WO2021093455A1 - 一种虚拟机接入方法及装置 - Google Patents
一种虚拟机接入方法及装置 Download PDFInfo
- Publication number
- WO2021093455A1 WO2021093455A1 PCT/CN2020/116000 CN2020116000W WO2021093455A1 WO 2021093455 A1 WO2021093455 A1 WO 2021093455A1 CN 2020116000 W CN2020116000 W CN 2020116000W WO 2021093455 A1 WO2021093455 A1 WO 2021093455A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- virtual machine
- access
- switch
- network
- tenant
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 66
- 238000012545 processing Methods 0.000 claims description 9
- 238000013507 mapping Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 15
- 238000005516 engineering process Methods 0.000 abstract description 2
- 230000001133 acceleration Effects 0.000 abstract 1
- 230000004048 modification Effects 0.000 abstract 1
- 238000012986 modification Methods 0.000 abstract 1
- 239000010410 layer Substances 0.000 description 15
- 238000010586 diagram Methods 0.000 description 9
- 238000004590 computer program Methods 0.000 description 8
- 239000004744 fabric Substances 0.000 description 8
- 238000003860 storage Methods 0.000 description 8
- 230000009466 transformation Effects 0.000 description 7
- 238000007726 management method Methods 0.000 description 6
- 238000003032 molecular docking Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 4
- 230000005012 migration Effects 0.000 description 4
- 238000013508 migration Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 230000004913 activation Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 3
- 239000012792 core layer Substances 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000002776 aggregation Effects 0.000 description 2
- 238000004220 aggregation Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000000052 comparative effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012384 transportation and delivery Methods 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005304 joining Methods 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000013439 planning Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
- H04L61/103—Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2101/00—Indexing scheme associated with group H04L61/00
- H04L2101/60—Types of network addresses
- H04L2101/618—Details of network addresses
- H04L2101/622—Layer-2 addresses, e.g. medium access control [MAC] addresses
Definitions
- the present disclosure relates to the field of computer network technology, and in particular, to a method and device for accessing a virtual machine.
- the computing resources, network resources, and storage resources in the user’s production environment are all provided by different service providers, and it is impossible to achieve unified orchestration and deployment. It often requires users to use software from multiple service providers.
- the back and forth operations in the management platform are inefficient and require higher technical requirements for operation and maintenance personnel, which increases the difficulty of operation and maintenance.
- cloud platforms such as OpenStack
- OpenStack OpenStack
- the cloud platform provides a unified external interface, and each service provider The resource management software needs to interface with the cloud platform.
- the cloud platform when a user's virtual machine is online or migrated, the cloud platform must perform network configuration and delivery through a specially developed docking interface to enable the virtual machine to open the network.
- the difficulty of developing such a docking interface is not low and requires additional time and expenditure, and even affects the progress of users' cloud data center transformation.
- the embodiments of the present disclosure provide a virtual machine access method and device to improve the above technical problems.
- the embodiments of the present disclosure provide a virtual machine access method, which is applied to an access switch, and the method includes: intercepting an ARP request sent by the virtual machine from an access port of the virtual machine; Request to generate a virtual machine access notification, and send the virtual machine access notification to the SDN controller, so that the SDN controller generates network configuration parameters for the virtual machine to activate the tenant network; receiving the SDN controller The network configuration parameters are sent, and the network configuration is performed according to the network configuration parameters.
- the above method can be applied to a cloud data center network, but is not limited to this scenario, for example, it can also be applied in a campus network.
- the so-called virtual machine opening tenant network can occur when the virtual machine is online or migrated.
- the tenant refers to the user of the cloud data center, who rents the resources of the cloud data center.
- the cloud data center does not need to set up a cloud platform. Instead, the SDN controller sends network configuration parameters to the access switch to enable the network opening of the virtual machine, thereby avoiding the interface docking problem of the cloud platform and helping to speed up tenants. The progress of the transformation of the cloud data center.
- the access switch automatically senses the access of the virtual machine by intercepting the ARP message sent by the virtual machine on the port, and notifies the SDN controller to issue the network configuration parameters, thereby automatically and efficiently completing the virtual machine activation of the tenant network
- the process enables the tenant business to be launched quickly, during which the SDN controller does not need to know the access location of the virtual machine in advance.
- an ARP request record table is stored on the access switch, and the generating a virtual machine access notification according to the ARP request includes: if the ARP request record table does not include For the entry corresponding to the ARP request, an entry corresponding to the ARP request is created in the ARP request record table, and a virtual machine access notification is generated according to the ARP request.
- the access switch can notify the SDN controller to perform subsequent operations of opening the tenant network. If the ARP request record table contains an entry corresponding to the ARP request, it indicates that it may be an ARP request with the same content sent by a virtual machine that has joined the tenant network before (according to the ARP protocol, the virtual machine will broadcast once in a while ARP request). In this case, there is no need to repeatedly open the tenant network. At this time, the access switch does not need to process the ARP request, and there is no need to generate a virtual machine access notification.
- embodiments of the present disclosure provide a virtual machine access method, which is applied to an SDN controller.
- the method includes: receiving a virtual machine access notification sent by an access switch;
- the result of the orchestration of the tenant network to which the virtual machine belongs generates network configuration parameters for the virtual machine to open the tenant network, and sends the network configuration parameters to the access switch and the switch connected to the access switch.
- the method further includes: determining that the virtual machine is one of the virtual machines according to the virtual machine access notification and the orchestration results for each tenant network A valid virtual machine in the tenant network.
- the virtual machine access notification carries the IP address of the virtual machine, the MAC address of the virtual machine, the VLAN identifier of the virtual machine, and the virtual machine's Access port
- the orchestration result includes the virtual machine IP range and the virtual machine VLAN identification range allowed in the tenant network
- the virtual machine is determined to be based on the virtual machine access notification and the orchestration result for each tenant network
- a valid virtual machine in one of the tenant networks includes: if the IP address of the virtual machine is within the virtual machine IP range in the orchestration result of one of the tenant networks, and the VLAN identifier of the virtual machine is in the tenant network Within the VLAN identifier range in the orchestration result, it is determined that the virtual machine is a legal virtual machine in the tenant network.
