17可構成多雲組態管理子系統2,並且多雲組態管理子系統2係以叢集化容器技術部屬於電子裝置中。
In another embodiment, the multi-cloud configuration
簡言之,在圖1所示之用於多個公有雲之資產與組態管理系統100之實施例中,本發明之資產與組態管理系統100以及其子系統及單元係以叢集化容器技術方式部署於電子裝置中,負責於多雲資產與組態管理服務範疇中,提供公有雲上複數區域上異質型服務或資源之識別碼、數量與組態查詢與管理機制,包括多雲資產管理子系統1與多雲組態管理子系統2,其中,多雲資產管理子系統1提供使用者可查詢其於多種公有雲上最新之多雲資產資訊,多雲資產資訊可包含但不限於:資產之服務或資源種類、數量與唯一識別資訊。
Briefly, in the embodiment of the asset and
多雲資產管理子系統1中首先由工作排程與事件管理單元12以使用者的公有雲上之所屬帳號為單位,負責驅動資產查詢或更新之任務,接續由多雲資產管理核心單元13負責管理資產資訊查詢之生命週期,包括資產資訊之更新工作,亦將依據使用者的公有雲上之公雲帳號取得合適之複數種資產查詢策略,並分別分派至資產查詢策略單元14中的Config資產管理單元或ResourceGroup&Tag資產管理單元或SDK查詢資產管理單元或Resource Graph資產管理單元進行查詢,分別運作如下,Config資產管理單元需申請或開通公有雲上之Config服務,例如但不限於AWS Config服務,因此使用者之公有雲帳號必須於所有資產所在之公有雲區域啟用Config服務,並啟用Config服務接收器Recorder,即可搭配外部公有雲介面單元18,取得Config型資產。ResourceGroup&Tag資產管理單元無須另行申租公有雲之服務,負責針對使用者之公有雲帳號已設有標籤(Tag)之服務或資源進行資產查詢,同上可搭配外部公
有雲介面單元18,取得ResourceGroup&Tag型資產。SDK查詢資產管理單元無須另行申租公有雲之服務,著重鎖定單一種服務或資源,透過公有雲該服務或資源所提供之介接查詢工具(SDK),無須搭配外部公有雲介面單元18,即可進行SDK型資產查詢,Resource Graph資產管理單元無須申租或啟用公有雲之服務,但須搭配公有雲上之Resource Graph服務,需搭配外部公有雲介面單元18,即可取得Resource Graph型所支援服務或資源之資產,但Resource Graph具有介面呼叫配額限制,因此當超過配額時,將無法及時取得Resource Graph型資產資訊。分派之查詢結果彙整後,將存放至多雲資產管理資料庫15,供使用者查詢資產結果。
In the multi-cloud
此外,多雲組態管理子系統2提供使用者即時查詢公有雲帳號中指定服務或資源之組態資訊,多雲組態管理核心單元16負責接收指定服務或資源之組態查詢請求,接續搭配外部公有雲介面單元18,將根據指定服務或資源之識別碼將組態資訊查回,若查回之組態資訊過大,則委派組態大數據處理單元17將組態回傳結果,轉成大數據串流,依序收到切格成較小串流單位,後方才組合回完整組態數據,提供即時之多雲組態管理查詢功能。
In addition, the multi-cloud
請參閱圖2,其示意說明本案之用於多個公有雲之資產與組態管理方法的步驟之實施例。資產與組態管理方法200包括步驟S21~S27,其可由電子裝置所執行,例如以叢集化容器技術部署有資產與組態管理系統100之伺服器。
Please refer to Figure 2, which schematically illustrates an embodiment of the steps of the asset and configuration management method for multiple public clouds in this case. The asset and
於步驟S21中,接收一資產查詢請求,其中,該資產查詢請求可由工作排程所啟動或由更新事件所驅動。 In step S21, an asset query request is received, where the asset query request may be initiated by a work schedule or driven by an update event.
於步驟S22中,取得使用者的公有雲帳號。 In step S22, the user's public cloud account is obtained.
於步驟S23中,取得對應該公有雲帳號之資產查詢策略。 In step S23, the asset query policy corresponding to the public cloud account is obtained.
