WO2015067036A1 - Remote access configuration method, remote access method, apparatus, and system - Google Patents

Remote access configuration method, remote access method, apparatus, and system Download PDF

Info

Publication number
WO2015067036A1
WO2015067036A1 PCT/CN2014/078477 CN2014078477W WO2015067036A1 WO 2015067036 A1 WO2015067036 A1 WO 2015067036A1 CN 2014078477 W CN2014078477 W CN 2014078477W WO 2015067036 A1 WO2015067036 A1 WO 2015067036A1
Authority
WO
WIPO (PCT)
Prior art keywords
virtual machine
network information
private network
information
public network
Prior art date
Application number
PCT/CN2014/078477
Other languages
French (fr)
Chinese (zh)
Inventor
张占军
琚列丹
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2015067036A1 publication Critical patent/WO2015067036A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/106Mapping addresses of different types across networks, e.g. mapping telephone numbers to data network addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/08Protocols specially adapted for terminal emulation, e.g. Telnet

Definitions

  • Remote access configuration method remote access method, device and system
  • the present invention relates to the field of the Internet, and in particular, to a remote access configuration method, a remote access method, apparatus, and system. Background technique
  • VNC Virtual Network Computing
  • VNC Virtual Network Computing
  • VNC client the access terminal with the VNC client is connected to any virtual machine hosted by the private network host on which the VNC server is installed to implement remote access and remote control of the private network host.
  • the access terminal uses the public network IP (Internet Protocol, the protocol for interconnection between networks), and the private network host uses the private network IP and the private network host allocates different private network IP addresses and port numbers to different virtual machines. Therefore, in order to establish a connection between the terminal and any virtual machine on the private network host, you need to obtain the private network IP address and port number of the virtual machine, and use the firewall NAT (Network Address Translate) to perform the corresponding The connection can be established only after the network port address is translated.
  • Internet Protocol Internet Protocol, the protocol for interconnection between networks
  • NAT Network Address Translate
  • the existing technical solution is to manually configure the private network IP address and port number of the virtual machine to the firewall NAT, and manually configure the corresponding public network IP address and port number, and then form the private network IP address and port number of the virtual machine through the firewall NAT.
  • the mapping between the IP address and the port number of the public network is used to implement the connection between the access terminal and the virtual machine.
  • Firewall NAT actually acts as a gateway.
  • the private network host After the VM is restarted, the private network host usually assigns a new private network IP address and port number to the VM. Therefore, after the VM restarts, you need to manually configure the VM's new private IP address and port number to the firewall. on. Because the existing technical solution is to manually configure the port number and IP address, the maintenance work is large, and it is not suitable for large-scale deployment of VNC. Summary of the invention
  • the embodiment of the present invention provides a remote access configuration method, a remote access method, an apparatus, and a system.
  • the technical solution is as follows:
  • a remote access configuration method includes:
  • mapping configuration request Sending a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information;
  • the obtaining the private network information of the virtual machine from the private network host that carries the virtual machine according to the identifier of the virtual machine includes:
  • the logging in the private network host that carries the virtual machine by using the predetermined interface includes:
  • the private network host is logged in through an interface of the hypertext transfer protocol HTTP format set in advance.
  • the first possible implementation manner of the first aspect, or the second possible implementation manner of the first aspect in a third possible implementation manner, corresponds to the private network information Public network information, including:
  • a remote access method comprising:
  • the virtual machine is remotely accessed through the public network information of the virtual machine.
  • a remote access configuration apparatus comprising:
  • a request receiving module configured to receive an acquisition request sent by the access terminal for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine;
  • An information obtaining module configured to acquire private network information of the virtual machine from a private network host that carries the virtual machine according to the identifier of the virtual machine;
  • the information obtaining module is configured to obtain the public network information corresponding to the private network information
  • the mapping configuration module is configured to send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the
  • the gateway configures a mapping relationship between the private network information and the public network information
  • the information feedback module is configured to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
  • the information acquiring module includes: a host login unit, an information query unit, and an information acquiring unit;
  • the host login unit is configured to log in to the private network host that carries the virtual machine by using a predetermined interface
  • the information querying unit is configured to query, on the private network host, the private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine;
  • the information acquiring unit is configured to obtain the private network information of the queried virtual machine.
  • the host login unit includes: a first login subunit; or a second login subunit; the first login Subunit, used for pre-set transmission control protocol TCP form The interface is logged in to the private network host; or
  • the second login subunit is configured to log in to the private network host by using an interface of a hypertext transfer protocol HTTP format set in advance.
  • the information obtaining module includes: And information selection unit;
  • the information obtaining unit is configured to acquire at least one group of public network information of a gateway to which the private network host belongs;
  • the information selecting unit is configured to select a group of public network information from the at least one group of public network information as the public network information corresponding to the private network information.
  • a remote access device comprising:
  • a request sending module configured to send, to the controller, an obtaining request for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine;
  • An information receiving module configured to receive public network information of the virtual machine that is sent by the controller, where the public network information of the virtual machine is from the virtual machine that is carried by the controller according to the identifier of the virtual machine After the private network host obtains the private network information of the virtual machine, the information corresponding to the private network information is generated, and the public network information of the virtual machine is triggered by the controller to the gateway to which the private network host belongs. Establishing a mapping relationship with the private network information of the virtual machine;
  • a fifth aspect provides a remote access system, where the system includes: a private network host carrying at least one virtual machine, a gateway and a controller connected to the private network host, and the gateway and the controller Each of the access terminals, wherein the controller is further connected to the gateway; the controller includes the remote access configuration device as described in the third aspect or the various possible implementation manners of the third aspect;
  • the access terminal includes the remote access device as described in the fourth aspect.
  • a controller for implementing a controller in a remote access system, the controller comprising: a processor, a memory, a transmitter, and a receiver;
  • the processor is configured to control, by the receiver, an acquisition request that is sent by the access terminal to obtain public network information of the virtual machine, where the acquisition request carries an identifier of the virtual machine;
  • the processor is further configured to obtain private network information of the virtual machine from a private network host that carries the virtual machine according to the identifier of the virtual machine;
  • the processor is further configured to acquire public network information corresponding to the private network information, where the processor is further configured to control the sender to send a mapping configuration request to a gateway to which the private network host belongs.
  • the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information;
  • the processor is further configured to control the sender to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
  • the processor is further configured to log in to the private network host that carries the virtual machine by using a predetermined interface.
  • the processor is further configured to query, on the private network host, the virtual machine according to the identifier of the virtual machine. Corresponding private network information;
  • the processor is further configured to obtain the private network information of the queried virtual machine.
  • the processor is further configured to log in to the private network host by using an interface in a form of a preset transmission control protocol TCP; or ,
  • the processor is further configured to log in to the private network host by using an interface of a hypertext transfer protocol HTTP format set in advance.
  • the processor is further configured to acquire at least one group of public network information of a gateway to which the private network host belongs;
  • the processor is further configured to select a group of public network information from the at least one group of public network information as public network information corresponding to the private network information.
  • an access terminal for implementing an access terminal in a remote access system, where the access terminal includes: a receiver, a transmitter, a processor, and a memory;
  • the processor is configured to send, by the sender, an acquisition request for acquiring public network information of the virtual machine to the controller, where the acquisition request carries an identifier of the virtual machine;
  • the processor is further configured to control the receiver to receive public network information of the virtual machine that is sent by the controller, where public network information of the virtual machine is determined by the controller according to the identifier of the virtual machine Obtaining information corresponding to the private network information generated after the private network information of the virtual machine is obtained from the private network host of the virtual machine, and the public network information of the virtual machine is triggered by the controller Mapping between the gateway to which the private network host belongs and the private network information of the virtual machine Department
  • the processor is further configured to remotely access the virtual machine by using public network information of the virtual machine.
  • a remote access system includes: a private network host carrying at least one virtual machine, a gateway and a controller connected to the private network host, and the gateway and the controller a controller that is connected to each other, wherein the controller is further connected to the gateway; the controller is the controller according to any of the sixth aspect and the sixth aspect, the possible implementation manner;
  • the access terminal is an access terminal as described in the seventh aspect.
  • the private network information of the virtual machine is obtained from the private network host that hosts the virtual machine according to the identifier of the virtual machine carried in the acquisition request.
  • the mapping configuration request is sent to the gateway to which the private network host belongs, and the mapping configuration request is used to trigger the mapping between the private network information and the public network information.
  • the public network information is fed back to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine; the information of manually configuring the port number and the IP address in the prior art is solved, resulting in large maintenance work and being unsuitable for large-scale operation.
  • the problem of deploying VNC is achieved.
  • the automatic acquisition and configuration of port numbers and IP addresses are achieved, which is beneficial to the large-scale deployment of VNC.
  • FIG. 1 is a schematic structural diagram of an implementation environment involved in a remote access configuration method and a remote access method according to various embodiments of the present invention
  • FIG. 2 is a flowchart of a method for remote access configuration according to an embodiment of the present invention
  • FIG. 3 is a flowchart of a method for remote access according to another embodiment of the present invention
  • FIG. 4 is a remote manner according to still another embodiment of the present invention.
  • FIG. 5 is a block diagram showing the structure of a remote access configuration apparatus according to an embodiment of the present invention
  • FIG. 6 is a block diagram showing the structure of a remote access apparatus according to another embodiment of the present invention
  • FIG. 8 is a structural block diagram of a remote access system according to an embodiment of the present invention
  • FIG. 8 is a schematic structural diagram of a controller according to an embodiment of the present invention;
  • FIG. 9 is a schematic structural diagram of an access terminal according to an embodiment of the present invention.
  • FIG. 10 is a structural block diagram of a remote access system according to an embodiment of the present invention. detailed description
  • FIG. 1 is a schematic structural diagram of an implementation environment involved in a remote access configuration method and a remote access method according to various embodiments of the present invention.
  • the implementation environment includes: access terminal 120, private network host 140, and controller 160.
  • the access terminal 120 can be an electronic device running a VNC client, which can be a laptop portable computer and a desktop computer or the like.
  • the access terminal 120 uses the public network.
  • the access terminal 120 and the private network host 140 can be connected via a wireless network or a wired network. Or a server cluster consisting of several servers, or a cloud computing service center.
  • the private network host 140 uses the private network IP.
  • the private network host 140 carries at least one virtual machine (not shown) and allocates different private network information to different virtual machines.
  • the controller 160 may be a logical component that runs on the VNC control terminal.
  • the controller 160 may be disposed in a separate computer, or may be disposed in the private network host 140, or may be disposed in the access terminal 120. As shown in FIG. 1, when the controller 160 is disposed in a separate computer, the computer can be connected to the access terminal 120 and the private network host 140 via a wireless network or a wired network.
  • the controller 160 automatically obtains the private network information of the virtual machine through the VNC control end, and automatically configures the mapping between the private network information of the virtual machine and the public network information of the virtual machine on the gateway 170.
  • the private network information refers to the private network IP address of the virtual machine or the private network IP address and port number of the virtual machine.
  • the public network information refers to the public network IP address of the virtual machine or the public network IP address and port number of the virtual machine.
  • FIG. 2 a flow chart of a method for configuring a remote access according to an embodiment of the present invention is shown. This embodiment is applied to the implementation environment shown in FIG. 1 by using the remote access configuration method.
  • the controller side is an example.
  • the remote access configuration method includes:
  • Step 202 Receive an access request sent by the access terminal to obtain public network information of the virtual machine, and obtain an identifier that the request carries the virtual machine.
  • the step is to receive the public network for acquiring the virtual machine sent by the access terminal.
  • the information acquisition request the acquisition request carries the identifier of the virtual machine.
  • Step 204 Obtain private network information of the virtual machine from the private network host that hosts the virtual machine according to the identifier of the virtual machine.
  • the controller obtains the private network information of the virtual machine from the private network host that hosts the virtual machine according to the identifier of the virtual machine.
  • Step 206 Obtain public network information corresponding to private network information.
  • the controller obtains public network information corresponding to the private network information.
  • Step 208 Send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the mapping between the private network information and the public network information.
  • the controller sends a mapping configuration request to the gateway to which the private network host belongs.
  • the mapping configuration request is used to trigger the mapping between the private network information and the public network information.
  • Step 210 The public network information is fed back to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
  • the controller feeds back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
  • the remote access configuration method after receiving the acquisition request for acquiring the public network information of the virtual machine sent by the access terminal, according to the identifier of the virtual machine carried in the acquisition request Obtaining the private network information of the virtual machine from the private network host that hosts the virtual machine, and after obtaining the public network information corresponding to the private network information, sending a mapping configuration request to the gateway to which the private network host belongs, and the mapping configuration request is used for
  • the triggering gateway configures the mapping between the private network information and the public network information, and finally feeds the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC.
  • FIG. 3 is a flowchart of a method for remote access method according to another embodiment of the present invention. This embodiment is exemplified by the remote access method applied to the access terminal side in the implementation environment shown in FIG. 1.
  • the remote access method includes:
  • Step 302 Send an acquisition request for acquiring public network information of the virtual machine to the controller, where the acquisition request carries the identifier of the virtual machine.
  • this step is to send the public network information for acquiring the virtual machine to the controller.
  • the acquisition request the acquisition request carries the identifier of the virtual machine.
  • Step 304 Receive public network information of the virtual machine sent by the controller, where the public network information of the virtual machine is generated by the controller, after obtaining the private network information of the virtual machine from the private network host hosting the virtual machine according to the identifier of the virtual machine.
  • the information corresponding to the private network information, and the public network information of the virtual machine is triggered by the controller to establish a mapping relationship with the private network information of the virtual machine.
  • the access terminal receives the public network information of the virtual machine sent by the controller.
  • the public network information of the virtual machine is generated by the controller after obtaining the private network information of the virtual machine from the private network host hosting the virtual machine according to the identifier of the virtual machine.
  • the information corresponding to the network information, and the public network information of the virtual machine is triggered by the controller to establish a mapping relationship with the private network information of the virtual machine.
  • Step 306 Remotely access the virtual machine by using public network information of the virtual machine.
  • the access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
  • the controller performs the private operation of the virtual machine according to the identifier of the virtual machine.
  • the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs.
  • the mapping configuration request is used to trigger the gateway configuration private.
  • FIG. 4 is a flowchart of a method for remote access method according to still another embodiment of the present invention. This embodiment is exemplified by applying the remote access method to the implementation environment shown in FIG. 1.
  • the remote access method includes: Step 401: The access terminal sends an acquisition request for acquiring the public network information of the virtual machine to the controller, where the acquisition request carries the identifier of the virtual machine.
  • the identity of the virtual machine is used to distinguish between different virtual machines.
  • the access terminal sends an acquisition request for acquiring the public network information of the virtual machine to the controller, and the acquisition request carries the identifier of the virtual machine, that is, it is used to inform the controller which virtual machine to establish a connection with.
  • the access terminal establishes a connection with any virtual machine hosted by the private network host to remotely access the virtual machine, thereby implementing access and control to the private network host.
  • the public network information usually includes the public network IP address and port number of the virtual machine.
  • the controller receives an access request sent by the access terminal for acquiring public network information of the virtual machine.
  • Step 402 The controller logs in to the private network host that hosts the virtual machine through the predetermined interface.
  • the controller can log in to the private network host through the interface in the form of the Transmission Control Protocol (TCP). You can also log in to the private network host through the interface of the HTTP (Hyper Text Transfer Protocol) format. .
  • TCP Transmission Control Protocol
  • HTTP Hyper Text Transfer Protocol
  • Step 403 The controller queries the private network host for the private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine.
  • the controller After the controller logs in to the private network host, it can invoke a preset script to query the private network information corresponding to the identifier of the virtual machine.