- the tenant network can be arranged in advance on the SDN controller, and the content of the arrangement can include setting the virtual machine IP range and the virtual machine VLAN identification range, that is, setting certain restrictions for the virtual machines joining the tenant network , Only those who meet this condition will be recognized as legitimate virtual machines created by the tenant, and the SDN controller will open the tenant network for them.
- the network configuration parameters include at least one of the following: a parameter for creating a VLAN; a parameter for creating a VXLAN; a parameter for mapping the created VLAN to the created VXLAN ; A parameter used to create a VXLAN gateway; a parameter used to add the access port of the virtual machine to the created VLAN.
- the access switch is a leaf switch, and the switch connected to the access switch is a spine switch;
- the configuration parameters for the leaf switch in the network configuration parameters include: The parameters for creating a VLAN on the leaf switch, the parameters for creating a VXLAN on the leaf switch, and the parameters for adding the access port of the virtual machine to the created VLAN;
- the network configuration parameters refer to
- the configuration parameters of the spine switch include: parameters used to create a VXLAN gateway on the spine switch, parameters used to create a VXLAN on the spine switch, and parameters used to map the created VLAN to the created VXLAN .
- the traditional cloud data center network or campus network can adopt a three-layer architecture (including the access layer, the aggregation layer, and the core layer), while the Fabric network architecture (including two types of nodes, leaf and spine) is used in this disclosure. Multi-layer structure, its forwarding efficiency is higher, and the delay is lower.
- the SDN controller should issue their respective network configuration parameters.
- the solution of the present disclosure does not limit the use of a Fabric network architecture (the access switch is a leaf switch in this case), and a traditional three-layer network architecture is also possible (the access switch is an access layer switch in this case).
- the method further includes: periodically querying an ARP request record table stored on the access switch, and determining from the ARP request response table that the SDN controller has not received Corresponding to the entry of the virtual machine access notification, the determined entry is an unprocessed entry; the operation of opening the tenant network is performed for the virtual machine corresponding to the unprocessed entry.
- the virtual machine access notification sent by the access switch to the SDN controller may be lost, causing the SDN controller to fail to know that the tenant network is to be opened for a tenant's virtual machine.
- the SDN controller can actively query the ARP request record table saved on the access switch. For each entry in the ARP request record table, a corresponding virtual machine access notification will be sent to The SDN controller (see the description of the ARP request record table above), if the virtual machine access notification corresponding to a certain entry is not received by the SDN controller (it may be lost), the SDN controller can follow the content of the entry Proactively activate the tenant network without waiting to receive the notification of virtual machine access. This will help reduce the probability of failure to activate the tenant network and provide better services to the tenant.
- embodiments of the present disclosure provide a virtual machine access device, which is configured in an access switch, and the device includes: a request interception module for intercepting the ARP sent by the virtual machine from the access port of the virtual machine Request; a request processing module, configured to generate a virtual machine access notification according to the ARP request, and send the virtual machine access notification to the SDN controller, so that the SDN controller generates a tenant for the virtual machine Network configuration parameters of the network; a network configuration module for receiving the network configuration parameters sent by the SDN controller, and performing network configuration according to the network configuration parameters.
- embodiments of the present disclosure provide a virtual machine access device, which is configured in an SDN controller, and the device includes: a notification receiving module for receiving a virtual machine access notification sent by an access switch; a notification processing module, It is used to generate network configuration parameters for the virtual machine to open the tenant network according to the virtual machine access notification and the result of the orchestration of the tenant network to which the virtual machine belongs, and report to the access switch and the access The switch connected to the switch sends the network configuration parameter.
- the embodiments of the present disclosure provide a computer-readable storage medium with computer program instructions stored on the computer-readable storage medium.
- the computer program instructions When the computer program instructions are read and run by a processor, the first aspect and the second aspect are executed. Aspect or any one of the possible implementations of the above two aspects.
- an embodiment of the present disclosure provides an electronic device including a memory and a processor.
- the memory stores computer program instructions.
- the computer program instructions When the computer program instructions are read and run by the processor, the first aspect is executed.
- Figure 1 shows a network architecture diagram provided by an embodiment of the present disclosure
- Fig. 2 shows a flowchart of a method for accessing a virtual machine provided by an embodiment of the present disclosure
- FIG. 3 shows an interaction diagram of a virtual machine access method provided by an embodiment of the present disclosure
- FIG. 4 shows a functional module diagram of a virtual machine access device provided by an embodiment of the present disclosure
- FIG. 5 shows a functional module diagram of another virtual machine access device provided by an embodiment of the present disclosure
- Fig. 6 shows a structural diagram of an electronic device provided by an embodiment of the present disclosure.
- the resources managed by the cloud data center mainly include three categories, namely computing resources, network resources, and storage resources.
- computing resources mainly refer to virtual machines.
- the comparative embodiment usually adopts a cloud platform to perform unified management of the above three types of resources.
- the specific solution is: the cloud platform provides a unified external interface (for example, API), and the resource management software of each service provider used by the user needs to be connected with the interface of the cloud platform, so that the cloud platform can issue instructions to the resource management Software, and then the resource management software performs further resource management according to the instructions.
- the cloud platform provides a unified external interface (for example, API)
- the resource management software of each service provider used by the user needs to be connected with the interface of the cloud platform, so that the cloud platform can issue instructions to the resource management Software, and then the resource management software performs further resource management according to the instructions.
- the resource management software deployed in the user's production network may not support the external interface docking with the cloud platform, and the resource management software needs to be upgraded. Therefore, it will bring extra time overhead and may even interrupt the user's business within a certain time range. .
- Fig. 1 shows a network architecture diagram provided by an embodiment of the present disclosure to which the virtual machine access method provided by the embodiment of the present disclosure can be applied.
- the network 10 includes an SDN controller 100, a switch 110, and a host machine 120.