須說明的是,若該資產查詢請求是由工作排程所啟動,則先至多雲資產管理資料庫15取得使用者的公有雲帳號,再根據該公有雲帳號自多雲資產管理資料庫15取得對應的資產查詢策略。若該資產查詢請求是由更新事件所驅動,且若該更新事件的活動紀錄中有使用者之公有雲帳號和對應的資產查詢策略,則無需至多雲資產管理資料庫15,惟若該更新事件的活動紀錄中未有使用者之公有雲帳號和對應的資產查詢策略時,則比照工作排程啟動的資產查詢請求的運作。
It should be noted that if the asset query request is initiated by a work schedule, the user's public cloud account is first obtained from the multi-cloud
於步驟S24中,根據使用者的公有雲帳號和資產查詢策略在公有雲上進行資產查詢。 In step S24, asset query is performed on the public cloud according to the user's public cloud account and asset query policy.
於一實施例中,包括步驟S231和S241,於多雲資產管理資料庫查詢資產查詢策略中是否存在ResourceGroup&Tag資產的類型,若是,取得ResourceGroup&Tag資產資訊,接著返回步驟S23;若否,進至步驟S232。於又一實施例中,包括步驟S232和S242,於多雲資產管理資料庫查詢資產查詢策略中是否存在Config資產的類型,若是,取得Config資產資訊,接著返回步驟S23;若否,進至步驟S232。於再一實施例中,包括步驟S233和S243,於多雲資產管理資料庫查詢資產查詢策略中是否存在SDK資產的類型,若是,取得SDK資產資訊,接著返回步驟S23;若否,進至步驟S234。於另一實施例中,包括步驟S234和S244,於多雲資產管理資料庫查詢資產查詢策略中是否存在ResourceGraph資產的類型,若是,取得ResourceGraph資產資訊;若否,進至步驟S25。須說明的是,步驟S231、S232、S233、S234並無順序上的限制,僅需每個類型的資產皆判斷過即可。 In one embodiment, including steps S231 and S241, the multi-cloud asset management database is queried to see if there is a ResourceGroup&Tag asset type in the asset query policy. If so, the ResourceGroup&Tag asset information is obtained, and then returns to step S23; if not, proceeds to step S232. In another embodiment, steps S232 and S242 are included to query whether the type of Config asset exists in the asset query policy in the multi-cloud asset management database. If so, obtain the Config asset information, and then return to step S23; if not, proceed to step S232. . In yet another embodiment, steps S233 and S243 are included to query whether the asset query policy contains the type of SDK asset in the multi-cloud asset management database. If so, obtain the SDK asset information and then return to step S23; if not, proceed to step S234. . In another embodiment, steps S234 and S244 are included to query whether the resource graph asset type exists in the asset query policy in the multi-cloud asset management database. If so, obtain the ResourceGraph asset information; if not, proceed to step S25. It should be noted that there is no order restriction on steps S231, S232, S233, and S234, as long as each type of asset has been judged.
於步驟S25中,彙整以儲存資產查詢結果,也就是將步驟S24中所查詢到的資產查詢皆果彙整,以儲存或更新至多雲資產管理資料庫中。 In step S25, the asset query results are collected and stored, that is, the asset query results queried in step S24 are collected and stored or updated in the multi-cloud asset management database.
於步驟S26中,是否查詢組態資訊,若是,進至步驟S27,若否,則完成此次查詢。 In step S26, whether to query configuration information, if yes, proceed to step S27, if not, complete the query.
於步驟S27中,查詢組態資訊,之後,完成此次查詢。 In step S27, the configuration information is queried, and then the query is completed.
