CN111221619A - Method, device and equipment for opening and arranging service - Google Patents
Method, device and equipment for opening and arranging service Download PDFInfo
- Publication number
- CN111221619A CN111221619A CN201811425055.1A CN201811425055A CN111221619A CN 111221619 A CN111221619 A CN 111221619A CN 201811425055 A CN201811425055 A CN 201811425055A CN 111221619 A CN111221619 A CN 111221619A
- Authority
- CN
- China
- Prior art keywords
- network element
- service
- sdn
- vnfm
- target network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0896—Bandwidth or capacity management, i.e. automatically increasing or decreasing capacities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the application provides a method, a device and equipment for opening and arranging services, wherein the method comprises the following steps: management configuration is carried out through NFVO, the NFVO calls an SDN controller and a VIM, a created target network element is issued, and the VIM is linked with an autonomous VNFM to complete the arrangement and deployment of the NFV virtualization security network element. The SDN controller automatically drains the flow to the corresponding NFV virtualization security network element according to the information feedback of the VIM, automatically completes the flow drainage of the appointed tenant through the linkage of the NFV virtualization product through the SDN controller, and serially connects the NFV virtualization product in the virtual machine network. The method can realize the automatic deployment of the corresponding virtualized network element and the integral arrangement and unified management of the VNF service running on the virtualized network element, and can increase the operation and maintenance response speed and the network service expansion capability while reducing the operation and maintenance difficulty.
Description
Technical Field
The invention belongs to the technical field of data services, and particularly relates to a method, a device, equipment and a computer storage medium for opening and arranging services.
Background
At present, in order to completely migrate the entire architecture of the conventional network to a virtualization environment, the industry proposes a concept of Network Function Virtualization (NFV). By means of the NFV framework, various network functions of a traditional network can be virtualized, special hardware is not needed for support, and a universal X86 server is used for support. When the services are adjusted, brand-new hardware equipment does not need to be purchased for each service, and only the existing, idle or temporarily called general X86 server from other services is needed to be allocated to make temporary or permanent hardware resources so as to quickly respond to network service adjustment.
Meanwhile, after the network functions are all virtualized, under the condition that hardware allows, the network service can rapidly change and respond according to the requirements, whether the requirements are temporary or permanent, the response and adjustment can be completed from a far end within dozens of minutes or even several minutes (the response and adjustment may be deployment or deletion of a Virtual Network Function (VNF) or opening or canceling of a virtualized network element of an NFVI layer) without depending on debugging of field personnel.
In view of this, according to a large amount of construction requirements and the existing situation, and in combination with the needs of subsequent network service development, an NFV virtualization product is deployed in a cloud environment, so as to provide a security protection service for each service system of a data center, and it becomes a key point of network management attention to implement automatic opening of multiple network services.
Disclosure of Invention
The embodiment of the application provides a method, a device and equipment for opening and arranging services and a computer storage medium, wherein management configuration is carried out through NFVO, the NFVO calls SDN control and VIM, a target network element is created and issued, the VIM is linked with an autonomous VNFM, automatic arrangement of a corresponding virtualization network element and overall arrangement and unified management of VNF services running on the virtualization network element can be achieved, operation and maintenance difficulty is reduced, operation and maintenance response speed is increased, and network service expansion capacity is increased.
In a first aspect, an embodiment of the present application provides a method for provisioning a service, where the method may include: a network function virtualization orchestrator NFVO calls a Software Defined Network (SDN) controller in a cross-Virtualization Infrastructure Management (VIM) and sends a message for creating a target network element to a Virtualization Network Function Manager (VNFM);
the NFVO receives the state information of the target network element fed back by the VNFM, wherein the state information of the target network element is determined by the VNFM according to the message for creating the target network element and the information in the virtual resource pool;
and the NFVO issues an SDN drainage instruction to the SDN controller according to the state information of the target network element, so that the SDN controller executes the SDN drainage instruction through a switch to complete service opening on the target network element.
According to the scheme, when a business or a tenant needs the NFV virtualization security network element, management configuration is carried out through the NFVO, the NFVO calls the SDN controller and the VIM, a created target network element is issued, and the VIM is linked with the independent VNFM to complete arrangement and deployment of the NFV virtualization security network element. The SDN controller automatically drains the flow to the corresponding NFV virtualization security network element according to the information feedback of the VIM, automatically completes the flow drainage of the appointed tenant through the linkage of the NFV virtualization product through the SDN controller, and serially connects the NFV virtualization product in the virtual machine network. The method can realize the automatic deployment of the corresponding virtualized network element and the integral arrangement and unified management of the VNF service running on the virtualized network element, and can increase the operation and maintenance response speed and the network service expansion capability while reducing the operation and maintenance difficulty.
In a possible implementation manner, provisioning the service running on the "target network element" includes: firewall vFW services or network defense intrusion detection vpps services.
Because, in the deployed NFV virtualization product, safety protection services are provided for each business system of the data center, and automated operation, maintenance and orchestration of the service-based VNF network elements are realized.
In another possible implementation, in the step of the network function virtualization orchestrator NFVO invoking a software defined network SDN controller in the cross virtualization infrastructure management VIM and sending a message for creating a target network element to the virtualized network function manager VNFM, "the method specifically includes:
the method comprises the steps that an NFVO determines a message for creating a target network element through a first interface of an OpenStack standard in an SDN;
and the NFVO calls a standard plug-in corresponding to the first interface, and sends a message for creating the target network element to a specific virtual network element manager S-VNFM in the VNFM.