  • Step 404 The controller acquires private network information of the queried virtual machine.
  • the controller queries the private network information such as the private network IP address and port number of the virtual machine through the script program.
  • Step 405 The controller acquires at least one group of public network information of the gateway to which the private network host belongs.
  • the gateway is usually a NAPT (Network Address Port Translate) gateway, which can be implemented by a firewall NAT.
  • NAPT Network Address Port Translate
  • the gateway can be set up on a separate computer with NAT service function, or can be set on the access terminal, or can be set on the private network host.
  • the gateway provides at least one set of public network information for the controller to select.
  • the controller can pre-store the five sets of public IP and port numbers that the NAPT gateway can provide, for example: 209.100.20.1/5800,
  • the controller After obtaining the private network information of the virtual machine, the controller queries which of the five public network IP addresses and port numbers that are pre-stored are in an idle state, and selects the public IP address and port number of the group. For example, 209.100.20.1/5800 is used as the public network IP and port number of the virtual machine.
  • Step 406 The controller selects a group of public network information from at least one group of public network information as the public network information corresponding to the private network information.
  • the controller queries which of the five public IP addresses and port numbers that are pre-stored are in an idle state.
  • the specific process of selecting the public IP address and port number of the group is: according to the pre-stored five sets of public IP and port numbers. The query is performed one by one. When the query obtains the public IP address and port number of the first group in the idle state, the public network IP address and port number of the group are selected as the public network IP address and port number corresponding to the private network IP address and port number.
  • the specific process may also be: querying all the public network IPs and port numbers in the idle state in the pre-stored five sets of public network IP and port numbers, and then selecting the public network IP and port in the idle state with the largest bandwidth. The number is the public IP and port number corresponding to the private network IP and port number.
  • the controller obtains the private network IP address and port number of the virtual machine is 192.168.200.1/5900, the controller generates a public network IP and port number between 209.100.20.1/5800 and the private network IP and port number 192.168.200.1/5900. Correspondence.
  • Step 407 The controller sends a mapping configuration request carrying the private network information and the public network information to the gateway.
  • the controller sends a configuration request to the NAPT gateway to configure a mapping relationship between the public network IP and the port number 209.100.20.1/5800 and the private network IP and the port number 192.168.200.1/5900.
  • the gateway receives the mapping configuration request sent by the controller and carries the private network information and the public network information.
  • Step 408 The gateway configures a mapping relationship between the private network information and the public network information.
  • the NAPT gateway After receiving the configuration request, the NAPT gateway configures the mapping between the public network IP and the port number 209.100.20.1/5800 and the private network IP and the port number 192.168.200.1/5900, and stores the mapping relationship. Afterwards, the access terminal can remotely access the virtual machine through the NAPT gateway, thereby implementing remote control of the private network host corresponding to the virtual machine.
  • Step 409 The gateway feeds back a configuration completion response to the controller.
  • the configuration completion response is fed back to the controller.
  • the controller receives a configuration completion response fed back by the gateway.
  • Step 410 The controller feeds back public network information to the access terminal.
  • the controller feeds back the public network information to the access terminal, and informs the access terminal to use the public network information to access the virtual machine that needs to be accessed.
  • the access terminal receives the public network information of the virtual machine sent by the controller.
  • Step 411 The access terminal accesses the virtual machine remotely through the public network information of the virtual machine.
  • the access terminal sends a service request packet carrying the public network IP address and port number of the virtual machine to the NAPT gateway.
  • the NAPT gateway modifies the public network IP address and port number in the service request packet to the private network IP address and port according to the mapping between the stored private IP address and port number and the public network IP address and port number. Number, and then forward the service request packet carrying the private network IP and port number to the virtual machine.
  • the access terminal implements remote access to the virtual machine, and thus can remotely control the private network host corresponding to the virtual machine.
  • the service transmission between the access terminal and the virtual machine requires the conversion of the IP address and port number through the NAPT gateway.
  • the controller performs the private operation of the virtual machine according to the identifier of the virtual machine.
  • the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs.
  • the mapping configuration request is used to trigger the gateway configuration private.
  • the controller also obtains the private network information of the virtual machine by using the interface of the TCP format or the interface of the HTTP format, and the controller also sends the private network information to the gateway.
  • the mapping configuration request of the public network information establishes a mapping relationship between the private network information and the public network information on the gateway; realizes automatic configuration and dynamic configuration of the mapping relationship, and improves the efficiency of remote access.
  • FIG. 5 is a structural block diagram of a remote access configuration apparatus according to an embodiment of the present invention.
  • the remote access configuration apparatus may be implemented as a whole or a part of a controller by software, hardware, or a combination of both.
  • the remote access configuration device includes: a request receiving module 510, an information obtaining module 520, an information obtaining module 530, a mapping configuration module 540, and information Feedback module 550.
  • the request receiving module 510 is configured to receive an acquisition request sent by the access terminal for acquiring public network information of the virtual machine, where the acquisition request carries the identifier of the virtual machine.
  • the information obtaining module 520 is configured to obtain private network information of the virtual machine from a private network host that hosts the virtual machine according to the identifier of the virtual machine.
  • the information obtaining module 530 is configured to obtain public network information corresponding to the private network information.
  • the mapping configuration module 540 is configured to send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information.
  • the information feedback module 550 is configured to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
  • the access information configuration apparatus after receiving the acquisition request of the public network for acquiring the virtual machine sent by the access terminal, according to the identifier of the virtual machine carried in the acquisition request Obtaining the private network information of the virtual machine from the private network host that hosts the virtual machine, and after obtaining the public network information corresponding to the private network information, sending a mapping configuration request to the gateway to which the private network host belongs, and the mapping configuration request is used for
  • the triggering gateway configures the mapping between the private network information and the public network information, and finally feeds the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC.
  • FIG. 6 a structural block diagram of a remote access device according to another embodiment of the present invention is shown.
  • the remote access device can be implemented as all or part of an access terminal by software, hardware, or a combination of both.
  • the remote access device includes: a request sending module 610, an information receiving module 620, and a remote access module 630.
  • the request sending module 610 is configured to send, to the controller, an obtaining request for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine.
  • the information receiving module 620 is configured to receive the public network information of the virtual machine that is sent by the controller, where the public network information of the virtual machine is from the virtual machine by the controller according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine on the private network host, the generated private network The information corresponding to the information, and the public network information of the virtual machine is triggered by the controller to establish a mapping relationship between the gateway to which the private network host belongs and the private network information of the virtual machine.
  • the remote access module 630 is configured to remotely access the virtual machine by using public network information of the virtual machine.
  • the remote access device after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the controller controls the virtual machine from the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway configuration private.
  • FIG. 7 is a structural block diagram of a remote access system according to an embodiment of the present invention.
  • the remote access system includes a controller 500 and an access terminal 600.
  • the controller 500 and the access terminal 600 are connected by a wired network or wirelessly.
  • the network is connected, or the controller 500 is implemented as part of the access terminal 600.
  • Controller 500 can include a remote access configuration device that can be implemented in software, hardware, or a combination of both.
  • the remote access configuration device includes: a request receiving module 510, an information obtaining module 520, an information obtaining module 530, a mapping configuration module 540, and an information feedback module 550.
  • the request receiving module 510 is configured to receive an acquisition request sent by the access terminal for acquiring public network information of the virtual machine, where the acquisition request carries the identifier of the virtual machine.
  • the information obtaining module 520 is configured to obtain private network information of the virtual machine from a private network host that hosts the virtual machine according to the identifier of the virtual machine.
  • the information obtaining module 520 includes: a host login unit 520a, an information query unit 520b, and an information acquisition unit 520c.
  • the host login unit 520a is configured to log in to the private network host that carries the virtual machine through a predetermined interface.
  • the host login unit 520a includes: a first login subunit 520al; or, a second The subunit 520a2 is registered.
  • the first login sub-unit 520al is configured to log in to the private network host through an interface in the form of a TCP control protocol set in advance; or the second login sub-unit 520a2 is configured to pass a preset hypertext transfer protocol.
  • An HTTP interface is used to log in to the private network host.
  • the information querying unit 520b is configured to query the private network host for private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine.
  • the information obtaining unit 520c is configured to obtain the private network information of the queried virtual machine.
  • the information obtaining module 530 is configured to generate public network information corresponding to the private network information.
  • the information obtaining module 530 includes: an information obtaining unit 530a and an information selecting unit 530b.
  • the information obtaining unit 530a is configured to obtain at least one group of public network information of the gateway to which the private network host belongs.
  • the information selecting unit 530b is configured to select a group of public network information from the at least one group of public network information as the public network information corresponding to the private network information.
  • the mapping configuration module 540 is configured to send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information.
  • the information feedback module 550 is configured to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
  • Access terminal 600 can include a remote access device that can be implemented in software, hardware, or a combination of both.
  • the remote access device includes: a request sending module 610, an information receiving module 620, and a remote access module 630.
  • the request sending module 610 is configured to send, to the controller, an obtaining request for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine.
  • the information receiving module 620 is configured to receive the public network information of the virtual machine that is sent by the controller, where the public network information of the virtual machine is from the virtual machine by the controller according to the identifier of the virtual machine. After the private network host obtains the private network information of the virtual machine, the information corresponding to the private network information is generated, and the public network information of the virtual machine is triggered by the controller to belong to the private network host.
  • the gateway establishes a mapping relationship with the private network information of the virtual machine.
  • the remote access module 630 is configured to remotely access the virtual machine by using public network information of the virtual machine.
  • the remote access system provided by the embodiment, after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the controller uses the private identifier of the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway configuration private.
  • the controller also logs in to the private network host to obtain the private network information of the virtual machine through the interface of the TCP format or the interface of the HTTP format.
  • the controller also sends the private network information to the gateway.
  • the mapping configuration request of the public network information establishes a mapping relationship between the private network information and the public network information on the gateway; realizes automatic configuration and dynamic configuration of the mapping relationship, and improves the efficiency of remote access.
  • FIG. 8 is a schematic structural diagram of a controller according to an embodiment of the present invention.
  • the controller is configured to be implemented as a controller in a remote access system, where the controller includes: a processor 820 , a memory 840 , and a sending 860 and receiver 880.
  • the processor 820 is configured to control the receiver 880 to receive an acquisition request for acquiring the public network information of the virtual machine that is sent by the access terminal, where the acquisition request carries the identifier of the virtual machine; And obtaining, according to the identifier of the virtual machine, private network information of the virtual machine from a private network host that carries the virtual machine;
  • the processor 820 is further configured to acquire public network information corresponding to the private network information.
  • the processor 820 is further configured to control the sender 860 to send a mapping configuration to a gateway to which the private network host belongs.
  • the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information;
  • the processor 820 is further configured to control the sender 860 to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
  • the processor 820 is further configured to log in to the private network host that carries the virtual machine by using a predetermined interface.
  • the processor 820 is further configured to query, on the private network host, the private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine;
  • the processor 820 is further configured to obtain the private network information of the queried virtual machine.
  • the processor 820 is further configured to log in to the private network host by using an interface of a transmission control protocol TCP format set in advance; or
  • the processor 820 is further configured to log in to the private network host by using an interface of a hypertext transfer protocol HTTP format set in advance.
  • the processor 820 is further configured to acquire at least one group of public network information of a gateway to which the private network host belongs;
  • the processor 820 is further configured to select a group of public network information from the at least one group of public network information as the public network information corresponding to the private network information.
  • the controller provided by the embodiment, after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the controller uses the private network carrying the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway to configure the private network.
  • the mapping relationship between the information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the IP address and the IP address are not suitable for large-scale deployment of VNC.
  • the automatic acquisition and configuration of port numbers and IP addresses are beneficial to the large-scale deployment of VNC.
  • the controller provided in this embodiment also obtains the private network information of the virtual machine by using the interface of the TCP format or the interface of the HTTP format, and also sends the mapping of the private network information and the public network information to the gateway.
  • the configuration request establishes a mapping relationship between the private network information and the public network information on the gateway.
  • the automatic configuration and dynamic configuration of the mapping relationship are implemented, and the efficiency of remote access is improved.
  • FIG. 9 is a schematic structural diagram of an access terminal according to an embodiment of the present invention.
  • the access terminal is configured to be implemented as an access terminal in a remote access system, where the access terminal includes: a receiver 920 and a transmitter 940. , processor 960 and memory 980.
  • the processor 960 is configured to control the sender 940 to send an acquisition request for acquiring public network information of the virtual machine to the controller, where the acquisition request carries an identifier of the virtual machine;
  • the processor 960 is further configured to control the receiver 920 to receive public network information of the virtual machine that is sent by the controller, where public network information of the virtual machine is determined by the controller according to the virtual machine.
  • the information corresponding to the private network information generated after the private network information of the virtual machine is obtained from the private network host that carries the virtual machine, and the public network information of the virtual machine is used by the controller.
  • the mapping between the private network information of the virtual machine and the gateway to which the private network host belongs is triggered;
  • the processor 960 is further configured to remotely access the virtual machine by using public network information of the virtual machine.
  • the access terminal after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the access terminal obtains the private network of the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway to configure the private network.
  • the mapping relationship between the information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the IP address and the IP address are not suitable for large-scale deployment of VNC.
  • FIG. 10 shows a structural block diagram of a remote access system according to an embodiment of the present invention.
  • the remote access system includes: a private network host 1010 carrying at least one virtual machine, a gateway 1020 connected to the private network host 1010, and a controller 1030, and an access terminal 1040 connected to the gateway 1020 and the controller 1030, wherein the controller 1030 is also coupled to gateway 1020.
  • the controller 1030 is a controller as described in the more preferred embodiment of the embodiment shown in FIG. 8 and the embodiment shown in FIG. 8;
  • the access terminal 1040 is an access terminal as described in the embodiment shown in FIG.
  • Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another.
  • a storage medium may be any available media that can be accessed by a computer.
  • computer readable media may comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, disk storage media or other magnetic storage device, or can be used for carrying or storing in the form of an instruction or data structure.
  • the desired program code and any other medium that can be accessed by the computer may suitably be a computer readable medium.
  • the software is transmitted from a website, server, or other remote source using coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable , fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, wireless, and microwaves are included in the fixing of the associated media.
  • coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, wireless, and microwaves are included in the fixing of the associated media.
  • a disk and a disc include a compact disc (CD), a laser disc, a disc, a digital versatile disc (DVD), a floppy disk, and a Blu-ray disc, wherein the disc is usually magnetically copied, and the disc is The laser is used to optically replicate the data. Combinations of the above should also be included within the scope of the computer readable media. It should be noted that: the remote access configuration device and the remote access device provided by the foregoing embodiments are only illustrated by the division of the foregoing functional modules when performing remote access configuration and remote access. In actual applications, the foregoing may be performed as needed.
  • the function assignment is performed by different functional modules, that is, the internal structure of the remote access configuration device and the remote access device are divided into different functional modules to complete all or part of the functions described above.
  • the remote access configuration device, the remote access device, the remote access configuration method, and the remote access method are provided in the same embodiment.
  • the singular forms "a”, “an”, “the”, “the” and “the” are intended to include the plural.
  • "and/or” as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
  • the serial numbers of the embodiments of the present invention are merely for the description, and do not represent the advantages and disadvantages of the embodiments.

