WO2016106661A1 - Access control method for storage device, storage device, and control system - Google Patents

Access control method for storage device, storage device, and control system Download PDF

Info

Publication number
WO2016106661A1
WO2016106661A1 PCT/CN2014/095847 CN2014095847W WO2016106661A1 WO 2016106661 A1 WO2016106661 A1 WO 2016106661A1 CN 2014095847 W CN2014095847 W CN 2014095847W WO 2016106661 A1 WO2016106661 A1 WO 2016106661A1
Authority
WO
WIPO (PCT)
Prior art keywords
node
access
storage device
identifier
firewall
Prior art date
Application number
PCT/CN2014/095847
Other languages
French (fr)
Chinese (zh)
Inventor
冯锐
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201480013589.7A priority Critical patent/CN106165367B/en
Priority to PCT/CN2014/095847 priority patent/WO2016106661A1/en
Publication of WO2016106661A1 publication Critical patent/WO2016106661A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present invention relates to the field of storage technologies, and in particular, to an access control method, a storage device, and a control system for a storage device.
  • a cluster is a group of independent computers that are interconnected by a high-speed network. Each computer in the cluster is called a node. There is a management node in the cluster, which is specified by the administrator or the system configuration. An important function of the management node is to detect whether the node in the cluster is faulty and notify the failed node to exit from the cluster.
  • the prior art adopts Fencing technology, which includes three types of solutions: Persistent Reservation Fencing (PRF) technology, Fiber Channel Fencing. (Fibre Channel Isolation, hereinafter referred to as FCF) technology, and Power Fencing (hereinafter referred to as PF) technology.
  • PRF Persistent Reservation Fencing
  • FCF Fiber Channel Fencing.
  • PF Power Fencing
  • the PRF technology requires the storage device to support the SCSI-3Persistent Reservation function, where SCSI refers to the small computer system interface, the full name is the Small Computer System Interface.
  • the FCF technology is adopted to control the fiber switch to disable the Fibre Channel port connected to the faulty node and cut off the storage link to the fiber link of the faulty node, thereby preventing the faulty node from accessing the storage device.
  • the PF technology by controlling the power supply module of the faulty node, the power of the faulty node is directly cut off, thereby avoiding the access of the faulty node to the storage device.
  • an embodiment of the present invention provides an access control method, a storage device, and a control system for a storage device, which can effectively implement control of accessing a storage device by a faulty node.
  • an access control method for a storage device is provided, which is applied to an access process of a node to a storage device in a cluster, the method comprising: the storage device receiving an access mask message for the node, the access mask message And including the identifier of the node, and the access authority information corresponding to the identifier, where the access permission information is used to indicate that the node has no access right to the storage device; and the storage device according to the access screening message
  • the access authority corresponding to the node identifier is set to: no access permission; the storage device sends a notification to modify the firewall policy to the node, where the notification of modifying the firewall policy is used to instruct the node to modify the corresponding firewall of the node.
  • a firewall policy that blocks an IO access request sent by the node to the storage device.
  • the method includes: the storing Receiving, by the device, an IO access request sent by the node, where the IO access request includes an identifier of the node; and the storage device determines, according to the access control list and the IO access request, an access right corresponding to the identifier of the node When there is no access right, an abnormality indication message is sent to the node, and the abnormality indication message is used to instruct the node to perform a restart operation.
  • the method further includes: the storage device receiving the management node
  • the sent access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, where the access rights information is used to indicate that the node has access to the storage device Permission, the access mask message Sending, by the node, a request to join the cluster to the management node, and determining that the node is a recovery node, and then sending, by the management node, the storage device to the storage device;
  • the access authority corresponding to the node identifier is set to: having access rights.
  • the method further includes: the storage device sending a notification to the node to modify a firewall policy, where the notification of modifying the firewall policy is used to instruct the node to modify a firewall corresponding to the firewall of the node A policy that allows the node to send an IO access request to the storage device.
  • the method before the receiving an access screening message for the node, the method further includes: An access control list of the storage device is set in advance, the access control list includes: the node identifier, and access authority information corresponding to the node identifier, where the access permission information is used to indicate that the node is to the storage The device has access rights; and a firewall policy corresponding to the firewall of the node is preset, and the firewall policy is used to indicate a firewall corresponding to the node, and allows the node to send an IO access request to the storage device.
  • a storage device comprising:
  • processor a processor, a memory, a communication interface, and a bus, wherein the processor, the memory, and the communication interface communicate via the bus;
  • the communication interface is configured to communicate with a management node and a node in the cluster;
  • the memory is used to store a program
  • the processor is operative to execute the program stored by the memory to perform the method of one of the various implementations of the first aspect described above when the storage device is in operation.
  • a third aspect provides a storage device having an access control function, the storage device being applied to an access of the node in the cluster to the storage device, the storage device comprising: a receiving unit, configured to receive, for the node Accessing a masking message, where the access screening message includes an identifier of the node, and access authority information corresponding to the identifier, where the access permission information is used to indicate that the node has no access right to the storage device; And the sending unit is configured to send, to the node, a notification for modifying a firewall policy, where the notification for modifying the firewall policy is used, according to the access screening message, the access permission corresponding to the node identifier is set to: no access permission; Instructing the node to modify a firewall policy of the node corresponding to the firewall, and masking an IO access request sent by the node to the storage device.
  • the receiving unit is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node, and the sending unit, And the method is further configured to send, according to the access control list and the IO access request, an access indication that is not the access permission of the identifier of the node, to send an abnormality indication message to the node, where the abnormality indication message is used to indicate The node performs a restart operation.
  • the receiving unit is further configured to receive an access screening release message sent by the management node, where the access screening release message includes: a node identifier, and access authority information corresponding to the node identifier, where the access rights information is used to indicate that the node has access rights to the storage device, and the access screening message is sent to the management at the node
  • the node sends a request to join the cluster, and after determining that the node is a recovery node, is sent by the management node to the storage device; the setting unit is further configured to perform, according to the access screening release message, the access control In the list, the access permission corresponding to the node identifier is set to: access rights.
  • the sending unit is further configured to send, to the firewall of the node, a notification for modifying a firewall policy, where the firewall policy is modified. Notifying a firewall for indicating the node, allowing the node to send an IO access request to the storage device.
  • the setting unit is further configured to preset an access control list of the storage device, where
  • the access control list includes: the node identifier, and access authority information corresponding to the node identifier, where the access authority information is used to indicate that the node has access rights to the storage device; and the node firewall is preset a firewall policy for indicating a firewall of the node, allowing an IO access request sent by the node to the storage device.
  • a fourth aspect provides a control system for implementing storage device access, the system comprising: a cluster and a storage device, the cluster includes at least one node, and one of the at least one node is capable of performing the storage device Accessing, the storage device, configured to receive an access screening message for the node, where the access screening message includes an identifier of the node, and access permission information corresponding to the identifier, where the access permission information is used to indicate
  • the node has no access right to the storage device, and is configured to set, according to the access screening message, an access right corresponding to the node identifier to a non-access right, and a notification for sending the modified firewall policy to the node,
  • the notification of modifying the firewall policy is used to instruct the node to modify the firewall policy of the firewall corresponding to the node, and block the IO access request sent by the node to the storage device; the node is configured to modify the firewall policy according to the Notification, modify the firewall policy corresponding to the firewall.
  • the storage device is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node, according to the access control And the IO access request, when the access permission corresponding to the identifier of the node is determined to be no access right, sending an abnormality indication message to the node, where the abnormality indication message is used to instruct the node to perform a restart operation;
  • the node is further configured to perform the node restart operation according to the abnormality indication message.
  • the cluster further includes a management node, where the management node is configured to receive the join sent by the node.
  • the management node After the request of the cluster determines that the node is a recovery node, sending an access screening release message to the storage disk, where the access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, The access authority information is used to indicate that the node has access rights to the storage device; the storage device is further configured to receive an access screening release message sent by the management node, and according to the access screening release message, in the access In the control list, the access authority corresponding to the node identifier is set to have access rights.
  • the storage device is further configured to send, to the node, a notification for modifying a firewall policy, where the notification of the firewall policy is modified Instructing the node to modify the firewall policy of the node corresponding to the firewall, allowing the node to send an IO access request to the storage device; the node is further configured to modify the corresponding firewall according to the notification of modifying the firewall policy Firewall policy.
  • the storage device is further configured to preset the access control list, where the access control is The list includes: the node identifier, and access authority information corresponding to the node identifier, where the access authority information is used to indicate that the node has access rights to the storage device; and the node is further configured to be preset
  • the node corresponds to a firewall policy of the firewall, where the firewall policy is used to indicate a firewall corresponding to the node, and the IO access request sent by the node to the storage device is allowed.
  • the embodiment of the present invention receives an access screening message for a node by using a storage device, thereby changing an access right of the node to access the storage device, and sending a notification for modifying the firewall policy to the node, causing the node to modify the corresponding
  • the firewall policy of the firewall effectively shields the node from IO access requests to the storage device.
  • FIG. 1 is a schematic structural diagram of an access system formed by a cluster and a storage device according to an embodiment of the present invention.
  • Embodiment 1 is a schematic diagram of Embodiment 1 of a method for controlling access to a storage device according to the present invention.
  • FIG. 3 is a schematic diagram of a second embodiment of a method for controlling access to a storage device according to the present invention.
  • FIG. 4 is a schematic diagram of a third embodiment of a method for controlling access to a storage device according to the present invention.
  • FIG. 5 is a schematic diagram of Embodiment 4 of a method for controlling access to a storage device according to the present invention.
  • FIG. 6 is a schematic block diagram of Embodiment 1 of a memory device implemented by the present invention.
  • FIG. 7 is a schematic block diagram of a second embodiment of a memory device implemented by the present invention.
  • FIG. 8 is a schematic block diagram of an embodiment of a control system for implementing storage device access according to the present invention.
  • program modules include routines, programs, components, data structures, and other types of structures that perform particular tasks or implement particular abstract data types.
  • embodiments can be implemented in other computer system configurations, including hand-held devices, multi-processor systems, microprocessor-based or programmable consumer electronics, minicomputers, mainframe computers, and the like. Computing device.
  • Embodiments can also be implemented in a distributed computing environment where tasks are performed by remote processing devices connected through a communication network.
  • program modules can be located in both local and remote memory storage devices.
  • Various embodiments may be implemented as a computer-implemented process, a computing system, or a computer storage medium, such as a computer program product or a computer program of a computer system executing instructions of the example process.
  • a computer readable storage medium can be implemented via one or more of volatile computer memory, nonvolatile memory, a hard drive, a flash drive, a floppy disk or a compact disk and the like.
  • cluster is a group of independent computers interconnected by a high speed network that form a group and are managed in a single system mode.
  • Each computer in the cluster is called a "node.”
  • Node generally refers to a computing device that executes one or more software programs in a networked environment, however, in a particular application, a “node” may also be implemented as a server in a network.
  • a virtual node (software program) executed on one or more computing devices.
  • a node refers to a physical machine or a virtual machine installed on a physical machine.
  • Storage Device generally refers to a device for storing information, typically by digitizing information and then storing it in a storage medium using electrical, magnetic or optical means.
  • the term “Firewall” generally refers to a device that assists in securing information and allows or restricts the passage of transmitted data in accordance with specific rules.
  • the firewall may be a dedicated piece of hardware or a set of software built on general hardware.
  • IO access request generally refers to a request received by a storage device to read or write data stored on the storage device.
  • the IO read request generally includes the address information of the storage device that needs to be read; for the IO write request, the address information of the storage device that needs to be written includes the data that needs to be written.
  • FIG. 1 a schematic diagram of an access system architecture composed of a cluster and a storage device is generally introduced, as shown in FIG.
  • the system includes:
  • the cluster 100 is composed of N nodes (N ⁇ 1, and N is an integer). Each node can be deployed on a physical node (such as a server) or on a virtual node (such as a virtual machine). An application or a data access request sent by the client, and converting the data access request into An IO access request to the storage device.
  • N nodes included in the cluster 100 there is one management node (taking node 2 as a management node as an example), and the management node is selected and configured from the nodes by an administrator or other system.
  • the management node is responsible for detecting the failure of other nodes in the cluster and notifying the failed node to exit from the cluster.
  • the storage device resource pool 200 has M (M ⁇ 1 and M is an integer) storage devices, and each storage device can be understood as a storage device including storage management software and a storage medium.
  • the connection manners of the M storage devices in the storage device resource pool 200 are various, and the M storage devices shown in FIG. 1 are connected by a ring structure (herein only shown). In actual applications, there may be The star structure, the bus structure, the distributed structure, the tree structure, the mesh structure, the honeycomb structure, and the like, for which the embodiments of the present invention are not described.
  • the nodes in the cluster 100 and the storage devices in the storage resource pool 200 can be directly connected or connected through a network (not shown in FIG. 1). Since these connection methods are common knowledge in the art, the embodiments of the present invention are not described herein.
  • FIG. 2 shows a first embodiment of a method for controlling access to a storage device.
  • the method embodiment includes:
  • 201 Receive an access mask message for a node, where the access mask message includes an identifier of the node, and access authority information corresponding to the identifier, where the access permission information is used to indicate that the node does not have access to the storage device. Permissions.
  • the method flow can be performed by a storage device.
  • the management node in the cluster or a node designated by the management node sends an access mask message to the storage device.
  • the identifier of the node may be the IP address of the node, or the number of the node in the cluster.
  • the embodiment of the present invention is not limited.
  • the access permission corresponding to the identifier of the node may be searched in a preset access control list (ACL), and the access permission is modified to “reject”.
  • ACL preset access control list
  • the foregoing preset access control list may be stored on the storage device or may be stored in other devices. For this reason, all embodiments of the present invention are not limited. It can be understood by those skilled in the art that the access control list ACL is only an implementation manner, and other implementation manners may be included in the actual application, and the embodiments of the present invention are not limited thereto.
  • the accessing the masking message for a certain node by the storage device enables the storage device to control the access authority of the node according to the masking message, thereby shielding the sending of the storage device when the node has a fault. IO access request.
  • the above embodiment is to control the access of the storage device when a certain node in the cluster is faulty.
  • This embodiment can also be applied to other application scenarios, for example, according to other service requirements, The access rights of the node to the storage device.
  • FIG. 3 shows a second embodiment of the method for controlling the access of the storage device.
  • the method embodiment includes:
  • the storage device receives an access screening message for a node, where the access screening message includes an identifier of the node, and access permission information corresponding to the node identifier, where the access permission information is used to indicate that the node has no access right to the storage device. .
  • the identifier of the node may be an IP address of the node, or a number of the node in the cluster.
  • the storage device sets, according to the access screening message, the access permission corresponding to the node identifier to: no access permission.
  • an access control list may be preset, and the access control list may be pre- It is first stored in a storage device or other network device.
  • the storage device When the access control list is stored on the storage device, after the storage device receives the access masking message, the storage device directly sets the access authority corresponding to the node identifier in the access control list stored in the storage device; when the access control list is pre-stored in the other After the storage device receives the access masking message, the storage device sends a request for modifying the access authority corresponding to the node identifier to the other network device storing the access control list, and the network device performs the modification of the access authority.
  • the access control list is not set in advance, and after the storage device receives the access masking message, the access permission corresponding to the node identifier is set to: no access right.
  • the manner in which the implementation is implemented is not limited in all embodiments of the present invention.
  • the setting of the access authority corresponding to the node identifier includes: setting the access permission corresponding to the node identifier to “the node sets the storage device to have no access right”.
  • the storage device sends a notification to modify the firewall policy to the node, where the notification of modifying the firewall policy is used to indicate that the node modifies the firewall policy of the firewall corresponding to the node, and shields the IO access request sent by the node to the storage device.
  • the implementation of the firewall is various, and may be a network layer firewall, or an application layer firewall, and other types of firewalls.
  • the firewall corresponding to the node may be firewall software installed on the node, or a separate server is set to install the firewall.
  • the notification of the firewall policy is modified to instruct the node to modify the firewall policy of the firewall corresponding to the node, and the notification of modifying the firewall policy is transmitted through a reliable channel between the storage device and the node.
  • the establishment of the above-mentioned reliable channel can be implemented by using the SSH (Secure Shell) protocol.
  • SSH Secure Shell
  • receiving the masking message for a certain node by using the storage device enables the storage device to control the access authority of the node according to the masking message, and updates the notification of the firewall policy by setting the access authority.
  • the node corresponds to the firewall policy of the firewall, so that when the node has a fault, the node is effectively shielded from the storage device. IO access request.
  • the method further includes:
  • the storage device receives an IO access request sent by the node, where the IO access request includes an identifier of the node, and the storage device determines, according to the access authority corresponding to the node identifier, that the node that sends the IO access request has no access.
  • an abnormality indication message is sent to the node, and the abnormality indication message is used to instruct the node to perform a restart operation.
  • the foregoing step 302 ′ is performed after the step 302, and may be performed in parallel with the step 303, or after the step 303 and the node completes the firewall policy corresponding to the firewall of the node according to the notification of modifying the firewall policy. Execute before modification. In this regard, embodiments of the invention do not limit the order of execution of the steps described above.
  • step 302' the embodiment further includes the following steps:
  • the node After receiving the abnormal indication message, the node performs a restart operation.
  • the node performs an operation, which can be implemented by the following two steps:
  • the storage device sends an abnormality indication message to the node, where the abnormality indication message is used to instruct the node to perform a restart operation;
  • the node performs a node restart operation according to the abnormality indication message described above.
  • the restart of the node is divided into different modes: the restart of the entire system of the node, mainly for the hardware or operating system fault of the node; the restart of an application software of the node, and the application software for the node exists. malfunction.
  • the corresponding restart mode can be selected according to the actual scenario.
  • step 303 the embodiment further includes the following implementation steps:
  • the node modifies the firewall policy of the firewall corresponding to the firewall according to the foregoing notification of modifying the firewall policy.
  • the node modifies the firewall policy of the corresponding firewall according to the foregoing notification of modifying the firewall policy.
  • the manner and process of modifying the firewall policy are common knowledge in the field, and will not be described here.
  • the method embodiment further includes:
  • the node sends a request for rejoining the cluster to the management node. After the management node determines that the node is the restart node, the management node sends an access screening release message to the storage device.
  • the management node since the management node pre-stores information of all the nodes in the cluster (including the identifier of the node), when the node sends a request to re-join the cluster to the management node, it is determined that the node has been previously determined according to the identifier of the node. After joining the cluster and now resending the request to join the cluster, it is determined that the node is a recovery node, and the management node sends an access screening release message to the storage device.
  • the storage device receives an access screening release message sent by the management node, where the access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, where the access permission information is used to indicate the node to the storage device. Have access.
  • the foregoing access screening message is sent by the management node to the storage device after receiving the request of the node to join the cluster and determining that the node is a recovery node.
  • the storage device sets, according to the foregoing access screening release message, the access permission corresponding to the node identifier to: having access rights.
  • the storage device sets the access authority corresponding to the node identifier to have the access right, and the method embodiment further includes:
  • the storage device sends a notification to modify the firewall policy to the node, where the notification for modifying the firewall policy is used to indicate that the node modifies the firewall policy of the firewall corresponding to the node, and allows the section.
  • the node modifies the firewall policy of the firewall corresponding to the firewall according to the foregoing notification of modifying the firewall policy.
  • the method further includes the following steps:
  • firewall policy corresponding to the firewall of the node, where the firewall policy is used to allow an IO access request sent by the node to the storage device to pass through the firewall.
  • the method embodiment further includes the following steps:
  • the access control list of the storage device is preset, and the access control list includes: an identifier of the node, and access authority information corresponding to the node identifier, where the access permission information is used to indicate that the node has access rights to the storage device.
  • the foregoing implementation manner enables the storage device to record the access authority of the node according to the access control list, and sends an access mask/access mask release message to the node corresponding firewall according to the access right, thereby effectively implementing the IO access request for the node.
  • the purpose of control enables the storage device to record the access authority of the node according to the access control list, and sends an access mask/access mask release message to the node corresponding firewall according to the access right, thereby effectively implementing the IO access request for the node.
  • the embodiment of the present invention further provides two specific implementation manners, which are respectively introduced as follows:
  • FIG. 4 shows a third embodiment of a method for performing access control on a faulty node.
  • three entities are included: a management node, a common node A, and a storage device A. among them,
  • Management node A management node in a cluster mentioned in the system architecture corresponding to the embodiment of the present invention.
  • Ordinary node A Any node other than the management node in the cluster, and the ordinary node A can access the storage device A.
  • Storage device A a storage device accessible by ordinary node A or accessible Any of a number of storage devices.
  • each node in the cluster can access any storage device in the storage device resource pool; in the Share nothing application mode, each node in the cluster can access some of the storage in the storage device resource pool. Device.
  • Step 1 the system initializes the configuration.
  • the management node and the common node in the cluster adopt a unified configuration mode: that is, for each node in the cluster, description information about the storage devices accessible by each node in the cluster is stored on the node.
  • the description information includes: a node identifier and a correspondence between the identifiers of the storage devices that the node can access.
  • the cluster contains five nodes: a management node and four common nodes.
  • the configuration information for the five nodes in the cluster is shown in Table 1:
  • node Storage device accessible by the node Management node Storage device A, storage device B, storage device D Ordinary node A Storage device A, storage device C Common node B Storage device B, storage device D Ordinary node C Storage device A, storage device D
  • the ACL includes: (1) an identifier of a node that can access the storage device (in a specific implementation, the identifier of the node may be The IP address of the node, or the number of the node in the cluster, etc.; (2) The access rights of the node that can access the storage device (initialization configures the access right to: allow access).
  • the storage device A is taken as an example, and the initial configuration information of the storage device can be as shown in Table 2:
  • Step 1 The management node detects that the normal node A is a faulty node according to the heartbeat or lease information, and records the identifier of the node.
  • the fault of the node includes the following types: fault of the physical node, network fault of the node (for example, the network card fails), or an application or a certain node of the node A process has a fault.
  • the management node includes two ways to detect a node failure:
  • each node in the cluster periodically requests a lease from the lease manager (Lease Manager); the lease manager maintains a record for each node about the lease held by the node, where the node is recorded Obtained the lease. Whenever the lease manager receives each node When the lease request is made, the record is updated to reflect the node's latest information on the lease. If the lease manager does not receive a renewal request from a node within the specified period (Lease Duration), it will actively detect the status of the node (for example, use Ping to detect whether the node is faulty or Whether the network connection status of the node is faulty. If the status of the node is not detected for several times (for example, there is no response to the Ping packet), the node is considered to have failed and the node is faulty. The notification is sent to the management node.
  • the lease manager maintains a record for each node about the lease held by the node, where the node is recorded Obtained the lease.
  • the record is updated to reflect the node's latest information
  • the system constructs a heartbeat ring in each node according to a certain topology.
  • heartbeat information is sent between each node (the period of sending heartbeat information is usually longer than the lease period).
  • the heartbeat information of these nodes is brought together, it is usually summarized on the management node of the cluster to identify whether the heartbeat information from a certain node is lost. In order to avoid misjudgment, it is usually repeated several times. If there is no heartbeat information from a certain node for several consecutive times, it is determined that the node may be faulty. (At this time, the probe can be actively detected to further confirm whether the node is faulty. ).
  • the management node in the cluster detects the fault node of the normal node A, the identifier of the node is recorded.
  • the identifier of the node may have multiple implementation manners, such as: the IP address of the node (for example, 10.11.201.12), or the unique identifier of the node in the cluster (for example: number 0010) or other implementation manner,
  • the embodiments of the present invention are not described in detail.
  • the identifier of the node is recorded, which is a process of access control to the storage device in the case of a faulty node; for those skilled in the art, it can be understood that there are other applications.
  • the administrator controls the access of some nodes to the storage device, and the implementation process of this embodiment may also be adopted. In this regard, the embodiment is not limited.
  • Step 2 The management node sends an access control message to the storage device A that the common node A can access, and the message carries the identifier of the common node A and the modification information of the access authority.
  • the management node stores description information of the storage device accessible by each node in the cluster, and the management node may access the storage device accessible to the faulty common node A according to the description information.
  • A sends an access control message carrying the identifier of the ordinary node A.
  • the format of the access control message can be expressed as shown in Table 3:
  • Step 3 The storage device A receives the access control message, and updates its own ACL according to the access control message, and sets the access permission corresponding to the identifier of the common node A carried in the message to be denied access.
  • the configuration information of the storage device A is referred to Table 2.
  • the access authority corresponding to the common node A identifier is set to be denied access, and the set storage device is configured.
  • the access control list for A is:
  • Step 4 The normal node A generates an IO request for the storage device A, and delivers the IO request to the storage device A.
  • the node may not recognize that it has a fault (such as the network of the node and the management node is faulty), and the node should Or a process will also send an IO request to storage device A that it can access.
  • the above IO request includes a request to read or write data stored in the storage device A.
  • Step 5 The storage device A determines, according to the access control list, that the access right corresponding to the normal node A is the access denied, and discards the IO request sent by the ordinary node A.
  • the access control list may be stored in the storage device A or may be stored in a third-party device. For this reason, all embodiments of the present invention are not limited.
  • Step 6 The storage device A returns an abnormal response E_OVERDUE to the normal node A.
  • the storage device A After discarding the IO request sent by the normal node A, the storage device A returns an abnormal response code E_OVERDUE (error code) to an application or a certain process that issues the IO request to the normal node A.
  • E_OVERDUE error code
  • the E_OVERDUE is used to indicate an error identification code.
  • other error code formats may also be used, which is not limited in this embodiment.
  • Step 7 After receiving the abnormal response E_OVERDUE returned by the storage device A, the normal node A restarts the node.
  • the normal node A determines that it has a fault, and then restarts the node.
  • the normal node A restarts the operating system of the node, that is, the entire node restarts; when a common node A
  • normal node A restarts the corresponding application or corresponding process of the node.
  • Step 8 The ordinary node A sends a cluster join request to the management node.
  • the common node A sends a cluster join request to the management node, and the cluster join request belongs to the common knowledge in the field, which is not described in this embodiment.
  • Step 9 After receiving the cluster join request, the management node determines that the common node A is a fault recovery node.
  • the management node After receiving the cluster join request of the common node A, the management node extracts the identifier of the common node A, compares the identifier with the faulty node identifier recorded in step 1, and finds that the identifier of the ordinary node A is recorded as occurring. Fault, the node now issues a cluster join request to determine that the normal node A is a failover node.
  • Step 10 The management node sends an access screening release message to the storage device A, where the message carries the identifier of the ordinary node A and the modification information of the access authority.
  • the foregoing access cancellation message may adopt the following format:
  • Step 11 The storage device A updates the access control list ACL stored in the message according to the access mask release message, and sets the access authority corresponding to the identifier of the common node A carried in the message to allow access.
  • the updated access control list is as shown in Table 5:
  • Step 12 After completing the setting of the access authority to the ordinary node A, the storage device A The management node sends an access control release complete message.
  • Step 13 After receiving the access control release complete message sent by the storage device A, the management node returns the join success response information to the normal node A.
  • the storage device can control the access of the storage device by maintaining the access control list of the node that can access the storage device, and the entire control process is simple and easy, and the efficiency is high.
  • steps 1-2, 8-10, and 12-13 are all performed by the management node. It can be understood that, in the specific implementation process, the management node may also specify other nodes with control rights to implement, and the present invention The embodiment is not limited.
  • FIG. 5 shows a fourth embodiment of the method for performing access control on a faulty node.
  • the entities included in FIG. 5 and FIG. 4 are the same, and details are not described herein again.
  • Step 1 the system initializes the configuration.
  • the firewall corresponding to the firewall of the management node and the common node A is required.
  • the policy is configured to pre-set the firewall policy to allow requests to be sent to all storage devices.
  • a reliable channel of the normal node A and the storage device A is established in advance to transmit a modified notification of the firewall policy.
  • the above reliable channels can be implemented in two ways:
  • Adopt a common, encrypted channel that is authenticated by a key, such as SSH (Secure Shell).
  • Steps 1-3 are similar to the implementation of steps 1-3 in the third embodiment of the method. For this reason, the description is not repeated herein.
  • Step 4 The storage device A notifies the normal node A to modify the firewall policy of the corresponding firewall, and the firewall policy is to reject the ordinary node A and then send the IO request to the storage device A.
  • the storage device A sends a notification for modifying the firewall policy to the common node A through a reliable channel established during the system initialization configuration process.
  • Step 5 After receiving the notification of modifying the firewall policy sent by the storage device A, the normal node A modifies the firewall policy of the corresponding firewall according to the notification, and restarts the node.
  • the process of restarting the local node by the common node A includes (not shown): after the normal node A receives the notification of modifying the firewall policy sent by the storage device A, the storage device A sends an abnormality indication message to the ordinary node A, where The abnormality indication message is used to instruct the node to perform a restart process; the node performs a node restart process according to the abnormality indication message.
  • Steps 6-9 are similar to the implementations of the steps 8-11 in the third embodiment of the method. For this reason, the description is not repeated herein.
  • Step 10 The storage device A sends a notification to the normal node A to modify the firewall policy, which is used to instruct the common node A to modify the firewall policy of the corresponding firewall, and allows the ordinary node A to send an IO request to the storage device A.
  • Step 11 The ordinary node A modifies the firewall policy of the corresponding firewall, that is, allows the node to send an IO access request to the storage device A.
  • Step 12 The normal node A sends a firewall policy modification completion notification message to the storage device A, and the notification message is used to notify the storage device A that the firewall policy modification corresponding to the node is completed.
  • Step 13 The storage device A sends an access control release complete message to the management node, to notify the management node that the access control for the normal node A has been released.
  • Step 14 The management node sends a response to the normal node A to join the cluster successfully.
  • step 11 in this embodiment may be performed after step 14.
  • the foregoing implementation manner enables the storage device to record the access rights of the node according to the access control list, and send an access mask/access mask release message to the firewall corresponding to the node according to the access right, thereby effectively implementing the IO access request to the node.
  • the purpose of control enables the storage device to record the access rights of the node according to the access control list, and send an access mask/access mask release message to the firewall corresponding to the node according to the access right, thereby effectively implementing the IO access request to the node.
  • FIG. 6 is a schematic structural diagram of a storage device according to an embodiment of the present invention.
  • the controller includes at least a processor 610, a memory 620, a communication interface 630, and a bus 640.
  • the processor 610, the memory 620, and the communication interface 630 communicate through the bus 640.
  • the memory 620 is used to store programs. Specifically, the program code may be included in the program, and the program code includes a computer execution instruction.
  • the memory 620 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
  • the processor 610 is configured to execute an execution instruction stored by the memory 620, which may be a single core or a multi-core central processing unit (CPU), or an application specific integrated circuit (ASIC), or One or more integrated circuits configured to implement embodiments of the present invention.
  • the memory 620 may be a single core or a multi-core central processing unit (CPU), or an application specific integrated circuit (ASIC), or One or more integrated circuits configured to implement embodiments of the present invention.
  • the communication interface 630 is for communicating with a control point switch.
  • the processor 610 runs a program to perform the method of any of the above four method embodiments.
  • an embodiment of the present invention further provides a storage device 700 with an access control function.
  • the storage device 700 is applied to an access of the node in the cluster to the storage device.
  • the storage device 700 includes:
  • the receiving unit 710 is configured to receive an access screening message for the node, where the access screening message includes an identifier of the node, and access permission information corresponding to the identifier of the node, where the access permission information is used to indicate that the node has no access right to the storage device;
  • the setting unit 720 is configured to set, according to the access screening message, the access permission corresponding to the identifier of the node to: no access permission;
  • the sending unit 730 is configured to send a notification to the node to modify the firewall policy, where the notification of the modified firewall policy is used to instruct the node to modify the firewall policy of the firewall corresponding to the node, and block the IO access request sent by the node to the storage device.
  • the receiving unit 710 is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node;
  • the sending unit 730 is further configured to: when the node that sends the IO access request is in the non-access right according to the access authority corresponding to the identifier of the node, send an abnormality indication message to the node, where the abnormality indication message is used to instruct the node to perform a restart operation.
  • the receiving unit 710 is further configured to receive an access screening release message sent by the management node, where the access screening release message includes: an identifier of the node, and access permission information corresponding to the node identifier, where the access permission information is used to indicate that the node has access to the storage device.
  • the access mask message is sent by the node to the management node to join the cluster, and after the node is determined to be the recovery node, is sent by the management node;
  • the setting unit 720 is further configured to set, according to the access screening release message, the access permission corresponding to the node identifier to: having access rights.
  • the sending unit 730 is further configured to send, to the node, a notification for modifying the firewall policy, where the notification of the modified firewall policy is used to instruct the node to modify the firewall policy of the corresponding firewall, and allow the node to send an IO access request to the storage device.
  • the storage device 700 includes:
  • the setting unit 720 is further configured to preset a firewall policy of the node corresponding firewall, where the firewall policy is used to indicate that the node corresponds to the firewall, and allows the node to send an IO access request to the storage device.
  • an embodiment of the present invention further provides a control system 800 for implementing storage device access.
  • Embodiments of the system include:
  • the cluster 810 and the storage device 820 includes at least one node, wherein the at least one node includes a node 811, and the node 811 can implement access to the storage device 820, where:
  • the storage device 820 is configured to receive an access mask message for the node 811, where the mask message includes an identifier of the node 811, and access authority information corresponding to the node identifier, where the access permission information is used to indicate the node 811 to the foregoing
  • the storage device 820 has no access right, and is configured to set, according to the foregoing access screening message, an access right corresponding to the node identifier to a non-access right, and a notification for sending the modified firewall policy to the node 811, where the modifying the firewall policy is notified.
  • the node 811 is instructed to modify the firewall policy of the node 811 corresponding to the firewall 813, and the IO access request sent by the node 811 to the storage device 820 is blocked.
  • the firewall 813 of the above node is used to modify the firewall policy according to the notification of modifying the firewall policy.
  • the storage device 820 is further configured to receive an IO access request sent by the node 811, where the IO access request includes an identifier of the node, and determines to send according to the access authority corresponding to the identifier of the node.
  • the node 811 of the IO access request has no access right, the node 811 sends an abnormality indication message, and the abnormality indication message is used to instruct the node 811 to perform a restart operation;
  • the node 811 is further configured to perform a restart operation according to the abnormality indication message.
  • the cluster further includes a management node 812.
  • the management node 812 is configured to receive the request for joining the cluster sent by the node 811, and after determining that the node 811 is the recovery node, send an access screening release message to the storage device 820, where the access screening release message includes: an identifier of the node, and an identifier of the node
  • the access authority information is used to indicate that the node 811 has access rights to the storage device 820;
  • the storage device 820 is further configured to receive the access screening release message sent by the management node 812, and set the access permission corresponding to the identifier of the node to have access rights according to the access screening release message. limit.
  • the storage device 820 is further configured to send a notification to the node 811 to modify the firewall policy, where the notification of the modified firewall policy is used to instruct the node 811 to modify the firewall policy corresponding to the firewall 813, and allow the node 811 to send an IO access request to the storage device 820;
  • the node 811 is further configured to modify the firewall policy of the corresponding firewall 813 according to the foregoing notification of modifying the firewall policy.
  • the storage device 820 is further configured to preset a firewall policy of the node 811 corresponding to the firewall 813.
  • the firewall policy is used to indicate the firewall 813 corresponding to the node 811, and allows the node 811 to send an IO access request to the storage device 820.
  • the term "and/or” is merely an association describing the associated object, indicating that there may be three relationships.
  • a and/or B may indicate that A exists separately, and A and B exist simultaneously, and B cases exist alone.
  • the character "/" in this article generally indicates that the contextual object is an "or" relationship.
  • the disclosed systems, devices, and methods may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division.
  • there may be another division manner for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, or an electrical, mechanical or other form of connection.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the embodiments of the present invention.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
  • the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium.
  • the technical solution of the present invention contributes in essence or to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium.
  • a number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, and a read only memory (ROM, Read-Only Memory), random access memory (RAM), disk or optical disk, and other media that can store program code.