- the network 10 may be, but is not limited to, a cloud data center network or a campus network, etc. However, the following text mainly uses a cloud data center network as an example for description.
- the SDN controller 100 may be deployed on an independent server.
- the switch 110 may include multiple switches, and the SDN controller may communicate with each switch 110 (shown by arrows in FIG. 1).
- the switching network formed by multiple switches 110 can have different architectures: for example, the traditional three-layer network architecture (including the access layer, the convergence layer, and the core layer) can be used, or the flat (Fabric) network architecture can be used.
- the traditional three-layer network architecture including the access layer, the convergence layer, and the core layer
- the flat (Fabric) network architecture can be used.
- the switch 110 can be divided into two types, namely a leaf switch and a spine switch. Each leaf switch can communicate with all spine switches (shown by connecting lines in FIG. 1).
- One or more virtual machines 122 can be deployed on the host machine 120, and the host machine 120 can connect to the switch 110 through a port on the switch 110 (shown as a connecting line in FIG. 1), thereby being deployed on the host machine 120
- the virtual machine 122 on the computer is also connected to the switch 110 through this port.
- Such a port on the switch 110 is called an access port of the virtual machine 122, and the switch 110 to which the virtual machine 122 is directly connected is called an access switch.
- the access switch is acted as a leaf switch.
- the host machine 120 may be a physical device or a virtual device, such as a virtualized server.
- the virtual machine 122 can be created through a virtual machine management platform (not shown in FIG. 1) or perform other management operations.
- the creator can be a user of the cloud data center, because these users usually use the resources of the cloud data center in a leased manner Build your own network (such as an enterprise internal network), so these users are also called tenants, and the network built by them is called a tenant network.
- the tenant networks are logically independent of each other. From the perspective of the tenants, each tenant network has its own virtual machine 122 and switch 110, but in fact many switches 110 are shared among tenants, but the switch 110 targets different The tenant network is configured, and each tenant does not perceive this.
- FIG. 1 is only an architecture manner of a network to which the virtual machine access method provided in the embodiments of the present disclosure can be applied, and it should not be understood as a limitation on the protection scope of the present disclosure.
- Fig. 2 shows a flowchart of a method for accessing a virtual machine provided by an embodiment of the present disclosure.
- the method may include the following steps:
- Step S200 The access switch intercepts the ARP request sent by the virtual machine from the access port of the virtual machine.
- the virtual machine After the virtual machine is created on the host machine, or after the virtual machine is migrated to a certain host machine, it will broadcast an ARP request to the outside. Regarding the role of the ARP request, reference may be made to the prior art, which is not explained in detail here.
- any message (including ARP request) sent by the virtual machine Before the access port of the virtual machine is added to the corresponding VLAN (it will only join after the tenant network is opened), any message (including ARP request) sent by the virtual machine will be directly discarded by the access switch.
- the access switch will intercept the ARP request from each port (including the access port of the virtual machine) to prevent it from being directly discarded in the underlying hardware of the access switch. The intercepted ARP request will be redirected to the access switch.
- the processor such as the CPU that enters the switch performs subsequent processing, so the access switch can automatically perceive the access behavior of the virtual machine.
- Step S201 The access switch generates a virtual machine access notification according to the ARP request, and sends the virtual machine access notification to the SDN controller.
- the virtual machine access notification can include part or all of the content of the ARP request.
- the purpose of the access switch sending the notification to the SDN controller is to inform the SDN controller that there are virtual machines currently connected, requesting the tenant network to be opened for it, and SDN control After receiving the notification, the server will execute the operation of opening the tenant network for the virtual machine.
- the IP address of the virtual machine, the MAC address of the virtual machine, and the VLAN identifier of the virtual machine can be carried in the ARP request, and the IP address of the virtual machine and the MAC address of the virtual machine can be carried in the virtual machine access notification.
- the first three items of information can be parsed and obtained from the ARP request.
- the access port in the last item is the port on the access switch that intercepts the ARP request.
- the VLAN identifier of the machine indicates the VLAN to which the virtual machine belongs (the VLAN may not have been created at this time, but this parameter can be configured in advance on the virtual machine).
- an ARP request record table can be saved on the access switch, and each entry in the table corresponds to an ARP request.
- the content of the table entry can include the IP of the virtual machine. Address, MAC address of the virtual machine, VLAN identification of the virtual machine, and access port of the virtual machine, of which the first three items correspond to an ARP request.
- a certain entry is recorded in the ARP request record table, indicating that the tenant network has been opened for the virtual machine that initiated the ARP request corresponding to the entry (there may be special cases where the virtual machine access notification is lost, and the processing method is described later).
- the access switch can determine whether its corresponding entry has been recorded in the ARP request record table: if the ARP request record table does not contain an entry corresponding to the ARP request, it indicates that the entry is initiated.
- the virtual machine requested by the ARP has not yet opened the tenant network, so the access switch can send the virtual machine access notification to the SDN controller to continue the subsequent operations of opening the tenant network; if the ARP request record table already contains the table corresponding to the ARP request Item, it is very likely that the virtual machine that has joined the tenant network before will send an ARP request with the same content again (according to the ARP protocol, the virtual machine usually broadcasts an ARP request at intervals). At this time, there is no need to re-open the tenant network. That is, the access switch does not need to process the ARP request, nor does it need to generate a virtual machine access notification.
- the virtual machine access notification sent by the access switch to the SDN controller may be lost (for example, a network abnormality occurs), so that the SDN controller cannot learn that the tenant network is to be opened for a tenant's virtual machine.
- the SDN controller can actively query the ARP request record table saved on the access switch periodically. For each entry in the ARP request record table, a corresponding virtual machine access notification will be sent under normal circumstances.
- the SDN controller can actively initiate the tenant network activation based on the content of these entries, without waiting for the receipt Notification of virtual machine access, which helps to reduce the probability of failure to activate the tenant's network and provide better services to the tenants.