Because the NFV virtualization product can realize automatic deployment, the deployment creation is completed by using the OpenStack standard API interface (namely, the first interface), and a customized interface is not needed.
In another possible implementation manner, in the step of "the NFVO receives the status information of the target network element fed back by the VNFM", the method specifically includes:
the S-VNFM determines the state information of the target network element according to the message for creating the target network element and the information in the virtual resource pool;
the NFVO receives S-VNFM feedback target network element status information.
In yet another possible implementation, the "network function virtualization orchestrator NFVO" may include: at least one of a cloud management platform or a management application for performing the method of provisioning a service as in any of the first aspects.
Because the scheme adopts a decoupling mode (namely the hardware and the software have no direct binding relationship and the software also has no strong binding relationship, corresponding software or hardware can be purchased along with service development and actual requirements, and other virtualization network elements can be integrated according to requirements without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualization product are combined by multiple manufacturers and have no coupling relationship. Therefore, the network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The service individuation of different physical areas and user groups is realized, and the service scale can be quickly and conveniently expanded and contracted.
In conclusion, the method realizes unified management of the network and the NFV virtualization network element by interfacing with the cloud management platform or the management APP interface, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capability.
In a second aspect, an embodiment of the present application provides a method for orchestrating a service, where the method may include:
a Network Function Virtualization Orchestrator (NFVO) receives an instruction for creating a router on a cloud management platform running in the NFVO;
the method comprises the steps that an NFVO creates a plurality of first main and standby routers with firewall vFW services and a plurality of second main and standby routers with network defense intrusion detection vIPS services according to an instruction for creating a virtual router and triggering OpenStack in a Software Defined Network (SDN) controller;
the NFVO receives a first message, the first message comprising: the method comprises the steps that a Virtualized Network Function Manager (VNFM) is used for configuring first configuration information of a first main router and second configuration information of a second main router;
when the instruction for creating the virtual router fails, the NFVO deletes the first primary and secondary routers, and triggers the VNFM to delete the first configuration information and the second configuration information.
In the scheme, at the network position of some larger services/tenants, the NFV virtualization network element is required to support high performance, and automatic arrangement of the high-performance NFV virtualization network element is realized to meet the service requirement. When the demand is changed or reduced, the configuration and the number of the NFV virtualization network elements can be modified or deleted through the operation of the NFVO on the VIM, so that the automatic arrangement based on the service or the tenant is realized, and the high reliability is ensured.
In a third aspect, an embodiment of the present application provides a device for provisioning a service, where the device may include:
the processing module is used for calling a Software Defined Network (SDN) module in the control module and sending a message for creating a target network element to the management module;
the processing module is further used for receiving the state information of the target network element fed back by the management module, wherein the state information of the target network element is determined by the management module according to the message for creating the target network element and the information in the virtual resource pool;
the processing module is further used for issuing an SDN drainage instruction to the SDN module according to the state information of the target network element, so that the SDN module can execute the SDN drainage instruction through the switch, and service opening on the target network element is completed.
According to the scheme, when a business or a tenant needs the NFV virtualization security network element, management configuration is carried out through the processing module, the processing module calls the SDN module and the control module to issue a created target network element, and the control module is linked with the autonomous management module to complete arrangement and deployment of the NFV virtualization security network element. The SDN module automatically drains the flow to the corresponding NFV virtualization security network element according to the information feedback of the control module, automatically completes the flow drainage of the designated tenant through the linkage of the NFV virtualization product through the SDN module, and serially connects the NFV virtualization product in the virtual machine network. The method can realize the automatic deployment of the corresponding virtualized network element and the integral arrangement and unified management of the VNF service running on the virtualized network element, and can increase the operation and maintenance response speed and the network service expansion capability while reducing the operation and maintenance difficulty.
In a possible implementation manner, provisioning the service running on the "target network element" includes: firewall vFW services or network defense intrusion detection vpps services.
Because, in the deployed NFV virtualization product, safety protection services are provided for each business system of the data center, and automated operation, maintenance and orchestration of the service-based VNF network elements are realized.
In another possible implementation, the "processing module" is specifically configured to:
determining a message for creating a target network element through a first interface of an OpenStack standard in an SDN module;
and calling a standard plug-in corresponding to the first interface, and sending a message for creating the target network element to a specific virtual network element module S-VNFM in the management module.
Because the NFV virtualization product can realize automatic deployment, the deployment creation is completed by using the OpenStack standard API interface (namely, the first interface), and a customized interface is not needed.
In another possible implementation, the "processing module" is specifically configured to:
the S-VNFM module determines the state information of the target network element according to the message for creating the target network element and the information in the virtual resource pool;
the processing module is specifically configured to receive the state information of the target network element fed back by the S-VNFM module.
In yet another possible implementation, the "processing module" may include at least one of a cloud management platform or a management application program, for executing the method for provisioning a service according to any one of the first aspect.