簡言之,在圖2所示之用於多個公有雲之資產與組態管理方法200之實施例中,首先關於步驟S21的資產查詢請求,可由多雲資產查詢工作排程啟動或多雲資產更新事件驅動進行觸發,觸發後,接續於步驟S22中取得之使用者的公有雲帳號並取得資產查詢策略,經步驟S231的判斷,查詢的資產是否為ResourceGroup&Tag型資產,則進行取得ResourceGroup&Tag資產的步驟S232,若非為ResourceGroup&Tag型資產,則前往以下判斷式,同理完成步驟S232及步驟S242、步驟S233及步驟S243、步驟S234與步驟S244之判斷與查詢,則將上述資產查詢結果經彙整,於步驟S25進行儲存,接著,於步驟S26判斷是否需即時查詢組態資訊,若為否,則流程結束,若是,則繼續進行進一步之步驟S27組態查詢,其中可透過步驟大數據組態資訊處理完成查詢提升組態查詢效率,藉以完成查詢。
In short, in the embodiment of the asset and
須說明的是,本案之方法可執行在例如伺服器、電腦或其他具有資料處理、運算、儲存、網路通聯等功能的一個單獨或多個集合之設備中,其中,該伺服器、電腦或設備包括中央處理器、硬碟、記憶體等。 It should be noted that the method in this case can be executed on, for example, a server, computer, or other equipment with data processing, computing, storage, network communication, etc. functions as a single or multiple collections, where the server, computer, or Equipment includes central processing unit, hard drive, memory, etc.
在一實施例中,所述模組、單元均可為軟體、硬體或韌體;若為硬體,則可為具有資料處理與運算能力之處理單元、處理器、電腦或伺 服器;若為軟體或韌體,則可包括處理單元、處理器、電腦或伺服器可執行之指令,且可安裝於同一硬體裝置或分布於不同的複數硬體裝置。 In one embodiment, the modules and units can be software, hardware or firmware; if they are hardware, they can be a processing unit, processor, computer or server with data processing and computing capabilities. Server; if it is software or firmware, it may include instructions executable by a processing unit, processor, computer or server, and may be installed on the same hardware device or distributed across multiple different hardware devices.
另外,本案之電腦程式產品係經由電腦載入程式後執行該方法。另外,電腦程式(產品)除可儲存於記錄媒體外,亦可在網路上直接傳輸提供,電腦程式(產品)係為載有電腦可讀取之程式且不限外在形式之物。所述電腦包括但不限於具有處理器之電子裝置,例如手機或平板等。 In addition, the computer program product in this case executes the method after loading the program on the computer. In addition, in addition to being stored in recording media, computer programs (products) can also be directly transmitted and provided over the Internet. Computer programs (products) are things that contain computer-readable programs and are not limited to external forms. The computer includes but is not limited to an electronic device with a processor, such as a mobile phone or a tablet.
此外,本案還提供一種電腦可讀取記錄媒體,係應用於具有處理器及/或記憶體之計算設備或電腦中,且電腦可讀取記錄媒體儲存有指令,並可利用計算設備或電腦透過處理器及/或記憶體執行電腦可讀取記錄媒體,以於執行電腦可讀取記錄媒體時執行上述方法及/或內容。所述電腦可讀取紀錄媒體(例如硬碟、軟碟、光碟、USB隨身碟)係儲存有該電腦程式(產品)。 In addition, this case also provides a computer-readable recording medium, which is used in a computing device or computer with a processor and/or memory. The computer-readable recording medium stores instructions and can be used by the computing device or computer. The processor and/or memory executes the computer-readable recording medium to execute the above method and/or content when executing the computer-readable recording medium. The computer-readable recording medium (such as a hard disk, a floppy disk, an optical disk, a USB flash drive) stores the computer program (product).
請參閱圖3,其示意性說明本案之用於多個公有雲之資產與組態管理系統中多雲資產管理資料表的結構關係。 Please refer to Figure 3, which schematically illustrates the structural relationship between the assets used in multiple public clouds and the multi-cloud asset management data table in the configuration management system in this case.