Abstract

The present invention relates to the field of the Internet, and disclosed are a remote access configuration method, and a remote access method, apparatus, and system. The method comprises: receiving an acquisition request sent by an access terminal and used for acquiring public network information of a virtual machine, the acquisition request carrying an identifier of the virtual machine; acquiring, according to the identifier of the virtual machine, private network information of the virtual machine from a private network host carrying the virtual machine; acquiring public network information corresponding to the private network information; sending a mapping configuration request to a gateway to which the private network host belongs; and feeding back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using the public network information of the virtual machine. The present invention solves the problems in the prior art that maintenance workload is large and large-scale deployment of VNCs is not suitable due to manual configuration on information such as a port number and an IP address, and achieves the effects of automatically acquiring and configuring the information such as the port number and the IP address and facilitating large-scale deployment of VNCs.

Description

远程访问配置方法、 远程访问方法、 装置和系统  Remote access configuration method, remote access method, device and system
本申请要求于 2013 年 11 月 06 日提交中国专利局、 申请号为 201310544443.2、 发明名称为 "远程访问配置方法、 远程访问方法、 装置和 系统" 的中国专利申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域 This application claims priority to Chinese Patent Application No. 201310544443.2, entitled "Remote Access Configuration Method, Remote Access Method, Apparatus and System", filed on November 06, 2013, the entire contents of which are hereby incorporated by reference. Combined in this application. Technical field
本发明涉及互联网领域, 特别涉及一种远程访问配置方法、 远程访问 方法、 装置和系统。 背景技术  The present invention relates to the field of the Internet, and in particular, to a remote access configuration method, a remote access method, apparatus, and system. Background technique
VNC ( Virtual Network Computing, 虚拟网络计算机)是一款远程控制 工具软件, 通常用于对数据中心内部的虚拟机进行维护。 VNC通常由两部 分组成: 一部分是 VNC客户端, 另一部分是 VNC服务器端。 安装有 VNC 客户端的访问终端通过与安装有 VNC服务端的私网主机所承载的任意一台 虚拟机建立连接, 实现对私网主机的远程访问和远程控制。  VNC (Virtual Network Computing) is a remote control tool software commonly used to maintain virtual machines inside the data center. VNC usually consists of two parts: one is the VNC client and the other is the VNC server. The access terminal with the VNC client is connected to any virtual machine hosted by the private network host on which the VNC server is installed to implement remote access and remote control of the private network host.
由于访问终端使用公网 IP ( Internet Protocol, 网络之间互连的协议), 而私网主机使用私网 IP且私网主机给不同的虚拟机分配不同的私网 IP和端 口号。 所以, 为了建立终端与私网主机上任意一台虚拟机之间的连接关系, 需要获取该虚拟机的私网 IP和端口号,并通过防火墙 NAT( Network Address Translate, 网络地址转换)进行相应的网络端口地址转换后才能建立连接。  The access terminal uses the public network IP (Internet Protocol, the protocol for interconnection between networks), and the private network host uses the private network IP and the private network host allocates different private network IP addresses and port numbers to different virtual machines. Therefore, in order to establish a connection between the terminal and any virtual machine on the private network host, you need to obtain the private network IP address and port number of the virtual machine, and use the firewall NAT (Network Address Translate) to perform the corresponding The connection can be established only after the network port address is translated.
现有的技术方案是通过手工将虚拟机的私网 IP和端口号配置到防火墙 NAT上, 并手工配置相应的公网 IP和端口号, 然后通过防火墙 NAT形成 虚拟机的私网 IP和端口号与公网 IP和端口号之间的映射关系,实现访问终 端与虚拟机之间的连接。 防火墙 NAT实际上起到了网关的作用。  The existing technical solution is to manually configure the private network IP address and port number of the virtual machine to the firewall NAT, and manually configure the corresponding public network IP address and port number, and then form the private network IP address and port number of the virtual machine through the firewall NAT. The mapping between the IP address and the port number of the public network is used to implement the connection between the access terminal and the virtual machine. Firewall NAT actually acts as a gateway.
由于虚拟机重启后, 私网主机通常会给虚拟机分配新的私网 IP和端口 号, 所以当虚拟机重启后, 需要重新将虚拟机的新的私网 IP和端口号手工 配置到防火墙 NAT上。 因为现有的技术方案是通过手工配置端口号和 IP 地址的, 所以导致维护工作较大, 不适合大规模部署 VNC。 发明内容 After the VM is restarted, the private network host usually assigns a new private network IP address and port number to the VM. Therefore, after the VM restarts, you need to manually configure the VM's new private IP address and port number to the firewall. on. Because the existing technical solution is to manually configure the port number and IP address, the maintenance work is large, and it is not suitable for large-scale deployment of VNC. Summary of the invention
为了解决现有技术手工配置端口号和 IP地址, 导致维护工作较大、 不 适合大规模部署 VNC的问题,本发明实施例提供了一种远程访问配置方法、 远程访问方法、 装置和系统。 所述技术方案如下:  In order to solve the problem that the port number and the IP address are manually configured in the prior art, which causes a large maintenance work and is not suitable for large-scale deployment of the VNC, the embodiment of the present invention provides a remote access configuration method, a remote access method, an apparatus, and a system. The technical solution is as follows:
第一方面, 提供了一种远程访问配置方法, 所述方法包括:  In a first aspect, a remote access configuration method is provided, where the method includes:
接收访问终端发送的用于获取虚拟机的公网信息的获取请求, 所述获 取请求携带有所述虚拟机的标识;  Receiving, by the access terminal, an acquisition request for acquiring public network information of the virtual machine, where the acquisition request carries an identifier of the virtual machine;
根据所述虚拟机的标识从承载所述虚拟机的私网主机上获取所述虚拟 机的私网信息;  Obtaining private network information of the virtual machine from a private network host that carries the virtual machine according to the identifier of the virtual machine;
获取与所述私网信息相对应的公网信息;  Obtaining public network information corresponding to the private network information;
向所述私网主机所属的网关发送映射配置请求, 所述映射配置请求用 于触发所述网关配置所述私网信息与所述公网信息之间的映射关系;  Sending a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information;
向所述访问终端反馈所述公网信息, 以便所述访问终端通过所述虚拟 机的公网信息远程访问所述虚拟机。  And feeding back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
在第一方面的第一种可能的实施方式中, 所述根据所述虚拟机的标识 从 载所述虚拟机的私网主机上获取所述虚拟机的私网信息, 包括:  In a first possible implementation manner of the first aspect, the obtaining the private network information of the virtual machine from the private network host that carries the virtual machine according to the identifier of the virtual machine includes:
通过预定接口登录承载所述虚拟机的私网主机;  Logging in to the private network host hosting the virtual machine through a predetermined interface;
居所述虚拟机的标识在所述私网主机上查询与所述虚拟机的标识相 对应的私网信息;  Locating the identifier of the virtual machine on the private network host to query private network information corresponding to the identifier of the virtual machine;
获取查询到的所述虚拟机的私网信息。  Obtaining the private network information of the virtual machine that is queried.
结合第一方面的第一种可能的实施方式, 在第二种可能的实施方式中, 所述通过预定接口登录承载所述虚拟机的私网主机, 包括:  With reference to the first possible implementation manner of the first aspect, in the second possible implementation manner, the logging in the private network host that carries the virtual machine by using the predetermined interface includes:
通过预先设置的传输控制协议 TCP形式的接口登录所述私网主机; 或 者,  Logging in to the private network host through an interface of the TCP control protocol set in advance; or
通过预先设置的超文本传输协议 HTTP形式的接口登录所述私网主机。 结合第一方面、 第一方面的第一种可能的实施方式或者第一方面的第 二种可能的实施方式, 在第三种可能的实施方式中, 所述获取与所述私网 信息相对应的公网信息, 包括:  The private network host is logged in through an interface of the hypertext transfer protocol HTTP format set in advance. With reference to the first aspect, the first possible implementation manner of the first aspect, or the second possible implementation manner of the first aspect, in a third possible implementation manner, the obtaining corresponds to the private network information Public network information, including:
获取所述私网主机所属的网关的至少一组公网信息;  Obtaining at least one group of public network information of the gateway to which the private network host belongs;
从所述至少一组公网信息中选取一组公网信息作为与所述私网信息相 对应的公网信息。 Selecting a group of public network information from the at least one group of public network information as the private network information Corresponding public network information.
第二方面, 提供了一种远程访问方法, 所述方法包括:  In a second aspect, a remote access method is provided, the method comprising:
向控制器发送用于获取虚拟机的公网信息的获取请求, 所述获取请求 携带有所述虚拟机的标识;  Sending, to the controller, an acquisition request for acquiring public network information of the virtual machine, where the acquisition request carries an identifier of the virtual machine;
接收所述控制器发送的所述虚拟机的公网信息, 所述虚拟机的公网信 息是由所述控制器根据所述虚拟机的标识从承载所述虚拟机的私网主机上 获取所述虚拟机的私网信息后生成的与所述私网信息相对应的信息, 且所 述虚拟机的公网信息被所述控制器触发所述私网主机所属的网关建立与所 述虚拟机的私网信息之间的映射关系;  Receiving the public network information of the virtual machine sent by the controller, where the public network information of the virtual machine is obtained by the controller from the private network host that carries the virtual machine according to the identifier of the virtual machine The information corresponding to the private network information generated by the private network information of the virtual machine, and the public network information of the virtual machine is triggered by the controller to establish a virtual machine with the gateway to which the private network host belongs. Mapping between private network information;
通过所述虚拟机的公网信息远程访问所述虚拟机。  The virtual machine is remotely accessed through the public network information of the virtual machine.
第三方面, 提供了一种远程访问配置装置, 所述装置包括:  In a third aspect, a remote access configuration apparatus is provided, the apparatus comprising:
请求接收模块, 用于接收访问终端发送的用于获取虚拟机的公网信息 的获取请求, 所述获取请求携带有所述虚拟机的标识;  a request receiving module, configured to receive an acquisition request sent by the access terminal for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine;
信息获取模块, 用于根据所述虚拟机的标识从承载所述虚拟机的私网 主机上获取所述虚拟机的私网信息;  An information obtaining module, configured to acquire private network information of the virtual machine from a private network host that carries the virtual machine according to the identifier of the virtual machine;
信息得到模块, 用于获取与所述私网信息相对应的公网信息; 映射配置模块, 用于向所述私网主机所属的网关发送映射配置请求, 所述映射配置请求用于触发所述网关配置所述私网信息与所述公网信息之 间的映射关系;  The information obtaining module is configured to obtain the public network information corresponding to the private network information, and the mapping configuration module is configured to send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the The gateway configures a mapping relationship between the private network information and the public network information;
信息反馈模块, 用于向所述访问终端反馈所述公网信息, 以便所述访 问终端通过所述虚拟机的公网信息远程访问所述虚拟机。  The information feedback module is configured to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
在第三方面的第一种可能的实施方式中, 所述信息获取模块, 包括: 主机登录单元、 信息查询单元和信息获取单元;  In a first possible implementation manner of the third aspect, the information acquiring module includes: a host login unit, an information query unit, and an information acquiring unit;
所述主机登录单元, 用于通过预定接口登录承载所述虚拟机的私网主 机;  The host login unit is configured to log in to the private network host that carries the virtual machine by using a predetermined interface;
所述信息查询单元, 用于根据所述虚拟机的标识在所述私网主机上查 询与所述虚拟机的标识相对应的私网信息;  The information querying unit is configured to query, on the private network host, the private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine;
所述信息获取单元, 用于获取查询到的所述虚拟机的私网信息。  The information acquiring unit is configured to obtain the private network information of the queried virtual machine.
结合第三方面的第一种可能的实施方式, 在第二种可能的实施方式中, 所述主机登录单元, 包括: 第一登录子单元; 或者, 第二登录子单元; 所述第一登录子单元, 用于通过预先设置的传输控制协议 TCP形式的 接口登录所述私网主机; 或者, With reference to the first possible implementation manner of the third aspect, in a second possible implementation, the host login unit includes: a first login subunit; or a second login subunit; the first login Subunit, used for pre-set transmission control protocol TCP form The interface is logged in to the private network host; or
所述第二登录子单元, 用于通过预先设置的超文本传输协议 HTTP形 式的接口登录所述私网主机。  The second login subunit is configured to log in to the private network host by using an interface of a hypertext transfer protocol HTTP format set in advance.
结合第三方面、 第三方面的第一种可能的实施方式或者第三方面的第 二种可能的实施方式, 在第三种可能的实施方式中, 所述信息得到模块, 包括: 信息取得单元和信息选取单元;  With reference to the third aspect, the first possible implementation manner of the third aspect, or the second possible implementation manner of the third aspect, in a third possible implementation manner, the information obtaining module includes: And information selection unit;
所述信息取得单元, 用于获取所述私网主机所属的网关的至少一组公 网信息;  The information obtaining unit is configured to acquire at least one group of public network information of a gateway to which the private network host belongs;
所述信息选取单元, 用于从所述至少一组公网信息中选取一组公网信 息作为与所述私网信息相对应的公网信息。  The information selecting unit is configured to select a group of public network information from the at least one group of public network information as the public network information corresponding to the private network information.
第四方面, 提供了一种远程访问装置, 所述装置包括:  In a fourth aspect, a remote access device is provided, the device comprising:
请求发送模块, 用于向控制器发送用于获取虚拟机的公网信息的获取 请求, 所述获取请求携带有所述虚拟机的标识;  a request sending module, configured to send, to the controller, an obtaining request for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine;
信息接收模块, 用于接收所述控制器发送的所述虚拟机的公网信息, 所述虚拟机的公网信息是由所述控制器根据所述虚拟机的标识从承载所述 虚拟机的私网主机上获取所述虚拟机的私网信息后生成的与所述私网信息 相对应的信息, 且所述虚拟机的公网信息被所述控制器触发所述私网主机 所属的网关建立与所述虚拟机的私网信息之间的映射关系;  An information receiving module, configured to receive public network information of the virtual machine that is sent by the controller, where the public network information of the virtual machine is from the virtual machine that is carried by the controller according to the identifier of the virtual machine After the private network host obtains the private network information of the virtual machine, the information corresponding to the private network information is generated, and the public network information of the virtual machine is triggered by the controller to the gateway to which the private network host belongs. Establishing a mapping relationship with the private network information of the virtual machine;
远程访问模块, 用于通过所述虚拟机的公网信息远程访问所述虚拟机。 第五方面, 提供了一种远程访问系统, 所述系统包括: 承载至少一台 虚拟机的私网主机、 与所述私网主机相连的网关和控制器以及与所述网关 和所述控制器均相连的访问终端, 其中, 所述控制器还与所述网关相连; 所述控制器包括如第三方面或者第三方面的各种可能的实施方式中所 述的远程访问配置装置;  a remote access module, configured to remotely access the virtual machine by using public network information of the virtual machine. A fifth aspect provides a remote access system, where the system includes: a private network host carrying at least one virtual machine, a gateway and a controller connected to the private network host, and the gateway and the controller Each of the access terminals, wherein the controller is further connected to the gateway; the controller includes the remote access configuration device as described in the third aspect or the various possible implementation manners of the third aspect;