Because the scheme adopts a decoupling mode (namely the hardware and the software have no direct binding relationship and the software also has no strong binding relationship, corresponding software or hardware can be purchased along with service development and actual requirements, and other virtualization network elements can be integrated according to requirements without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualization product are combined by multiple manufacturers and have no coupling relationship. Therefore, the network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The service individuation of different physical areas and user groups is realized, and the service scale can be quickly and conveniently expanded and contracted.
In conclusion, the method realizes unified management of the network and the NFV virtualization network element by interfacing with the cloud management platform or the management APP interface, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capability.
In a fourth aspect, an embodiment of the present application provides an apparatus for orchestrating a service, where the apparatus may include:
the processing module is used for receiving an instruction for creating a router on a cloud management platform running in the processing module;
the processing module is further used for creating a plurality of first main and standby routers with firewall vFW services and a plurality of second main and standby routers with network defense intrusion detection vIPS services according to an instruction for creating a virtual router and triggering OpenStack in a Software Defined Network (SDN) module;
the processing module is further configured to receive a first message, the first message including: the management module is used for configuring first configuration information for a first main and standby router and configuring second configuration information for a second main and standby router;
when the instruction for creating the virtual router is invalid, the processing module is further configured to delete the first host-standby router and the second host-standby router, and trigger the management module to delete the first configuration information and the second configuration information.
In the scheme, at the network position of some larger services/tenants, the NFV virtualization network element is required to support high performance, and automatic arrangement of the high-performance NFV virtualization network element is realized to meet the service requirement. When the demand is changed or reduced, the configuration and the number of the NFV virtualization network elements can be modified or deleted through the operation of the processing module on the control module, so that the automatic arrangement based on the service or the tenant is realized, and the high reliability is ensured.
In a fifth aspect, an embodiment of the present application provides a device for provisioning and orchestrating services, where the device includes a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements the method of service provisioning and orchestration as in any one of the first aspect or the second aspect.
In the scheme, the NFV virtualization network elements are deployed and automatic deployment is realized based on an open source virtualization platform: the NFV virtualization network element is deployed on an open source virtualization platform OpenStack, an X86 server (which can be understood as a service opening and arranging device) is used for carrying out hardware bearing, all software and hardware are decoupled, and special hardware is not needed; the plug-in replacement of OpenStack by the own plug-in and the interface butt joint of the own VNFM and an OpenStack standard component (NOVA & Neutron) can realize the automatic deployment of the corresponding virtualization network element. Because all the servers constructed by the standard X86 are used as bearing hardware, no special hardware is purchased, and the existing servers can be used for deployment, so that the hardware purchasing cost is reduced; when the service changes, the hardware can be used by other service systems, so that the utilization rate of the hardware is increased.
In a sixth aspect, embodiments of the present application provide a computer-readable storage medium, which includes instructions that, when executed on a computer, cause the computer to perform the method of any one of the first aspect or the second aspect.
In a seventh aspect, the present application provides a computer program product containing instructions, which when executed on a computer, causes the computer to perform the method according to any one of the first aspect or the second aspect.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments of the present application will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic diagram of a management architecture after virtualization of network functions;
fig. 2 is a schematic diagram of an NFV management orchestration architecture according to an embodiment of the present application;
fig. 3 is a schematic flow chart of a service provisioning method according to an embodiment of the present application;
fig. 4 is a schematic logical structure diagram of an NFV service provisioning method according to an embodiment of the present application;
FIG. 5 is a flow chart illustrating a business orchestration method according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a first interface of a business orchestration method according to an embodiment of the present application;
FIG. 7 is a second interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 8 is a third interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 9 is a fourth interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 10 is a fifth interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 11 is a sixth interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 12 is a seventh interface diagram of a business orchestration method according to an embodiment of the present application;
fig. 13 is an eighth interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 14 is a ninth interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 15 is a tenth interface diagram of a business orchestration method according to an embodiment of the present application;
FIG. 16 is an eleventh interface diagram of a business orchestration method according to an embodiment of the present application;
fig. 17 is a twelfth interface schematic diagram of a business orchestration method according to an embodiment of the present application;
fig. 18 is a schematic structural diagram of a service provisioning apparatus according to an embodiment of the present application;
FIG. 19 is a block diagram of a business orchestration device according to an embodiment of the present application;
fig. 20 is a schematic structural diagram of a service provisioning and orchestration device according to an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application will be described in detail below, and in order to make objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by illustrating examples thereof.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
First, for convenience of understanding the contents related in the present application, a certain explanation will be made on the technical architecture applied in the present solution with reference to fig. 1, and in a virtualized environment, an existing network function will be implemented on a virtual network function VNF, which can be regarded as an application layer of the VNF. Each VNF may implement different network functions depending on the specific application configuration. The architecture diagram and interface of the NFV Management Orchestration (NFV Management and organization, NFV-MANO) involved are shown in fig. 1, where a Network Function Virtualization Orchestrator (NFVO) is responsible for lifecycle Management of Network services, Network Function Virtualization Infrastructure (NFVI) resource scheduling across Virtualization Infrastructure Managers (VIM), and Virtualization Network function Management (VNF Manager, VNFM) is responsible for lifecycle Management of VNF instances, each of which is assumed to have an associated VNFM, and VIM is responsible for controlling and managing NFVI computation, storage, and Network resources.