Abstract

Method and system for controlling access to storage device. The method comprises: the storage device receives an access mask message with respect to the node, where the access mask message comprises an identifier of the node and access permission information corresponding to the identifier, and the access permission information is used for indicating that the node has no access permission with respect to the storage device; the storage device configures, on the basis of the access mask message, the access permission corresponding to the identifier of the node as: no access permission; the storage device transmits a firewall policy modification notification to the storage device, where the firewall policy modification notification is used for instructing the node to modify a firewall policy of a firewall corresponding to the node, thus masking I/O access requests transmitted by the node to the storage device. Employment of the method allows effective implementation of control of access to the storage device.

Description

一种存储装置的访问控制方法、存储装置以及控制系统Access control method, storage device and control system for storage device 技术领域Technical field
本发明涉及存储技术领域,更具体地,涉及一种存储装置的访问控制方法、存储装置以及控制系统。The present invention relates to the field of storage technologies, and in particular, to an access control method, a storage device, and a control system for a storage device.
背景技术Background technique
集群(Cluster)是一组相互独立的、通过高速网络互连的计算机。集群中的每一个计算机被称为一个节点(Node)。在集群中会存在一个管理节点,它是通过管理员指定或者系统配置设定,该管理节点的一项重要功能是检测集群中节点是否发生故障,并通知发生故障的节点从集群中退出。A cluster is a group of independent computers that are interconnected by a high-speed network. Each computer in the cluster is called a node. There is a management node in the cluster, which is specified by the administrator or the system configuration. An important function of the management node is to detect whether the node in the cluster is faulty and notify the failed node to exit from the cluster.
在集群中的节点对存储装置进行访问的应用场景下,一旦某一节点发生故障,就需要通知该故障节点从集群中退出,以避免故障节点和其他无故障节点同时对存储资源进行读写访问时,所可能出现的数据不一致的问题。In an application scenario where a node in a cluster accesses a storage device, once a node fails, the faulty node needs to be notified to exit from the cluster to prevent the faulty node and other non-faulty nodes from simultaneously reading and writing access to the storage resource. When there is a problem with the data inconsistency.
在解决故障节点对存储装置的访问控制问题时,现有技术采用的是Fencing(隔离)技术,其中,包括三类解决方式:Persistent Reservation Fencing (持久保留隔离,以下简称PRF)技术,Fiber Channel Fencing(光纤信道隔离,以下简称FCF)技术,以及Power Fencing(电源隔离,以下简称PF)技术。其中,采用PRF技术,需要存储设备支持SCSI-3Persistent Reservation (持久保留)功能,其中SCSI指的是小型计算机系统接口,其全称是Small Computer System Interface。采用FCF技术,通过控制光纤交换机,禁用故障节点所连接的光纤通道端口,切断存储资源到故障节点的光纤链路,从而达到禁止故障节点访问存储装置的目的。采用PF技术,通过控制故障节点的供电模块,直接切断故障节点的电源,从而就避免故障节点对存储装置的访问。In solving the access control problem of the faulty node to the storage device, the prior art adopts Fencing technology, which includes three types of solutions: Persistent Reservation Fencing (PRF) technology, Fiber Channel Fencing. (Fibre Channel Isolation, hereinafter referred to as FCF) technology, and Power Fencing (hereinafter referred to as PF) technology. Among them, the PRF technology requires the storage device to support the SCSI-3Persistent Reservation function, where SCSI refers to the small computer system interface, the full name is the Small Computer System Interface. The FCF technology is adopted to control the fiber switch to disable the Fibre Channel port connected to the faulty node and cut off the storage link to the fiber link of the faulty node, thereby preventing the faulty node from accessing the storage device. By adopting the PF technology, by controlling the power supply module of the faulty node, the power of the faulty node is directly cut off, thereby avoiding the access of the faulty node to the storage device.
上述现有技术中,并非所有的存储设备都支持SCSI-3Persistent  Reservation功能,故采用PRF技术,就具有一定的局限性;而采用FCF技术或者PF技术,则可能存在安全性问题。In the above prior art, not all storage devices support SCSI-3Persistent The Reservation function, so using PRF technology, has certain limitations; while using FCF technology or PF technology, there may be security issues.
发明内容Summary of the invention
鉴于此,本发明实施例提供了一种存储装置的访问控制方法、存储装置以及控制系统,能够有效地实现对故障节点访问存储装置进行控制。In view of this, an embodiment of the present invention provides an access control method, a storage device, and a control system for a storage device, which can effectively implement control of accessing a storage device by a faulty node.
第一方面,提供了一种存储装置的访问控制方法,应用于集群中节点对存储装置的访问过程,该方法包括:所述存储装置接收针对所述节点的访问屏蔽消息,所述访问屏蔽消息包括所述节点的标识,以及与所述标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置无访问权限;所述存储装置根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为:无访问权限;所述存储装置向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,屏蔽所述节点向所述存储装置发送的IO访问请求。In a first aspect, an access control method for a storage device is provided, which is applied to an access process of a node to a storage device in a cluster, the method comprising: the storage device receiving an access mask message for the node, the access mask message And including the identifier of the node, and the access authority information corresponding to the identifier, where the access permission information is used to indicate that the node has no access right to the storage device; and the storage device according to the access screening message The access authority corresponding to the node identifier is set to: no access permission; the storage device sends a notification to modify the firewall policy to the node, where the notification of modifying the firewall policy is used to instruct the node to modify the corresponding firewall of the node. A firewall policy that blocks an IO access request sent by the node to the storage device.
结合第一方面,在第一种可能的实现方式中,在所述存储装置根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为无访问权限之后,该方法包括:所述存储装置接收所述节点发送的IO访问请求,所述IO访问请求包括所述节点的标识;所述存储装置根据所述访问控制列表以及所述IO访问请求,确定所述节点的标识对应的访问权限为无访问权限时,向所述节点发送异常指示消息,所述异常指示消息用于指示所述节点执行重启操作。With reference to the first aspect, in a first possible implementation, after the storage device sets the access authority corresponding to the node identifier to a non-access right according to the access screening message, the method includes: the storing Receiving, by the device, an IO access request sent by the node, where the IO access request includes an identifier of the node; and the storage device determines, according to the access control list and the IO access request, an access right corresponding to the identifier of the node When there is no access right, an abnormality indication message is sent to the node, and the abnormality indication message is used to instruct the node to perform a restart operation.
结合第一方面的第一种可能的实现方式,在第二种可能的实现方式中,在所述存储装置向所述节点发送异常指示消息之后,该方法还包括:所述存储装置接收管理节点发送的访问屏蔽解除消息,所述访问屏蔽解除消息包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限,所述访问屏蔽消息 是在所述节点向所述管理节点发送加入集群的请求,确定所述节点为恢复节点之后,由所述管理节点向所述存储装置发送的;所述存储装置根据所述访问屏蔽解除消息,在所述访问控制列表中,将所述节点标识对应的访问权限设置为:有访问权限。With reference to the first possible implementation manner of the first aspect, in a second possible implementation manner, after the storage device sends the abnormality indication message to the node, the method further includes: the storage device receiving the management node The sent access screening release message, the access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, where the access rights information is used to indicate that the node has access to the storage device Permission, the access mask message Sending, by the node, a request to join the cluster to the management node, and determining that the node is a recovery node, and then sending, by the management node, the storage device to the storage device; In the access control list, the access authority corresponding to the node identifier is set to: having access rights.
结合第一方面的第二种可能的实现方式,在第三种可能的实现方式中,在所述根据所述访问屏蔽解除消息,在所述访问控制列表中,对所述节点标识对应的访问权限设置为有访问权限之后,所述方法还包括:所述存储装置向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,允许所述节点向所述存储装置发送的IO访问请求。With reference to the second possible implementation manner of the first aspect, in a third possible implementation manner, in the access control list, the corresponding access to the node identifier is performed according to the access screening release message After the privilege is set to have access rights, the method further includes: the storage device sending a notification to the node to modify a firewall policy, where the notification of modifying the firewall policy is used to instruct the node to modify a firewall corresponding to the firewall of the node A policy that allows the node to send an IO access request to the storage device.
结合第一方面或者第一方面的第一至第三种可能的实现方式,在第四种可能的实现方式中,在所述接收针对所述节点的访问屏蔽消息之前,所述方法还包括:预先设置所述存储装置的访问控制列表,所述访问控制列表包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限;以及预先设置所述节点对应防火墙的防火墙策略,所述防火墙策略用于指示所述节点对应的防火墙,允许所述节点向所述存储装置发送的IO访问请求。With reference to the first aspect or the first to third possible implementation manners of the first aspect, in a fourth possible implementation, before the receiving an access screening message for the node, the method further includes: An access control list of the storage device is set in advance, the access control list includes: the node identifier, and access authority information corresponding to the node identifier, where the access permission information is used to indicate that the node is to the storage The device has access rights; and a firewall policy corresponding to the firewall of the node is preset, and the firewall policy is used to indicate a firewall corresponding to the node, and allows the node to send an IO access request to the storage device.
第二方面,提供了一种存储装置,该存储装置包括:In a second aspect, a storage device is provided, the storage device comprising:
处理器,存储器,通信接口和总线,其中,所述处理器、所述存储器和所述通信接口通过所述总线通信;a processor, a memory, a communication interface, and a bus, wherein the processor, the memory, and the communication interface communicate via the bus;
所述通信接口用于与集群中的管理节点以及节点通信;The communication interface is configured to communicate with a management node and a node in the cluster;
所述存储器用于存放程序;The memory is used to store a program;
当所述存储装置运行时,所述处理器用于执行所述存储器存储的所述程序,以执行上述第一方面的各种实现方式之一所述的方法。 The processor is operative to execute the program stored by the memory to perform the method of one of the various implementations of the first aspect described above when the storage device is in operation.
第三方面,提供了一种具有访问控制功能的存储装置,该存储装置应用于集群中节点对所述存储装置的访问过程中,该存储装置包括:接收单元,用于接收针对所述节点的访问屏蔽消息,所述访问屏蔽消息包括所述节点的标识,以及与所述标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置无访问权限;设置单元,用于根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为:无访问权限;发送单元,用于向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,屏蔽所述节点向所述存储装置发送的IO访问请求。A third aspect provides a storage device having an access control function, the storage device being applied to an access of the node in the cluster to the storage device, the storage device comprising: a receiving unit, configured to receive, for the node Accessing a masking message, where the access screening message includes an identifier of the node, and access authority information corresponding to the identifier, where the access permission information is used to indicate that the node has no access right to the storage device; And the sending unit is configured to send, to the node, a notification for modifying a firewall policy, where the notification for modifying the firewall policy is used, according to the access screening message, the access permission corresponding to the node identifier is set to: no access permission; Instructing the node to modify a firewall policy of the node corresponding to the firewall, and masking an IO access request sent by the node to the storage device.
结合第三方面,在第一种可能的实现方式中,所述接收单元,还用于接收所述节点发送的IO访问请求,所述IO访问请求包括所述节点的标识;所述发送单元,还用于根据所述访问控制列表以及所述IO访问请求,确定所述节点的标识对应的访问权限为无访问权限时,向所述节点发送异常指示消息,所述异常指示消息用于指示所述节点执行重启操作。With reference to the third aspect, in a first possible implementation, the receiving unit is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node, and the sending unit, And the method is further configured to send, according to the access control list and the IO access request, an access indication that is not the access permission of the identifier of the node, to send an abnormality indication message to the node, where the abnormality indication message is used to indicate The node performs a restart operation.
结合第三方面的第一种可能的实现方式,在第二种可能的实现方式中,所述接收单元,还用于接收管理节点发送的访问屏蔽解除消息,所述访问屏蔽解除消息包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限,所述访问屏蔽消息是在所述节点向所述管理节点发送加入集群的请求,确定所述节点为恢复节点之后,由所述管理节点向所述存储装置发送的;所述设置单元,还用于根据所述访问屏蔽解除消息,在所述访问控制列表中,将所述节点标识对应的访问权限设置为:有访问权限。With reference to the first possible implementation manner of the third aspect, in a second possible implementation manner, the receiving unit is further configured to receive an access screening release message sent by the management node, where the access screening release message includes: a node identifier, and access authority information corresponding to the node identifier, where the access rights information is used to indicate that the node has access rights to the storage device, and the access screening message is sent to the management at the node The node sends a request to join the cluster, and after determining that the node is a recovery node, is sent by the management node to the storage device; the setting unit is further configured to perform, according to the access screening release message, the access control In the list, the access permission corresponding to the node identifier is set to: access rights.
结合第三方面的第二种可能的实现方式,在第三种可能的实现方式中,所述发送单元,还用于向所述节点的防火墙发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点的防火墙,允许所述节点向所述存储装置发送的IO访问请求。 With the second possible implementation of the third aspect, in a third possible implementation, the sending unit is further configured to send, to the firewall of the node, a notification for modifying a firewall policy, where the firewall policy is modified. Notifying a firewall for indicating the node, allowing the node to send an IO access request to the storage device.
结合第三方面或者第三方面的第一至第三种可能的实现方式,在第四种可能的实现方式中,所述设置单元,还用于预先设置所述存储装置的访问控制列表,所述访问控制列表包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限;以及预先设置所述节点防火墙的防火墙策略,所述防火墙策略用于指示所述节点的防火墙,允许所述节点向所述存储装置发送的IO访问请求。With the third aspect or the first to third possible implementation manners of the third aspect, in a fourth possible implementation, the setting unit is further configured to preset an access control list of the storage device, where The access control list includes: the node identifier, and access authority information corresponding to the node identifier, where the access authority information is used to indicate that the node has access rights to the storage device; and the node firewall is preset a firewall policy for indicating a firewall of the node, allowing an IO access request sent by the node to the storage device.
第四方面,提供了一种实现存储装置访问的控制系统,该系统包括:集群以及存储装置,所述集群包括至少一个节点,所述至少一个节点中的某一个节点能够对所述存储装置进行访问,所述存储装置,用于接收针对所述节点的访问屏蔽消息,所述访问屏蔽消息包括所述节点的标识,以及与所述标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置无访问权限;用于根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为无访问权限;以及用于向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,屏蔽所述节点向所述存储装置发送的IO访问请求;所述节点,用于根据所述修改防火墙策略的通知,修改对应防火墙的防火墙策略。A fourth aspect provides a control system for implementing storage device access, the system comprising: a cluster and a storage device, the cluster includes at least one node, and one of the at least one node is capable of performing the storage device Accessing, the storage device, configured to receive an access screening message for the node, where the access screening message includes an identifier of the node, and access permission information corresponding to the identifier, where the access permission information is used to indicate The node has no access right to the storage device, and is configured to set, according to the access screening message, an access right corresponding to the node identifier to a non-access right, and a notification for sending the modified firewall policy to the node, The notification of modifying the firewall policy is used to instruct the node to modify the firewall policy of the firewall corresponding to the node, and block the IO access request sent by the node to the storage device; the node is configured to modify the firewall policy according to the Notification, modify the firewall policy corresponding to the firewall.
结合第四方面,在第一种可能的实现方式中,所述存储装置,还用于接收所述节点发送的IO访问请求,所述IO访问请求包括所述节点的标识,根据所述访问控制列表以及所述IO访问请求,确定所述节点的标识对应的访问权限为无访问权限时,向所述节点发送异常指示消息,所述异常指示消息用于指示所述节点执行重启操作;所述节点,还用于根据所述异常指示消息,执行所述节点重启操作。With reference to the fourth aspect, in a first possible implementation, the storage device is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node, according to the access control And the IO access request, when the access permission corresponding to the identifier of the node is determined to be no access right, sending an abnormality indication message to the node, where the abnormality indication message is used to instruct the node to perform a restart operation; The node is further configured to perform the node restart operation according to the abnormality indication message.
结合第四方面的第一种可能的实现方式,在第二种可能的实现方式中,所述集群中还包含管理节点,所述管理节点,用于接收所述节点发送的加入 集群的请求,确定所述节点为恢复节点之后,向所述存储盘发送访问屏蔽解除消息,所述访问屏蔽解除消息包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限;所述存储装置,还用于接收管理节点发送的访问屏蔽解除消息,并根据所述访问屏蔽解除消息,在所述访问控制列表中,将所述节点标识对应的访问权限设置为有访问权限。In conjunction with the first possible implementation of the fourth aspect, in a second possible implementation, the cluster further includes a management node, where the management node is configured to receive the join sent by the node. After the request of the cluster determines that the node is a recovery node, sending an access screening release message to the storage disk, where the access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, The access authority information is used to indicate that the node has access rights to the storage device; the storage device is further configured to receive an access screening release message sent by the management node, and according to the access screening release message, in the access In the control list, the access authority corresponding to the node identifier is set to have access rights.
结合第四方面的第二种可能的实现方式,在第三种可能的实现方式中,所述存储装置,还用于向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,允许所述节点向所述存储装置发送的IO访问请求;所述节点,还用于根据所述修改防火墙策略的通知,修改对应防火墙的防火墙策略。With reference to the second possible implementation of the fourth aspect, in a third possible implementation, the storage device is further configured to send, to the node, a notification for modifying a firewall policy, where the notification of the firewall policy is modified Instructing the node to modify the firewall policy of the node corresponding to the firewall, allowing the node to send an IO access request to the storage device; the node is further configured to modify the corresponding firewall according to the notification of modifying the firewall policy Firewall policy.
结合第四方面或者第四方面的第一至第三种可能的实现方式,在第四种可能的实现方式中,所述存储装置,还用于预先设置所述访问控制列表,所述访问控制列表包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限;以及所述节点,还用于预先设置所述节点对应防火墙的防火墙策略,所述防火墙策略用于指示所述节点对应的防火墙,允许所述节点向所述存储装置发送的IO访问请求。With the fourth aspect or the first to third possible implementation manners of the fourth aspect, in a fourth possible implementation, the storage device is further configured to preset the access control list, where the access control is The list includes: the node identifier, and access authority information corresponding to the node identifier, where the access authority information is used to indicate that the node has access rights to the storage device; and the node is further configured to be preset The node corresponds to a firewall policy of the firewall, where the firewall policy is used to indicate a firewall corresponding to the node, and the IO access request sent by the node to the storage device is allowed.
基于上述实现方案,本发明实施例通过存储装置接收针对某一节点的访问屏蔽消息,从而改变该节点访问存储装置的访问权限,并通过发送修改防火墙策略的通知给该节点,促使该节点修改对应防火墙的防火墙策略,从而有效地屏蔽了该节点对存储装置的IO访问请求。Based on the foregoing implementation, the embodiment of the present invention receives an access screening message for a node by using a storage device, thereby changing an access right of the node to access the storage device, and sending a notification for modifying the firewall policy to the node, causing the node to modify the corresponding The firewall policy of the firewall effectively shields the node from IO access requests to the storage device.
附图说明DRAWINGS