所述访问终端包括如第四方面所述的远程访问装置。  The access terminal includes the remote access device as described in the fourth aspect.
第六方面, 提供了一种控制器, 用于实现为远程访问系统中的控制器, 所述控制器包括: 处理器、 存储器、 发送器和接收器;  In a sixth aspect, a controller is provided for implementing a controller in a remote access system, the controller comprising: a processor, a memory, a transmitter, and a receiver;
所述处理器, 用于控制所述接收器接收访问终端发送的用于获取虚拟 机的公网信息的获取请求, 所述获取请求携带有所述虚拟机的标识;  The processor is configured to control, by the receiver, an acquisition request that is sent by the access terminal to obtain public network information of the virtual machine, where the acquisition request carries an identifier of the virtual machine;
所述处理器, 还用于根据所述虚拟机的标识从承载所述虚拟机的私网 主机上获取所述虚拟机的私网信息; 所述处理器, 还用于获取与所述私网信息相对应的公网信息; 所述处理器, 还用于控制所述发送器向所述私网主机所属的网关发送 映射配置请求, 所述映射配置请求用于触发所述网关配置所述私网信息与 所述公网信息之间的映射关系; The processor is further configured to obtain private network information of the virtual machine from a private network host that carries the virtual machine according to the identifier of the virtual machine; The processor is further configured to acquire public network information corresponding to the private network information, where the processor is further configured to control the sender to send a mapping configuration request to a gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information;
所述处理器, 还用于控制所述发送器向所述访问终端反馈所述公网信 息, 以便所述访问终端通过所述虚拟机的公网信息远程访问所述虚拟机。  The processor is further configured to control the sender to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
在第六方面的第一种可能的实施方式中,  In a first possible implementation of the sixth aspect,
所述处理器, 还用于通过预定接口登录承载所述虚拟机的私网主机; 所述处理器, 还用于根据所述虚拟机的标识在所述私网主机上查询与 所述虚拟机的标识相对应的私网信息;  The processor is further configured to log in to the private network host that carries the virtual machine by using a predetermined interface. The processor is further configured to query, on the private network host, the virtual machine according to the identifier of the virtual machine. Corresponding private network information;
所述处理器, 还用于获取查询到的所述虚拟机的私网信息。  The processor is further configured to obtain the private network information of the queried virtual machine.
结合第六方面的第一种可能的实施方式, 在第二种可能的实施方式中, 所述处理器, 还用于通过预先设置的传输控制协议 TCP形式的接口登 录所述私网主机; 或者,  With reference to the first possible implementation manner of the sixth aspect, in a second possible implementation, the processor is further configured to log in to the private network host by using an interface in a form of a preset transmission control protocol TCP; or ,
所述处理器, 还用于通过预先设置的超文本传输协议 HTTP形式的接 口登录所述私网主机。  The processor is further configured to log in to the private network host by using an interface of a hypertext transfer protocol HTTP format set in advance.
结合第六方面、 第六方面的第一种可能的实施方式或者第六方面的第 二种可能的实施方式, 在第三种可能的实施方式中,  With reference to the sixth aspect, the first possible implementation manner of the sixth aspect, or the second possible implementation manner of the sixth aspect, in a third possible implementation manner,
所述处理器, 还用于获取所述私网主机所属的网关的至少一组公网信 息;  The processor is further configured to acquire at least one group of public network information of a gateway to which the private network host belongs;
所述处理器, 还用于从所述至少一组公网信息中选取一组公网信息作 为与所述私网信息相对应的公网信息。  The processor is further configured to select a group of public network information from the at least one group of public network information as public network information corresponding to the private network information.
第七方面, 提供了一种访问终端, 用于实现为远程访问系统中的访问 终端, 所述访问终端包括: 接收器、 发送器、 处理器和存储器;  According to a seventh aspect, an access terminal is provided for implementing an access terminal in a remote access system, where the access terminal includes: a receiver, a transmitter, a processor, and a memory;
所述处理器, 用于控制所述发送器向控制器发送用于获取虚拟机的公 网信息的获取请求, 所述获取请求携带有所述虚拟机的标识;  The processor is configured to send, by the sender, an acquisition request for acquiring public network information of the virtual machine to the controller, where the acquisition request carries an identifier of the virtual machine;
所述处理器, 还用于控制所述接收器接收所述控制器发送的所述虚拟 机的公网信息, 所述虚拟机的公网信息是由所述控制器根据所述虚拟机的 标识从 7 载所述虚拟机的私网主机上获取所述虚拟机的私网信息后生成的 与所述私网信息相对应的信息, 且所述虚拟机的公网信息被所述控制器触 发所述私网主机所属的网关建立与所述虚拟机的私网信息之间的映射关 系; The processor is further configured to control the receiver to receive public network information of the virtual machine that is sent by the controller, where public network information of the virtual machine is determined by the controller according to the identifier of the virtual machine Obtaining information corresponding to the private network information generated after the private network information of the virtual machine is obtained from the private network host of the virtual machine, and the public network information of the virtual machine is triggered by the controller Mapping between the gateway to which the private network host belongs and the private network information of the virtual machine Department
所述处理器, 还用于通过所述虚拟机的公网信息远程访问所述虚拟机。 第八方面, 提供了一种远程访问系统, 所述系统包括: 承载至少一台 虚拟机的私网主机、 与所述私网主机相连的网关和控制器以及与所述网关 和所述控制器均相连的访问终端, 其中, 所述控制器还与所述网关相连; 所述控制器是如第六方面和第六方面的各种可能的实施方式中任一所 述的控制器;  The processor is further configured to remotely access the virtual machine by using public network information of the virtual machine. According to an eighth aspect, a remote access system is provided, where the system includes: a private network host carrying at least one virtual machine, a gateway and a controller connected to the private network host, and the gateway and the controller a controller that is connected to each other, wherein the controller is further connected to the gateway; the controller is the controller according to any of the sixth aspect and the sixth aspect, the possible implementation manner;
所述访问终端是如第七方面所述的访问终端。  The access terminal is an access terminal as described in the seventh aspect.
本发明实施例提供的技术方案带来的有益效果是:  The beneficial effects brought by the technical solutions provided by the embodiments of the present invention are:
通过在接收到访问终端发送的用于获取虚拟机的公网信息的获取请求 后, 根据该获取请求中携带的虚拟机的标识从承载虚拟机的私网主机上获 取虚拟机的私网信息, 并在获取与私网信息相对应的公网信息之后, 向私 网主机所属的网关发送映射配置请求, 该映射配置请求用于触发网关配置 私网信息与公网信息之间的映射关系, 最后向访问终端反馈公网信息, 以 便访问终端通过虚拟机的公网信息远程访问所述虚拟机; 解决了现有技术 手工配置端口号和 IP地址等信息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到了自动获取并配置端口号和 IP地址等信息,有利于大规 模部署 VNC的效果。 附图说明  After receiving the acquisition request for acquiring the public network information of the virtual machine, the private network information of the virtual machine is obtained from the private network host that hosts the virtual machine according to the identifier of the virtual machine carried in the acquisition request. After the public network information corresponding to the private network information is obtained, the mapping configuration request is sent to the gateway to which the private network host belongs, and the mapping configuration request is used to trigger the mapping between the private network information and the public network information. The public network information is fed back to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine; the information of manually configuring the port number and the IP address in the prior art is solved, resulting in large maintenance work and being unsuitable for large-scale operation. The problem of deploying VNC is achieved. The automatic acquisition and configuration of port numbers and IP addresses are achieved, which is beneficial to the large-scale deployment of VNC. DRAWINGS
为了更清楚地说明本发明实施例中的技术方案, 下面将对实施例描述 中所需要使用的附图作简单地介绍, 显而易见地, 下面描述中的附图仅仅 是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出创造性 劳动的前提下, 还可以根据这些附图获得其他的附图。  In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described. It is obvious that the drawings in the following description are only some embodiments of the present invention. Other drawings may also be obtained from those of ordinary skill in the art in view of the drawings.
图 1 是本发明各个实施例提供的远程访问配置方法和远程访问方法所 涉及的一种实施环境的结构示意图;  1 is a schematic structural diagram of an implementation environment involved in a remote access configuration method and a remote access method according to various embodiments of the present invention;
图 2是本发明一个实施例提供的远程访问配置方法的方法流程图; 图 3是本发明另一实施例提供的远程访问方法的方法流程图; 图 4是本发明再一实施例提供的远程访问方法的方法流程图; 图 5是本发明一个实施例提供的远程访问配置装置的结构方框图; 图 6是本发明另一实施例提供的远程访问装置的结构方框图; 图 Ί是本发明一个实施例提供的远程访问系统的结构方框图; 图 8是本发明一个实施例提供的控制器的结构示意图; 2 is a flowchart of a method for remote access configuration according to an embodiment of the present invention; FIG. 3 is a flowchart of a method for remote access according to another embodiment of the present invention; FIG. 4 is a remote manner according to still another embodiment of the present invention. FIG. 5 is a block diagram showing the structure of a remote access configuration apparatus according to an embodiment of the present invention; FIG. 6 is a block diagram showing the structure of a remote access apparatus according to another embodiment of the present invention; FIG. 8 is a structural block diagram of a remote access system according to an embodiment of the present invention; FIG. 8 is a schematic structural diagram of a controller according to an embodiment of the present invention;
图 9是本发明一个实施例提供的访问终端的结构示意图;  FIG. 9 is a schematic structural diagram of an access terminal according to an embodiment of the present invention;
图 10是本发明一个实施例提供的远程访问系统的结构方框图。 具体实施方式  FIG. 10 is a structural block diagram of a remote access system according to an embodiment of the present invention. detailed description
为使本发明的目的、 技术方案和优点更加清楚, 下面将结合附图对本 发明实施方式作进一步地详细描述。  The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings.
请参考图 1,其示出了本发明各个实施例提供的远程访问配置方法和远 程访问方法所涉及的一种实施环境的结构示意图。 该实施环境包括: 访问 终端 120、 私网主机 140和控制器 160。  Referring to FIG. 1, FIG. 1 is a schematic structural diagram of an implementation environment involved in a remote access configuration method and a remote access method according to various embodiments of the present invention. The implementation environment includes: access terminal 120, private network host 140, and controller 160.
访问终端 120可以是运行有 VNC客户端的电子设备,该电子设备可以 是膝上型便携计算机和台式计算机等等。 访问终端 120使用公网 ΙΡ。  The access terminal 120 can be an electronic device running a VNC client, which can be a laptop portable computer and a desktop computer or the like. The access terminal 120 uses the public network.
访问终端 120与私网主机 140之间可以通过无线网络或者有线网络相 连。 或者由若干台服务器组成的服务器集群, 或者是一个云计算服务中心。 私 网主机 140使用私网 IP。私网主机 140承载至少一台虚拟机(图中未示出), 并给不同的虚拟机分配不同的私网信息。  The access terminal 120 and the private network host 140 can be connected via a wireless network or a wired network. Or a server cluster consisting of several servers, or a cloud computing service center. The private network host 140 uses the private network IP. The private network host 140 carries at least one virtual machine (not shown) and allocates different private network information to different virtual machines.
控制器 160可以是运行有 VNC控制端的逻辑组成部件,控制器 160可 以设置于一台独立的计算机中, 也可以设置于私网主机 140 中, 还可以设 置于访问终端 120中。 如图 1所示, 当控制器 160设置于一台独立的计算 机中时, 该计算机可以通过无线网络或者有线网络与访问终端 120和私网 主机 140相连。  The controller 160 may be a logical component that runs on the VNC control terminal. The controller 160 may be disposed in a separate computer, or may be disposed in the private network host 140, or may be disposed in the access terminal 120. As shown in FIG. 1, when the controller 160 is disposed in a separate computer, the computer can be connected to the access terminal 120 and the private network host 140 via a wireless network or a wired network.
控制器 160通过 VNC控制端实现自动获取虚拟机的私网信息, 并自动 在网关 170上配置虚拟机的私网信息以及虚拟机的公网信息之间的映射关 系。 其中, 私网信息是指虚拟机的私网 IP或者虚拟机的私网 IP和端口号, 公网信息是指虚拟机的公网 IP或者虚拟机的公网 IP和端口号。 请参考图 2,其示出了本发明一个实施例提供的远程访问配置方法的方 法流程图。 本实施例以该远程访问配置方法应用于图 1 所示的实施环境中 的控制器侧来举例说明。 该远程访问配置方法, 包括: The controller 160 automatically obtains the private network information of the virtual machine through the VNC control end, and automatically configures the mapping between the private network information of the virtual machine and the public network information of the virtual machine on the gateway 170. The private network information refers to the private network IP address of the virtual machine or the private network IP address and port number of the virtual machine. The public network information refers to the public network IP address of the virtual machine or the public network IP address and port number of the virtual machine. Referring to FIG. 2, a flow chart of a method for configuring a remote access according to an embodiment of the present invention is shown. This embodiment is applied to the implementation environment shown in FIG. 1 by using the remote access configuration method. The controller side is an example. The remote access configuration method includes:
步骤 202, 接收访问终端发送的用于获取虚拟机的公网信息的获取请 求, 获取请求携带有虚拟机的标识。  Step 202: Receive an access request sent by the access terminal to obtain public network information of the virtual machine, and obtain an identifier that the request carries the virtual machine.
结合参考图 1,当本实施例提供的远程访问配置方法应用于图 1所示的 实施环境中的控制器侧时, 本步骤即为控制器接收访问终端发送的用于获 取虚拟机的公网信息的获取请求, 获取请求携带有虚拟机的标识。  With reference to FIG. 1, when the remote access configuration method provided in this embodiment is applied to the controller side in the implementation environment shown in FIG. 1, the step is to receive the public network for acquiring the virtual machine sent by the access terminal. The information acquisition request, the acquisition request carries the identifier of the virtual machine.
步骤 204,根据虚拟机的标识从承载虚拟机的私网主机上获取虚拟机的 私网信息。  Step 204: Obtain private network information of the virtual machine from the private network host that hosts the virtual machine according to the identifier of the virtual machine.
控制器根据虚拟机的标识从承载虚拟机的私网主机上获取虚拟机的私 网信息。  The controller obtains the private network information of the virtual machine from the private network host that hosts the virtual machine according to the identifier of the virtual machine.
步骤 206, 获取与私网信息相对应的公网信息。  Step 206: Obtain public network information corresponding to private network information.
控制器获取与私网信息相对应的公网信息。  The controller obtains public network information corresponding to the private network information.
步骤 208, 向私网主机所属的网关发送映射配置请求, 该映射配置请求 用于触发网关配置私网信息与公网信息之间的映射关系。  Step 208: Send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the mapping between the private network information and the public network information.
控制器向私网主机所属的网关发送映射配置请求, 该映射配置请求用 于触发网关配置私网信息与公网信息之间的映射关系。  The controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the mapping between the private network information and the public network information.
步骤 210, 向访问终端反馈公网信息, 以便访问终端通过虚拟机的公网 信息远程访问虚拟机。  Step 210: The public network information is fed back to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
控制器向访问终端反馈公网信息, 以便访问终端通过虚拟机的公网信 息远程访问虚拟机。  The controller feeds back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