In particular, the key to the present application is mainly on NFV management orchestration, and therefore, the details are described in conjunction with fig. 2.
Fig. 2 is a schematic diagram of an NFV management arrangement according to an embodiment of the present application.
Specifically, as shown in fig. 2, in NFV-MANO, a unified management operation is performed by calling the cloud management platform/management APP in the network function virtualization orchestrator NFVO. The NFV provider provides a self-owned Virtual Network Function Manager (VNFM), a plug-in and a product supporting a certain VNF network element, the self-owned VNFM is responsible for life cycle management of the VNF network element, and performs operations such as creation, deletion and modification of the VNF network element and is in butt joint with a standard component of OpenStack; and providing a REST API interface for docking. The OpenStack is responsible for managing virtual resource management of the VIM layer across virtualization infrastructures, provides an OpenStack standard API and provides related information docking of VNF network elements.
Wherein, a specific virtual network element manager S-VNFM and plug-in (e.g. hillstone plug) in the VNFM, and a firewall vFW and a network defense intrusion detection vIPS in the resource pool provide a delivery module for the NFV. Virtual desktop (horizon) in VNFM, Nova & neutron, and ovs/sr-lov in the resource pool are common standard modules. A cloud management platform or management Application (APP) in NFVO, an SDN manager in VIM, a switch (e.g., a virtual switch or a physical switch), and a VNFM are third party delivered modules.
Wherein
In the application scenario of fig. 2, a detailed description is made below with reference to fig. 3 for a service provisioning method according to an embodiment of the present application.
Fig. 3 is a schematic flow chart of a service provisioning method according to an embodiment of the present application.
As shown in fig. 3, the specific method steps may include S310-S330:
s310: the network function virtualization orchestrator NFVO invokes a software defined network, SDN, controller in the cross-virtualization infrastructure management, VIM, sending a message to the virtualization network function manager, VNFM, to create a target network element.
Specifically, the NFVO determines a message for creating a target network element through a first interface of an OpenStack standard in the SDN;
and the NFVO calls a standard plug-in corresponding to the first interface, and sends a message for creating the target network element to a specific virtual network element manager S-VNFM in the VNFM.
S320: and the NFVO receives the state information of the target network element fed back by the VNFM, wherein the state information of the target network element is determined by the VNFM according to the message for creating the target network element and the information in the virtual resource pool.
Specifically, the S-VNFM determines the state information of the target network element according to the message for creating the target network element and the information in the virtual resource pool;
the NFVO receives S-VNFM feedback target network element status information.
S330: and the NFVO issues an SDN drainage instruction to the SDN controller according to the state information of the target network element, so that the SDN controller executes the SDN drainage instruction through a switch to complete service opening on the target network element.
It should be noted that opening the service operated on the target network element related in the above method may mainly include: firewall vFW services or network defense intrusion detection vpps services. The network function virtualization orchestrator NFVO includes: and at least one of the cloud management platform or the management application program is used for executing the method for opening the service related to any one of the steps.
Because the scheme adopts a decoupling mode (namely the hardware and the software have no direct binding relationship and the software also has no strong binding relationship, corresponding software or hardware can be purchased along with service development and actual requirements, and other virtualization network elements can be integrated according to requirements without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualization product are combined by multiple manufacturers and have no coupling relationship. Therefore, the network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The service individuation of different physical areas and user groups is realized, and the service scale can be quickly and conveniently expanded and contracted.
In conclusion, the method realizes unified management of the network and the NFV virtualization network element by interfacing with the cloud management platform or the management APP interface, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capability.
To better illustrate the method shown in fig. 3, a specific example is provided in the embodiments of the present application, as shown in fig. 4.
Fig. 4 is a schematic logical structure diagram of an NFV service provisioning method according to an embodiment of the present application. In particular, the amount of the solvent to be used,
it should be noted that steps 1-3 may correspond to S310 in fig. 3:
step 1: at least one of the cloud management platform or the management APP creates the vFW/vIPS through an OpenStack standard API interface.
Step 2: the OpenStack informs the S-VNFM component of the own VNFM to create the vFW/vIPS network element through a standard plug-in (such as a hill-stone plug-in) installed corresponding to the OpenStack standard component.
And step 3: and the S-VNFM establishes a vFW/vIPS instruction and issues the vFW/vIPS instruction through a NOVA & Neutron standard interface of OpenStack.
It should be noted that steps 4-6 may correspond to S320 in fig. 3:
and 4, step 4: NOVA and Neutron of OpenStack create vFW/vIPS through resource pool
And 5: NOVA and Neutron of OpenStack feed back vFW/vIPS creation state to S-VNFM through interface
Step 6: and the S-VNFM feeds back the establishment state and information of the vFW/vIPS to the cloud management platform/management APP.
It should be noted that steps 7-8 may correspond to S330 in fig. 3:
and 7: and the cloud management platform/management APP issues an SDN drainage instruction to the SDN controller according to the vFW/vIPS deployment state & information.
And 8: and the SDN controls to execute the SDN drainage rule through the switch/OVS to complete service opening.
It should be noted that fig. 4 is similar to the diagram of the architecture described in fig. 2, where the involved interfaces are not shown, and reference may be made to fig. 2 for connections of the interfaces.