为了更清楚地说明本发明实施例的技术方案,下面将对本发明实施例中 所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the following will be BRIEF DESCRIPTION OF THE DRAWINGS The drawings used in the following description are briefly introduced. It is obvious that the drawings in the following description are only some embodiments of the present invention, and those skilled in the art can also These figures take additional drawings.
图1是本发明实施例的集群和存储装置所构成的访问系统架构示意图。FIG. 1 is a schematic structural diagram of an access system formed by a cluster and a storage device according to an embodiment of the present invention.
图2是本发明的对存储装置的访问进行控制的方法实施例一的示意图。2 is a schematic diagram of Embodiment 1 of a method for controlling access to a storage device according to the present invention.
图3是本发明的对存储装置的访问进行控制的方法实施例二的示意图。3 is a schematic diagram of a second embodiment of a method for controlling access to a storage device according to the present invention.
图4是本发明的对存储装置的访问进行控制的方法实施例三的示意图。4 is a schematic diagram of a third embodiment of a method for controlling access to a storage device according to the present invention.
图5是本发明的对存储装置的访问进行控制的方法实施例四的示意图。FIG. 5 is a schematic diagram of Embodiment 4 of a method for controlling access to a storage device according to the present invention.
图6是本发明实现的存储装置实施例一的示意性框图。FIG. 6 is a schematic block diagram of Embodiment 1 of a memory device implemented by the present invention.
图7是本发明实现的存储装置实施例二的示意性框图。FIG. 7 is a schematic block diagram of a second embodiment of a memory device implemented by the present invention.
图8是本发明实现存储装置访问的控制系统实施例的示意性框图。FIG. 8 is a schematic block diagram of an embodiment of a control system for implementing storage device access according to the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明的一部分实施例,而不是全部实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动的前提下所获得的所有其他实施例,都应属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts shall fall within the scope of the present invention.
一般的,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、组件、数据结构、以及其他类型的结构。此外,本领域的技术人员可以明白,各实施例可以用其他计算机系统配置来实施,包括手持式设备、多处理器系统、基于微处理器或可编程消费电子产品、小型计算机、大型计算机以及类似计算设备。各实施例还能在任务由通过通信网络连接的远程处理设备来执行的分布式计算环境中实现。在分布式计算环境中,程序模块可位于本地和远程存储器存储设备中。Generally, program modules include routines, programs, components, data structures, and other types of structures that perform particular tasks or implement particular abstract data types. Moreover, those skilled in the art will appreciate that embodiments can be implemented in other computer system configurations, including hand-held devices, multi-processor systems, microprocessor-based or programmable consumer electronics, minicomputers, mainframe computers, and the like. Computing device. Embodiments can also be implemented in a distributed computing environment where tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in both local and remote memory storage devices.
各实施例可被实现为计算机实现的过程、计算系统、或者诸如计算机程序产品或计算机系统执行示例过程的指令的计算机程序的计算机存储介质。 例如:计算机可读存储介质可经由易失性计算机存储器、非易失性存储器、硬盘驱动器、闪存驱动器、软盘或紧致盘和类似介质中的一个或多个来实现。Various embodiments may be implemented as a computer-implemented process, a computing system, or a computer storage medium, such as a computer program product or a computer program of a computer system executing instructions of the example process. For example, a computer readable storage medium can be implemented via one or more of volatile computer memory, nonvolatile memory, a hard drive, a flash drive, a floppy disk or a compact disk and the like.
贯穿本说明书,术语“集群(Cluster)”是一组相互独立的、通过高速网络互联的计算机,它们构成了一个组,并以单一系统的模式加以管理。集群中的每台计算机被称为一个“节点”。Throughout this specification, the term "cluster" is a group of independent computers interconnected by a high speed network that form a group and are managed in a single system mode. Each computer in the cluster is called a "node."
贯穿本说明书,术语“节点(Node)”一般指在联网环境中执行一个或多个软件程序的计算设备,然而,在具体应用中,“节点”还可以被实现为被视作网络中的服务器的一个或多个计算设备上执行的虚拟节点(软件程序)。节点指的是物理机或者安装在物理机上的虚拟机。Throughout this specification, the term "Node" generally refers to a computing device that executes one or more software programs in a networked environment, however, in a particular application, a "node" may also be implemented as a server in a network. A virtual node (software program) executed on one or more computing devices. A node refers to a physical machine or a virtual machine installed on a physical machine.
贯穿本说明书,术语“存储装置(Storage Device)”一般指用于储存信息的设备,通常是采用将信息数字化后再以利用电、磁或光学等方式存储在存储介质中。Throughout this specification, the term "Storage Device" generally refers to a device for storing information, typically by digitizing information and then storing it in a storage medium using electrical, magnetic or optical means.
贯穿本说明书,术语“防火墙(Firewall)”一般指的是一项协助确保信息安全的设备,会依照特定的规则,允许或是限制传输的数据通过。在具体实现中,防火墙可能是一台专属的硬件或是架设在一般硬件上的一套软件。Throughout this specification, the term "Firewall" generally refers to a device that assists in securing information and allows or restricts the passage of transmitted data in accordance with specific rules. In a specific implementation, the firewall may be a dedicated piece of hardware or a set of software built on general hardware.
贯穿本说明书,术语“IO访问请求”一般指的是存储设备所接收到的对该存储设备上所存储的数据进行读、或者写的请求。其中,对于IO读请求,一般包含需要读取的存储设备的地址信息;对于IO写请求,除包含需要写入的存储设备的地址信息,还包含需要写入的数据。Throughout this specification, the term "IO access request" generally refers to a request received by a storage device to read or write data stored on the storage device. The IO read request generally includes the address information of the storage device that needs to be read; for the IO write request, the address information of the storage device that needs to be written includes the data that needs to be written.
本发明实施例的系统架构System architecture of an embodiment of the present invention
在介绍本发明的实施例之前,先整体介绍一下由集群和存储装置所构成的访问系统架构示意图,如图1所示。该系统包括:Before introducing an embodiment of the present invention, a schematic diagram of an access system architecture composed of a cluster and a storage device is generally introduced, as shown in FIG. The system includes:
集群100,由N个节点组成(N≥1,且N为整数),每一个节点可以部署在物理节点(如:服务器)上,也可以部署在虚拟节点(如:虚拟机)上,负责接收应用或者客户端发送的数据访问请求,并将该数据访问请求转换成 对存储装置的IO访问请求。在集群100中所包含的N个节点中,会存在一个管理节点(以节点2作为管理节点为例),该管理节点通过管理员或者其他系统从节点中选择并加以配置。该管理节点负责检测出集群中其他节点的故障,并通知发生故障的节点从集群中退出。The cluster 100 is composed of N nodes (N≥1, and N is an integer). Each node can be deployed on a physical node (such as a server) or on a virtual node (such as a virtual machine). An application or a data access request sent by the client, and converting the data access request into An IO access request to the storage device. Among the N nodes included in the cluster 100, there is one management node (taking node 2 as a management node as an example), and the management node is selected and configured from the nodes by an administrator or other system. The management node is responsible for detecting the failure of other nodes in the cluster and notifying the failed node to exit from the cluster.
存储装置资源池200,有M(M≥1,且M为整数)个存储装置构成,每个存储装置可以理解为包含了存储管理软件和存储介质的存储设备。存储装置资源池200中的M个存储装置的连接方式是多种多样的,图1所示的M个存储装置是环型结构的连接方式(这里仅作为示意),实际应用中,还可以有星型结构、总线结构、分布式结构、树型结构、网状结构、蜂窝状结构等,对此,本发明的实施例不加以赘述。The storage device resource pool 200 has M (M ≥ 1 and M is an integer) storage devices, and each storage device can be understood as a storage device including storage management software and a storage medium. The connection manners of the M storage devices in the storage device resource pool 200 are various, and the M storage devices shown in FIG. 1 are connected by a ring structure (herein only shown). In actual applications, there may be The star structure, the bus structure, the distributed structure, the tree structure, the mesh structure, the honeycomb structure, and the like, for which the embodiments of the present invention are not described.
集群100中的节点和存储装置资源池200中的存储装置,可直接相连或者通过网络方式(图1未示)相连。由于上述这些连接方式属于本领域的公知常识,对此,本发明的实施例不加以赘述。The nodes in the cluster 100 and the storage devices in the storage resource pool 200 can be directly connected or connected through a network (not shown in FIG. 1). Since these connection methods are common knowledge in the art, the embodiments of the present invention are not described herein.
本发明的实施例Embodiment of the present invention
图2示出了对存储装置的访问进行控制的方法实施例一,该方法实施例包括:FIG. 2 shows a first embodiment of a method for controlling access to a storage device. The method embodiment includes:
201、接收针对某一节点的访问屏蔽消息,该访问屏蔽消息包括该节点的标识,以及与该标识对应的访问权限信息,上述访问权限信息用于指示上述某一节点对所述存储装置无访问权限。201. Receive an access mask message for a node, where the access mask message includes an identifier of the node, and access authority information corresponding to the identifier, where the access permission information is used to indicate that the node does not have access to the storage device. Permissions.
其中,该方法流程可由存储装置来执行。当某一节点存在故障时,或者管理员打算对某一节点进行控制时,会由集群中的管理节点或者管理节点指定的某一节点向存储装置发送访问屏蔽消息。在具体实现中,节点的标识可以为节点的IP地址,或者节点在集群中的编号,对此,本发明的实施例不加以限制。Wherein, the method flow can be performed by a storage device. When a node has a fault, or when the administrator intends to control a certain node, the management node in the cluster or a node designated by the management node sends an access mask message to the storage device. In a specific implementation, the identifier of the node may be the IP address of the node, or the number of the node in the cluster. For this, the embodiment of the present invention is not limited.
202、根据上述访问屏蔽消息,将该节点标识对应的访问权限设置为: 无访问权限。202. Set the access permission corresponding to the node identifier according to the foregoing access screening message: No access.
在具体实现过程中,通过访问屏蔽消息中的节点的标识,可以在预设的访问控制列表(ACL,Access Control List)中查找该节点的标识对应的访问权限,将该访问权限修改为“拒绝访问”;也可以在存储盘上单独记录该节点标识对应的访问权限为:无访问权限。可以理解,上述预设的访问控制列表可以存储在存储装置上,也可以存储在其他的设备中,对此,本发明的所有实施例均不加以限定。对于本领域技术人员可以理解,访问控制列表ACL仅是一种实现方式,在实际应用中,还可以包含其他的实现方式,对此,本发明的实施例均不加以限制。In the specific implementation process, by accessing the identifier of the node in the masked message, the access permission corresponding to the identifier of the node may be searched in a preset access control list (ACL), and the access permission is modified to “reject”. Access: You can also record the access rights corresponding to the node ID on the storage disk as: no access rights. It can be understood that the foregoing preset access control list may be stored on the storage device or may be stored in other devices. For this reason, all embodiments of the present invention are not limited. It can be understood by those skilled in the art that the access control list ACL is only an implementation manner, and other implementation manners may be included in the actual application, and the embodiments of the present invention are not limited thereto.
本实施例中,通过存储装置接收针对某一节点访问屏蔽消息,能够使得存储装置根据该屏蔽消息,对该节点访问权限进行控制,这样就屏蔽了该节点存在故障时,对该存储装置的发出的IO访问请求。In this embodiment, the accessing the masking message for a certain node by the storage device enables the storage device to control the access authority of the node according to the masking message, thereby shielding the sending of the storage device when the node has a fault. IO access request.
可以理解,上述的实施例是以集群中的某一节点存在故障时,对存储装置的访问进行控制,本实施例也可以应用在其他的应用场景,譬如:根据其他业务需求,欲设置某一节点对该存储装置的访问权限。It can be understood that the above embodiment is to control the access of the storage device when a certain node in the cluster is faulty. This embodiment can also be applied to other application scenarios, for example, according to other service requirements, The access rights of the node to the storage device.
图3示出了对存储装置的访问进行控制的方法实施例二,应用于集群的节点对存储装置的访问过程中,参看图3,该方法实施例包括:FIG. 3 shows a second embodiment of the method for controlling the access of the storage device. In the process of accessing the storage device by the node of the cluster, referring to FIG. 3, the method embodiment includes:
301、存储装置接收针对某一节点的访问屏蔽消息,该访问屏蔽消息包括该节点的标识,以及与该节点标识对应的访问权限信息,上述访问权限信息用于指示该节点对存储装置无访问权限。301. The storage device receives an access screening message for a node, where the access screening message includes an identifier of the node, and access permission information corresponding to the node identifier, where the access permission information is used to indicate that the node has no access right to the storage device. .
在具体实现中,该节点的标识可以为节点的IP地址,或者节点在集群中的编号。In a specific implementation, the identifier of the node may be an IP address of the node, or a number of the node in the cluster.
302、存储装置根据上述访问屏蔽消息,将上述节点标识对应的访问权限设置为:无访问权限。302. The storage device sets, according to the access screening message, the access permission corresponding to the node identifier to: no access permission.
在具体的实现中,可以预先设置访问控制列表,该访问控制列表可以预 先存储在存储装置或者其他的网络设备中。当访问控制列表存储在存储装置上时,存储装置接收到上述访问屏蔽消息之后,直接在自身存储的访问控制列表中,对该节点标识对应的访问权限进行设置;当访问控制列表预先存储在其他的网络设备中,当存储装置接收到上述访问屏蔽消息之后,向存储该访问控制列表的其他网络设备发送修改该节点标识对应的访问权限的请求,由该网络设备进行访问权限的修改。另外一种实现方式是,并不预先设置访问控制列表,当存储装置接收到上述访问屏蔽消息后,将该节点标识对应的访问权限设置为:无访问权限。对此,实现过程中采用什么方式,本发明的所有实施例均不加以限制。In a specific implementation, an access control list may be preset, and the access control list may be pre- It is first stored in a storage device or other network device. When the access control list is stored on the storage device, after the storage device receives the access masking message, the storage device directly sets the access authority corresponding to the node identifier in the access control list stored in the storage device; when the access control list is pre-stored in the other After the storage device receives the access masking message, the storage device sends a request for modifying the access authority corresponding to the node identifier to the other network device storing the access control list, and the network device performs the modification of the access authority. In another implementation manner, the access control list is not set in advance, and after the storage device receives the access masking message, the access permission corresponding to the node identifier is set to: no access right. In this regard, the manner in which the implementation is implemented is not limited in all embodiments of the present invention.
对该节点标识对应的访问权限进行设置,具体包括:将该节点标识对应的访问权限设置为“该节点对存储装置设置为无访问权限”。The setting of the access authority corresponding to the node identifier includes: setting the access permission corresponding to the node identifier to “the node sets the storage device to have no access right”.
303、存储装置向该节点发送修改防火墙策略的通知,上述修改防火墙策略的通知用于指示该节点修改该节点对应防火墙的防火墙策略,屏蔽该节点向存储装置发送的IO访问请求。303. The storage device sends a notification to modify the firewall policy to the node, where the notification of modifying the firewall policy is used to indicate that the node modifies the firewall policy of the firewall corresponding to the node, and shields the IO access request sent by the node to the storage device.
具体实现过程中,防火墙的实现方式是多种多样的,可以是网络层防火墙、或者应用层防火墙,以及其他类型的防火墙。在具体实现过程中,节点对应的防火墙可以是安装在节点上的防火墙软件,或者单独设置一个服务器,用来安装防火墙。修改防火墙策略的通知,用于指示该节点修改该节点对应防火墙的防火墙策略,修改防火墙策略的通知通过存储装置和节点之间的可靠信道进行传输。上述可靠信道的建立,可采用SSH(Secure SHell,安全外壳)协议来实现,利用SSH协议实现可靠信道属于现有技术,对此,不再进行赘述。In the specific implementation process, the implementation of the firewall is various, and may be a network layer firewall, or an application layer firewall, and other types of firewalls. In the specific implementation process, the firewall corresponding to the node may be firewall software installed on the node, or a separate server is set to install the firewall. The notification of the firewall policy is modified to instruct the node to modify the firewall policy of the firewall corresponding to the node, and the notification of modifying the firewall policy is transmitted through a reliable channel between the storage device and the node. The establishment of the above-mentioned reliable channel can be implemented by using the SSH (Secure Shell) protocol. The use of the SSH protocol to implement a reliable channel belongs to the prior art, and details are not described herein.
上述实施例中,通过存储装置接收针对某一节点访问屏蔽消息,能够使得存储装置根据该屏蔽消息,对该节点访问权限进行控制,在设置访问权限的同时,通过修改防火墙策略的通知,更新了该节点对应防火墙的防火墙策略,这样当该节点存在故障时,就有效地屏蔽了该节点向该存储装置的发出 的IO访问请求。In the above embodiment, receiving the masking message for a certain node by using the storage device enables the storage device to control the access authority of the node according to the masking message, and updates the notification of the firewall policy by setting the access authority. The node corresponds to the firewall policy of the firewall, so that when the node has a fault, the node is effectively shielded from the storage device. IO access request.
进一步的,在上述实施例二的基础上,还可包含如下的实现步骤:Further, based on the foregoing second embodiment, the following implementation steps may be further included:
在所述存储装置根据上述访问屏蔽消息,将所述节点标识对应的访问权限设置为无访问权限之后,所述方法还包括:After the storage device sets the access authority corresponding to the node identifier to the non-access right according to the foregoing access screening message, the method further includes:
302’、存储装置接收上述节点发送的IO访问请求,上述IO访问请求包括上述节点的标识,上述存储装置根据所述节点标识对应的访问权限,确定发送所述IO访问请求的所述节点无访问权限时,向所述节点发送异常指示消息,所述异常指示消息用于指示所述节点执行重启操作。302. The storage device receives an IO access request sent by the node, where the IO access request includes an identifier of the node, and the storage device determines, according to the access authority corresponding to the node identifier, that the node that sends the IO access request has no access. When the permission is performed, an abnormality indication message is sent to the node, and the abnormality indication message is used to instruct the node to perform a restart operation.
在具体实现的过程中,上述的步骤302’在步骤302之后执行,可以和步骤303并行执行,或者在步骤303之后且在节点根据上述修改防火墙策略的通知,完成对节点对应防火墙的防火墙策略的修改之前执行。对此,本发明的实施例并不限定上述步骤的执行顺序。In a specific implementation process, the foregoing step 302 ′ is performed after the step 302, and may be performed in parallel with the step 303, or after the step 303 and the node completes the firewall policy corresponding to the firewall of the node according to the notification of modifying the firewall policy. Execute before modification. In this regard, embodiments of the invention do not limit the order of execution of the steps described above.
进一步的,在步骤302’之后,该实施例还包含如下步骤:Further, after step 302', the embodiment further includes the following steps:
302”、该节点接收到上述异常指示消息之后,执行重启操作。302". After receiving the abnormal indication message, the node performs a restart operation.
其中,具体的,该节点执行操作,具体可通过如下两个步骤实现:Specifically, the node performs an operation, which can be implemented by the following two steps:
(1)存储装置向该节点发送异常指示消息,该异常指示消息用于指示该节点执行重启操作;(1) The storage device sends an abnormality indication message to the node, where the abnormality indication message is used to instruct the node to perform a restart operation;
(2)该节点根据上述异常指示消息执行节点重启操作。(2) The node performs a node restart operation according to the abnormality indication message described above.
需要说明的是,节点的重启分为不同的模式:节点的整个系统的重启,主要针对该节点存在硬件或者操作系统的故障;节点的某一应用软件的重启,针对该节点的该应用软件存在故障。在具体实现过程中,可以根据实际场景,选择对应的重启模式。It should be noted that the restart of the node is divided into different modes: the restart of the entire system of the node, mainly for the hardware or operating system fault of the node; the restart of an application software of the node, and the application software for the node exists. malfunction. In the specific implementation process, the corresponding restart mode can be selected according to the actual scenario.
进一步的,在步骤303之后,该实施例还包含如下的实现步骤:Further, after step 303, the embodiment further includes the following implementation steps:
304、该节点根据上述修改防火墙策略的通知,修改该节点对应防火墙的防火墙策略。 304. The node modifies the firewall policy of the firewall corresponding to the firewall according to the foregoing notification of modifying the firewall policy.
在具体实现中,该节点根据上述修改防火墙策略的通知,修改对应防火墙的防火墙策略。修改防火墙策略的方式和过程为本领域的公知常识,在此,不再赘述。In a specific implementation, the node modifies the firewall policy of the corresponding firewall according to the foregoing notification of modifying the firewall policy. The manner and process of modifying the firewall policy are common knowledge in the field, and will not be described here.
进一步,可选的,在步骤302”该节点执行重启过程之后,该方法实施例还包括:Further, optionally, after the node performs the restart process in step 302, the method embodiment further includes:
305、该节点向管理节点发送重新加入集群的请求,当管理节点确定该节点为重启节点之后,由管理节点向存储装置发送访问屏蔽解除消息。305. The node sends a request for rejoining the cluster to the management node. After the management node determines that the node is the restart node, the management node sends an access screening release message to the storage device.
在具体实现中,由于管理节点预先存有集群中的所有节点的信息(包含节点的标识),当该节点向管理节点发送重新加入集群的请求时,根据该节点的标识就确定该节点之前已经加入集群,现在重新发送加入集群的请求,则确定该节点为恢复节点,则由该管理节点向存储装置发送访问屏蔽解除消息。In a specific implementation, since the management node pre-stores information of all the nodes in the cluster (including the identifier of the node), when the node sends a request to re-join the cluster to the management node, it is determined that the node has been previously determined according to the identifier of the node. After joining the cluster and now resending the request to join the cluster, it is determined that the node is a recovery node, and the management node sends an access screening release message to the storage device.