综上所述, 本实施例提供的远程访问配置方法, 通过控制器在接收到 访问终端发送的用于获取虚拟机的公网信息的获取请求后, 根据该获取请 求中携带的虚拟机的标识从承载虚拟机的私网主机上获取虚拟机的私网信 息, 并在获取与私网信息相对应的公网信息之后, 向私网主机所属的网关 发送映射配置请求, 该映射配置请求用于触发网关配置私网信息与公网信 息之间的映射关系, 最后向访问终端反馈公网信息, 以便访问终端通过虚 拟机的公网信息远程访问所述虚拟机; 解决了现有技术手工配置端口号和 IP地址等信息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到 了自动获取并配置端口号和 IP地址等信息, 有利于大规模部署 VNC的效 果。 请参考图 3,其示出了本发明另一实施例提供的远程访问方法的方法流 程图。 本实施例以该远程访问方法应用于图 1 所示的实施环境中的访问终 端侧来举例说明。 该远程访问方法, 包括: In summary, the remote access configuration method provided by the embodiment, after receiving the acquisition request for acquiring the public network information of the virtual machine sent by the access terminal, according to the identifier of the virtual machine carried in the acquisition request Obtaining the private network information of the virtual machine from the private network host that hosts the virtual machine, and after obtaining the public network information corresponding to the private network information, sending a mapping configuration request to the gateway to which the private network host belongs, and the mapping configuration request is used for The triggering gateway configures the mapping between the private network information and the public network information, and finally feeds the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC. It achieves the automatic acquisition and configuration of port number and IP address, which is beneficial to the large-scale deployment of VNC. Please refer to FIG. 3, which is a flowchart of a method for remote access method according to another embodiment of the present invention. This embodiment is exemplified by the remote access method applied to the access terminal side in the implementation environment shown in FIG. 1. The remote access method includes:
步骤 302, 向控制器发送用于获取虚拟机的公网信息的获取请求, 获取 请求携带有虚拟机的标识。  Step 302: Send an acquisition request for acquiring public network information of the virtual machine to the controller, where the acquisition request carries the identifier of the virtual machine.
结合参考图 1,当本实施例提供的远程访问配置方法应用于图 1所示的 实施环境中的访问终端侧时, 本步骤即为访问终端向控制器发送用于获取 虚拟机的公网信息的获取请求, 获取请求携带有虚拟机的标识。  With reference to FIG. 1, when the remote access configuration method provided in this embodiment is applied to the access terminal side in the implementation environment shown in FIG. 1, this step is to send the public network information for acquiring the virtual machine to the controller. The acquisition request, the acquisition request carries the identifier of the virtual machine.
步骤 304,接收控制器发送的虚拟机的公网信息,虚拟机的公网信息是 由控制器根据虚拟机的标识从承载虚拟机的私网主机上获取虚拟机的私网 信息后生成的与私网信息相对应的信息, 且虚拟机的公网信息被控制器触 发私网主机所属的网关建立了与虚拟机的私网信息之间的映射关系。  Step 304: Receive public network information of the virtual machine sent by the controller, where the public network information of the virtual machine is generated by the controller, after obtaining the private network information of the virtual machine from the private network host hosting the virtual machine according to the identifier of the virtual machine. The information corresponding to the private network information, and the public network information of the virtual machine is triggered by the controller to establish a mapping relationship with the private network information of the virtual machine.
访问终端接收控制器发送的虚拟机的公网信息, 虚拟机的公网信息是 由控制器根据虚拟机的标识从承载虚拟机的私网主机上获取虚拟机的私网 信息后生成的与私网信息相对应的信息, 且虚拟机的公网信息被控制器触 发私网主机所属的网关建立了与虚拟机的私网信息之间的映射关系。  The access terminal receives the public network information of the virtual machine sent by the controller. The public network information of the virtual machine is generated by the controller after obtaining the private network information of the virtual machine from the private network host hosting the virtual machine according to the identifier of the virtual machine. The information corresponding to the network information, and the public network information of the virtual machine is triggered by the controller to establish a mapping relationship with the private network information of the virtual machine.
步骤 306, 通过虚拟机的公网信息远程访问虚拟机。  Step 306: Remotely access the virtual machine by using public network information of the virtual machine.
访问终端通过虚拟机的公网信息远程访问虚拟机。  The access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
综上所述, 本实施例提供的远程访问方法, 通过访问终端在向控制器 发送用于获取虚拟机的公网信息的获取请求后, 由控制器根据虚拟机的标 识从承载虚拟机的私网主机上获取虚拟机的私网信息后获取与该私网信息 相对应的公网信息, 且由控制器向私网主机所属的网关发送映射配置请求, 该映射配置请求用于触发网关配置私网信息与公网信息之间的映射关系, 然后访问终端在接收到控制器发送的虚拟机的公网信息后, 通过虚拟机的 公网信息远程访问虚拟机; 解决了现有技术手工配置端口号和 IP地址等信 息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到了自动获取 并配置端口号和 IP地址等信息, 有利于大规模部署 VNC的效果。 请参考图 4,其示出了本发明再一实施例提供的远程访问方法的方法流 程图。 本实施例以该远程访问方法应用于图 1 所示的实施环境中来举例说 明。 该远程访问方法, 包括: 步骤 401,访问终端向控制器发送用于获取虚拟机的公网信息的获取请 求, 获取请求携带有虚拟机的标识。 In summary, in the remote access method provided by the embodiment, after the access terminal sends an acquisition request for acquiring the public network information of the virtual machine to the controller, the controller performs the private operation of the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway configuration private. The mapping relationship between the network information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC. It achieves the automatic acquisition and configuration of port number and IP address, which is beneficial to the large-scale deployment of VNC. Please refer to FIG. 4, which is a flowchart of a method for remote access method according to still another embodiment of the present invention. This embodiment is exemplified by applying the remote access method to the implementation environment shown in FIG. 1. The remote access method includes: Step 401: The access terminal sends an acquisition request for acquiring the public network information of the virtual machine to the controller, where the acquisition request carries the identifier of the virtual machine.
虚拟机的标识用于区分不同的虚拟机。 访问终端向控制器发送获取虚 拟机的公网信息的获取请求, 且该获取请求携带有虚拟机的标识, 也即用 于告知控制器其需要与哪一台虚拟机建立连接。  The identity of the virtual machine is used to distinguish between different virtual machines. The access terminal sends an acquisition request for acquiring the public network information of the virtual machine to the controller, and the acquisition request carries the identifier of the virtual machine, that is, it is used to inform the controller which virtual machine to establish a connection with.
访问终端通过与私网主机所承载的任意一台虚拟机建立连接, 实现远 程访问该虚拟机, 进而实现对私网主机的访问与控制。 访问终端与任意一 台虚拟机建立连接需要获取该虚拟机的公网信息, 公网信息通常包括虚拟 机的公网 IP和端口号。  The access terminal establishes a connection with any virtual machine hosted by the private network host to remotely access the virtual machine, thereby implementing access and control to the private network host. To establish a connection between an access terminal and any virtual machine, you need to obtain the public network information of the virtual machine. The public network information usually includes the public network IP address and port number of the virtual machine.
对应地, 控制器接收访问终端发送的用于获取虚拟机的公网信息的获 取请求。  Correspondingly, the controller receives an access request sent by the access terminal for acquiring public network information of the virtual machine.
步骤 402, 控制器通过预定接口登录承载虚拟机的私网主机。  Step 402: The controller logs in to the private network host that hosts the virtual machine through the predetermined interface.
控制器可以通过预先设置的 TCP ( Transmission Control Protocol, 传输 控制协议)形式的接口登录私网主机,也可以通过预先设置的 HTTP ( Hyper Text Transfer Protocol, 超文本传输协议)形式的接口登录私网主机。  The controller can log in to the private network host through the interface in the form of the Transmission Control Protocol (TCP). You can also log in to the private network host through the interface of the HTTP (Hyper Text Transfer Protocol) format. .
步骤 403,控制器根据虚拟机的标识在私网主机上查询与虚拟机的标识 相对应的私网信息。  Step 403: The controller queries the private network host for the private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine.
控制器登录到私网主机之后, 可以调用预先设定的脚本程序, 查询与 虚拟机的标识相对应的私网信息。  After the controller logs in to the private network host, it can invoke a preset script to query the private network information corresponding to the identifier of the virtual machine.
步骤 404, 控制器获取查询到的虚拟机的私网信息。  Step 404: The controller acquires private network information of the queried virtual machine.
控制器通过脚本程序查询得到虚拟机的私网 IP和端口号等私网信息。 步骤 405, 控制器获取私网主机所属的网关的至少一组公网信息。  The controller queries the private network information such as the private network IP address and port number of the virtual machine through the script program. Step 405: The controller acquires at least one group of public network information of the gateway to which the private network host belongs.
该网关通常为 NAPT ( Network Address Port Translate, 网络端口地址转 换) 网关, 可以由防火墙 NAT 实现。 该网关可以设置于一台独立的具有 NAT服务功能的计算机上, 也可以设置于访问终端上, 还可以设置于私网 主机上。 该网关提供至少一组公网信息供控制器选用。  The gateway is usually a NAPT (Network Address Port Translate) gateway, which can be implemented by a firewall NAT. The gateway can be set up on a separate computer with NAT service function, or can be set on the access terminal, or can be set on the private network host. The gateway provides at least one set of public network information for the controller to select.
以虚拟机的公网信息为公网 IP和端口号为例,控制器可以预存有 NAPT 网关所能提供的五组公网 IP 和端口号, 比如: 209.100.20.1/5800、 Taking the public network information of the virtual machine as the public network IP and port number as an example, the controller can pre-store the five sets of public IP and port numbers that the NAPT gateway can provide, for example: 209.100.20.1/5800,
209.100.20.1/5801 、 209.100.20.2/5800 、 209.100.20.3/5800 和 209.100.20.4/5800。 控制器获取到虚拟机的私网信息之后, 查询预存的五组 公网 IP和端口号中哪一组处于空闲状态,选取该组空闲的公网 IP和端口号, 比如 209.100.20.1/5800作为虚拟机的公网 IP和端口号。 209.100.20.1/5801, 209.100.20.2/5800, 209.100.20.3/5800 and 209.100.20.4/5800. After obtaining the private network information of the virtual machine, the controller queries which of the five public network IP addresses and port numbers that are pre-stored are in an idle state, and selects the public IP address and port number of the group. For example, 209.100.20.1/5800 is used as the public network IP and port number of the virtual machine.
步骤 406,控制器从至少一组公网信息中选取一组公网信息作为与私网 信息相对应的公网信息。  Step 406: The controller selects a group of public network information from at least one group of public network information as the public network information corresponding to the private network information.
控制器查询预存的五组公网 IP和端口号中哪一组处于空闲状态, 选取 该组空闲的公网 IP和端口号的具体流程可以是:按预存的五组公网 IP和端 口号的顺序逐个查询, 当查询得到第一组处于空闲状态的公网 IP和端口号 时, 即选取该组公网 IP和端口号为与私网 IP和端口号相对应的公网 IP和 端口号。 该具体流程还可以是: 在预存的五组公网 IP和端口号中查询得到 所有处于空闲状态的公网 IP和端口号, 然后选取带宽最大的一组处于空闲 夫态的公网 IP和端口号作为与私网 IP和端口号相对应的公网 IP和端口号。  The controller queries which of the five public IP addresses and port numbers that are pre-stored are in an idle state. The specific process of selecting the public IP address and port number of the group is: according to the pre-stored five sets of public IP and port numbers. The query is performed one by one. When the query obtains the public IP address and port number of the first group in the idle state, the public network IP address and port number of the group are selected as the public network IP address and port number corresponding to the private network IP address and port number. The specific process may also be: querying all the public network IPs and port numbers in the idle state in the pre-stored five sets of public network IP and port numbers, and then selecting the public network IP and port in the idle state with the largest bandwidth. The number is the public IP and port number corresponding to the private network IP and port number.
假设控制器获取到虚拟机的私网 IP和端口号为 192.168.200.1/5900,则 控制器生成公网 IP 和端口号 209.100.20.1/5800 与私网 IP 和端口号 192.168.200.1/5900之间的对应关系。  Assuming that the controller obtains the private network IP address and port number of the virtual machine is 192.168.200.1/5900, the controller generates a public network IP and port number between 209.100.20.1/5800 and the private network IP and port number 192.168.200.1/5900. Correspondence.
步骤 407,控制器向网关发送携带有私网信息与公网信息的映射配置请 求。  Step 407: The controller sends a mapping configuration request carrying the private network information and the public network information to the gateway.
控制器向 NAPT网关发送配置公网 IP和端口号 209.100.20.1/5800与私 网 IP和端口号 192.168.200.1/5900之间的映射关系的配置请求。  The controller sends a configuration request to the NAPT gateway to configure a mapping relationship between the public network IP and the port number 209.100.20.1/5800 and the private network IP and the port number 192.168.200.1/5900.
对应地, 网关接收控制器发送的携带有私网信息与公网信息的映射配 置请求。  Correspondingly, the gateway receives the mapping configuration request sent by the controller and carries the private network information and the public network information.
步骤 408, 网关根据私网信息与公网信息配置两者之间的映射关系。 Step 408: The gateway configures a mapping relationship between the private network information and the public network information.
NAPT网关接收到配置请求后,配置公网 IP和端口号 209.100.20.1/5800 与私网 IP和端口号 192.168.200.1/5900之间的映射关系, 并存储该映射关 系。 之后, 访问终端可以通过该 NAPT网关远程访问虚拟机, 进而实现远 程控制该虚拟机所对应的私网主机。 After receiving the configuration request, the NAPT gateway configures the mapping between the public network IP and the port number 209.100.20.1/5800 and the private network IP and the port number 192.168.200.1/5900, and stores the mapping relationship. Afterwards, the access terminal can remotely access the virtual machine through the NAPT gateway, thereby implementing remote control of the private network host corresponding to the virtual machine.
步骤 409, 网关向控制器反馈配置完成响应。  Step 409: The gateway feeds back a configuration completion response to the controller.
NAPT网关完成映射关系的配置之后, 向控制器反馈配置完成响应。 对应地, 控制器接收网关反馈的配置完成响应。  After the NAPT gateway completes the configuration of the mapping relationship, the configuration completion response is fed back to the controller. Correspondingly, the controller receives a configuration completion response fed back by the gateway.
步骤 410, 控制器向访问终端反馈公网信息。  Step 410: The controller feeds back public network information to the access terminal.
控制器在 NAPT网关上建立完成私网信息与公网信息之间的映射关系 之后, 向访问终端反馈公网信息, 告知访问终端可以使用该公网信息访问 其所需要访问的虚拟机了。 对应地, 访问终端接收控制器发送的虚拟机的公网信息。 After the mapping between the private network information and the public network information is established on the NAPT gateway, the controller feeds back the public network information to the access terminal, and informs the access terminal to use the public network information to access the virtual machine that needs to be accessed. Correspondingly, the access terminal receives the public network information of the virtual machine sent by the controller.
步骤 411, 访问终端通过虚拟机的公网信息远程访问虚拟机。  Step 411: The access terminal accesses the virtual machine remotely through the public network information of the virtual machine.
具体地, 访问终端向 NAPT网关发送携带有虚拟机的公网 IP和端口号 的业务请求包。 NAPT网关接收到该业务请求包后, 根据存储的私网 IP和 端口号与公网 IP和端口号之间的映射关系将业务请求包中的公网 IP和端口 号修改为私网 IP和端口号,然后将携带有私网 IP和端口号的业务请求包转 发给虚拟机。  Specifically, the access terminal sends a service request packet carrying the public network IP address and port number of the virtual machine to the NAPT gateway. After receiving the service request packet, the NAPT gateway modifies the public network IP address and port number in the service request packet to the private network IP address and port according to the mapping between the stored private IP address and port number and the public network IP address and port number. Number, and then forward the service request packet carrying the private network IP and port number to the virtual machine.