多雲資產管理資料庫15儲存有各種資料表、清單或紀錄表,其資料結構關係如圖3所示,使用者多雲帳號資料表35記載使用者的多個公有雲已授權帳號及帳號隸屬之公有雲平台種類,透過記載之公有雲平台種類可關連至一筆公有雲平台種類資料表34之紀錄,公有雲平台種類資料表34中之一筆紀錄可關連至複數組公有雲區域清單資料表31、且關連至複數組公有雲資產查詢策略資料表32、並關連至複數組公有雲服務或資源類型資料表33。
The multi-cloud
另外,公有雲區域清單資料表31、公有雲資產查詢策略資料表32、公有雲服務或資源類型資料表33分別記錄公有雲具有之屬性,以提供資產查詢流程時必要之參數。使用者多雲帳號資料表35亦可關連至複數筆多雲帳號資產 排程啟動與事件驅動管理紀錄表36之紀錄,其分別記錄使用者多雲帳號之排程啟動或事件驅動資產查詢紀錄與時間戳記,爾後將查詢結果存放至資產查詢結果之服務或資源識別碼資料表37,資產查詢結果之服務或資源識別碼資料表37中記載之資產查詢結果資訊亦關連至多雲帳號資產排程啟動與事件驅動管理紀錄表36對應之紀錄,以提供使用者可透過時間戳記查詢最新之資產資料。 In addition, the public cloud region list data table 31, the public cloud asset query strategy data table 32, and the public cloud service or resource type data table 33 respectively record the attributes of the public cloud to provide necessary parameters for the asset query process. The user multi-cloud account data table 35 can also be related to multiple multi-cloud account assets. Records in the schedule startup and event-driven management record table 36, which respectively record the schedule startup or event-driven asset query records and timestamps of the user's multi-cloud account, and then store the query results in the service or resource identification code data of the asset query results. Table 37, Service or Resource Identification Code Data of Asset Query Result The asset query result information recorded in Table 37 is also related to the record corresponding to the multi-cloud account asset schedule activation and event-driven management record table 36 to provide users with time stamps Check the latest asset information.
須說明的是,圖3中各方塊連線上的「1」和「n」分別表示「一」和「多」,例如使用者多雲帳號資料表35與公有雲平台種類資料表34為多對一的關係,而公有雲平台種類資料表34與公有雲資產查詢策略資料表32為一對多的關係,其餘以此類推。在一實施例中,該資產查詢結果之服務或資源識別碼資料表37與該多雲帳號資產排程啟動與事件驅動管理紀錄表36為多對多的關係,該多雲帳號資產排程啟動與事件驅動管理紀錄表36與該使用者多雲帳號資料表35為多對一的關係,該公有雲平台種類資料表34與該公有雲區域清單資料表31為一對多的關係,該公有雲平台種類資料表34與該公有雲服務或資源類型資料表33為一對多的關係。 It should be noted that "1" and "n" on the connection lines between the blocks in Figure 3 represent "one" and "many" respectively. For example, the user multi-cloud account data table 35 and the public cloud platform type data table 34 are many pairs. There is a one-to-one relationship, and the public cloud platform type data table 34 and the public cloud asset query strategy data table 32 are a one-to-many relationship, and so on. In one embodiment, the service or resource identification code data table 37 of the asset query result and the multi-cloud account asset schedule activation and event-driven management record table 36 have a many-to-many relationship. The multi-cloud account asset schedule activation and event The driver management record table 36 has a many-to-one relationship with the user multi-cloud account data table 35. The public cloud platform type data table 34 has a one-to-many relationship with the public cloud region list data table 31. The public cloud platform type The data table 34 has a one-to-many relationship with the public cloud service or resource type data table 33 .
請參閱圖4,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例之流程示意圖。圖4所示之流程400可包括步驟S401~S416。
Please refer to Figure 4, which schematically illustrates a flow chart of an embodiment of the asset and configuration management system and method for multiple public clouds in this case. The
於資產查詢階段,資產查詢請求可由工作排程所啟動或由更新事件所驅動,即,工作排程與事件管理單元12可產生由工作排程所啟動之資產查詢請求,如步驟S401所示;或者,外部公有雲事件收集單元11可接收更新事件,如步驟S402所示,再觸發工作排程與事件管理單元12產生由更新事件所驅動之資產查詢請求,如步驟S403所示。爾後,多雲資產管理核心單元13至多
雲資產管理資料庫15取得使用者的公有雲帳號及決定資產查詢策略,如步驟S404和S405所示。若決定之資產查詢策略為Config型資產,則委派Config資產管理單元141負責後續資產查詢,如步驟S406所示,而其餘ResourceGroup&Tag資產管理單元142、SDK查詢資產管理單元143、Resource Graph資產管理單元144與Config資產管理單元141於運作流程同理,因此由Config資產管理單元141為例說明。Config資產管理單元141呼叫外部公有雲介面單元18以取得Config型資產外部介面所需查詢結果,以回傳至多雲資產管理核心單元13,如步驟S407、S408和S409所示。多雲資產管理核心單元13則將資產結果進行彙整後,儲存至多雲資產管理資料庫15,如步驟S410所示。接著,多雲資產管理核心單元13將多雲資產管理資料庫15中彙整好的使用者的公有雲帳號之資產資訊提供至使用者終端裝置10,如步驟S411和S412所示。