节点加入集群的处理过程,属于本领域的现有技术,对此,本发明的所有实施例均不加以限定。The process of joining a node to a cluster belongs to the prior art in the art, and all the embodiments of the present invention are not limited thereto.
306、上述存储装置接收上述管理节点发送的访问屏蔽解除消息,该访问屏蔽解除消息包括:该节点标识,以及与该节点标识对应的访问权限信息,上述访问权限信息用于指示该节点对存储装置有访问权限。306. The storage device receives an access screening release message sent by the management node, where the access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, where the access permission information is used to indicate the node to the storage device. Have access.
需要说明的是,上述访问屏蔽消息是由管理节点在接收到该节点的加入集群的请求,并确定该节点为恢复节点之后,由上述管理节点向该存储装置发送的。It should be noted that the foregoing access screening message is sent by the management node to the storage device after receiving the request of the node to join the cluster and determining that the node is a recovery node.
307、存储装置根据上述访问屏蔽解除消息,将该节点标识对应的访问权限设置为:有访问权限。307. The storage device sets, according to the foregoing access screening release message, the access permission corresponding to the node identifier to: having access rights.
进一步,可选的,在根据访问屏蔽解除消息,存储装置将该节点标识对应的访问权限设置为有访问权限之后,上述方法实施例还包括:Further, optionally, after the accessing the message is removed according to the access screening, the storage device sets the access authority corresponding to the node identifier to have the access right, and the method embodiment further includes:
308、存储装置向该节点发送修改防火墙策略的通知,上述修改防火墙策略的通知用于指示该节点修改该节点对应防火墙的防火墙策略,允许该节 点向存储装置发送的IO访问请求。308. The storage device sends a notification to modify the firewall policy to the node, where the notification for modifying the firewall policy is used to indicate that the node modifies the firewall policy of the firewall corresponding to the node, and allows the section. An IO access request sent to the storage device.
309、该节点根据上述修改防火墙策略的通知,修改该节点对应防火墙的防火墙策略。309. The node modifies the firewall policy of the firewall corresponding to the firewall according to the foregoing notification of modifying the firewall policy.
进一步的,在步骤301中接收针对该节点的访问屏蔽消息之前,该方法还包括如下的步骤:Further, before receiving the access screening message for the node in step 301, the method further includes the following steps:
300、预先设置该节点对应防火墙的防火墙策略,上述防火墙策略用于允许该节点向存储装置发送的IO访问请求通过该防火墙。300. Pre-setting a firewall policy corresponding to the firewall of the node, where the firewall policy is used to allow an IO access request sent by the node to the storage device to pass through the firewall.
进一步的,当采用访问控制列表ACL实现节点对存储盘的访问权限进行控制时,该方法实施例还包括如下的步骤:Further, when the access control list ACL is used to implement the access control of the storage disk by the node, the method embodiment further includes the following steps:
300’、预先设置存储装置的访问控制列表,该访问控制列表包括:该节点的标识,以及与该节点标识对应的访问权限信息,上述访问权限信息用于指示该节点对存储装置具有访问权限。300', the access control list of the storage device is preset, and the access control list includes: an identifier of the node, and access authority information corresponding to the node identifier, where the access permission information is used to indicate that the node has access rights to the storage device.
通过上述的实现方式,使得存储装置能够根据访问控制列表实现对节点访问权限的记录,并根据访问权限向节点对应防火墙发送访问屏蔽/访问屏蔽解除消息,能够有效地实现对节点的IO访问请求进行控制的目的。The foregoing implementation manner enables the storage device to record the access authority of the node according to the access control list, and sends an access mask/access mask release message to the node corresponding firewall according to the access right, thereby effectively implementing the IO access request for the node. The purpose of control.
针对上述的实施例,本发明实施例还提供了两种具体的实现方式,分别介绍如下:For the foregoing embodiments, the embodiment of the present invention further provides two specific implementation manners, which are respectively introduced as follows:
图4示出了对故障节点进行访问控制的方法实施例三,参看图4,在图4中,包含三个实体,分别是:管理节点、普通节点A以及存储装置A。其中,FIG. 4 shows a third embodiment of a method for performing access control on a faulty node. Referring to FIG. 4, in FIG. 4, three entities are included: a management node, a common node A, and a storage device A. among them,
管理节点:即对应本发明实施例的系统架构中所提及的集群中的管理节点。Management node: A management node in a cluster mentioned in the system architecture corresponding to the embodiment of the present invention.
普通节点A:即集群中除管理节点之外的任意一个节点,该普通节点A能够访问存储装置A。Ordinary node A: Any node other than the management node in the cluster, and the ordinary node A can access the storage device A.
存储装置A:即普通节点A所能够访问的一个存储装置或者所能够访问 的众多存储装置中的任意一个。Storage device A: a storage device accessible by ordinary node A or accessible Any of a number of storage devices.
需要说明的是,对于基于存储装置的节点访问系统,存在两种应用模式,即:Share Everything(共享所有)以及Share Nothing(无共享)。在Share Everything应用模式下,集群中的每一个节点都能够访问存储装置资源池中的任意一个存储装置;在Share Nothing应用模式下,集群中的每一个节点能够访问存储装置资源池中的部分存储装置。It should be noted that for a storage device-based node access system, there are two application modes, namely: Share Everything and Share Nothing. In the Share Everything application mode, each node in the cluster can access any storage device in the storage device resource pool; in the Share Nothing application mode, each node in the cluster can access some of the storage in the storage device resource pool. Device.
该方法实施例包含如下过程:The method embodiment includes the following process:
步骤0、系统初始化配置。Step 0, the system initializes the configuration.
具体包含两类配置,其一,是对集群中各个节点的配置;其二,是对存储资源池中各个存储装置的配置。There are two types of configurations, one of which is the configuration of each node in the cluster; the other is the configuration of each storage device in the storage resource pool.
针对集群中各个节点的配置有两种配置方式:There are two configurations for the configuration of each node in the cluster:
(1)将集群中的管理节点以及普通节点采用统一的配置方式:即对于集群中的每个节点,其上面均保存有针对集群中的各个节点所能够访问的存储装置的描述信息。(1) The management node and the common node in the cluster adopt a unified configuration mode: that is, for each node in the cluster, description information about the storage devices accessible by each node in the cluster is stored on the node.
(2)对集群中的管理节点和普通节点采用不同的配置方式:即对于管理节点,其内部存储有针对每个节点能够访问的存储装置的描述信息;对于普通节点,其内部仅存储有针对本节点能够访问的存储装置的描述信息。(2) Different configuration modes are adopted for the management node and the common node in the cluster: that is, for the management node, the description information of the storage device that can be accessed by each node is stored internally; for the ordinary node, only the internal node stores the description Description information of the storage device that the node can access.
具体实现中,该描述信息包括:节点标识以及该节点所能够访问的存储装置标识的对应关系。如下作为举例,该集群包含五个节点,分别为:管理节点以及四个普通节点。针对该集群中的五个节点的配置信息如表一所示:In a specific implementation, the description information includes: a node identifier and a correspondence between the identifiers of the storage devices that the node can access. As an example, the cluster contains five nodes: a management node and four common nodes. The configuration information for the five nodes in the cluster is shown in Table 1:
节点node 节点所能够访问的存储装置Storage device accessible by the node
管理节点Management node 存储装置A、存储装置B、存储装置DStorage device A, storage device B, storage device D
普通节点AOrdinary node A 存储装置A、存储装置CStorage device A, storage device C
普通节点BCommon node B 存储装置B、存储装置DStorage device B, storage device D
普通节点COrdinary node C 存储装置A、存储装置DStorage device A, storage device D
普通节点DOrdinary node D 存储装置B、存储装置CStorage device B, storage device C
表一Table I
针对各个存储装置的配置,具体包括:生成该存储装置的访问控制列表ACL(Access Control List),该ACL包括:(1)能够访问该存储装置的节点的标识(具体实现中,节点的标识可以为该节点的IP地址,或者该节点在集群中的编号等);(2)能够访问该存储装置的节点的访问权限(初始化配置该访问权限为:允许访问)。具体实现中,根据表一,以存储装置A为例,该存储装置的初始配置信息可通过表二所示:For the configuration of the storage device, the ACL includes: (1) an identifier of a node that can access the storage device (in a specific implementation, the identifier of the node may be The IP address of the node, or the number of the node in the cluster, etc.; (2) The access rights of the node that can access the storage device (initialization configures the access right to: allow access). In the specific implementation, according to Table 1, the storage device A is taken as an example, and the initial configuration information of the storage device can be as shown in Table 2:
节点标识Node identifier 访问权限access permission
管理节点标识Management node ID 允许访问Allow access
普通节点A标识Common node A identifier 允许访问Allow access
普通节点C标识Common node C identifier 允许访问Allow access
表二Table II
步骤1、管理节点根据心跳或租约信息,检测出普通节点A为故障节点,记录该节点的标识。 Step 1. The management node detects that the normal node A is a faulty node according to the heartbeat or lease information, and records the identifier of the node.
具体实现中,由于种种原因,会导致普通节点A发生故障,节点的故障包含如下几种类型:物理节点的故障,节点的网络故障(如,网卡发生故障),或者节点的某一应用或者某一进程存在故障。管理节点在检测节点故障时包括两种方式:In the specific implementation, due to various reasons, the common node A may be faulty. The fault of the node includes the following types: fault of the physical node, network fault of the node (for example, the network card fails), or an application or a certain node of the node A process has a fault. The management node includes two ways to detect a node failure:
(1)基于租约(Lease)的节点故障检测方法(1) Node failure detection method based on lease (Lease)
在该方法中,集群中的每一个节点会定期向租约管理器(Lease Manager)申请租约;租约管理器为每个节点都维护一个有关该节点所持有租约的记录,其中记录该节点何时获取了该租约。每当租约管理器接收到来自各节点 的租约请求时,就更新该记录,以反映该节点获取租约的最新信息。如果租约管理器在指定的周期(租约期,Lease Duration)内都没有收到某个节点的续租请求,则会主动探测该节点的状态(例如:通过Ping方式来检测该节点是否发生故障或者该节点的网络连接状态是否发生故障),如果连续数次都探测不到该节点的状态(比如:对于Ping数据包,无响应),则认为该节点已经出现故障,并将该节点发生故障的通知发送给管理节点。In this method, each node in the cluster periodically requests a lease from the lease manager (Lease Manager); the lease manager maintains a record for each node about the lease held by the node, where the node is recorded Obtained the lease. Whenever the lease manager receives each node When the lease request is made, the record is updated to reflect the node's latest information on the lease. If the lease manager does not receive a renewal request from a node within the specified period (Lease Duration), it will actively detect the status of the node (for example, use Ping to detect whether the node is faulty or Whether the network connection status of the node is faulty. If the status of the node is not detected for several times (for example, there is no response to the Ping packet), the node is considered to have failed and the node is faulty. The notification is sent to the management node.
(2)基于心跳(Heartbeat)的节点故障检测方法(2) Heartbeat based node fault detection method
在该方法中,系统会按照某种拓扑结构在各个节点中构成一个心跳环(Heartbeat Ring),通过这个心跳环,会在各个节点之间发送心跳信息(发送心跳信息的周期通常都比租约期要短很多),当这些节点的心跳信息汇集到一起时,通常会在集群的管理节点上进行汇总,识别出是否丢失了来自某个节点的心跳信息。为了避免误判,通常会重复几次检测,如果有连续数次都没有收到来自某个节点的心跳信息,则判定该节点可能故障(此时也可以主动进行探测,进一步确认该节点是否故障)。In this method, the system constructs a heartbeat ring in each node according to a certain topology. Through this heartbeat ring, heartbeat information is sent between each node (the period of sending heartbeat information is usually longer than the lease period). To be much shorter, when the heartbeat information of these nodes is brought together, it is usually summarized on the management node of the cluster to identify whether the heartbeat information from a certain node is lost. In order to avoid misjudgment, it is usually repeated several times. If there is no heartbeat information from a certain node for several consecutive times, it is determined that the node may be faulty. (At this time, the probe can be actively detected to further confirm whether the node is faulty. ).
通过上述的节点故障检测方法,集群中的管理节点检测出普通节点A故障节点,则会记录该节点的标识。Through the node fault detection method described above, when the management node in the cluster detects the fault node of the normal node A, the identifier of the node is recorded.
这里,节点的标识可以有多种实现方式,如:该节点的IP地址(如:10.11.201.12),或该节点在集群中的唯一标识(如:编号0010)或其他的实现方式,对此,本发明的实施例不加以赘述。Here, the identifier of the node may have multiple implementation manners, such as: the IP address of the node (for example, 10.11.201.12), or the unique identifier of the node in the cluster (for example: number 0010) or other implementation manner, The embodiments of the present invention are not described in detail.
本步骤中,是针对发生故障的节点,记录该节点的标识,这是存在故障节点情况下的,对存储装置的访问控制的过程;对于本领域技术人员,可以理解,还可以有其他的应用场景,譬如:访问安全应用场景下,管理员控制部分节点对存储装置的访问,也可以采用本实施例的实现过程。对此,本实施例不加以限定。In this step, for the faulty node, the identifier of the node is recorded, which is a process of access control to the storage device in the case of a faulty node; for those skilled in the art, it can be understood that there are other applications. For example, in an access security application scenario, the administrator controls the access of some nodes to the storage device, and the implementation process of this embodiment may also be adopted. In this regard, the embodiment is not limited.
步骤2、管理节点向普通节点A能够访问的存储装置A下发访问控制消息,该消息中携带普通节点A的标识,以及对其访问权限的修改信息。 Step 2: The management node sends an access control message to the storage device A that the common node A can access, and the message carries the identifier of the common node A and the modification information of the access authority.
具体的,基于系统的初始化配置信息,管理节点上存储有集群中的每个节点所能够访问的存储装置的描述信息,管理节点可以根据该描述信息向发生故障的普通节点A能够访问的存储装置A下发访问控制消息,该消息携带有普通节点A的标识。作为举例,访问控制消息的格式可以表示如表三所示:Specifically, based on the initialization configuration information of the system, the management node stores description information of the storage device accessible by each node in the cluster, and the management node may access the storage device accessible to the faulty common node A according to the description information. A sends an access control message carrying the identifier of the ordinary node A. As an example, the format of the access control message can be expressed as shown in Table 3:
节点标识Node identifier 访问权限修改信息Access rights modification information
普通节点A的标识Common node A's identity 允许访问—>拒绝访问Allow access -> Deny access
表三Table 3
步骤3、存储装置A接收访问控制消息,并根据该访问控制消息更新自身的ACL,将消息中携带的普通节点A的标识对应的访问权限设置为拒绝访问。Step 3: The storage device A receives the access control message, and updates its own ACL according to the access control message, and sets the access permission corresponding to the identifier of the common node A carried in the message to be denied access.
具体的,根据步骤0中的系统配置过程,存储装置A的配置信息参看表二,在接收到上述访问控制消息之后,将普通节点A标识对应的访问权限设置为拒绝访问,设置后的存储装置A的访问控制列表为:Specifically, according to the system configuration process in step 0, the configuration information of the storage device A is referred to Table 2. After receiving the access control message, the access authority corresponding to the common node A identifier is set to be denied access, and the set storage device is configured. The access control list for A is:
节点标识Node identifier 访问权限access permission
管理节点标识Management node ID 允许访问Allow access
普通节点A标识Common node A identifier 拒绝访问access denied
普通节点C标识Common node C identifier 允许访问Allow access
表四Table 4
步骤4、普通节点A产生针对存储装置A的IO请求,并将该IO请求下发给存储装置A。Step 4: The normal node A generates an IO request for the storage device A, and delivers the IO request to the storage device A.
具体实现过程中,虽然普通节点A发生了故障,但是可能该节点并未识别自身出现发生故障(如该节点和管理节点的网络存在故障),该节点的应 用或者某一进程还会向它能够访问的存储装置A发送IO请求。上述的IO请求,包括对存储装置A中所存储的数据进行读或者写的请求。In the specific implementation process, although the normal node A has a fault, the node may not recognize that it has a fault (such as the network of the node and the management node is faulty), and the node should Or a process will also send an IO request to storage device A that it can access. The above IO request includes a request to read or write data stored in the storage device A.
步骤5、存储装置A根据访问控制列表,判断普通节点A对应的访问权限是拒绝访问时,丢弃普通节点A所发送的IO请求。Step 5: The storage device A determines, according to the access control list, that the access right corresponding to the normal node A is the access denied, and discards the IO request sent by the ordinary node A.
具体的,参看表四的访问控制列表,存储装置A从中确定针对普通节点A对应的IO请求拒绝访问时,丢弃普通节点A的某一应用或者某一进程发送的IO请求。Specifically, referring to the access control list in Table 4, when the storage device A determines that the IO request corresponding to the normal node A is denied access, the application of the ordinary node A or the IO request sent by a certain process is discarded.
需要说明的是,在具体实现过程中,访问控制列表可以存储在该存储装置A中,也可以存储在第三方设备中,对此,本发明的所有实施例均不加以限制。It should be noted that, in a specific implementation process, the access control list may be stored in the storage device A or may be stored in a third-party device. For this reason, all embodiments of the present invention are not limited.
步骤6、存储装置A向普通节点A返回异常响应E_OVERDUE。 Step 6. The storage device A returns an abnormal response E_OVERDUE to the normal node A.
具体的,存储装置A在丢弃普通节点A发送的IO请求之后,向普通节点A中发出该IO请求的某一应用或者某一进程返回异常响应代码E_OVERDUE(错误码)。可以理解,E_OVERDUE用于表示一种错误识别码,在具体实现中,还可能采用其他的错误码形式,对此,本实施例不加以限定。Specifically, after discarding the IO request sent by the normal node A, the storage device A returns an abnormal response code E_OVERDUE (error code) to an application or a certain process that issues the IO request to the normal node A. It can be understood that the E_OVERDUE is used to indicate an error identification code. In the specific implementation, other error code formats may also be used, which is not limited in this embodiment.
步骤7、普通节点A接收到存储装置A返回的异常响应E_OVERDUE后,则重新启动本节点。 Step 7. After receiving the abnormal response E_OVERDUE returned by the storage device A, the normal node A restarts the node.
具体的,普通节点A接收到异常响应E_OVERDUE后,就确定自身存在故障,则会重启本节点。对于节点的重启,包括两种实现方式:当普通节点A的硬件或者操作系统发生故障时,普通节点A会重启该节点的操作系统,即整个节点均会发生重启;当普通节点A的某一应用程序或者进程发生故障时,普通节点A会重启该节点的相应的应用程序或者相应的进程。Specifically, after receiving the abnormal response E_OVERDUE, the normal node A determines that it has a fault, and then restarts the node. For the restart of a node, there are two implementation modes: when the hardware or operating system of the common node A fails, the normal node A restarts the operating system of the node, that is, the entire node restarts; when a common node A When an application or process fails, normal node A restarts the corresponding application or corresponding process of the node.
步骤8、普通节点A向管理节点发送集群加入请求。Step 8. The ordinary node A sends a cluster join request to the management node.
具体的,在节点发生重启之后,普通节点A向管理节点发送集群加入请求,该集群加入请求属于本领域的公知常识,对此,本实施例不再赘述。 Specifically, after the node is restarted, the common node A sends a cluster join request to the management node, and the cluster join request belongs to the common knowledge in the field, which is not described in this embodiment.
步骤9、管理节点接收到该集群加入请求后,确定普通节点A为故障恢复节点。Step 9. After receiving the cluster join request, the management node determines that the common node A is a fault recovery node.
具体的,管理节点接收到普通节点A的集群加入请求之后,从中提取出普通节点A的标识,将该标识和步骤1记录的发生故障的节点标识对比,发现普通节点A的标识之前记录为发生故障,现在该节点发出集群加入请求,确定普通节点A为故障恢复节点。Specifically, after receiving the cluster join request of the common node A, the management node extracts the identifier of the common node A, compares the identifier with the faulty node identifier recorded in step 1, and finds that the identifier of the ordinary node A is recorded as occurring. Fault, the node now issues a cluster join request to determine that the normal node A is a failover node.
步骤10、管理节点向存储装置A下发访问屏蔽解除消息,该消息中携带普通节点A的标识,以及对其访问权限的修改信息。Step 10: The management node sends an access screening release message to the storage device A, where the message carries the identifier of the ordinary node A and the modification information of the access authority.
具体的,相对应与表三中的访问控制消息,上述的访问解除消息可以采用如下的格式:Specifically, corresponding to the access control message in Table 3, the foregoing access cancellation message may adopt the following format:
节点标识Node identifier 访问权限修改信息Access rights modification information
10.11.201.1210.11.201.12 拒绝访问—>允许访问Denied access -> Allow access
步骤11、存储装置A根据访问屏蔽解除消息,更新自身存储的访问控制列表ACL,将消息中携带的普通节点A的标识所对应的访问权限设置为允许访问。Step 11: The storage device A updates the access control list ACL stored in the message according to the access mask release message, and sets the access authority corresponding to the identifier of the common node A carried in the message to allow access.
具体的,相对应于步骤3中的存储装置A配置信息,通过访问屏蔽解除消息,更新后的访问控制列表如表五所示:Specifically, corresponding to the storage device A configuration information in step 3, by accessing the mask release message, the updated access control list is as shown in Table 5:
节点标识Node identifier 访问权限access permission
管理节点标识Management node ID 允许访问Allow access
普通节点A标识Common node A identifier 允许访问Allow access
普通节点C标识Common node C identifier 允许访问Allow access
表五Table 5
步骤12、在完成对普通节点A的访问权限的设置之后,存储装置A向 管理节点发送访问控制解除完成消息。Step 12: After completing the setting of the access authority to the ordinary node A, the storage device A The management node sends an access control release complete message.