至此, 访问终端实现了远程访问虚拟机, 进而可以远程控制该虚拟机 所对应的私网主机。 访问终端与虚拟机之间的业务传输都需要通过 NAPT 网关进行 IP地址和端口号的转换。  At this point, the access terminal implements remote access to the virtual machine, and thus can remotely control the private network host corresponding to the virtual machine. The service transmission between the access terminal and the virtual machine requires the conversion of the IP address and port number through the NAPT gateway.
综上所述, 本实施例提供的远程访问方法, 通过访问终端在向控制器 发送用于获取虚拟机的公网信息的获取请求后, 由控制器根据虚拟机的标 识从承载虚拟机的私网主机上获取虚拟机的私网信息后获取与该私网信息 相对应的公网信息, 且由控制器向私网主机所属的网关发送映射配置请求, 该映射配置请求用于触发网关配置私网信息与公网信息之间的映射关系, 然后访问终端在接收到控制器发送的虚拟机的公网信息后, 通过虚拟机的 公网信息远程访问虚拟机; 解决了现有技术手工配置端口号和 IP地址等信 息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到了自动获取 并配置端口号和 IP地址等信息, 有利于大规模部署 VNC的效果。  In summary, in the remote access method provided by the embodiment, after the access terminal sends an acquisition request for acquiring the public network information of the virtual machine to the controller, the controller performs the private operation of the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway configuration private. The mapping relationship between the network information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC. It achieves the automatic acquisition and configuration of port number and IP address, which is beneficial to the large-scale deployment of VNC.
本实施例提供的远程访问方法, 控制器还通过预先设置的 TCP形式的 接口或者 HTTP形式的接口登录私网主机获取虚拟机的私网信息, 控制器 还通过向网关发送携带有私网信息与公网信息的映射配置请求, 在网关上 建立私网信息与公网信息之间的映射关系; 实现了映射关系的自动化配置 和动态配置, 提高了远程访问的效率。 下述为本发明装置实施例, 可以用于执行本发明方法实施例。 对于本 发明装置实施例中未披露的细节, 请参照本发明方法实施例。  In the remote access method provided by the embodiment, the controller also obtains the private network information of the virtual machine by using the interface of the TCP format or the interface of the HTTP format, and the controller also sends the private network information to the gateway. The mapping configuration request of the public network information establishes a mapping relationship between the private network information and the public network information on the gateway; realizes automatic configuration and dynamic configuration of the mapping relationship, and improves the efficiency of remote access. The following is an embodiment of the apparatus of the present invention, which can be used to carry out embodiments of the method of the present invention. For details not disclosed in the embodiment of the device of the present invention, please refer to the method embodiment of the present invention.
请参考图 5,其示出了本发明一个实施例提供的远程访问配置装置的结 构方框图, 该远程访问配置装置可以通过软件、 硬件或者两者的结合实现 成为控制器的全部或者一部分。 该远程访问配置装置, 包括: 请求接收模 块 510、 信息获取模块 520、 信息得到模块 530、 映射配置模块 540和信息 反馈模块 550。 Please refer to FIG. 5, which is a structural block diagram of a remote access configuration apparatus according to an embodiment of the present invention. The remote access configuration apparatus may be implemented as a whole or a part of a controller by software, hardware, or a combination of both. The remote access configuration device includes: a request receiving module 510, an information obtaining module 520, an information obtaining module 530, a mapping configuration module 540, and information Feedback module 550.
请求接收模块 510,用于接收访问终端发送的用于获取虚拟机的公网信 息的获取请求, 所述获取请求携带有所述虚拟机的标识。  The request receiving module 510 is configured to receive an acquisition request sent by the access terminal for acquiring public network information of the virtual machine, where the acquisition request carries the identifier of the virtual machine.
信息获取模块 520,用于根据所述虚拟机的标识从承载所述虚拟机的私 网主机上获取所述虚拟机的私网信息。  The information obtaining module 520 is configured to obtain private network information of the virtual machine from a private network host that hosts the virtual machine according to the identifier of the virtual machine.
信息得到模块 530, 用于获取与所述私网信息相对应的公网信息。 映射配置模块 540, 用于向所述私网主机所属的网关发送映射配置请 求, 所述映射配置请求用于触发所述网关配置所述私网信息与所述公网信 息之间的映射关系。  The information obtaining module 530 is configured to obtain public network information corresponding to the private network information. The mapping configuration module 540 is configured to send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information.
信息反馈模块 550, 用于向所述访问终端反馈所述公网信息, 以便所述 访问终端通过所述虚拟机的公网信息远程访问所述虚拟机。  The information feedback module 550 is configured to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
综上所述, 本实施例提供的访问信息配置装置, 通过控制器在接收到 访问终端发送的用于获取虚拟机的公网信息的获取请求后, 根据该获取请 求中携带的虚拟机的标识从承载虚拟机的私网主机上获取虚拟机的私网信 息, 并在获取与私网信息相对应的公网信息之后, 向私网主机所属的网关 发送映射配置请求, 该映射配置请求用于触发网关配置私网信息与公网信 息之间的映射关系, 最后向访问终端反馈公网信息, 以便访问终端通过虚 拟机的公网信息远程访问所述虚拟机; 解决了现有技术手工配置端口号和 IP地址等信息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到 了自动获取并配置端口号和 IP地址等信息, 有利于大规模部署 VNC的效 果。 请参考图 6,其示出了本发明另一实施例提供的远程访问装置的结构方 框图, 该远程访问装置可以通过软件、 硬件或者两者的结合实现成为访问 终端的全部或者一部分。 该远程访问装置, 包括: 请求发送模块 610、 信息 接收模块 620和远程访问模块 630。  In summary, the access information configuration apparatus provided by the embodiment, after receiving the acquisition request of the public network for acquiring the virtual machine sent by the access terminal, according to the identifier of the virtual machine carried in the acquisition request Obtaining the private network information of the virtual machine from the private network host that hosts the virtual machine, and after obtaining the public network information corresponding to the private network information, sending a mapping configuration request to the gateway to which the private network host belongs, and the mapping configuration request is used for The triggering gateway configures the mapping between the private network information and the public network information, and finally feeds the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC. It achieves the automatic acquisition and configuration of port number and IP address, which is beneficial to the large-scale deployment of VNC. Referring to FIG. 6, a structural block diagram of a remote access device according to another embodiment of the present invention is shown. The remote access device can be implemented as all or part of an access terminal by software, hardware, or a combination of both. The remote access device includes: a request sending module 610, an information receiving module 620, and a remote access module 630.
请求发送模块 610,用于向控制器发送用于获取虚拟机的公网信息的获 取请求, 所述获取请求携带有所述虚拟机的标识。  The request sending module 610 is configured to send, to the controller, an obtaining request for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine.
信息接收模块 620, 用于接收所述控制器发送的所述虚拟机的公网信 息, 所述虚拟机的公网信息是由所述控制器根据所述虚拟机的标识从承载 所述虚拟机的私网主机上获取所述虚拟机的私网信息后生成的与所述私网 信息相对应的信息, 且所述虚拟机的公网信息被所述控制器触发所述私网 主机所属的网关建立与所述虚拟机的私网信息之间的映射关系。 The information receiving module 620 is configured to receive the public network information of the virtual machine that is sent by the controller, where the public network information of the virtual machine is from the virtual machine by the controller according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine on the private network host, the generated private network The information corresponding to the information, and the public network information of the virtual machine is triggered by the controller to establish a mapping relationship between the gateway to which the private network host belongs and the private network information of the virtual machine.
远程访问模块 630,用于通过所述虚拟机的公网信息远程访问所述虚拟 机。  The remote access module 630 is configured to remotely access the virtual machine by using public network information of the virtual machine.
综上所述, 本实施例提供的远程访问装置, 通过访问终端在向控制器 发送用于获取虚拟机的公网信息的获取请求后, 由控制器根据虚拟机的标 识从承载虚拟机的私网主机上获取虚拟机的私网信息后获取与该私网信息 相对应的公网信息, 且由控制器向私网主机所属的网关发送映射配置请求, 该映射配置请求用于触发网关配置私网信息与公网信息之间的映射关系, 然后访问终端在接收到控制器发送的虚拟机的公网信息后, 通过虚拟机的 公网信息远程访问虚拟机; 解决了现有技术手工配置端口号和 IP地址等信 息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到了自动获取 并配置端口号和 IP地址等信息, 有利于大规模部署 VNC的效果。 请参考图 7,其示出了本发明一个实施例提供的远程访问系统的结构方 框图, 该远程访问系统包括控制器 500和访问终端 600,控制器 500和访问 终端 600之间通过有线网络或者无线网络相连, 或者控制器 500实现成为 访问终端 600的一部分。  In summary, the remote access device provided by the embodiment, after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the controller controls the virtual machine from the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway configuration private. The mapping relationship between the network information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC. It achieves the automatic acquisition and configuration of port number and IP address, which is beneficial to the large-scale deployment of VNC. Please refer to FIG. 7, which is a structural block diagram of a remote access system according to an embodiment of the present invention. The remote access system includes a controller 500 and an access terminal 600. The controller 500 and the access terminal 600 are connected by a wired network or wirelessly. The network is connected, or the controller 500 is implemented as part of the access terminal 600.
控制器 500可以包括远程访问配置装置, 该远程访问配置装置可以通 过软件、 硬件或者两者的结合实现。 该远程访问配置装置, 包括: 请求接 收模块 510、 信息获取模块 520、 信息得到模块 530、 映射配置模块 540和 信息反馈模块 550。  Controller 500 can include a remote access configuration device that can be implemented in software, hardware, or a combination of both. The remote access configuration device includes: a request receiving module 510, an information obtaining module 520, an information obtaining module 530, a mapping configuration module 540, and an information feedback module 550.
请求接收模块 510,用于接收访问终端发送的用于获取虚拟机的公网信 息的获取请求, 所述获取请求携带有所述虚拟机的标识。  The request receiving module 510 is configured to receive an acquisition request sent by the access terminal for acquiring public network information of the virtual machine, where the acquisition request carries the identifier of the virtual machine.
信息获取模块 520,用于根据所述虚拟机的标识从承载所述虚拟机的私 网主机上获取所述虚拟机的私网信息。  The information obtaining module 520 is configured to obtain private network information of the virtual machine from a private network host that hosts the virtual machine according to the identifier of the virtual machine.
具体来讲, 信息获取模块 520, 包括: 主机登录单元 520a、 信息查询 单元 520b和信息获取单元 520c。  Specifically, the information obtaining module 520 includes: a host login unit 520a, an information query unit 520b, and an information acquisition unit 520c.
所述主机登录单元 520a, 用于通过预定接口登录承载所述虚拟机的私 网主机。  The host login unit 520a is configured to log in to the private network host that carries the virtual machine through a predetermined interface.
其中, 主机登录单元 520a, 包括: 第一登录子单元 520al ; 或者, 第二 登录子单元 520a2。 The host login unit 520a includes: a first login subunit 520al; or, a second The subunit 520a2 is registered.
所述第一登录子单元 520al, 用于通过预先设置的传输控制协议 TCP 形式的接口登录所述私网主机; 或者, 所述第二登录子单元 520a2, 用于通 过预先设置的超文本传输协议 HTTP形式的接口登录所述私网主机。  The first login sub-unit 520al is configured to log in to the private network host through an interface in the form of a TCP control protocol set in advance; or the second login sub-unit 520a2 is configured to pass a preset hypertext transfer protocol. An HTTP interface is used to log in to the private network host.
所述信息查询单元 520b, 用于根据所述虚拟机的标识在所述私网主机 上查询与所述虚拟机的标识相对应的私网信息。  The information querying unit 520b is configured to query the private network host for private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine.
所述信息获取单元 520c, 用于获取查询到的所述虚拟机的私网信息。 信息得到模块 530, 用于生成与所述私网信息相对应的公网信息。  The information obtaining unit 520c is configured to obtain the private network information of the queried virtual machine. The information obtaining module 530 is configured to generate public network information corresponding to the private network information.
具体来讲, 信息得到模块 530, 包括: 信息取得单元 530a和信息选取 单元 530b。  Specifically, the information obtaining module 530 includes: an information obtaining unit 530a and an information selecting unit 530b.
所述信息取得单元 530a, 用于获取所述私网主机所属的网关的至少一 组公网信息。  The information obtaining unit 530a is configured to obtain at least one group of public network information of the gateway to which the private network host belongs.
所述信息选取单元 530b, 用于从所述至少一组公网信息中选取一组公 网信息作为与所述私网信息相对应的公网信息。  The information selecting unit 530b is configured to select a group of public network information from the at least one group of public network information as the public network information corresponding to the private network information.
映射配置模块 540, 用于向所述私网主机所属的网关发送映射配置请 求, 所述映射配置请求用于触发所述网关配置所述私网信息与所述公网信 息之间的映射关系。  The mapping configuration module 540 is configured to send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information.
信息反馈模块 550, 用于向所述访问终端反馈所述公网信息, 以便所述 访问终端通过所述虚拟机的公网信息远程访问所述虚拟机。  The information feedback module 550 is configured to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
访问终端 600可以包括远程访问装置, 该远程访问装置可以通过软件、 硬件或者两者的结合实现。 该远程访问装置, 包括: 请求发送模块 610、 信 息接收模块 620和远程访问模块 630。  Access terminal 600 can include a remote access device that can be implemented in software, hardware, or a combination of both. The remote access device includes: a request sending module 610, an information receiving module 620, and a remote access module 630.
请求发送模块 610,用于向控制器发送用于获取虚拟机的公网信息的获 取请求, 所述获取请求携带有所述虚拟机的标识。  The request sending module 610 is configured to send, to the controller, an obtaining request for acquiring public network information of the virtual machine, where the obtaining request carries an identifier of the virtual machine.
信息接收模块 620, 用于接收所述控制器发送的所述虚拟机的公网信 息, 所述虚拟机的公网信息是由所述控制器根据所述虚拟机的标识从承载 所述虚拟机的私网主机上获取所述虚拟机的私网信息后生成的与所述私网 信息相对应的信息, 且所述虚拟机的公网信息被所述控制器触发所述私网 主机所属的网关建立与所述虚拟机的私网信息之间的映射关系。  The information receiving module 620 is configured to receive the public network information of the virtual machine that is sent by the controller, where the public network information of the virtual machine is from the virtual machine by the controller according to the identifier of the virtual machine. After the private network host obtains the private network information of the virtual machine, the information corresponding to the private network information is generated, and the public network information of the virtual machine is triggered by the controller to belong to the private network host. The gateway establishes a mapping relationship with the private network information of the virtual machine.
远程访问模块 630,用于通过所述虚拟机的公网信息远程访问所述虚拟 机。 综上所述, 本实施例提供的远程访问系统, 通过访问终端在向控制器 发送用于获取虚拟机的公网信息的获取请求后, 由控制器根据虚拟机的标 识从承载虚拟机的私网主机上获取虚拟机的私网信息后获取与该私网信息 相对应的公网信息, 且由控制器向私网主机所属的网关发送映射配置请求, 该映射配置请求用于触发网关配置私网信息与公网信息之间的映射关系, 然后访问终端在接收到控制器发送的虚拟机的公网信息后, 通过虚拟机的 公网信息远程访问虚拟机; 解决了现有技术手工配置端口号和 IP地址等信 息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到了自动获取 并配置端口号和 IP地址等信息, 有利于大规模部署 VNC的效果。 The remote access module 630 is configured to remotely access the virtual machine by using public network information of the virtual machine. In summary, the remote access system provided by the embodiment, after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the controller uses the private identifier of the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the network host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway configuration private. The mapping relationship between the network information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the number and IP address, which causes large maintenance and is not suitable for large-scale deployment of VNC. It achieves the automatic acquisition and configuration of port number and IP address, which is beneficial to the large-scale deployment of VNC.