In the asset query stage, the asset query request may be initiated by the work schedule or driven by the update event. That is, the work schedule and
於組態查詢階段,使用者終端裝置10可根據資產資訊,其中服務或資源合稱為資產,發出進一步取得指定的服務或資源之組態查詢請求,如步驟S413所示。多雲組態管理核心單元16負責接收組態查詢請求,進而呼叫外部公有雲介面單元18取得組態查詢結果並將結果處理後,回傳該指定的服務或資源之組態資訊至使用者終端裝置10,如步驟S414、S415和S416所示。
In the configuration query stage, the
請參閱圖5,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例中排程啟動之流程。圖5所示之流程500可包括步驟S501~S523,此流程圖闡述使用者A欲取得其具有之公有雲授權帳號X資產資訊之排程啟動查詢流程。
Please refer to Figure 5, which schematically illustrates the process of scheduled startup in the embodiment of the asset and configuration management system and method for multiple public clouds in this case. The
於步驟S501中,工作排程與事件管理單元12,以每複數個小時(如:4小時)排程為頻率啟動資產查詢。
In step S501, the work schedule and
於步驟S502和503中,多雲資產管理核心單元13接收資產查詢請求後,取得使用者終端裝置10A之目標查詢之公有雲帳號X,根據公有帳號之公有雲特性取得資產查詢策略,例如Config型、ResourceGroup&Tag型、SDK型和ResourceGraph型四種。
In steps S502 and 503, after receiving the asset query request, the multi-cloud asset
於步驟S504、S505、S506和S507中,多雲資產管理核心單元13指派Config資產管理單元141進行查詢,進而透過外部公有雲介面單元18取得Config型資產資訊。
In steps S504, S505, S506 and S507, the multi-cloud asset
於步驟S508、S509、S510和S511中,多雲資產管理核心單元13指派ResourceGroup&Tag資產管理單元142進行查詢,進而透過外部公有雲介面單元18取得ResourceGroup&Tag型資產資訊。
In steps S508, S509, S510 and S511, the multi-cloud asset
於步驟S512和S513中,多雲資產管理核心單元13指派SDK查詢資產管理單元143進行查詢,SDK查詢直接可取得SDK型資產資訊。
In steps S512 and S513, the multi-cloud asset
於步驟S514、S515、S516和S517中,多雲資產管理核心單元13指派Resource Graph資產管理單元144進行查詢,進而透過外部公有雲介面單元11418取得Resource Graph型資產資訊。
In steps S514, S515, S516 and S517, the multi-cloud asset
於步驟S518和S519中,多雲資產管理核心單元13彙整上述四種類型資產資訊,並將彙整好的資產資訊儲存至多雲資產管理資料庫15。
In steps S518 and S519, the multi-cloud asset
於步驟S520、S521、S522和S523中,使用者終端裝置10A即可查回公有雲帳號X之資產資訊。
In steps S520, S521, S522 and S523, the
請參閱圖6,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例中事件驅動之流程。圖6所示之流程600可包括步驟
S601~S612,此流程圖闡述使用者B欲取得其具有之公有雲授權帳號Y資產資訊之事件驅動查詢流程。
Please refer to Figure 6, which schematically illustrates the event-driven process in the embodiment of the asset and configuration management system and method for multiple public clouds in this case. The
於步驟S601中,外部公有雲事件收集單元11接收到公有雲(例如Azure)上使用者B之帳號Y之活動記錄(例如Azure Activity logs)之資源變更事件。
In step S601, the external public cloud
於步驟S602中,外部公有雲事件收集單元11觸發多雲資產管理核心單元13。
In step S602, the external public cloud
於步驟S603,多雲資產管理核心單元13根據事件確定資產查詢策略為Resource Graph型。
In step S603, the multi-cloud asset
於步驟S604中,多雲資產管理核心單元13指派Resource Graph資產管理單元144查詢Resource Graph型之帳號Y資產資訊。
In step S604, the multi-cloud asset
於步驟S605、S606、S607中,Resource Graph資產管理單元144透過外部公有雲介面單元18,呼叫Resource Graph型資產所需之外部公有雲介面,取得Resource Graph型資產結果。
In steps S605, S606, and S607, the Resource Graph
於步驟S608中,多雲資產管理核心單元13由多雲資產管理資料庫15取得帳號Y既有資產資訊,並根據上步驟資產結果更新至多雲資產管理資料庫15。
In step S608, the multi-cloud asset
於步驟S609、S610、S611和S622中,使用者終端裝置10B即可查回公有雲帳號Y之資產資訊。
In steps S609, S610, S611 and S622, the
請參閱圖7,其示意性說明本案之用於多個公有雲之資產與組態管理系統及方法的實施例中組態查詢之流程。圖7所示之流程700可包括步驟
S701~S711,此流程圖闡述使用者C欲取得指定資源或服務組態資訊之查詢流程。
Please refer to Figure 7, which schematically illustrates the configuration query process in the embodiment of the asset and configuration management system and method for multiple public clouds in this case. The
於步驟S701、S702、S703和S704中,使用者終端裝置10C透過多雲資產管理核心單元13查詢多雲資產管理資料庫14取得特定資源或服務類型之資產資訊。
In steps S701, S702, S703 and S704, the
於步驟S705中,使用者終端裝置10C由資產資訊以確認欲取得組態資訊之指定資源或服務所屬識別碼I。
In step S705, the
於步驟S706中,使用者終端裝置10C依據識別碼I指定資源或服務查詢組態資訊,透過多雲組態管理核心單元16進行查詢。