In summary, in order to enable the NFV virtualized network element and the SDN to cooperate with each other and implement overall network deployment based on services or tenants, scheduling of the overall network and the virtualized network element needs to be implemented through a higher-level cloud management platform or a management APP, so as to implement overall network deployment. When the business/tenant requires the NFV virtualization security network element, management configuration is carried out through cloud management platform/management software, the cloud management platform/management software calls SDN control and VIM, commands are issued, the VIM is linked with an autonomous VNFM to complete arrangement and deployment of the NFV virtualization security network element, and an SDN controller automatically drains flow to the corresponding NFV virtualization security network element according to information feedback of the VIM. For the advanced/personalized management or configuration requirements, the cloud management platform/management APP can issue the required configuration to an NFV virtualization network element through the REST API of the VNF, so that the advanced/personalized requirements and subsequent service expansion requirements are met. By realizing the automatic deployment of network elements and the automatic flow guiding of flow, the whole network arrangement based on services/tenants is realized.
It should be noted that fig. 2-4 refer to the interfacing scheme among the standard interface, the third party interface and the private interface. This is explained in detail below with reference to the following steps:
first, the creation, modification, deletion, and query of the vFW and the vFW configuration are implemented based on the OpenStack standard interface, which can be classified into the following 4 cases, as follows:
in the first case, the business process: starting a virtual machine where the S-VNFM is located; communication path: cloud management platform/management APP- "NOVA; using an interface: v2.1/{ tenant _ id }/servers.
In the second case, the business process: the cloud management platform or management APP inputs S-VNFM and NFV equipment on an interface; communication path: cloud management platforms or management APPs.
In the third case, the business process: the cloud management platform or the management APP issues the specified zone information to the S-VNFM; communication path: cloud management platform or management APP-S-VNFM; using an interface: /vnfm _ hs _ fw/app/zone.
In the fourth case, the business process: a cloud management platform or management APP calls an opentapockFWaaS API; communication path: cloud management platform/manage APP- "Openstack; using an interface: v 2.0/fw/firewalls.
Secondly, the implementation of the feedback information receiving query on the S-VNFM based on the REST API may be divided into the following 2 cases, as shown below:
in the first case, the business process: after receiving the message of successful vm creation, the S-VNFM stores and sends vm information to a cloud management platform or a management APP; communication path: S-VNFM- > cloud pipe platform/management APP; using an interface: the S-VNFM informs the cloud management platform or management APP vfw that the creation was successful (which may be provided by the cloud platform).
In the second case, the business process: the cloud management platform or the management APP allocates vlan for the current vFW, and sends the service and heartbeat vlan information to the S-VNFM; communication path: a cloud pipe platform or manages APP- > S-VNFM; using an interface: /vnfm _ hs _ fw/app/vlan.
Then, the creation, modification, deletion and query of the vsps and the vsps configuration through the S-VNFM based on the REST API may be divided into the following 2 cases as follows:
in the first case, the business process: the cloud management platform or the management APP calls REST API of the S-VNFM to conduct vIPS network element management; communication path: cloud management platform or management APP-S-VNFM; using an interface: /vnfm _ hs _ ips/app/< create _ ips/remove _ ips/update _ ips, vlan/zone >.
In the second case, the business process: the cloud management platform or the management APP performs vIPS configuration management; communication path: cloud management platform or management APP-S-VNFM; using an interface: the first and second sets of the.
Finally, the interface interfacing with the SDN controller is realized, and the NFV network element-based drainage is realized, which can be classified into the following 3 possible cases, as shown below:
in the first case, the business process: creating a mapping device; communication path: a cloud management platform or managing APP-SDN controllers; using an interface: a mapping device is created.
In the second case, the business process: calling an interface to create third-party equipment on a controller; communication path: a cloud management platform or managing APP-SDN controllers; using an interface: a third party device group is created.
In the third case, the business process: creating a traffic feature group and a service chain on a controller; communication path: a cloud management platform or managing APP-SDN controllers; using an interface: at least one of creating a traffic feature set or creating a service chain.
Based on the service provisioning method mentioned in fig. 2 to fig. 4, the arrangement after provisioning of the service may be specifically as shown in fig. 5.
Fig. 5 is a flowchart illustrating a service orchestration method according to an embodiment of the present application.
As shown in fig. 5, the method of service orchestration may include S510-S550:
s510: the network function virtualization orchestrator NFVO receives an instruction to create a router on a cloud management platform running in the NFVO.
For example: the cloud management platform receives an instruction for creating a router, and may display a first interface of the business orchestration through a display device, where the first interface corresponding to this step may be as shown in fig. 6.
S520: the NFVO creates a plurality of first main and standby routers with firewall vFW service and a plurality of second main and standby routers with network defense intrusion detection vIPS service according to an instruction for creating a virtual router and triggering OpenStack in a Software Defined Network (SDN) controller.
For example: triggering OpenStack to automatically create 2 main and standby vffs and 2 main and standby vsps, where a second interface corresponding to this step is shown in fig. 7. The main device and the standby device may be understood as a main device and a standby device, when the main device is abnormal, corresponding operations may be executed according to the standby device, and based on a third interface which may be corresponding to the above situation, as shown in fig. 8, the HA deployment of the NFV virtualization product may be realized by automatic arrangement, so as to ensure high reliability.