本实施例提供的远程访问系统, 控制器还通过预先设置的 TCP形式的 接口或者 HTTP形式的接口登录私网主机获取虚拟机的私网信息, 控制器 还通过向网关发送携带有私网信息与公网信息的映射配置请求, 在网关上 建立私网信息与公网信息之间的映射关系; 实现了映射关系的自动化配置 和动态配置, 提高了远程访问的效率。 请参考图 8, 其示出了本发明一个实施例提供的控制器的结构示意图, 该控制器用于实现为远程访问系统中的控制器, 所述控制器包括: 处理器 820、 存储器 840、 发送器 860和接收器 880。  In the remote access system provided by the embodiment, the controller also logs in to the private network host to obtain the private network information of the virtual machine through the interface of the TCP format or the interface of the HTTP format. The controller also sends the private network information to the gateway. The mapping configuration request of the public network information establishes a mapping relationship between the private network information and the public network information on the gateway; realizes automatic configuration and dynamic configuration of the mapping relationship, and improves the efficiency of remote access. Please refer to FIG. 8 , which is a schematic structural diagram of a controller according to an embodiment of the present invention. The controller is configured to be implemented as a controller in a remote access system, where the controller includes: a processor 820 , a memory 840 , and a sending 860 and receiver 880.
所述处理器 820,用于控制所述接收器 880接收访问终端发送的用于获 取虚拟机的公网信息的获取请求, 所述获取请求携带有所述虚拟机的标识; 所述处理器 820,还用于根据所述虚拟机的标识从承载所述虚拟机的私 网主机上获取所述虚拟机的私网信息;  The processor 820 is configured to control the receiver 880 to receive an acquisition request for acquiring the public network information of the virtual machine that is sent by the access terminal, where the acquisition request carries the identifier of the virtual machine; And obtaining, according to the identifier of the virtual machine, private network information of the virtual machine from a private network host that carries the virtual machine;
所述处理器 820, 还用于获取与所述私网信息相对应的公网信息; 所述处理器 820,还用于控制所述发送器 860向所述私网主机所属的网 关发送映射配置请求, 所述映射配置请求用于触发所述网关配置所述私网 信息与所述公网信息之间的映射关系;  The processor 820 is further configured to acquire public network information corresponding to the private network information. The processor 820 is further configured to control the sender 860 to send a mapping configuration to a gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway to configure a mapping relationship between the private network information and the public network information;
所述处理器 820,还用于控制所述发送器 860向所述访问终端反馈所述 公网信息, 以便所述访问终端通过所述虚拟机的公网信息远程访问所述虚 拟机。  The processor 820 is further configured to control the sender 860 to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine by using public network information of the virtual machine.
在更为优选的实施例中, 所述处理器 820,还用于通过预定接口登录承 载所述虚拟机的私网主机; 所述处理器 820,还用于根据所述虚拟机的标识在所述私网主机上查询 与所述虚拟机的标识相对应的私网信息; In a more preferred embodiment, the processor 820 is further configured to log in to the private network host that carries the virtual machine by using a predetermined interface. The processor 820 is further configured to query, on the private network host, the private network information corresponding to the identifier of the virtual machine according to the identifier of the virtual machine;
所述处理器 820, 还用于获取查询到的所述虚拟机的私网信息。  The processor 820 is further configured to obtain the private network information of the queried virtual machine.
在更为优选的实施例中, 所述处理器 820,还用于通过预先设置的传输 控制协议 TCP形式的接口登录所述私网主机; 或者,  In a further preferred embodiment, the processor 820 is further configured to log in to the private network host by using an interface of a transmission control protocol TCP format set in advance; or
所述处理器 820,还用于通过预先设置的超文本传输协议 HTTP形式的 接口登录所述私网主机。  The processor 820 is further configured to log in to the private network host by using an interface of a hypertext transfer protocol HTTP format set in advance.
在更为优选的实施例中, 所述处理器 820,还用于获取所述私网主机所 属的网关的至少一组公网信息;  In a further preferred embodiment, the processor 820 is further configured to acquire at least one group of public network information of a gateway to which the private network host belongs;
所述处理器 820,还用于从所述至少一组公网信息中选取一组公网信息 作为与所述私网信息相对应的公网信息。  The processor 820 is further configured to select a group of public network information from the at least one group of public network information as the public network information corresponding to the private network information.
综上所述, 本实施例提供的控制器, 通过访问终端在向控制器发送用 于获取虚拟机的公网信息的获取请求后, 由控制器根据虚拟机的标识从承 载虚拟机的私网主机上获取虚拟机的私网信息后获取与该私网信息相对应 的公网信息, 且由控制器向私网主机所属的网关发送映射配置请求, 该映 射配置请求用于触发网关配置私网信息与公网信息之间的映射关系, 然后 访问终端在接收到控制器发送的虚拟机的公网信息后, 通过虚拟机的公网 信息远程访问虚拟机; 解决了现有技术手工配置端口号和 IP地址等信息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到了自动获取并配 置端口号和 IP地址等信息, 有利于大规模部署 VNC的效果。 In summary, the controller provided by the embodiment, after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the controller uses the private network carrying the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway to configure the private network. The mapping relationship between the information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the IP address and the IP address are not suitable for large-scale deployment of VNC. The automatic acquisition and configuration of port numbers and IP addresses are beneficial to the large-scale deployment of VNC.
本实施例提供的控制器,还通过预先设置的 TCP形式的接口或者 HTTP 形式的接口登录私网主机获取虚拟机的私网信息, 还通过向网关发送携带 有私网信息与公网信息的映射配置请求, 在网关上建立私网信息与公网信 息之间的映射关系; 实现了映射关系的自动化配置和动态配置, 提高了远 程访问的效率。 请参考图 9, 其示出了本发明一个实施例提供的访问终端的结构示意 图, 该访问终端用于实现为远程访问系统中的访问终端, 所述访问终端包 括: 接收器 920、 发送器 940、 处理器 960和存储器 980。  The controller provided in this embodiment also obtains the private network information of the virtual machine by using the interface of the TCP format or the interface of the HTTP format, and also sends the mapping of the private network information and the public network information to the gateway. The configuration request establishes a mapping relationship between the private network information and the public network information on the gateway. The automatic configuration and dynamic configuration of the mapping relationship are implemented, and the efficiency of remote access is improved. Please refer to FIG. 9 , which is a schematic structural diagram of an access terminal according to an embodiment of the present invention. The access terminal is configured to be implemented as an access terminal in a remote access system, where the access terminal includes: a receiver 920 and a transmitter 940. , processor 960 and memory 980.
所述处理器 960,用于控制所述发送器 940向控制器发送用于获取虚拟 机的公网信息的获取请求, 所述获取请求携带有所述虚拟机的标识; 所述处理器 960,还用于控制所述接收器 920接收所述控制器发送的所 述虚拟机的公网信息, 所述虚拟机的公网信息是由所述控制器根据所述虚 拟机的标识从承载所述虚拟机的私网主机上获取所述虚拟机的私网信息后 生成的与所述私网信息相对应的信息, 且所述虚拟机的公网信息被所述控 制器触发所述私网主机所属的网关建立了与所述虚拟机的私网信息之间的 映射关系; The processor 960 is configured to control the sender 940 to send an acquisition request for acquiring public network information of the virtual machine to the controller, where the acquisition request carries an identifier of the virtual machine; The processor 960 is further configured to control the receiver 920 to receive public network information of the virtual machine that is sent by the controller, where public network information of the virtual machine is determined by the controller according to the virtual machine. The information corresponding to the private network information generated after the private network information of the virtual machine is obtained from the private network host that carries the virtual machine, and the public network information of the virtual machine is used by the controller. The mapping between the private network information of the virtual machine and the gateway to which the private network host belongs is triggered;
所述处理器 960,还用于通过所述虚拟机的公网信息远程访问所述虚拟 机。  The processor 960 is further configured to remotely access the virtual machine by using public network information of the virtual machine.
综上所述, 本实施例提供的访问终端, 通过访问终端在向控制器发送 用于获取虚拟机的公网信息的获取请求后, 由控制器根据虚拟机的标识从 载虚拟机的私网主机上获取虚拟机的私网信息后获取与该私网信息相对 应的公网信息, 且由控制器向私网主机所属的网关发送映射配置请求, 该 映射配置请求用于触发网关配置私网信息与公网信息之间的映射关系, 然 后访问终端在接收到控制器发送的虚拟机的公网信息后, 通过虚拟机的公 网信息远程访问虚拟机;解决了现有技术手工配置端口号和 IP地址等信息, 导致维护工作较大、 不适合大规模部署 VNC的问题; 达到了自动获取并配 置端口号和 IP地址等信息, 有利于大规模部署 VNC的效果。 请参考图 10, 其示出了本发明一个实施例提供的远程访问系统的结构 方框图。 该远程访问系统包括: 承载至少一台虚拟机的私网主机 1010、 与 私网主机 1010相连的网关 1020和控制器 1030以及与网关 1020和控制器 1030均相连的访问终端 1040, 其中, 控制器 1030还与网关 1020相连。 In summary, after the access terminal sends the acquisition request for acquiring the public network information of the virtual machine to the controller, the access terminal obtains the private network of the virtual machine according to the identifier of the virtual machine. After obtaining the private network information of the virtual machine, the host obtains the public network information corresponding to the private network information, and the controller sends a mapping configuration request to the gateway to which the private network host belongs. The mapping configuration request is used to trigger the gateway to configure the private network. The mapping relationship between the information and the public network information, and then the access terminal remotely accesses the virtual machine through the public network information of the virtual machine after receiving the public network information of the virtual machine sent by the controller; Information such as the IP address and the IP address are not suitable for large-scale deployment of VNC. The automatic acquisition and configuration of port numbers and IP addresses are beneficial to the large-scale deployment of VNC. Please refer to FIG. 10, which shows a structural block diagram of a remote access system according to an embodiment of the present invention. The remote access system includes: a private network host 1010 carrying at least one virtual machine, a gateway 1020 connected to the private network host 1010, and a controller 1030, and an access terminal 1040 connected to the gateway 1020 and the controller 1030, wherein the controller 1030 is also coupled to gateway 1020.
所述控制器 1030是如图 8所示实施例及图 8所示实施例的更为优选的 实施例中所述的控制器;  The controller 1030 is a controller as described in the more preferred embodiment of the embodiment shown in FIG. 8 and the embodiment shown in FIG. 8;
所述访问终端 1040是如图 9所示实施例中所述的访问终端。  The access terminal 1040 is an access terminal as described in the embodiment shown in FIG.
通过以上的实施方式的描述, 所属领域的技术人员可以清楚地了解到 本发明可以用硬件实现, 或固件实现, 或它们的组合方式来实现。 当使用 软件实现时, 可以将上述功能存储在计算机可读介质中或作为计算机可读 介质上的一个或多个指令或代码进行传输。 计算机可读介质包括计算机存 储介质和通信介质, 其中通信介质包括便于从一个地方向另一个地方传送 计算机程序的任何介质。 存储介质可以是计算机能够存取的任何可用介质。 以此为例但不限于: 计算机可读介质可以包括 RAM, ROM, EEPROM、 CD-ROM或其他光盘存储、 磁盘存储介质或者其他磁存储设备、 或者能够 用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算 机存取的任何其他介质。 此外。 任何连接可以适当的成为计算机可读介质。 例如, 如果软件是使用同轴电缆、 光纤光缆、 双绞线、 数字用户线(DSL ) 或者诸如红外线、 无线电和微波之类的无线技术从网站、 服务器或者其他 远程源传输的, 那么同轴电缆、 光纤光缆、 双绞线、 DSL或者诸如红外线、 无线和微波之类的无线技术包括在所属介质的定影中。 如本发明所使用的, 盘 (Disk )和碟(disc ) 包括压缩光碟(CD )、 激光碟、 光碟、 数字通用光 碟(DVD )、 软盘和蓝光光碟, 其中盘通常磁性的复制数据, 而碟则用激光 来光学的复制数据。 上面的组合也应当包括在计算机可读介质的保护范围 之内。 需要说明的是: 上述实施例提供的远程访问配置装置和远程访问装置 在进行远程访问配置和远程访问时, 仅以上述各功能模块的划分进行举例 说明, 实际应用中, 可以根据需要而将上述功能分配由不同的功能模块完 成, 即将远程访问配置装置和远程访问装置的内部结构划分成不同的功能 模块, 以完成以上描述的全部或者部分功能。 另外, 上述实施例提供的远 程访问配置装置、 远程访问装置与远程访问配置方法、 远程访问方法实施 例属于同一构思, 其具体实现过程详见方法实施例, 这里不再赘述。 应当理解的是, 在本文中使用的, 除非上下文清楚地支持例外情况, 单数形式 "一个" ( "a"、 "an" , "the" ) 旨在也包括复数形式。 还应当理解 的是, 在本文中使用的 "和 /或" 是指包括一个或者一个以上相关联地列出 的项目的任意和所有可能组合。 上述本发明实施例序号仅仅为了描述, 不代表实施例的优劣。 Through the description of the above embodiments, it will be apparent to those skilled in the art that the present invention can be implemented in hardware, firmware implementation, or a combination thereof. When implemented in software, the functions described above may be stored in or transmitted as one or more instructions or code on a computer readable medium. Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another. A storage medium may be any available media that can be accessed by a computer. By way of example and not limitation, computer readable media may comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, disk storage media or other magnetic storage device, or can be used for carrying or storing in the form of an instruction or data structure. The desired program code and any other medium that can be accessed by the computer. Also. Any connection may suitably be a computer readable medium. For example, if the software is transmitted from a website, server, or other remote source using coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable , fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, wireless, and microwaves are included in the fixing of the associated media. As used in the present invention, a disk and a disc include a compact disc (CD), a laser disc, a disc, a digital versatile disc (DVD), a floppy disk, and a Blu-ray disc, wherein the disc is usually magnetically copied, and the disc is The laser is used to optically replicate the data. Combinations of the above should also be included within the scope of the computer readable media. It should be noted that: the remote access configuration device and the remote access device provided by the foregoing embodiments are only illustrated by the division of the foregoing functional modules when performing remote access configuration and remote access. In actual applications, the foregoing may be performed as needed. The function assignment is performed by different functional modules, that is, the internal structure of the remote access configuration device and the remote access device are divided into different functional modules to complete all or part of the functions described above. In addition, the remote access configuration device, the remote access device, the remote access configuration method, and the remote access method are provided in the same embodiment. For details, refer to the method embodiment, and details are not described herein. It should be understood that the singular forms "a", "an", "the", "the" and "the" are intended to include the plural. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items. The serial numbers of the embodiments of the present invention are merely for the description, and do not represent the advantages and disadvantages of the embodiments.
本领域普通技术人员可以理解实现上述实施例的全部或部分步骤可以 通过硬件来完成, 也可以通过程序来指令相关的硬件完成, 所述的程序可 以存储于一种计算机可读存储介质中, 上述提到的存储介质可以是只读存 储器, 磁盘或光盘等。 以上所述仅为本发明的较佳实施例, 并不用以限制本发明, 凡在本发明的 精神和原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发 明的保护范围之内。 A person skilled in the art may understand that all or part of the steps of implementing the above embodiments may be completed by hardware, or may be instructed by a program to execute related hardware, and the program may be stored in a computer readable storage medium. The storage medium mentioned may be a read only memory, a magnetic disk or an optical disk or the like. The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., which are within the spirit and scope of the present invention, should be included in the protection of the present invention. Within the scope.