In step S706, the
於步驟S707中,多雲組態管理核心單元16呼叫外部公有雲介面單元18所需之組態查詢介面。
In step S707, the multi-cloud configuration
於步驟S708中,外部公有雲介面單元18將批次查回之數據傳送至組態大數據處理單元17。
In step S708, the external public
於步驟S709中,組態大數據處理單元17逐批次將回傳數據組合回完整組態資訊
In step S709, the configuration big
於步驟S710和S711中,回傳給使用者終端裝置10C其所指定的資源或服務屬識別碼I之組態查詢結果,即組態資訊。
In steps S710 and S711, the configuration query result of the specified resource or service identification code I is returned to the
在一實施例中,針對某個服務或資源的詳細資料,公有雲上的資料,例如虛擬機,在AWS上稱作instance,每個instance有各自的識別碼並且專屬配置有各自對應的組態資訊,包括虛擬機所屬區域、所屬網路子網段、連外網路介面與IP、運算規格、儲存裝置規格、安全性設定資訊、來源映像檔與當前運行狀態等綜合資訊之組態資訊。 In one embodiment, for detailed information about a certain service or resource, data on the public cloud, such as a virtual machine, is called an instance on AWS. Each instance has its own identification code and is exclusively configured with its own corresponding configuration information. , including the configuration information of the virtual machine's region, network subnet segment, external network interface and IP, computing specifications, storage device specifications, security setting information, source image file and current running status and other comprehensive information.
綜上所述,本案所揭之用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品係於多雲資產與組態管理服務範圍中,提供使用者多雲資產資訊查詢功能,首先取得使用者已授權之複數種公有雲上之不同帳號,其帳號不限於帳號或訂閱或專案等形式,取得使用者已授權公有雲之不同帳號後,使多雲資產管理服務子系統將具備足夠權限查詢公有雲帳號中使用者服務或資源資訊,接著依序使用者所屬之複數種公有雲帳號進行不同區域之服務或資源數量查詢與統計,以提供使用者查詢所屬之複數種公有雲帳號之不同區域與各種服務或資源之累計資訊,以提供多雲資產資訊查詢功能。於資產查詢時,依據公有雲特性選定最適合之資產查詢策略,資產查詢策略包括:Config資產查詢策略、ResourceGroup&Tag資產查詢策略、SDK資產查詢策略與ResourceGraph資產查詢策略,即分別委交Config資產管理單元、ResourceGroup&Tag資產管理單元、SDK資產管理單元與ResourceGraph資產管理單元個別執行公有雲使用者服務或資源數量查詢任務,針對個別查詢結果進行整合與統計並儲存記載,以支援複數種公有雲之資產查詢功能。 To sum up, the asset and configuration management system, asset and configuration management methods and computer program products for multiple public clouds disclosed in this case are within the scope of multi-cloud asset and configuration management services, providing users with multi-cloud The asset information query function first obtains multiple different accounts on the public cloud that the user has authorized. The accounts are not limited to accounts, subscriptions, projects, etc. After obtaining the different accounts on the public cloud that the user has authorized, the multi-cloud asset management service can The system will have sufficient permissions to query the user's service or resource information in the public cloud account, and then conduct query and statistics on the number of services or resources in different regions according to the plurality of public cloud accounts to which the user belongs, so as to provide the user with the ability to query the plurality of public cloud accounts to which the user belongs. Accumulated information of different regions and various services or resources of public cloud accounts to provide multi-cloud asset information query function. When querying assets, select the most suitable asset query strategy based on the characteristics of the public cloud. The asset query strategies include: Config asset query strategy, ResourceGroup&Tag asset query strategy, SDK asset query strategy and ResourceGraph asset query strategy, which are respectively entrusted to the Config asset management unit. , ResourceGroup&Tag asset management unit, SDK asset management unit and ResourceGraph asset management unit individually execute public cloud user service or resource quantity query tasks, integrate and collect statistics on individual query results, and store records to support multiple public cloud asset query functions. .