S530: the NFVO receives a first message, the first message comprising: the virtual network function manager VNFM configures first configuration information for a first master/slave router and configures second configuration information for a second master/slave router.
Specifically, before the NFVO receives the first message, the method may further include: the VNFM will automatically issue IPS configuration and interface with vFW interconnection to the vIPS. A fourth interface that may correspond based on this situation is shown in fig. 9, and the configuration is mainly performed for the policy and the network in the case of the configuration issue possibility. The cloud management platform receives an instruction for connecting the private network and setting an external gateway, and triggers SDN drainage (for example, a fifth interface possibly corresponding to the situation is shown in FIG. 10); triggering the VNFM to a corresponding interconnection interface of the vsps, and issuing a corresponding routing configuration at the same time (for example, a sixth interface and a seventh interface that may correspond to each other based on the situation are shown in fig. 11 and 12); triggering the VNFM to create a corresponding interconnection interface for the vFW, and simultaneously issuing a corresponding routing configuration and NAT configuration (for example, based on the situation, an eighth interface that may correspond to the situation is shown in fig. 13 and a ninth interface is shown in fig. 14); the cloud management platform creates firewall rules to issue security policies to the vFW (e.g., a tenth interface that may correspond based on this situation is shown in fig. 15); the cloud management platform binds the public network IP with the virtual machine, and the vFW will automatically create a corresponding DNAT configuration, which is a step for other users of the internet to access the cloud management platform according to the IP (based on this, an eleventh interface that may be corresponding to this case is shown in fig. 16).
S540: when the instruction for creating the virtual router fails, the NFVO deletes the first primary and secondary routers, and triggers the VNFM to delete the first configuration information and the second configuration information.
For example: deleting the router on the cloud management platform triggers the VNFM to delete the vIPS and the vFW (based on this, a twelfth interface that may be corresponding to this case is shown in fig. 17).
The step is an important link of the embodiment provided by the application, and it can be understood that when an instruction for creating the virtual router fails (i.e., when the service is not done), the cloud management platform may delete the virtual router that was created before for the service, and at the same time, may trigger the service information stored by the VNFM for the service. And releasing the resources of the unnecessary service so as to facilitate the use of other resources, and the mode can improve the utilization rate of the resources.
In summary, in some network locations of larger services/tenants, the NFV virtualization network element is required to support high performance, so as to implement automatic arrangement of the high-performance NFV virtualization network element to meet service requirements, and the network throughput performance of the virtualization network element can be increased through the SR-IOV technology. When a high-throughput NFV virtualization network element is required, an administrator operates and deploys a high-performance network element on a cloud management platform/management APP, the high-performance network element is linked with VIM software through an interface, and informs an autonomous VNFM to create a virtualization network element, the autonomous VNFM calls a standard interface of the VIM software, so that the virtualization network element can be automatically deployed by using SR-IOV directly, the initialization of basic configuration is realized, and the cloud management platform/management APP is informed to modify SDN drainage rules. When the demand is changed or reduced, the configuration and the quantity of the NFV virtualization network elements can be modified or deleted through the operation on VIM software, so that the automatic arrangement based on the service/tenant is realized.
Fig. 18 is a schematic structural diagram of a service provisioning apparatus according to an embodiment of the present application.
As shown in fig. 18, the apparatus 180 may include: a processing module 1801, configured to invoke a software defined network SDN module in the control module 1802, and send a message for creating a target network element to the management module 1803;
the processing module 1801 is further configured to receive status information of the target network element, which is fed back by the management module 1803, where the status information of the target network element is determined by the management module 1803 according to the message for creating the target network element and the information in the virtual resource pool;
the processing module 1801 is further configured to issue an SDN drainage instruction to the SDN module according to the state information of the target network element, so that the SDN module executes the SDN drainage instruction through the switch to complete service provisioning on the target network element.
Specifically, opening the service operated on the target network element includes: firewall vFW services or network defense intrusion detection vpps services.
The processing module 1801 is specifically configured to: determining a message for creating a target network element through a first interface of an OpenStack standard in an SDN module; and calling a standard plug-in corresponding to the first interface, and sending a message for creating the target network element to a specific virtual network element module S-VNFM in the management module 1803. In addition, the processing module 1801 is specifically configured to: the S-VNFM module determines the state information of the target network element according to the message for creating the target network element and the information in the virtual resource pool; and receiving the state information of the target network element fed back by the S-VNFM module.
It should be noted that, in another possible implementation, the processing module 1801 may include: at least one of a cloud management platform or a management application for executing the method for provisioning service as any one of the steps in fig. 3 or fig. 4.
Because the scheme adopts a decoupling mode (namely the hardware and the software have no direct binding relationship and the software also has no strong binding relationship, corresponding software or hardware can be purchased along with service development and actual requirements, and other virtualization network elements can be integrated according to requirements without being influenced by the compatibility of the existing hardware and software), the cloud platform, the SDN basic environment and the NFV virtualization product are combined by multiple manufacturers and have no coupling relationship. Therefore, the network application can realize multi-version and multi-tenant, and can support different applications, users and tenants to share a unified platform. The service individuation of different physical areas and user groups is realized, and the service scale can be quickly and conveniently expanded and contracted.