- the entries of the ARP request record table may contain the same information as in the virtual machine access notification (for example, the IP address of the virtual machine, the MAC address of the virtual machine, the VLAN identifier of the virtual machine, and the access port of the virtual machine) Therefore, there is no difference in operation between the SDN controller opening the tenant network according to the content of the table entry and opening the tenant network according to the received virtual machine access notification.
- Step S202 The SDN controller generates network configuration parameters according to the virtual machine access notification and the scheduling result of the tenant network to which the virtual machine belongs, and sends the network configuration parameters to the switch.
- the tenant can orchestrate the tenant network through the SDN controller (it can be arranged by the tenant itself, or the tenant can arrange the demand by the administrator of the cloud data center).
- the purpose of the orchestration is mainly to Make some planning for the tenant network.
- the content of the orchestration may include certain restriction conditions set for virtual machines in the tenant network. Only virtual machines that meet these conditions are recognized as legitimate virtual machines created by the tenant, and the SDN controller opens the tenant network for them.
- the above conditions can be the virtual machine IP range and virtual machine VLAN identification range allowed in the tenant network, that is, a tenant network can occupy a certain network segment and the tenant network can be divided into several VLANs (as a typical In case, a tenant network is a VXLAN, which can include one or more VLANs).
- the SDN controller After the SDN controller receives the virtual machine access notification, it can determine whether the virtual machine is legal based on the content of the notification: if the IP address of the virtual machine is within the virtual machine IP range in the scheduling result of a tenant network, and the VLAN of the virtual machine If the identifier is within the VLAN identifier range in the layout result of the tenant network, it can be determined that the virtual machine is a legal virtual machine in the tenant network. Only when the virtual machine is legal, the subsequent steps of opening the tenant network will be executed, otherwise the SDN controller can output a prompt message that the tenant network has failed to be opened.
- the above judgment can not only determine that the virtual machine to be accessed is legal, but also determine which tenant the virtual machine belongs to.
- the virtual machine IP range of each tenant network is arranged so that there is no overlap, so once it is determined Which virtual machine IP range the IP address of the virtual machine belongs to is equivalent to determining the tenant to which the virtual machine belongs, and then the information in the tenant network orchestration result of the tenant can be obtained, combined with the information in the virtual machine access notification, Then the network configuration parameters can be generated.
- the information used to generate the network configuration parameters includes but is not limited to: the VLAN identification of the virtual machine and the access port of the virtual machine in the virtual machine access notification, and the VXLAN gateway address of the tenant network in the orchestration result is related to VXLAN Parameters, etc.
- the SDN controller will deliver the generated network configuration to the access switch and the switch connected to the access switch.
- the network configuration parameters delivered to the switches with different functions are also different (for example, please refer to the description of Figure 3 later).
- the access switch the concept has been given in the previous article.
- the switch connected to the access switch refers to the switch located at the upper level of the access switch in the network and is closer to the SDN controller (relative to the access switch) in the network.
- the access switch can refer to the switch at the access layer
- the switch connected to the access switch can refer to the switch located at the aggregation layer and the core layer
- the access switch can refer to leaf Switch
- the switch connected to the access switch can be referred to as a spine switch (refer to Figure 1).
- the result of the orchestration of the tenant network may also include the IP addresses of the switches in the tenant network, so that the SDN controller can issue network configuration parameters to these switches according to the pre-configured IP addresses.
- the IP address of the access switch does not need to be configured in advance, because the IP address of the access switch (the source IP address in the message) can also be obtained by parsing the message content of the virtual machine access notification, that is, the SDN controller and You don't need to care about which access switch the virtual machine is connected to.
- the network configuration parameters may include, but are not limited to: parameters used to create VLANs, parameters used to create VXLANs, parameters used to map created VLANs to created VXLANs, and parameters used to create VXLANs The parameters of the gateway and the parameters used to add the access port of the virtual machine to the created VLAN.
- the SDN controller does not generate all the above network parameters every time it receives a virtual machine access notification, or even if all the above network parameters are generated, it may not necessarily deliver them all to the switch. on.
- the network configuration parameters generated by the SDN controller may include the parameters used to create VXLAN, and the SDN controller will After the configuration parameters are issued, the creation of VXLAN is completed on the access switch and the switch connected to the access switch. Since only one VXLAN is usually created for a tenant, afterwards, if the second virtual machine created by tenant A goes online, only the existing VXLAN needs to be added, and a VXLAN does not need to be recreated.
- the SDN controller receives the second virtual machine.
- the generated network configuration parameters may not include the parameters used to create the VXLAN.
- the network configuration generated by the SDN controller after receiving the virtual machine access notification generated when the second virtual machine goes online The parameters may not include the parameters used to create the VLAN (because the VLAN has been created before), but if the second virtual machine goes online from a different access port from the first virtual machine, the generated network configuration parameters can include Parameters used to add the access port of the virtual machine to the created VLAN (because the access port has not been added to the VLAN before).
- Step S203 The switch performs network configuration according to the received network configuration parameters.
- Different network configuration parameters instruct the switch to implement different functions. For example, if the switch receives the parameters used to create a VLAN, the switch will create a VLAN based on the received configuration parameters; if the switch receives the parameters used to create a VXLAN, the switch will create a VXLAN based on the received configuration parameters, etc. . After the switch completes the network configuration, the tenant network of the virtual machine is also opened, so that the tenant can carry out other tenant services through the virtual machine.
- the switch may also return the network configuration result to the SDN controller, whether it is a result of success or failure.
- the SDN controller can output alarm information or prompt information of the reason for the failure.
- the online process is basically the above-mentioned process of opening the tenant network.
- the SDN controller For virtual machine migration (for example, a virtual machine migrates from one port on the same host to another port, or migrates to another host), except for the tenant network for the migrated virtual machine (the process is similar to the above Step), the SDN controller also needs to migrate the configuration or policy related to the virtual machine.
- the IP address of the virtual machine may change, but the MAC address will not change (that is, it can uniquely identify the virtual machine).
- the virtual machine access notification can include the virtual machine's MAC address. After receiving the current notification, the SDN controller can determine whether it has received a virtual machine access notification containing the same MAC address before, so as to determine whether any virtual machine has migrated, and then perform migration-related operations .