另外,為確保多雲資產查詢結果為最新資訊,工作排程與事件管理單元以排程輪詢與事件驅動兩種模式進行更新,將根據資產查詢策略之最適合模式擇取一種模式進行,若為排程輪詢模式時,由工作排程與事件管理單元主動觸發,以排程以週期方式進行資產查詢結果更新,若資產查詢策略支援事件驅動之更新模式時,被動接收由外部事件收集中心單元傳送之資產更新事件,以驅動多雲資產管理核心單元進行資產查詢結果更新,更新之查詢結果將進行彙整與統計後進行儲存記載,以提供最新之多雲資產管理查詢功能。因此,多雲資產管理資料庫紀錄並提供存取多雲資產與組態管理所需之設定與資產查詢結果, 多雲資產管理資料庫存放並管理使用者授權公有雲帳號、公有雲資產查詢策略、公有雲區域清單、公有雲服務或資源類型清單與資產查詢結果之服務或資源識別碼,並將其進行關聯,以提供多雲資產管理子系統與組態管理子系統調用查詢。 In addition, in order to ensure that the multi-cloud asset query results are the latest information, the work schedule and event management unit are updated in two modes: scheduled polling and event-driven. One mode will be selected based on the most suitable mode of the asset query strategy. If In the scheduled polling mode, the work schedule and event management unit actively triggers the asset query results to be updated periodically in a scheduled manner. If the asset query strategy supports the event-driven update mode, it is passively received by the external event collection center unit. The transmitted asset update event drives the multi-cloud asset management core unit to update the asset query results. The updated query results will be summarized and counted before being stored and recorded to provide the latest multi-cloud asset management query function. Therefore, the multi-cloud asset management database records and provides the settings and asset query results required for accessing multi-cloud assets and configuration management. The multi-cloud asset management database stores and manages user authorized public cloud accounts, public cloud asset query policies, public cloud region lists, public cloud service or resource type lists, and service or resource identification codes of asset query results, and associates them. To provide multi-cloud asset management subsystem and configuration management subsystem call query.
再者,本案所揭之用於多個公有雲之資產與組態管理系統、資產與組態管理方法及其電腦程式產品亦提供使用者多雲組態資訊查詢功能,使用者藉由上述資產查詢結果,可以進一步依據服務或資源類型,指定一組特定之服務或資源進行組態資訊查詢,多雲組態管理子系統將執行即時組態資訊查詢任務,若查詢結果之組態資訊含量大時,為有效提供即時方式查詢,將藉由大數據處理單元將組態將查詢結果轉成大數據串流,依據分割成較小串流單元後方才組合回完整數據,再行進行彙整成有效組態資訊,以提供即時之多雲組態管理查詢功能。 Furthermore, the asset and configuration management system, asset and configuration management method and computer program product for multiple public clouds disclosed in this case also provide users with multi-cloud configuration information query functions. Users can query through the above assets As a result, a specific group of services or resources can be further specified for configuration information query based on the service or resource type. The multi-cloud configuration management subsystem will perform real-time configuration information query tasks. If the query result contains a large amount of configuration information, In order to effectively provide real-time query, the big data processing unit will be used to convert the configuration into a big data stream, which will be divided into smaller streaming units before being combined back to the complete data, and then consolidated into an effective configuration. information to provide real-time multi-cloud configuration management query capabilities.