Claims

权利要求 Rights request
1、 一种远程访问配置方法, 其特征在于, 所述方法包括: 1. A remote access configuration method, characterized in that the method includes:
接收访问终端发送的用于获取虚拟机的公网信息的获取请求, 所述获 取请求携带有所述虚拟机的标识; Receive an acquisition request sent by the access terminal for obtaining the public network information of the virtual machine, where the acquisition request carries the identification of the virtual machine;
根据所述虚拟机的标识从承载所述虚拟机的私网主机上获取所述虚拟 机的私网信息; Obtain the private network information of the virtual machine from the private network host hosting the virtual machine according to the identifier of the virtual machine;
获取与所述私网信息相对应的公网信息; Obtain public network information corresponding to the private network information;
向所述私网主机所属的网关发送映射配置请求, 所述映射配置请求用 于触发所述网关配置所述私网信息与所述公网信息之间的映射关系; Send a mapping configuration request to the gateway to which the private network host belongs, where the mapping configuration request is used to trigger the gateway to configure the mapping relationship between the private network information and the public network information;
向所述访问终端反馈所述公网信息, 以便所述访问终端通过所述虚拟 机的公网信息远程访问所述虚拟机。 The public network information is fed back to the access terminal so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
2、 根据权利要求 1所述的方法, 其特征在于, 所述根据所述虚拟机的 标识从承载所述虚拟机的私网主机上获取所述虚拟机的私网信息, 包括: 通过预定接口登录承载所述虚拟机的私网主机; 2. The method according to claim 1, characterized in that: obtaining the private network information of the virtual machine from the private network host hosting the virtual machine according to the identifier of the virtual machine includes: through a predetermined interface Log in to the private network host hosting the virtual machine;
居所述虚拟机的标识在所述私网主机上查询与所述虚拟机的标识相 对应的私网信息; Using the identifier of the virtual machine, query the private network information corresponding to the identifier of the virtual machine on the private network host;
获取查询到的所述虚拟机的私网信息。 Obtain the queried private network information of the virtual machine.
3、 根据权利要求 2所述的方法, 其特征在于, 所述通过预定接口登录 承载所述虚拟机的私网主机, 包括: 3. The method according to claim 2, characterized in that logging in to the private network host hosting the virtual machine through a predetermined interface includes:
通过预先设置的传输控制协议 TCP形式的接口登录所述私网主机; 或 者, Log in to the private network host through the preset transmission control protocol TCP interface; or,
通过预先设置的超文本传输协议 HTTP形式的接口登录所述私网主机。 Log in to the private network host through a preset hypertext transfer protocol HTTP interface.
4、 根据权利要求 1至 3任一所述的方法, 其特征在于, 所述获取与所 述私网信息相对应的公网信息, 包括: 4. The method according to any one of claims 1 to 3, characterized in that the obtaining the public network information corresponding to the private network information includes:
获取所述私网主机所属的网关的至少一组公网信息; Obtain at least one set of public network information of the gateway to which the private network host belongs;
从所述至少一组公网信息中选取一组公网信息作为与所述私网信息相 对应的公网信息。 Select a set of public network information from the at least one set of public network information as the public network information corresponding to the private network information.
5、 一种远程访问方法, 其特征在于, 所述方法包括: 向控制器发送用于获取虚拟机的公网信息的获取请求, 所述获取请求 携带有所述虚拟机的标识; 5. A remote access method, characterized in that the method includes: sending an acquisition request for obtaining the public network information of the virtual machine to the controller, the acquisition request carrying the identifier of the virtual machine;
接收所述控制器发送的所述虚拟机的公网信息, 所述虚拟机的公网信 息是由所述控制器根据所述虚拟机的标识从承载所述虚拟机的私网主机上 获取所述虚拟机的私网信息后生成的与所述私网信息相对应的信息, 且所 述虚拟机的公网信息被所述控制器触发所述私网主机所属的网关建立与所 述虚拟机的私网信息之间的映射关系; Receive the public network information of the virtual machine sent by the controller. The public network information of the virtual machine is obtained by the controller from the private network host hosting the virtual machine according to the identification of the virtual machine. Information corresponding to the private network information generated after the private network information of the virtual machine is generated, and the public network information of the virtual machine is triggered by the controller to establish a gateway to which the private network host belongs to establish a connection with the virtual machine. The mapping relationship between private network information;
通过所述虚拟机的公网信息远程访问所述虚拟机。 Remotely access the virtual machine through the public network information of the virtual machine.
6、 一种远程访问配置装置, 其特征在于, 所述装置包括: 6. A remote access configuration device, characterized in that the device includes:
请求接收模块, 用于接收访问终端发送的用于获取虚拟机的公网信息 的获取请求, 所述获取请求携带有所述虚拟机的标识; A request receiving module, configured to receive an acquisition request sent by the access terminal for obtaining the public network information of the virtual machine, where the acquisition request carries the identifier of the virtual machine;
信息获取模块, 用于根据所述虚拟机的标识从承载所述虚拟机的私网 主机上获取所述虚拟机的私网信息; An information acquisition module, configured to obtain the private network information of the virtual machine from the private network host hosting the virtual machine according to the identifier of the virtual machine;
信息得到模块, 用于获取与所述私网信息相对应的公网信息; 映射配置模块, 用于向所述私网主机所属的网关发送映射配置请求, 所述映射配置请求用于触发所述网关配置所述私网信息与所述公网信息之 间的映射关系; The information obtaining module is used to obtain the public network information corresponding to the private network information; the mapping configuration module is used to send a mapping configuration request to the gateway to which the private network host belongs, and the mapping configuration request is used to trigger the The gateway configures a mapping relationship between the private network information and the public network information;
信息反馈模块, 用于向所述访问终端反馈所述公网信息, 以便所述访 问终端通过所述虚拟机的公网信息远程访问所述虚拟机。 An information feedback module is configured to feed back the public network information to the access terminal, so that the access terminal remotely accesses the virtual machine through the public network information of the virtual machine.
7、 根据权利要求 6所述的装置, 其特征在于, 所述信息获取模块, 包 括: 主机登录单元、 信息查询单元和信息获取单元; 7. The device according to claim 6, characterized in that the information acquisition module includes: a host login unit, an information query unit and an information acquisition unit;
所述主机登录单元, 用于通过预定接口登录承载所述虚拟机的私网主 机; The host login unit is used to log in to the private network host hosting the virtual machine through a predetermined interface;
所述信息查询单元, 用于根据所述虚拟机的标识在所述私网主机上查 询与所述虚拟机的标识相对应的私网信息; The information query unit is configured to query the private network information corresponding to the identity of the virtual machine on the private network host according to the identity of the virtual machine;
所述信息获取单元, 用于获取查询到的所述虚拟机的私网信息。 The information obtaining unit is used to obtain the queried private network information of the virtual machine.
8、 根据权利要求 7所述的装置, 其特征在于, 所述主机登录单元, 包 括: 第一登录子单元; 或者, 第二登录子单元; 8. The device according to claim 7, wherein the host login unit includes: a first login subunit; or a second login subunit;
所述第一登录子单元, 用于通过预先设置的传输控制协议 TCP形式的 接口登录所述私网主机; 或者, The first login subunit is used to log in to the private network host through a preset transmission control protocol TCP interface; or,
所述第二登录子单元, 用于通过预先设置的超文本传输协议 HTTP形 式的接口登录所述私网主机。 The second login subunit is used to log in to the private network host through a preset interface in the form of Hypertext Transfer Protocol HTTP.
9、 根据权利要求 6至 8任一所述的装置, 其特征在于, 所述信息得到 模块, 包括: 信息取得单元和信息选取单元; 9. The device according to any one of claims 6 to 8, characterized in that the information obtaining module includes: an information obtaining unit and an information selecting unit;
所述信息取得单元, 用于获取所述私网主机所属的网关的至少一组公 网信息; The information obtaining unit is used to obtain at least a set of public network information of the gateway to which the private network host belongs;
所述信息选取单元, 用于从所述至少一组公网信息中选取一组公网信 息作为与所述私网信息相对应的公网信息。 The information selection unit is configured to select a set of public network information from the at least one set of public network information as the public network information corresponding to the private network information.
10、 一种远程访问装置, 其特征在于, 所述装置包括: 10. A remote access device, characterized in that the device includes:
请求发送模块, 用于向控制器发送用于获取虚拟机的公网信息的获取 请求, 所述获取请求携带有所述虚拟机的标识; A request sending module, configured to send an acquisition request for obtaining the public network information of the virtual machine to the controller, where the acquisition request carries the identification of the virtual machine;
信息接收模块, 用于接收所述控制器发送的所述虚拟机的公网信息, 所述虚拟机的公网信息是由所述控制器根据所述虚拟机的标识从承载所述 虚拟机的私网主机上获取所述虚拟机的私网信息后生成的与所述私网信息 相对应的信息, 且所述虚拟机的公网信息被所述控制器触发所述私网主机 所属的网关建立与所述虚拟机的私网信息之间的映射关系; An information receiving module, configured to receive the public network information of the virtual machine sent by the controller. The public network information of the virtual machine is obtained by the controller from the server hosting the virtual machine according to the identification of the virtual machine. Information corresponding to the private network information generated after the private network host obtains the private network information of the virtual machine, and the public network information of the virtual machine is triggered by the controller to the gateway to which the private network host belongs Establish a mapping relationship with the private network information of the virtual machine;
远程访问模块, 用于通过所述虚拟机的公网信息远程访问所述虚拟机。 A remote access module, configured to remotely access the virtual machine through the public network information of the virtual machine.
11、 一种远程访问系统, 其特征在于, 所述系统包括: 承载至少一台 虚拟机的私网主机、 与所述私网主机相连的网关和控制器以及与所述网关 和所述控制器均相连的访问终端, 其中, 所述控制器还与所述网关相连; 所述控制器包括如权利要求 6至 9任一所述的远程访问配置装置; 所述访问终端包括如权利要求 10所述的远程访问装置。 11. A remote access system, characterized in that the system includes: a private network host hosting at least one virtual machine, a gateway and a controller connected to the private network host, and a remote access system connected to the gateway and the controller. The access terminals are all connected, wherein the controller is also connected to the gateway; the controller includes the remote access configuration device as claimed in any one of claims 6 to 9; the access terminal includes the remote access configuration device as claimed in claim 10 The remote access device described above.
PCT/CN2014/078477 2013-11-06 2014-05-27 Remote access configuration method, remote access method, apparatus, and system WO2015067036A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310544443.2A CN104639497B (en) 2013-11-06 2013-11-06 Remotely access configuration method, remote access method, device and system
CN201310544443.2 2013-11-06

Publications (1)

Publication Number Publication Date
WO2015067036A1 true WO2015067036A1 (en) 2015-05-14

Family

ID=53040847

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/078477 WO2015067036A1 (en) 2013-11-06 2014-05-27 Remote access configuration method, remote access method, apparatus, and system

Country Status (2)

Country Link
CN (1) CN104639497B (en)
WO (1) WO2015067036A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105183535B (en) * 2015-08-05 2019-06-07 北京奇虎科技有限公司 The method and apparatus for accessing virtual machine
WO2017021764A1 (en) * 2015-08-06 2017-02-09 Telefonaktiebolaget Lm Ericsson (Publ) Methods, apparatus, and systems for providing access to serial ports of virtual machines in self-deployed virtual applications
CN105812450B (en) * 2016-02-01 2018-01-16 平安科技(深圳)有限公司 Desktop sharing method and system
CN106790722B (en) * 2017-03-22 2018-09-04 维沃移动通信有限公司 A kind of connection method of remote assistance, server and terminal
CN108566445B (en) * 2018-03-15 2020-12-08 华为技术有限公司 Message transmission method and device
CN109194742B (en) * 2018-09-04 2021-07-02 郑州云海信息技术有限公司 Virtual machine console connection method and device and storage medium
CN113709200B (en) * 2020-05-21 2023-11-28 阿里巴巴集团控股有限公司 Method and device for establishing communication connection
CN113051039A (en) * 2021-04-21 2021-06-29 的卢技术有限公司 Virtual cloud office system login method and system based on cloud computing

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102082837A (en) * 2010-12-31 2011-06-01 华为技术有限公司 Method and device for distributing public network address for IP (Internet protocol) terminal
CN102571895A (en) * 2010-12-08 2012-07-11 中国电信股份有限公司 Method and system of accessing virtual machine remotely
CN103067268A (en) * 2012-12-31 2013-04-24 华为技术有限公司 Method and server of virtual home gateway service delivery

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9384030B2 (en) * 2011-08-11 2016-07-05 Ca, Inc. System and method for deploying a dynamic virtual network address translation appliance
CN103200215A (en) * 2012-01-08 2013-07-10 佳都新太科技股份有限公司 Method achieving XenServer virtual machine remote control on https

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571895A (en) * 2010-12-08 2012-07-11 中国电信股份有限公司 Method and system of accessing virtual machine remotely
CN102082837A (en) * 2010-12-31 2011-06-01 华为技术有限公司 Method and device for distributing public network address for IP (Internet protocol) terminal
CN103067268A (en) * 2012-12-31 2013-04-24 华为技术有限公司 Method and server of virtual home gateway service delivery

Also Published As

Publication number Publication date
CN104639497A (en) 2015-05-20
CN104639497B (en) 2018-12-25

Similar Documents

Publication Publication Date Title
WO2015067036A1 (en) Remote access configuration method, remote access method, apparatus, and system
US11075821B2 (en) Method and apparatus for managing field device based on cloud server
JP6677782B2 (en) Virtual network interface object
US11487690B2 (en) Universal host and non-volatile memory express storage domain discovery for non-volatile memory express over fabrics
US10353728B2 (en) Method, system and device for managing virtual machine software in cloud environment
WO2015081734A1 (en) Sending method for sending arp packet in vxlan, vtep, and vxlan controller
CN104125243A (en) Method of penetrating internal network to remotely connect large-scale virtual machines
CN104767649A (en) Bare metal server deployment method and device
CN103152256A (en) Virtual routing network design method based on cloud computing data center
WO2014067080A1 (en) Method and device for transmitting cloud server addresses
WO2015143794A1 (en) Creating and upgrading methods, server, terminal, upgrading system, and storage media
WO2012163176A1 (en) Method, device and system for configuring set top box
WO2020135574A1 (en) Message processing method and apparatus, control plane device, and computer storage medium
WO2013097484A1 (en) Method, server and system for balancing loads of virtual machine cluster
WO2016008379A1 (en) Automatic configuration method and device for storage array, and storage system
WO2014089799A1 (en) Method and apparatus for determining virtual machine drifting
WO2015054882A1 (en) Network device communication method and network device
WO2015074391A1 (en) Method and apparatus for mounting peripheral components on multiple virtual machines
WO2022011563A1 (en) Internet of things configuration method and apparatus, computer device, and storage medium
KR102533536B1 (en) A method, an apparatus, an electronic device and a storage medium for communicating between private networks
CN101119374A (en) iSCSI communication method and corresponding initiation equipment and objective equipment
CN104780229A (en) Method of setting cloud server IP address through cloud terminal, system and cloud system
WO2016034006A1 (en) Packet sending method and access device
WO2013185696A2 (en) Data processing method and device
CN102833287B (en) The method of visit data resource in distributed file system and distributed file system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14860709

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14860709

Country of ref document: EP

Kind code of ref document: A1