- the network configuration parameters of the virtual machine are issued by the SDN controller to the access switch to enable the tenant network opening of the virtual machine, which is conducive to speeding up the progress of the tenant's cloud data center transformation, for example, in the cloud data center network. It is not necessary to set up a cloud platform, so that the interface docking problem of the cloud platform can be avoided.
- the access switch automatically senses the access of the virtual machine by intercepting the ARP message sent by the virtual machine on the port, and notifies the SDN controller to issue the network configuration parameters, thereby automatically and efficiently completing the virtual machine activation of the tenant network
- the process enables the tenant business to be launched quickly, and in this process, the SDN controller does not need to know the access location of the virtual machine in advance, which simplifies the content of the tenant network arrangement.
- the virtual machine access method provided by the embodiments of the present disclosure is not limited to being applied in a cloud data center network.
- the beneficial effects produced are similar to the above.
- FIG. 3 shows an interaction diagram of a virtual machine access method provided by an embodiment of the present disclosure.
- FIG. 3 can be regarded as a specific embodiment obtained by combining the method in FIG. 2 with the network architecture in FIG. 1.
- Figure 3 When explaining Figure 3, some of the content that has been explained before will be omitted.
- Step S300 Configure a routing protocol on the leaf switch.
- Step S301 Configure a routing protocol on the spine switch.
- step S300 and step S301 can be performed to ensure that the SDN controller and the leaf switch and the spine switch can communicate with the three-layer network, so that the SDN controller can receive through the three-layer network in the subsequent steps
- the virtual machine access notification sent to the leaf switch, and the network configuration parameters are delivered to the leaf switch and the spine switch connected to the leaf switch through the three-layer network.
- Step S302 Arrange the tenant network on the SDN controller.
- the content of the arrangement can include the virtual machine IP address range allowed in the tenant network, the virtual machine VLAN identification range, the gateway address of the tenant network, the parameters related to the creation of VXLAN, and the IP address of the switch (at least including the IP address of the spine switch, because The IP address of the leaf switch can be obtained through the virtual machine access notification), and so on.
- Step S303 Create and configure a virtual machine on the virtual machine management platform.
- the content of configuring the virtual machine may include: configuring the IP address of the virtual machine, configuring the gateway address of the virtual machine, configuring the VLAN identification of the virtual machine, and so on.
- Step S304 The virtual machine sends an ARP request to the leaf switch.
- Step S305 The leaf switch intercepts and processes the ARP request.
- Step S306 The leaf switch sends a virtual machine access notification to the SDN controller.
- step S304 to step S306 For the content of step S304 to step S306, refer to the description of step S200 to step S201, and it is only necessary to replace the aforementioned access switch with a leaf switch.
- Step S307 The SDN controller verifies the legitimacy of the virtual machine to be accessed.
- step S308 will be executed if the verification result is legal. It should be pointed out that if it can be ensured that the virtual machine accessed is always legal, step S307 can also be skipped.
- Step S308 The SDN controller generates network configuration parameters according to the virtual machine access notification and the scheduling result of the tenant network to which the virtual machine belongs.
- step S308 The result of the orchestration of the tenant network is generated in step S302.
- step S308 the step of determining the tenant network to which the virtual machine belongs is actually implicit.
- the tenant network to which the virtual machine belongs can also be determined.
- certain information such as the identifier of the tenant, may also be carried in the virtual machine access notification to indicate the tenant network to which the virtual machine belongs.
- Step S309 The SDN controller delivers corresponding configuration parameters to the leaf switch.
- the SDN controller only needs to deliver the corresponding configuration parameters to the leaf switch where the access port of the virtual machine is located, and does not need to deliver the configuration parameters to the other leaf switches.
- the configuration parameters corresponding to the leaf switch may include: parameters used to create VLAN on the leaf switch, parameters used to create VXLAN on the leaf switch (including configuring the leaf switch as a VTEP Parameters) and the parameters used to add the access port of the virtual machine to the created VLAN.
- Step S310 The leaf switch performs network configuration according to the received configuration parameters.
- Step S311 The leaf switch returns the configuration result to the SDN controller.
- Step S312 The SDN controller delivers corresponding configuration parameters to the spine switch connected to the leaf switch.
- the SDN controller needs to deliver the corresponding configuration parameters to the spine switch connected to the leaf switch where the access port of the virtual machine is located (for example, if all spine switches in the switching network are switches connected to the leaf switch, the SDN control The switch needs to deliver the corresponding configuration parameters to all spine switches in the switching network).
- the configuration parameters corresponding to the spine switch in the network configuration parameters generated in step S308 may include: parameters used to create a VXLAN gateway on the spine switch and other parameters used to create a VXLAN on the spine switch (including configuring the spine switch as a VTEP The parameters) and the parameters used to map the created VLAN to the created VXLAN.
- configuring the gateway on the spine switch is a common choice, but it does not rule out configuring the gateway on the leaf switch. If it is the latter, the parameters for creating the VXLAN gateway should be delivered to the leaf switch.
- Step S313 The spine switch performs network configuration according to the received configuration parameters.
- Step S314 The spine switch returns the configuration result to the SDN controller.
- FIG. 4 shows a functional module diagram of a virtual machine access apparatus 400 provided by an embodiment of the present disclosure.
- the virtual machine access device 400 is configured in an access switch, and the device includes:
- the request interception module 410 is configured to intercept the ARP request sent by the virtual machine from the access port of the virtual machine;
- the request processing module 420 is configured to generate a virtual machine access notification according to the ARP request, and send the virtual machine access notification to the SDN controller, so that the SDN controller generates a tenant network for the virtual machine to activate Network configuration parameters;
- the network configuration module 430 is configured to receive the network configuration parameters sent by the SDN controller, and perform network configuration according to the network configuration parameters.