100:資產與組態管理系統 100:Asset and configuration management system
1:多雲資產管理子系統 1: Multi-cloud asset management subsystem
2:多雲組態管理子系統 2: Multi-cloud configuration management subsystem
11:外部公有雲事件收集單元 11: External public cloud event collection unit
12:工作排程與事件管理單元 12: Work scheduling and event management unit
13:多雲資產管理核心單元 13: Multi-cloud asset management core unit
14:資產查詢策略單元 14: Asset query strategy unit
15:多雲資產管理資料庫 15:Multi-cloud asset management database
16:多雲組態管理核心單元 16: Multi-cloud configuration management core unit
17:組態大數據處理單元 17:Configuring big data processing unit
18:外部公有雲介面單元 18:External public cloud interface unit
Claims (9)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW111148268A TWI833501B (en) | 2022-12-15 | 2022-12-15 | Assets and configuration management system and method for multi-cloud and computer program product thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW111148268A TWI833501B (en) | 2022-12-15 | 2022-12-15 | Assets and configuration management system and method for multi-cloud and computer program product thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| TWI833501B true TWI833501B (en) | 2024-02-21 |
Family
ID=90824969
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW111148268A TWI833501B (en) | 2022-12-15 | 2022-12-15 | Assets and configuration management system and method for multi-cloud and computer program product thereof |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI833501B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102427481A (en) * | 2012-01-12 | 2012-04-25 | 易云捷讯科技(北京)有限公司 | System for managing cloud computing service and cloud computing management method |
| CN111371669A (en) * | 2015-05-12 | 2020-07-03 | 环球互连及数据中心公司 | Programmable network platform for cloud-based service exchange |
-
2022
- 2022-12-15 TW TW111148268A patent/TWI833501B/en active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102427481A (en) * | 2012-01-12 | 2012-04-25 | 易云捷讯科技(北京)有限公司 | System for managing cloud computing service and cloud computing management method |
| CN111371669A (en) * | 2015-05-12 | 2020-07-03 | 环球互连及数据中心公司 | Programmable network platform for cloud-based service exchange |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5512215B2 (en) | Job processing system and method, and program thereof | |
| US20110271275A1 (en) | Software distribution management method of computer system and computer system for software distribution management | |
| CN105049268A (en) | Distributed computing resource allocation system and task processing method | |
| JP2019517748A (en) | Agent allocation method, device, server and recording medium | |
| JP5459222B2 (en) | Configuration management system, proxy system, and configuration management method | |
| US20070198554A1 (en) | Apparatus for business service oriented management infrastructure | |
| WO2005036385A1 (en) | Dynamic resource management for distributed retrieval system for security | |
| CN1784656A (en) | Monitoring operational data in data processing systems | |
| CN105700908A (en) | Management system and control method for management system | |
| CN102346737A (en) | Sharing method and device for hardware equipment driving program | |
| JP6603645B2 (en) | Resource search apparatus and resource search method | |
| CN110336863A (en) | A kind of data reporting method and system | |
| US10452879B2 (en) | Memory structure for inventory management | |
| WO2021036319A1 (en) | Data cleaning method and system | |
| CN108574718B (en) | Cloud host creation method and device | |
| JP2010122773A (en) | Distributed processing system, method of allocating processing, and information processing apparatus | |
| US11218419B1 (en) | Execution request prioritization by context | |
| CN116225655A (en) | Task scheduling method, device and storage medium | |
| WO2019028114A1 (en) | Cloud-based discovery and inventory | |
| TWI833501B (en) | Assets and configuration management system and method for multi-cloud and computer program product thereof | |
| JP6279816B2 (en) | Storage monitoring system and monitoring method thereof | |
| CN112506926A (en) | Monitoring data storage and query method and corresponding device, equipment and medium | |
| CN110543509A (en) | Monitoring system, method and device for user access data and electronic equipment | |
| CN111913784A (en) | Task scheduling method and device, network element and storage medium | |
| CN113810475A (en) | Wifi probe equipment management and control system based on big data architecture |