步骤13、管理节点接收到存储装置A发送的访问控制解除完成消息之后,向普通节点A返回加入集群成功响应信息。Step 13: After receiving the access control release complete message sent by the storage device A, the management node returns the join success response information to the normal node A.
通过上述的实现过程,存储装置通过维护能够访问该存储装置的节点的访问控制列表,能够实现对存储装置访问的控制,整个控制过程简单易行,效率较高。Through the implementation process described above, the storage device can control the access of the storage device by maintaining the access control list of the node that can access the storage device, and the entire control process is simple and easy, and the efficiency is high.
上述步骤1-2、8-10以及12-13均为管理节点执行,可以理解,在具体实现的过程中,还可以由管理节点指定其他具备控制权限的节点来实现,对此,本发明的实施例不加以限定。The foregoing steps 1-2, 8-10, and 12-13 are all performed by the management node. It can be understood that, in the specific implementation process, the management node may also specify other nodes with control rights to implement, and the present invention The embodiment is not limited.
图5示出了对故障节点进行访问控制的方法实施例四,参看图5,图5和图4所包含的实体相同,在此,不再赘述。FIG. 5 shows a fourth embodiment of the method for performing access control on a faulty node. Referring to FIG. 5, the entities included in FIG. 5 and FIG. 4 are the same, and details are not described herein again.
该方法实施例包含如下的过程:The method embodiment includes the following process:
步骤0、系统初始化配置。Step 0, the system initializes the configuration.
在具体实现的过程中,该实施例中除包含方法实施例三中的步骤0对集群中各个节点的配置以及对存储装置的配置之外,还需要对管理节点以及普通节点A对应防火墙的防火墙策略进行配置,即将防火墙策略预先设置为允许对所有的存储装置发送请求。此外,预先建立起普通节点A和存储装置A的可靠信道,用来传送防火墙策略的修改的通知。上述可靠信道可以有两种实现方式:In the specific implementation process, in addition to the configuration of each node in the cluster and the configuration of the storage device in step 0 of the third embodiment of the method, the firewall corresponding to the firewall of the management node and the common node A is required. The policy is configured to pre-set the firewall policy to allow requests to be sent to all storage devices. In addition, a reliable channel of the normal node A and the storage device A is established in advance to transmit a modified notification of the firewall policy. The above reliable channels can be implemented in two ways:
(1)采用通用的,经过加密且通过密钥进行认证的信道,如:SSH(Secure Shell,安全外壳协议)。(1) Adopt a common, encrypted channel that is authenticated by a key, such as SSH (Secure Shell).
(2)采用专用的端口来建立专用信道,如:VPN(Virtual Private Network,虚拟专用网络)。(2) Use a dedicated port to establish a dedicated channel, such as a VPN (Virtual Private Network).
步骤1-3、和方法实施例三中步骤1-3的实现方式类似,对此,本实施例不再赘述。 Steps 1-3 are similar to the implementation of steps 1-3 in the third embodiment of the method. For this reason, the description is not repeated herein.
步骤4、存储装置A通知普通节点A修改对应防火墙的防火墙策略,该防火墙策略为拒绝普通节点A再将IO请求发送给存储装置A。Step 4: The storage device A notifies the normal node A to modify the firewall policy of the corresponding firewall, and the firewall policy is to reject the ordinary node A and then send the IO request to the storage device A.
具体实现中,存储装置A通过系统初始化配置过程中建立的可靠信道,将修改防火墙策略的通知发送给普通节点A。In a specific implementation, the storage device A sends a notification for modifying the firewall policy to the common node A through a reliable channel established during the system initialization configuration process.
步骤5、普通节点A接收到存储装置A发送的修改防火墙策略的通知后,根据该通知修改对应防火墙的防火墙策略,并重新启动本节点。Step 5: After receiving the notification of modifying the firewall policy sent by the storage device A, the normal node A modifies the firewall policy of the corresponding firewall according to the notification, and restarts the node.
具体的,普通节点A重新启动本节点的过程包括(图未示):在普通节点A接收到存储装置A发送的修改防火墙策略的通知之后,存储装置A向普通节点A发送异常指示消息,该异常指示消息用于指示该节点执行重启过程;该节点根据所述异常指示消息执行节点重启过程。Specifically, the process of restarting the local node by the common node A includes (not shown): after the normal node A receives the notification of modifying the firewall policy sent by the storage device A, the storage device A sends an abnormality indication message to the ordinary node A, where The abnormality indication message is used to instruct the node to perform a restart process; the node performs a node restart process according to the abnormality indication message.
步骤6-9、和方法实施例三中步骤8-11的实现方式类似,对此,本实施例不再赘述。Steps 6-9 are similar to the implementations of the steps 8-11 in the third embodiment of the method. For this reason, the description is not repeated herein.
步骤10、存储装置A向普通节点A发送修改防火墙策略的通知,该通知用于指示普通节点A修改自身对应防火墙的防火墙策略,允许普通节点A向存储装置A发送IO请求。Step 10: The storage device A sends a notification to the normal node A to modify the firewall policy, which is used to instruct the common node A to modify the firewall policy of the corresponding firewall, and allows the ordinary node A to send an IO request to the storage device A.
步骤11、普通节点A修改对应防火墙的防火墙策略,即允许该节点向存储装置A发送IO访问请求。Step 11: The ordinary node A modifies the firewall policy of the corresponding firewall, that is, allows the node to send an IO access request to the storage device A.
对于本领域技术人员来说,修改本地的防火墙策略的过程是本领域的公知常识,在此,本发明的实施例不再赘述。For a person skilled in the art, the process of modifying the local firewall policy is common knowledge in the art, and the embodiments of the present invention are not described herein again.
步骤12、普通节点A向存储装置A发送防火墙策略修改完成通知消息,该通知消息用于通知存储装置A该节点对应的防火墙策略修改完成。Step 12: The normal node A sends a firewall policy modification completion notification message to the storage device A, and the notification message is used to notify the storage device A that the firewall policy modification corresponding to the node is completed.
步骤13、存储装置A向管理节点发送访问控制解除完成消息,用来通知管理节点针对普通节点A的访问控制已经解除。Step 13: The storage device A sends an access control release complete message to the management node, to notify the management node that the access control for the normal node A has been released.
步骤14、管理节点向普通节点A发送加入集群成功的响应。Step 14: The management node sends a response to the normal node A to join the cluster successfully.
可以理解,在具体实现过程中,本实施例中的步骤11可以放在步骤14之后执行。 It can be understood that, in a specific implementation process, step 11 in this embodiment may be performed after step 14.
通过上述的实现方式,使得存储装置能够根据访问控制列表实现对节点访问权限的记录,并根据访问权限向节点对应的防火墙发送访问屏蔽/访问屏蔽解除消息,能够有效地实现对节点的IO访问请求进行控制的目的。The foregoing implementation manner enables the storage device to record the access rights of the node according to the access control list, and send an access mask/access mask release message to the firewall corresponding to the node according to the access right, thereby effectively implementing the IO access request to the node. The purpose of control.
图6为本发明实施例的存储装置的结构示意图。如图6所示,该控制器至少包括:处理器610、存储器620、通信接口630和总线640。其中,所述处理器610、所述存储器620和所述通信接口630通过所述总线640通信。FIG. 6 is a schematic structural diagram of a storage device according to an embodiment of the present invention. As shown in FIG. 6, the controller includes at least a processor 610, a memory 620, a communication interface 630, and a bus 640. The processor 610, the memory 620, and the communication interface 630 communicate through the bus 640.
所述存储器620用于存放程序。具体的,程序中可以包括程序代码,所述程序代码包括计算机执行指令。所述存储器620可以为高速RAM存储器,也可以为非易失性存储器(non-volatile memory),例如至少一个磁盘存储器。The memory 620 is used to store programs. Specifically, the program code may be included in the program, and the program code includes a computer execution instruction. The memory 620 may be a high speed RAM memory or a non-volatile memory such as at least one disk memory.
所述处理器610用于执行所述存储器620存储的执行指令,可能为单核或多核中央处理单元(Central Processing Unit,CPU),或者为特定集成电路(Application Specific Integrated Circuit,ASIC),或者为被配置成实施本发明实施例的一个或多个集成电路。The processor 610 is configured to execute an execution instruction stored by the memory 620, which may be a single core or a multi-core central processing unit (CPU), or an application specific integrated circuit (ASIC), or One or more integrated circuits configured to implement embodiments of the present invention.
所述通信接口630用于与控制点交换机通信。The communication interface 630 is for communicating with a control point switch.
当控制器运行时,处理器610运行程序,以执行上述四个方法实施例中任一方法实施例的方法。When the controller is running, the processor 610 runs a program to perform the method of any of the above four method embodiments.
参看图7,本发明实施例还提供一种具有访问控制功能的存储装置700,该存储装置700应用于集群中节点对所述存储装置的访问过程中,该存储装置700包括:Referring to FIG. 7, an embodiment of the present invention further provides a storage device 700 with an access control function. The storage device 700 is applied to an access of the node in the cluster to the storage device. The storage device 700 includes:
接收单元710,用于接收针对节点的访问屏蔽消息,该访问屏蔽消息包括节点的标识,以及与节点的标识对应的访问权限信息,访问权限信息用于指示节点对存储装置无访问权限;The receiving unit 710 is configured to receive an access screening message for the node, where the access screening message includes an identifier of the node, and access permission information corresponding to the identifier of the node, where the access permission information is used to indicate that the node has no access right to the storage device;
设置单元720,用于根据访问屏蔽消息,将节点的标识对应的访问权限设置为:无访问权限; The setting unit 720 is configured to set, according to the access screening message, the access permission corresponding to the identifier of the node to: no access permission;
发送单元730,用于向节点发送修改防火墙策略的通知,该修改防火墙策略的通知用于指示节点修改该节点对应防火墙的防火墙策略,屏蔽该节点向存储装置发送的IO访问请求。The sending unit 730 is configured to send a notification to the node to modify the firewall policy, where the notification of the modified firewall policy is used to instruct the node to modify the firewall policy of the firewall corresponding to the node, and block the IO access request sent by the node to the storage device.
进一步的,在该存储装置700中:Further, in the storage device 700:
接收单元710,还用于接收节点发送的IO访问请求,上述IO访问请求包括节点的标识;The receiving unit 710 is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node;
发送单元730,还用于根据节点的标识对应的访问权限,确定发送IO访问请求的节点为无访问权限时,向节点发送异常指示消息,异常指示消息用于指示节点执行重启操作。The sending unit 730 is further configured to: when the node that sends the IO access request is in the non-access right according to the access authority corresponding to the identifier of the node, send an abnormality indication message to the node, where the abnormality indication message is used to instruct the node to perform a restart operation.
进一步的,在该存储装置700中:Further, in the storage device 700:
接收单元710,还用于接收管理节点发送的访问屏蔽解除消息,访问屏蔽解除消息包括:节点的标识,以及与节点标识对应的访问权限信息,访问权限信息用于指示节点对存储装置具有访问权限,访问屏蔽消息是在节点向管理节点发送加入集群的请求,确定节点为恢复节点之后,由管理节点发送的;The receiving unit 710 is further configured to receive an access screening release message sent by the management node, where the access screening release message includes: an identifier of the node, and access permission information corresponding to the node identifier, where the access permission information is used to indicate that the node has access to the storage device. The access mask message is sent by the node to the management node to join the cluster, and after the node is determined to be the recovery node, is sent by the management node;
设置单元720,还用于根据访问屏蔽解除消息,将节点标识对应的访问权限设置为:有访问权限。The setting unit 720 is further configured to set, according to the access screening release message, the access permission corresponding to the node identifier to: having access rights.
进一步的,在该存储装置700中:Further, in the storage device 700:
发送单元730,还用于向节点发送修改防火墙策略的通知,该修改防火墙策略的通知用于指示节点修改对应防火墙的防火墙策略,允许节点向存储装置发送的IO访问请求。The sending unit 730 is further configured to send, to the node, a notification for modifying the firewall policy, where the notification of the modified firewall policy is used to instruct the node to modify the firewall policy of the corresponding firewall, and allow the node to send an IO access request to the storage device.
进一步的,在该存储装置700中包括:Further, the storage device 700 includes:
设置单元720,还用于预先设置节点对应防火墙的防火墙策略,该防火墙策略用于指示节点对应防火墙,允许节点向存储装置发送的IO访问请求。The setting unit 720 is further configured to preset a firewall policy of the node corresponding firewall, where the firewall policy is used to indicate that the node corresponds to the firewall, and allows the node to send an IO access request to the storage device.
参看图8,本发明实施例还提供一种实现存储装置访问的控制系统800, 该系统实施例包括:Referring to FIG. 8, an embodiment of the present invention further provides a control system 800 for implementing storage device access. Embodiments of the system include:
集群810以及存储装置820,所述集群810包括至少一个节点,其中,该至少一个节点包含节点811,上述节点811能够实现对上述存储装置820进行访问,其中:The cluster 810 and the storage device 820, the cluster 810 includes at least one node, wherein the at least one node includes a node 811, and the node 811 can implement access to the storage device 820, where:
上述存储装置820,用于接收针对该节点811的访问屏蔽消息,上述屏蔽消息包括该节点811的标识,以及与该节点标识对应的访问权限信息,上述访问权限信息用于指示该节点811对上述存储装置820无访问权限;用于根据上述访问屏蔽消息,将该节点标识对应的访问权限设置为无访问权限;以及用于向该节点811发送修改防火墙策略的通知,上述修改防火墙策略的通知用于指示上述节点811修改该节点811对应防火墙813的防火墙策略,屏蔽该节点811向上述存储装置820发送的IO访问请求。The storage device 820 is configured to receive an access mask message for the node 811, where the mask message includes an identifier of the node 811, and access authority information corresponding to the node identifier, where the access permission information is used to indicate the node 811 to the foregoing The storage device 820 has no access right, and is configured to set, according to the foregoing access screening message, an access right corresponding to the node identifier to a non-access right, and a notification for sending the modified firewall policy to the node 811, where the modifying the firewall policy is notified. The node 811 is instructed to modify the firewall policy of the node 811 corresponding to the firewall 813, and the IO access request sent by the node 811 to the storage device 820 is blocked.
上述节点的防火墙813,用于根据修改防火墙策略的通知,修改自身的防火墙策略。The firewall 813 of the above node is used to modify the firewall policy according to the notification of modifying the firewall policy.
进一步的,对于上述控制系统800,所述存储装置820,还用于接收所述节点811发送的IO访问请求,所述IO访问请求包括节点的标识,根据节点的标识对应的访问权限,确定发送IO访问请求的节点811无访问权限时,向节点811发送异常指示消息,异常指示消息用于指示节点811执行重启操作;Further, for the foregoing control system 800, the storage device 820 is further configured to receive an IO access request sent by the node 811, where the IO access request includes an identifier of the node, and determines to send according to the access authority corresponding to the identifier of the node. When the node 811 of the IO access request has no access right, the node 811 sends an abnormality indication message, and the abnormality indication message is used to instruct the node 811 to perform a restart operation;
节点811,还用于根据异常指示消息,执行重启操作。The node 811 is further configured to perform a restart operation according to the abnormality indication message.
进一步的,对于上述控制系统800,集群中还包含管理节点812,Further, for the foregoing control system 800, the cluster further includes a management node 812.
管理节点812,用于接收节点811发送的加入集群的请求,确定节点811为恢复节点之后,向存储装置820发送访问屏蔽解除消息,上述访问屏蔽解除消息包括:节点的标识,以及与节点的标识对应的访问权限信息,上述访问权限信息用于指示节点811对存储装置820具有访问权限;The management node 812 is configured to receive the request for joining the cluster sent by the node 811, and after determining that the node 811 is the recovery node, send an access screening release message to the storage device 820, where the access screening release message includes: an identifier of the node, and an identifier of the node The access authority information is used to indicate that the node 811 has access rights to the storage device 820;
存储装置820,还用于接收管理节点812发送的访问屏蔽解除消息,并根据访问屏蔽解除消息,将上述节点的标识对应的访问权限设置为有访问权 限。The storage device 820 is further configured to receive the access screening release message sent by the management node 812, and set the access permission corresponding to the identifier of the node to have access rights according to the access screening release message. limit.
进一步的,对于上述控制系统800,Further, with respect to the above control system 800,
存储装置820,还用于向节点811发送修改防火墙策略的通知,该修改防火墙策略的通知用于指示节点811对应防火墙813修改防火墙策略,允许节点811向存储装置820发送的IO访问请求;The storage device 820 is further configured to send a notification to the node 811 to modify the firewall policy, where the notification of the modified firewall policy is used to instruct the node 811 to modify the firewall policy corresponding to the firewall 813, and allow the node 811 to send an IO access request to the storage device 820;
节点811,还用于根据上述修改防火墙策略的通知,修改对应防火墙813的防火墙策略。The node 811 is further configured to modify the firewall policy of the corresponding firewall 813 according to the foregoing notification of modifying the firewall policy.
进一步的,对于上述控制系统800,Further, with respect to the above control system 800,
存储装置820,还用于预先设置节点811对应防火墙813的防火墙策略,上述防火墙策略用于指示节点811对应的防火墙813,允许节点811向存储装置820发送的IO访问请求。The storage device 820 is further configured to preset a firewall policy of the node 811 corresponding to the firewall 813. The firewall policy is used to indicate the firewall 813 corresponding to the node 811, and allows the node 811 to send an IO access request to the storage device 820.
应理解,本发明中的具体的例子只是为了帮助本领域技术人员更好地理解本发明实施例,而非限制本发明实施例的范围。It is to be understood that the specific examples of the invention are intended to be illustrative of the embodiments of the invention.
还应理解,在本发明的各种实施例中,上述各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。It should also be understood that in various embodiments of the present invention, the size of the sequence numbers of the above processes does not imply a sequence of executions, and the order of execution of the processes should be determined by its function and internal logic, and should not be implemented by the present invention. The implementation of the examples constitutes any limitation.
还应理解,在本发明实施例中,术语“和/或”仅仅是一种描述关联对象的关联关系,表示可以存在三种关系。例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。另外,本文中字符“/”,一般表示前后关联对象是一种“或”的关系。It should also be understood that in the embodiments of the present invention, the term "and/or" is merely an association describing the associated object, indicating that there may be three relationships. For example, A and/or B may indicate that A exists separately, and A and B exist simultaneously, and B cases exist alone. In addition, the character "/" in this article generally indicates that the contextual object is an "or" relationship.
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超 出本发明的范围。Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the various examples described in connection with the embodiments disclosed herein can be implemented in electronic hardware, computer software, or a combination of both, for clarity of hardware and software. Interchangeability, the composition and steps of the various examples have been generally described in terms of function in the above description. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the solution. Professionals can use different methods to implement the described functions for each specific application, but this implementation should not be considered super The scope of the invention is intended.
所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,上述描述的装置和单元的具体工作过程,以及方法的具体流程,可以参考前述系统实施例中的相应描述,在此不再赘述。A person skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the device and the unit described above, and the specific process of the method, refer to the corresponding description in the foregoing system embodiment, and no longer Narration.
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另外,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口、装置或单元的间接耦合或通信连接,也可以是电的,机械的或其它的形式连接。In the several embodiments provided by the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of the unit is only a logical function division. In actual implementation, there may be another division manner, for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, or an electrical, mechanical or other form of connection.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本发明实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the embodiments of the present invention.
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以是两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分,或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM, Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention contributes in essence or to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention. The foregoing storage medium includes: a U disk, a mobile hard disk, and a read only memory (ROM, Read-Only Memory), random access memory (RAM), disk or optical disk, and other media that can store program code.
以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到各种等效的修改或替换,这些修改或替换都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以权利要求的保护范围为准。 The above is only the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any equivalent person can be easily conceived within the technical scope of the present invention by any person skilled in the art. Modifications or substitutions are intended to be included within the scope of the invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.