- the virtual machine In an implementation manner of the virtual machine access apparatus 400, the IP address of the virtual machine, the MAC address of the virtual machine, and the VLAN identification of the virtual machine carried in the ARP request, the virtual machine is connected to The incoming notification carries the IP address of the virtual machine, the MAC address of the virtual machine, the VLAN identifier of the virtual machine, and the access port of the virtual machine.
- an ARP request record table is stored on the access switch, and the network configuration module 430 generates a virtual machine access notification according to the ARP request, including: If the record table does not include an entry corresponding to the ARP request, an entry corresponding to the ARP request is created in the ARP request record table, and a virtual machine access notification is generated according to the ARP request.
- the virtual machine access device 400 provided by the embodiments of the present disclosure has been introduced in the foregoing method embodiments for its implementation principles and technical effects.
- the parts not mentioned in the device embodiments please refer to the foregoing method embodiments. In the corresponding content.
- FIG. 5 shows a functional module diagram of a virtual machine access device 500 provided by an embodiment of the present disclosure.
- the virtual machine access device 500 is configured in the SDN controller, and the device includes:
- the notification receiving module 510 is configured to receive the virtual machine access notification sent by the access switch;
- the notification processing module 520 is configured to generate network configuration parameters for the virtual machine to activate the tenant network according to the virtual machine access notification and the scheduling result of the tenant network to which the virtual machine belongs, and send it to the access switch And the switch connected to the access switch sends the network configuration parameter.
- the apparatus further includes: a legality verification module, which is configured to: after the notification receiving module 510 receives the virtual machine access notification sent by the access switch, and, in the notification processing Before the module 520 generates network configuration parameters for the virtual machine to activate the tenant network according to the virtual machine access notification and the scheduling result of the tenant network to which the virtual machine belongs, according to the virtual machine access notification and to each As a result of the orchestration of the tenant network, it is determined that the virtual machine is a legal virtual machine in one of the tenant networks.
- a legality verification module which is configured to: after the notification receiving module 510 receives the virtual machine access notification sent by the access switch, and, in the notification processing Before the module 520 generates network configuration parameters for the virtual machine to activate the tenant network according to the virtual machine access notification and the scheduling result of the tenant network to which the virtual machine belongs, according to the virtual machine access notification and to each As a result of the orchestration of the tenant network, it is determined that the virtual machine is a legal virtual machine in one of the tenant networks.
- the virtual machine access notification carries the IP address of the virtual machine, the MAC address of the virtual machine, the VLAN identifier of the virtual machine, and the The access port of the virtual machine, the scheduling result includes the virtual machine IP range and the virtual machine VLAN identification range allowed in the tenant network; the legality verification module determines according to the virtual machine access notification and the scheduling result of each tenant network
- the virtual machine is a legal virtual machine in one of the tenant networks, including: if the IP address of the virtual machine is within the virtual machine IP range in the orchestration result of one of the tenant networks, and the VLAN identifier of the virtual machine If it is within the range of the VLAN identifier in the layout result of the tenant network, it is determined that the virtual machine is a legal virtual machine in the tenant network.
- the network configuration parameters include at least one of the following: parameters used to create a VLAN; parameters used to create a VXLAN; and used to map the created VLAN to the created VXLAN The parameters in; the parameters used to create the VXLAN gateway; the parameters used to add the access port of the virtual machine to the created VLAN.
- the access switch is a leaf switch, and the switch connected to the access switch is a spine switch; among the network configuration parameters, the configuration parameters for the leaf switch are Including: parameters used to create a VLAN on the leaf switch, parameters used to create a VXLAN on the leaf switch, and parameters used to add the access port of the virtual machine to the created VLAN; the network configuration
- the configuration parameters for the spine switch in the parameters include: parameters for creating a VXLAN gateway on the spine switch, parameters for creating a VXLAN on the spine switch, and mapping the created VLAN to the created VXLAN Parameters in.
- the device further includes: a query module, configured to periodically query the ARP request record table stored on the access switch, and determine from the ARP request response table The SDN controller does not receive the entry of the corresponding virtual machine access notification, and the determined entry is an unprocessed entry; the notification processing module 520 is also configured to perform provisioning for the virtual machine corresponding to the unprocessed entry Operation of the tenant network.
- a query module configured to periodically query the ARP request record table stored on the access switch, and determine from the ARP request response table The SDN controller does not receive the entry of the corresponding virtual machine access notification, and the determined entry is an unprocessed entry
- the notification processing module 520 is also configured to perform provisioning for the virtual machine corresponding to the unprocessed entry Operation of the tenant network.
- the virtual machine access device 500 provided by the embodiments of the present disclosure has been introduced in the foregoing method embodiments for its implementation principles and the technical effects produced.
- the parts not mentioned in the device embodiments please refer to the foregoing method embodiments. In the corresponding content.
- FIG. 6 shows a possible structure of an electronic device 600 provided by an embodiment of the present disclosure.
- the electronic device 600 includes a processor 610, a memory 620, and a communication interface 630. These components are interconnected and communicate with each other through a communication bus 640 and/or other forms of connection mechanisms (not shown).
- Computer program instructions are stored in the memory 620, and the computer program instructions can be read and run by the processor 610 to implement the virtual machine access method provided by the embodiments of the present disclosure and other desired functions.
- the communication interface 630 is used for communication between the electronic device and other devices.
- the structure shown in FIG. 6 is only for illustration, and the electronic device 600 may also include more or less components than those shown in FIG. 6, or have a different configuration from that shown in FIG. 6.
- Each component shown in FIG. 6 can be implemented by hardware, software, or a combination thereof.
- the device where the SDN controller 100 is deployed, the switch 110, the virtual machine 122, etc. in FIG. 1 may all adopt the structure of the electronic device 600.
- the embodiment of the present disclosure also provides a computer-readable storage medium, and the computer-readable storage medium stores computer program instructions.
- the computer program instructions When the computer program instructions are read and run by a processor, the virtual machine access provided by the embodiments of the present disclosure is executed. Method steps.