In conclusion, the method realizes unified management of the network and the NFV virtualization network element by interfacing with the cloud management platform or the management APP interface, greatly reduces operation and maintenance difficulty, can realize rapid service expansion and change, greatly increases operation and maintenance response speed, and increases service expansion capability.
Fig. 19 is a schematic structural diagram of a service orchestration device according to an embodiment of the present application.
As shown in fig. 19, the apparatus 190 may include: a processing module 1901, configured to receive an instruction to create a router on a cloud management platform running in the processing module 1901;
the processing module 1901 is further configured to, according to an instruction for creating a virtual router and triggering an OpenStack in the software defined network SDN module 1902, create a plurality of first host and standby routers having a firewall vFW service and a plurality of second host and standby routers having a network defense intrusion detection vpps service; note that the control module may include a software defined network SDN module 1902.
The processing module 1901 is further configured to receive a first message, where the first message includes: management module 1903 configures first configuration information for a first master/slave router and configures second configuration information for a second master/slave router;
when the instruction for creating the virtual router is invalid, the processing module 1901 is further configured to delete the first host/standby router and the second host/standby router, and trigger the management module 1903 to delete the first configuration information and the second configuration information.
In the scheme, at the network position of some larger services/tenants, the NFV virtualization network element is required to support high performance, and automatic arrangement of the high-performance NFV virtualization network element is realized to meet the service requirement. When the demand is changed or reduced, the configuration and the number of the NFV virtualization network elements can be modified or deleted through the operation of the processing module on the control module, so that the automatic arrangement based on the service or the tenant is realized, and the high reliability is ensured.
Fig. 20 is a schematic structural diagram of a service provisioning and orchestration device according to an embodiment of the present application. As shown in fig. 20, the service provisioning and orchestration device may include a processor 2001 and a memory 2002 storing computer program instructions.
Specifically, the processor 2001 may include a Central Processing Unit (CPU), or an Application Specific Integrated Circuit (ASIC), or may be configured to implement one or more Integrated circuits of the embodiments of the present Application.
The memory 2002 may include mass storage for data or instructions. By way of example, and not limitation, memory 2002 may include a Hard Disk Drive (HDD), a floppy Disk Drive, flash memory, an optical Disk, a magneto-optical Disk, tape, or a Universal Serial Bus (USB) Drive or a combination of two or more of these. The memory 2002 may include removable or non-removable (or fixed) media, where appropriate. The memory 2002 may be internal or external to the integrated gateway disaster recovery device, where appropriate. In a particular embodiment, the memory 2002 is a non-volatile solid-state memory. In a particular embodiment, the memory 2002 comprises Read Only Memory (ROM). Where appropriate, the ROM may be mask-programmed ROM, Programmable ROM (PROM), Erasable PROM (EPROM), Electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory or a combination of two or more of these.
The processor 2001 may implement any of the above-described embodiments of the service provisioning and orchestration methods by reading and executing computer program instructions stored in the memory 2002.
It should be noted that, in the present application, a service provisioning and orchestration device is referred to, preferably, an X86 server performs hardware bearer.
In one example, the device may also include a bus 2003. As shown in fig. 20, the processor 2001 and the memory 2002 are connected by a bus 2003 to communicate with each other.
The service provisioning and orchestration device may perform the service provisioning and orchestration method in the embodiment of the present application, thereby implementing any one of the service provisioning and orchestration methods and apparatuses described with reference to fig. 2 to 17.
In addition, in combination with the method for service provisioning and orchestration in the above embodiments, the embodiments of the present application may provide a computer storage medium to implement. The computer storage medium having computer program instructions stored thereon; the computer program instructions, when executed by a processor, implement any of the above-described embodiments of the method for provisioning and orchestrating a service.
In combination with the above method, apparatus, device and computer storage medium for service provisioning and orchestration, the method provided in the embodiments of the present application may be implemented on one hand: the method has the advantages that the purchase of special hardware is reduced, the utilization rate of the hardware is improved, the purchase cost of the hardware is reduced, the standard X86 construction server is used as bearing hardware, no special hardware purchase is needed, the existing server can be used for deployment, and the purchase cost of the hardware is reduced; when the service changes, the hardware can be used by other service systems, so that the utilization rate of the hardware is increased.
On the other hand, the omnibearing decoupling is realized, and the expansibility and the flexibility of the system are improved. The hardware and the software have no direct binding relationship, and the software also has no strong binding relationship, so that the corresponding software or hardware can be purchased according to the business development and the actual requirements, and other virtualization network elements can be integrated according to the requirements without being influenced by the compatibility of the existing hardware and software. The network application can realize multi-version and multi-tenant. And a unified platform is supported by sharing different applications, users and tenants. The service individuation of different physical areas and user groups is realized, and the service scale can be quickly and conveniently expanded and contracted.
Finally, unified management and arrangement are realized, and maintenance cost is reduced. By the interface butt joint with the cloud management platform/management APP, the overall arrangement and unified management of the network and the NFV virtualization network elements are realized, the operation and maintenance difficulty is greatly reduced, quick service expansion and change can be realized, the operation and maintenance response speed is greatly increased, and the service expansion capability is increased.
It is to be understood that the present application is not limited to the particular arrangements and instrumentality described above and shown in the attached drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present application are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications, and additions or change the order between the steps after comprehending the spirit of the present application.