Claims (16)

  1. 一种存储装置的访问控制方法,其特征在于,应用于集群中节点对所述存储装置的访问过程中,所述方法包括:An access control method for a storage device, characterized in that, in a process of accessing a node in a cluster to the storage device, the method includes:
    所述存储装置接收针对所述节点的访问屏蔽消息,所述访问屏蔽消息包括所述节点的标识,以及与所述标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置无访问权限;The storage device receives an access mask message for the node, where the access mask message includes an identifier of the node, and access rights information corresponding to the identifier, where the access rights information is used to indicate the node pair The storage device has no access rights;
    所述存储装置根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为:无访问权限;The storage device sets, according to the access screening message, the access permission corresponding to the node identifier to: no access permission;
    所述存储装置向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,屏蔽所述节点向所述存储装置发送的IO访问请求。The storage device sends a notification to the node to modify a firewall policy, where the notification of modifying the firewall policy is used to instruct the node to modify a firewall policy of the firewall corresponding to the node, and block the IO sent by the node to the storage device. Access request.
  2. 根据权利要求1所述的方法,其特征在于,在所述存储装置根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为无访问权限之后,所述方法还包括:The method according to claim 1, wherein after the storing device sets the access right corresponding to the node identifier to the non-access right according to the access screening message, the method further includes:
    所述存储装置接收所述节点发送的IO访问请求,所述IO访问请求包括所述节点的标识;The storage device receives an IO access request sent by the node, where the IO access request includes an identifier of the node;
    所述存储装置根据所述节点标识对应的访问权限,确定发送所述IO访问请求的所述节点无访问权限时,向所述节点发送异常指示消息,所述异常指示消息用于指示所述节点执行重启操作。The storage device sends an abnormality indication message to the node when the node that sends the IO access request has no access right, according to the access authority corresponding to the node identifier, where the abnormality indication message is used to indicate the node Perform a reboot.
  3. 根据权利要求2所述的方法,其特征在于,在所述存储装置向所述节点发送异常指示消息之后,所述方法还包括:The method according to claim 2, wherein after the storing means sends an abnormality indication message to the node, the method further comprises:
    所述存储装置接收管理节点发送的访问屏蔽解除消息,所述访问屏蔽解除消息包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限,所述访问 屏蔽消息是在所述节点向所述管理节点发送加入集群的请求,所述管理节点确定所述节点为恢复节点后,由所述管理节点向所述存储装置发送的;The storage device receives an access screening release message sent by the management node, where the access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, where the access permission information is used to indicate the node Having access to the storage device, the access The masking message is that the node sends a request to join the cluster to the management node, and the management node determines that the node is a recovery node, and is sent by the management node to the storage device;
    所述存储装置根据所述访问屏蔽解除消息,将所述节点标识对应的访问权限设置为:有访问权限。The storage device sets the access authority corresponding to the node identifier to: having access rights according to the access screening release message.
  4. 根据权利要求3所述的方法,其特征在于,在所述存储装置根据所述访问屏蔽解除消息,将所述节点标识对应的访问权限设置为有访问权限之后,所述方法还包括:The method according to claim 3, wherein after the storing means sets the access right corresponding to the node identifier to have access rights according to the access screening release message, the method further includes:
    所述存储装置向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,允许所述节点向所述存储装置发送的IO访问请求。The storage device sends a notification to the node to modify a firewall policy, where the notification for modifying the firewall policy is used to instruct the node to modify a firewall policy of the firewall corresponding to the node, and allow the node to send the IO to the storage device. Access request.
  5. 根据权利要求1-4任一所述的方法,其特征在于,在所述存储装置接收针对所述节点的访问屏蔽消息之前,所述方法还包括:The method according to any one of claims 1 to 4, wherein before the storing means receives an access masking message for the node, the method further comprises:
    预先设置所述节点对应防火墙的防火墙策略,所述防火墙策略用于指示所述节点对应的防火墙,允许所述节点向所述存储装置发送的IO访问请求。The firewall policy of the node corresponding to the firewall is preset, and the firewall policy is used to indicate a firewall corresponding to the node, and the IO access request sent by the node to the storage device is allowed.
  6. 一种存储装置,其特征在于,所述存储装置包括:A storage device, characterized in that the storage device comprises:
    处理器,存储器,通信接口和总线,其中,所述处理器、所述存储器和所述通信接口通过所述总线通信;a processor, a memory, a communication interface, and a bus, wherein the processor, the memory, and the communication interface communicate via the bus;
    所述通信接口用于与集群中管理节点以及节点通信;The communication interface is configured to communicate with a management node and a node in the cluster;
    所述存储器用于存放程序;The memory is used to store a program;
    当所述存储装置运行时,所述处理器用于执行所述存储器存储的所述程序,以执行所述权利要求1-5任一所述的方法。The processor is operative to execute the program stored by the memory to perform the method of any of claims 1-5 when the storage device is in operation.
  7. 一种具有访问控制功能的存储装置,其特征在于,该存储装置应用于集群中节点对所述存储装置的访问过程中,所述存储装置包括: A storage device with an access control function, wherein the storage device is applied to an access process of a node in a cluster to the storage device, the storage device includes:
    接收单元,用于接收针对所述节点的访问屏蔽消息,所述访问屏蔽消息包括所述节点的标识,以及与所述标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置无访问权限;a receiving unit, configured to receive an access screening message for the node, where the access screening message includes an identifier of the node, and access permission information corresponding to the identifier, where the access permission information is used to indicate the node pair The storage device has no access rights;
    设置单元,用于根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为:无访问权限;a setting unit, configured to set, according to the access screening message, an access right corresponding to the node identifier: no access right;
    发送单元,用于向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,屏蔽所述节点向所述存储装置发送的IO访问请求。a sending unit, configured to send, to the node, a notification for modifying a firewall policy, where the notification for modifying the firewall policy is used to indicate that the node modifies a firewall policy of the firewall corresponding to the node, and shields the node from sending to the storage device IO access request.
  8. 根据权利要求7所述的存储装置,其特征在于,A storage device according to claim 7, wherein
    所述接收单元,还用于接收所述节点发送的IO访问请求,所述IO访问请求包括所述节点的标识;The receiving unit is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node;
    所述发送单元,还用于根据所述节点标识对应的访问权限,确定发送所述IO访问请求的所述节点为无访问权限时,向所述节点发送异常指示消息,所述异常指示消息用于指示所述节点执行重启操作。The sending unit is further configured to: when determining, according to the access authority corresponding to the node identifier, that the node that sends the IO access request has no access right, send an abnormality indication message to the node, where the abnormality indication message is used. Instructing the node to perform a restart operation.
  9. 根据权利要求8所述的存储装置,其特征在于,A storage device according to claim 8 wherein:
    所述接收单元,还用于接收管理节点发送的访问屏蔽解除消息,所述访问屏蔽解除消息包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限,所述访问屏蔽消息是在所述节点向所述管理节点发送加入集群的请求,确定所述节点为恢复节点之后,由所述管理节点向所述存储装置发送的;The receiving unit is further configured to receive an access screening release message sent by the management node, where the access screening release message includes: the node identifier, and access authority information corresponding to the node identifier, where the access authority information is used Instructing the node to have access rights to the storage device, where the access screening message is that the node sends a request to join the cluster to the management node, and after determining that the node is a recovery node, the management node is Sent by the storage device;
    所述设置单元,还用于根据所述访问屏蔽解除消息,将所述节点标识对应的访问权限设置为:有访问权限。The setting unit is further configured to: set the access permission corresponding to the node identifier to: having access rights according to the access screening release message.
  10. 根据权利要求9所述的存储装置,其特征在于,A storage device according to claim 9, wherein
    所述发送单元,还用于向所述节点发送修改防火墙策略的通知,所述修 改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,允许所述节点向所述存储装置发送的IO访问请求。The sending unit is further configured to send, to the node, a notification for modifying a firewall policy, where the repair The notification of the firewall policy is used to instruct the node to modify the firewall policy of the firewall corresponding to the node, and allow the node to send an IO access request to the storage device.
  11. 根据权利要求7-10任一所述的存储装置,其特征在于,A storage device according to any of claims 7-10, characterized in that
    所述设置单元,还用于预先设置所述节点对应防火墙的防火墙策略,所述防火墙策略用于指示所述节点对应的防火墙,允许所述节点向所述存储装置发送的IO访问请求。The setting unit is further configured to preset a firewall policy of the node corresponding to the firewall, where the firewall policy is used to indicate a firewall corresponding to the node, and the IO access request sent by the node to the storage device is allowed.
  12. 一种实现存储装置访问的控制系统,其特征在于,所述系统包括:集群以及存储装置,所述集群包括至少一个节点,所述至少一个节点中的某一个节点能够对所述存储装置进行访问,A control system for implementing storage device access, characterized in that the system comprises: a cluster and a storage device, the cluster comprising at least one node, and one of the at least one node is capable of accessing the storage device ,
    所述存储装置,用于接收针对所述节点的访问屏蔽消息,所述访问屏蔽消息包括所述节点的标识,以及与所述标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置无访问权限;用于根据所述访问屏蔽消息,将所述节点标识对应的访问权限设置为无访问权限;以及用于向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,屏蔽所述节点向所述存储装置发送的IO访问请求;The storage device is configured to receive an access screening message for the node, where the access screening message includes an identifier of the node, and access permission information corresponding to the identifier, where the access permission information is used to indicate the The node has no access right to the storage device, and is configured to set, according to the access screening message, an access right corresponding to the node identifier to a non-access right, and a notification for sending the modified firewall policy to the node, where The notification of modifying the firewall policy is used to instruct the node to modify a firewall policy of the firewall corresponding to the node, and block an IO access request sent by the node to the storage device;
    所述节点,用于根据所述修改防火墙策略的通知,修改对应防火墙的防火墙策略。The node is configured to modify a firewall policy of the corresponding firewall according to the notification of modifying the firewall policy.
  13. 根据权利要求12所述的控制系统,其特征在于,The control system according to claim 12, characterized in that
    所述存储装置,还用于接收所述节点发送的IO访问请求,所述IO访问请求包括所述节点的标识,根据所述节点标识对应的访问权限,确定发送所述IO访问请求的所述节点无访问权限时,向所述节点发送异常指示消息,所述异常指示消息用于指示所述节点执行重启操作;The storage device is further configured to receive an IO access request sent by the node, where the IO access request includes an identifier of the node, and determine, according to the access right corresponding to the node identifier, the sending the IO access request. When the node has no access right, sending an abnormality indication message to the node, where the abnormality indication message is used to instruct the node to perform a restart operation;
    所述节点,还用于根据所述异常指示消息,执行所述节点重启操作。 The node is further configured to perform the node restart operation according to the abnormality indication message.
  14. 根据权利要求13所述的控制系统,其特征在于,所述集群中还包含管理节点,The control system according to claim 13, wherein said cluster further comprises a management node.
    所述管理节点,用于接收所述节点发送的加入集群的请求,确定所述节点为恢复节点之后,向所述存储盘发送访问屏蔽解除消息,所述访问屏蔽解除消息包括:所述节点标识,以及与所述节点标识对应的访问权限信息,所述访问权限信息用于指示所述节点对所述存储装置具有访问权限;The management node is configured to receive a request for joining the cluster sent by the node, and after determining that the node is a recovery node, send an access screening release message to the storage disk, where the access screening release message includes: the node identifier And access authority information corresponding to the node identifier, where the access rights information is used to indicate that the node has access rights to the storage device;
    所述存储装置,还用于接收所述管理节点发送的访问屏蔽解除消息,并根据所述访问屏蔽解除消息,将所述节点标识对应的访问权限设置为有访问权限。The storage device is further configured to receive an access screening release message sent by the management node, and set the access authority corresponding to the node identifier to have access rights according to the access screening release message.
  15. 根据权利要求14所述的控制系统,其特征在于,The control system according to claim 14 wherein:
    所述存储装置,还用于向所述节点发送修改防火墙策略的通知,所述修改防火墙策略的通知用于指示所述节点修改所述节点对应防火墙的防火墙策略,允许所述节点向所述存储装置发送的IO访问请求;The storage device is further configured to send, to the node, a notification for modifying a firewall policy, where the notification for modifying the firewall policy is used to instruct the node to modify a firewall policy of the firewall corresponding to the node, and allow the node to store the An IO access request sent by the device;
    所述节点,还用于根据所述修改防火墙策略的通知,修改对应防火墙的防火墙策略。The node is further configured to modify a firewall policy of the corresponding firewall according to the notification of modifying the firewall policy.
  16. 根据权利要求12-15任一所述的控制系统,其特征在于,A control system according to any of claims 12-15, characterized in that
    所述存储装置,还用于预先设置所述节点对应防火墙的防火墙策略,所述防火墙策略用于指示所述节点对应的防火墙,允许所述节点向所述存储装置发送的IO访问请求。 The storage device is further configured to preset a firewall policy of the node corresponding to the firewall, where the firewall policy is used to indicate a firewall corresponding to the node, and allow the node to send an IO access request to the storage device.
PCT/CN2014/095847 2014-12-31 2014-12-31 Access control method for storage device, storage device, and control system WO2016106661A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201480013589.7A CN106165367B (en) 2014-12-31 2014-12-31 A kind of access control method of storage device, storage device and control system
PCT/CN2014/095847 WO2016106661A1 (en) 2014-12-31 2014-12-31 Access control method for storage device, storage device, and control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2014/095847 WO2016106661A1 (en) 2014-12-31 2014-12-31 Access control method for storage device, storage device, and control system