- the computer-readable storage medium may be, but is not limited to, the memory 620 of the electronic device 600 in FIG. 6.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (11)
- 一种虚拟机接入方法,其特征在于,应用于接入交换机,所述方法包括:从虚拟机的接入端口上拦截所述虚拟机发送的ARP请求;根据所述ARP请求生成虚拟机接入通知,并向SDN控制器发送所述虚拟机接入通知,以使所述SDN控制器生成用于所述虚拟机开通租户网络的网络配置参数;接收所述SDN控制器发送的所述网络配置参数,并根据所述网络配置参数进行网络配置。
- 根据权利要求1所述的虚拟机接入方法,其特征在于,所述ARP请求中携带的所述虚拟机的IP地址、所述虚拟机的MAC地址以及所述虚拟机的VLAN标识,所述虚拟机接入通知中携带有所述虚拟机的IP地址、所述虚拟机的MAC地址、所述虚拟机的VLAN标识以及所述虚拟机的接入端口。
- 根据权利要求1所述的虚拟机接入方法,其特征在于,所述接入交换机上保存有ARP请求记录表,所述根据所述ARP请求生成虚拟机接入通知,包括:若所述ARP请求记录表中不包含与所述ARP请求对应的表项,则在所述ARP请求记录表中创建与所述ARP请求对应的表项,并根据所述ARP请求生成虚拟机接入通知。
- 一种虚拟机接入方法,其特征在于,应用于SDN控制器,所述方法包括:接收接入交换机发送的虚拟机接入通知;根据所述虚拟机接入通知以及对所述虚拟机所属的租户网络的编排结果生成用于所述虚拟机开通租户网络的网络配置参数,并向所述接入交换机以及所述接入交换机上联的交换机发送所述网络配置参数。
- 根据权利要求4所述的虚拟机接入方法,其特征在于,在所述接收接入交换机发送的虚拟机接入通知之后,以及,在所述根据所述虚拟机接入通知以及对所述虚拟机所属的租户网络的编排结果生成用于所述虚拟机开通租户网络的网络配置参数之前,所述方法还包括:根据所述虚拟机接入通知以及对各个租户网络的编排结果,确定所述虚拟机为其中一个租户网络中的合法虚拟机。
- 根据权利要求5所述的虚拟机接入方法,其特征在于,所述虚拟机接入通知中携带有所述虚拟机的IP地址、所述虚拟机的MAC地址、所述虚拟机的VLAN标识以及所述虚拟机的接入端口,所述编排结果包括租户网络中允许的虚拟机IP范围以及虚拟机VLAN标识范围;所述根据所述虚拟机接入通知以及对各个租户网络的编排结果,确定所述虚拟机为其中一个租户网络中的合法虚拟机,包括:若所述虚拟机的IP地址处于其中一个租户网络的编排结果中的虚拟机IP范围内,并且,所述虚拟机的VLAN标识处于该租户网络的编排结果中的VLAN标识范围内,则确定所述虚拟机为该租户网络中的合法虚拟机。
- 根据权利要求4所述的虚拟机接入方法,其特征在于,所述网络配置参数包括以下至少一项:用于创建VLAN的参数;用于创建VXLAN的参数;用于将创建的VLAN映射到创建的VXLAN中的参数;用于创建VXLAN网关的参数;用于将所述虚拟机的接入端口加入到创建的VLAN中的参数。
- 根据权利要求7所述的虚拟机接入方法,其特征在于,所述接入交换机为leaf交换机,所述接入交换机上联的交换机为spine交换机;所述网络配置参数中针对所述leaf交换机的配置参数包括:用于在所leaf交换机上创建VLAN的参数、用于在所leaf交换机上创建VXLAN的参数以及用于将所述虚拟机的接入端口加入到创建的VLAN中的参数;所述网络配置参数中针对所述spine交换机的配置参数包括:用于在所述spine交换机上创建VXLAN网关的参数、用于在所述spine交换机上创建VXLAN的参数以及用于将创建的VLAN映射到创建的VXLAN中的参数。
- 根据权利要求4所述的虚拟机接入方法,其特征在于,所述方法还包括:定期查询所述接入交换机上保存的ARP请求记录表,从所述ARP请求响应表中确定出所述SDN控制器未收到对应的虚拟机接入通知的表项,确定出的表项为未处理表项;针对所述未处理表项对应的虚拟机执行开通租户网络的操作。
- 一种虚拟机接入装置,其特征在于,配置于接入交换机,所述装置包括:请求拦截模块,用于从虚拟机的接入端口上拦截所述虚拟机发送的ARP请求;请求处理模块,用于根据所述ARP请求生成虚拟机接入通知,并向SDN控制器发送所述虚拟机接入通知,以使所述SDN控制器生成用于所述虚拟机开通租户网络的网络配置参数;网络配置模块,用于接收所述SDN控制器发送的所述网络配置参数,并根据所述网络配置参数进行网络配置。
- 一种虚拟机接入装置,其特征在于,配置于SDN控制器,所述装置包括:通知接收模块,用于接收接入交换机发送的虚拟机接入通知;通知处理模块,用于根据所述虚拟机接入通知以及对所述虚拟机所属的租户网络的编排结果生成用于所述虚拟机开通租户网络的网络配置参数,并向所述接入交换机以及所述接入交换机上联的交换机发送所述网络配置参数。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911109596.8A CN110855488B (zh) | 2019-11-13 | 2019-11-13 | 一种虚拟机接入方法及装置 |
CN201911109596.8 | 2019-11-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021093455A1 true WO2021093455A1 (zh) | 2021-05-20 |
Family
ID=69600209
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/116000 WO2021093455A1 (zh) | 2019-11-13 | 2020-09-17 | 一种虚拟机接入方法及装置 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN110855488B (zh) |
WO (1) | WO2021093455A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2023035777A1 (zh) * | 2021-09-13 | 2023-03-16 | 中兴通讯股份有限公司 | 网络配置方法、代理组件、控制器、电子设备和存储介质 |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110855488B (zh) * | 2019-11-13 | 2022-04-05 | 迈普通信技术股份有限公司 | 一种虚拟机接入方法及装置 |
CN113079030B (zh) * | 2020-05-29 | 2022-05-24 | 新华三信息安全技术有限公司 | 配置信息下发方法和接入设备 |
CN113949630B (zh) * | 2021-10-25 | 2024-03-26 | 浪潮思科网络科技有限公司 | 一种跨云网融合环境的数据中心互联方法、设备及介质 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140201733A1 (en) * | 2013-01-15 | 2014-07-17 | International Business Machines Corporation | Scalable network overlay virtualization using conventional virtual switches |
US20150281059A1 (en) * | 2014-03-27 | 2015-10-01 | Nicira, Inc. | Host architecture for efficient cloud service access |
CN107040401A (zh) * | 2015-12-01 | 2017-08-11 | 中华电信股份有限公司 | 具安全与功能扩充性的有线局域网络用户管理系统及方法 |
US20180006969A1 (en) * | 2016-06-29 | 2018-01-04 | Cisco Technology, Inc. | Technique for gleaning mac and ip address bindings |
CN110855488A (zh) * | 2019-11-13 | 2020-02-28 | 迈普通信技术股份有限公司 | 一种虚拟机接入方法及装置 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102546267B (zh) * | 2012-03-26 | 2015-06-10 | 杭州华三通信技术有限公司 | 网络设备的自动配置方法和管理服务器 |
CN103763121B (zh) * | 2013-12-24 | 2018-01-09 | 新华三技术有限公司 | 一种网络配置信息快速下发的方法及装置 |
CN107147509B (zh) * | 2016-03-01 | 2022-03-11 | 中兴通讯股份有限公司 | 虚拟专用网业务实现方法、装置及通信系统 |
CN107547242B (zh) * | 2017-05-24 | 2019-11-12 | 新华三技术有限公司 | Vm配置信息的获取方法及装置 |
CN108111332A (zh) * | 2017-11-10 | 2018-06-01 | 上海华讯网络系统有限公司 | 应用sdn的混合云管理系统及方法 |
CN109660443B (zh) * | 2018-12-26 | 2021-12-31 | 江苏省未来网络创新研究院 | 基于sdn的物理设备与虚拟网络通信方法和系统 |
CN110266589A (zh) * | 2019-06-24 | 2019-09-20 | 深信服科技股份有限公司 | 一种数据通信方法、装置、电子设备及存储介质 |
-
2019
- 2019-11-13 CN CN201911109596.8A patent/CN110855488B/zh active Active
-
2020
- 2020-09-17 WO PCT/CN2020/116000 patent/WO2021093455A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140201733A1 (en) * | 2013-01-15 | 2014-07-17 | International Business Machines Corporation | Scalable network overlay virtualization using conventional virtual switches |
US20150281059A1 (en) * | 2014-03-27 | 2015-10-01 | Nicira, Inc. | Host architecture for efficient cloud service access |
CN107040401A (zh) * | 2015-12-01 | 2017-08-11 | 中华电信股份有限公司 | 具安全与功能扩充性的有线局域网络用户管理系统及方法 |
US20180006969A1 (en) * | 2016-06-29 | 2018-01-04 | Cisco Technology, Inc. | Technique for gleaning mac and ip address bindings |
CN110855488A (zh) * | 2019-11-13 | 2020-02-28 | 迈普通信技术股份有限公司 | 一种虚拟机接入方法及装置 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2023035777A1 (zh) * | 2021-09-13 | 2023-03-16 | 中兴通讯股份有限公司 | 网络配置方法、代理组件、控制器、电子设备和存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN110855488B (zh) | 2022-04-05 |
CN110855488A (zh) | 2020-02-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021093455A1 (zh) | 一种虚拟机接入方法及装置 | |
US11469964B2 (en) | Extension resource groups of provider network services | |
US10698717B2 (en) | Accelerator virtualization method and apparatus, and centralized resource manager | |
WO2019184164A1 (zh) | 自动部署Kubernetes从节点的方法、装置、终端设备及可读存储介质 | |
EP3422642A1 (en) | Vlan tagging in a virtual environment | |
US11856065B2 (en) | Data transmission for service integration between a virtual private cloud and an intranet | |
US20110239216A1 (en) | Service providing system, a virtual machine server, a service providing method, and a program thereof | |
JP2015165700A (ja) | 遠隔サービスへのローカル安全なネットワークアクセスを提供する方法 | |
CN109587286B (zh) | 一种设备接入控制方法及装置 | |
WO2021098819A1 (zh) | 一种路由更新方法和用户集群 | |
US20200159555A1 (en) | Provider network service extensions | |
CN112910685B (zh) | 实现对容器网络统一管理的方法及装置 | |
WO2013132909A1 (ja) | ホスト提供システム及び通信制御方法 | |
WO2017114363A1 (zh) | 报文处理方法、bng及bng集群系统 | |
KR102533536B1 (ko) | 사설 네트워크 간의 통신을 위한 방법, 장치, 전자 기기 및 저장 매체 | |
CN112202615A (zh) | 一种多cni协同工作系统与方法 | |
US20170235942A1 (en) | Efficient hardware trust verification in data communication systems that comprise network interface cards, central processing units, and data memory buffers | |
WO2018001023A1 (zh) | 一种云终端登录虚拟桌面方法及装置 | |
US20190356648A1 (en) | Resource extension method and device for a zone of a cloud service platform, apparatus and computer-readable storage medium | |
US9736027B2 (en) | Centralized enterprise image upgrades for distributed campus networks | |
KR101759429B1 (ko) | 멀티 도메인 환경에서 도메인과 대응되는 피어 및 이의 제어 방법 | |
CN112637111B (zh) | 虚拟化云平台系统 | |
WO2018018459A1 (zh) | 一种策略处理的方法和设备 | |
JP7212158B2 (ja) | プロバイダネットワークサービス拡張 | |
WO2018120182A1 (zh) | 一种秘密信息的分发方法和设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20887045 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20887045 Country of ref document: EP Kind code of ref document: A1 |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20887045 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 30/01/2023) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20887045 Country of ref document: EP Kind code of ref document: A1 |