Publications (1)

Publication Number Publication Date
WO2016106661A1 true WO2016106661A1 (en) 2016-07-07

Family

ID=56283935

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/095847 WO2016106661A1 (en) 2014-12-31 2014-12-31 Access control method for storage device, storage device, and control system

Country Status (2)

Country Link
CN (1) CN106165367B (en)
WO (1) WO2016106661A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109218415B (en) * 2018-08-28 2021-06-29 浪潮电子信息产业股份有限公司 Distributed node management method, node and storage medium
CN109995792B (en) * 2019-04-11 2021-08-31 苏州浪潮智能科技有限公司 Safety management system of storage equipment
CN111209107A (en) * 2019-12-26 2020-05-29 中科曙光国际信息产业有限公司 Multi-cluster operation method
CN112104668B (en) * 2020-11-10 2021-02-05 成都掌控者网络科技有限公司 Distributed authority process separation control method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1866966A (en) * 2006-06-14 2006-11-22 杭州华为三康技术有限公司 Internet protocol storage area network insulating method and device
US20080209136A1 (en) * 2007-02-28 2008-08-28 Yanling Qi System and method of storage system assisted i/o fencing for shared storage configuration
US7590737B1 (en) * 2004-07-16 2009-09-15 Symantec Operating Corporation System and method for customized I/O fencing for preventing data corruption in computer system clusters
US7631066B1 (en) * 2002-03-25 2009-12-08 Symantec Operating Corporation System and method for preventing data corruption in computer system clusters
CN103458036A (en) * 2013-09-03 2013-12-18 杭州华三通信技术有限公司 Access device and method of cluster file system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101146061A (en) * 2006-09-12 2008-03-19 黄小菲 A multi-protocol conversion system for city emergency command data networking
US7676687B2 (en) * 2006-09-28 2010-03-09 International Business Machines Corporation Method, computer program product, and system for limiting access by a failed node
US7778157B1 (en) * 2007-03-30 2010-08-17 Symantec Operating Corporation Port identifier management for path failover in cluster environments
US7966660B2 (en) * 2007-05-23 2011-06-21 Honeywell International Inc. Apparatus and method for deploying a wireless network intrusion detection system to resource-constrained devices
CN101174224A (en) * 2007-11-28 2008-05-07 中兴通讯股份有限公司 Memory management method based on VxWorks operating system
CN101541005B (en) * 2009-04-17 2011-04-27 东南大学 Service-oriented accessing control method in wireless Ad hoc network environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7631066B1 (en) * 2002-03-25 2009-12-08 Symantec Operating Corporation System and method for preventing data corruption in computer system clusters
US7590737B1 (en) * 2004-07-16 2009-09-15 Symantec Operating Corporation System and method for customized I/O fencing for preventing data corruption in computer system clusters
CN1866966A (en) * 2006-06-14 2006-11-22 杭州华为三康技术有限公司 Internet protocol storage area network insulating method and device
US20080209136A1 (en) * 2007-02-28 2008-08-28 Yanling Qi System and method of storage system assisted i/o fencing for shared storage configuration
CN103458036A (en) * 2013-09-03 2013-12-18 杭州华三通信技术有限公司 Access device and method of cluster file system

Also Published As

Publication number Publication date
CN106165367A (en) 2016-11-23
CN106165367B (en) 2019-06-21

Similar Documents

Publication Publication Date Title
EP3128720B1 (en) Post-cluster brain split quorum processing method and quorum storage device and system
WO2018036148A1 (en) Server cluster system
US8739273B2 (en) System and method for supporting subnet management packet (SMP) firewall restrictions in a middleware machine environment
JP6143849B2 (en) Managing physical resources for distributed operating systems
CN106911648B (en) Environment isolation method and equipment
WO2016106661A1 (en) Access control method for storage device, storage device, and control system
US9245147B1 (en) State machine reference monitor for information system security
CN108038384B (en) High-safety cluster shared storage virtualization method
US11509694B1 (en) Methods and systems for network device reconfigurations
CN110990115A (en) Containerized deployment management system and method for honeypots
US10909516B2 (en) Basic input/output system (BIOS) credential management
US20170374028A1 (en) Software-defined networking controller
US8918670B2 (en) Active link verification for failover operations in a storage network
US20170310700A1 (en) System failure event-based approach to addressing security breaches
US10516625B2 (en) Network entities on ring networks
CN107104963B (en) Trusted controller framework and its operating method towards cloud environment multi-tenant network
JP6010672B2 (en) Security setting system, security setting method and program
US11792065B2 (en) Network controller, failure injection communication protocol, and failure injection module for production network environment
KR101519543B1 (en) Control apparatus and method thereof in software defined network
JP5814138B2 (en) Security setting system, security setting method and program
TW201828655A (en) Environment isolation method and device resolves the problem of high complexity and incomplete isolation carried at environmental isolation during the RPC call process
WO2015067157A1 (en) Virtual local area network interface processing method and network device
JP2010086121A (en) Secure communication equipment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14909470

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14909470

Country of ref document: EP

Kind code of ref document: A1