The functional blocks shown in the above structural block diagrams may be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the present application are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include electronic circuits, semiconductor memory devices, ROM, flash memory, Erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
It should also be noted that the exemplary embodiments mentioned in this application describe some methods or systems based on a series of steps or devices. However, the present application is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As will be apparent to those skilled in the art, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present application, and these modifications or substitutions should be covered within the scope of the present application.
Claims (10)
1. A method for provisioning service, comprising:
a network function virtualization orchestrator NFVO calls a Software Defined Network (SDN) controller in a cross-Virtualization Infrastructure Management (VIM) and sends a message for creating a target network element to a Virtualization Network Function Manager (VNFM);
the NFVO receives the state information of the target network element fed back by the VNFM, wherein the state information of the target network element is determined by the VNFM according to the message for creating the target network element and information in a virtual resource pool;
and the NFVO issues an SDN drainage instruction to the SDN controller according to the state information of the target network element, so that the SDN controller executes the SDN drainage instruction through a switch to complete service provisioning on the target network element.
2. The method of claim 1, wherein provisioning the service on the target network element comprises: firewall vFW services or network defense intrusion detection vpps services.
3. The method according to claim 1 or 2, wherein the network function virtualization orchestrator NFVO invokes a software defined network, SDN, controller in a management VIM across virtualization infrastructure, sending a message to a virtualization network function manager, VNFM, to create a target network element, comprising:
the NFVO determines a message for creating the target network element through a first interface of an OpenStack standard in the SDN;
and the NFVO calls a standard plug-in corresponding to the first interface, and sends a message for creating the target network element to a specific virtual network element manager S-VNFM in the VNFM.
4. The method of claim 3, the NFVO receiving status information of the target network element for the VNFM feedback, comprising:
the S-VNFM determines the state information of the target network element according to the message for creating the target network element and the information in the virtual resource pool;
and the NFVO receives the S-VNFM to feed back the state information of the target network element.
5. The method according to claim 1, characterized in that said network function virtualization orchestrator NFVO comprises: at least one of a cloud management platform or a management application for performing the method of service provisioning of any of claims 1-4.
6. A method of orchestration of services, comprising:
a Network Function Virtualization Orchestrator (NFVO) receives an instruction for creating a router on a cloud management platform running in the NFVO;
the NFVO triggers OpenStack in a Software Defined Network (SDN) controller according to the instruction for creating the virtual router, and creates a plurality of first main and standby routers with firewall vFW service and a plurality of second main and standby routers with network defense intrusion detection vIPS service;
the NFVO receives a first message, the first message comprising: a Virtualized Network Function Manager (VNFM) is configured for the first master/slave router and the second master/slave router;
when the instruction for creating the virtual router fails, the NFVO deletes the first primary and secondary routers, and triggers the VNFM to delete the first configuration information and the second configuration information.
7. An apparatus for provisioning services, the apparatus comprising:
the processing module is used for calling a Software Defined Network (SDN) module in the control module and sending a message for creating a target network element to the management module;
the processing module is further configured to receive the status information of the target network element, which is fed back by the management module, where the status information of the target network element is determined by the management module according to the message for creating the target network element and the information in the virtual resource pool;
the processing module is further configured to issue an SDN drainage instruction to the SDN module according to the state information of the target network element, so that the SDN module executes the SDN drainage instruction through a switch to complete service provisioning on the target network element.
8. An apparatus for orchestration of services, the apparatus comprising:
the processing module is used for receiving an instruction for creating a router on a cloud management platform running in the processing module;
the processing module is further used for creating a plurality of first main and standby routers with firewall vFW service and a plurality of second main and standby routers with network defense intrusion detection vIPS service according to the instruction for creating the virtual router and triggering OpenStack in a Software Defined Network (SDN) module;
the processing module is further configured to receive a first message, the first message including: the management module is used for configuring first configuration information for the first main and standby router and configuring second configuration information for the second main and standby router;
when the instruction for creating the virtual router is invalid, the processing module is further configured to delete the first host-standby router and the second host-standby router, and trigger the management module to delete the first configuration information and the second configuration information.
9. An apparatus for provisioning and orchestration of services, the apparatus comprising: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements a method of provisioning and orchestrating a service according to any of claims 1-5 or 6.
10. A computer storage medium having stored thereon computer program instructions which, when executed by a processor, implement a method of provisioning and orchestration of services according to any one of claims 1-5 or 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811425055.1A CN111221619B (en) | 2018-11-27 | 2018-11-27 | Method, device and equipment for opening and arranging business |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811425055.1A CN111221619B (en) | 2018-11-27 | 2018-11-27 | Method, device and equipment for opening and arranging business |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111221619A true CN111221619A (en) | 2020-06-02 |
| CN111221619B CN111221619B (en) | 2023-09-08 |
Family
ID=70807906
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811425055.1A Active CN111221619B (en) | 2018-11-27 | 2018-11-27 | Method, device and equipment for opening and arranging business |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111221619B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111769992A (en) * | 2020-07-13 | 2020-10-13 | 迈普通信技术股份有限公司 | Network data management method, cloud platform and storage medium |
| CN111901154A (en) * | 2020-07-04 | 2020-11-06 | 烽火通信科技股份有限公司 | Safety architecture system based on NFV and safety deployment and safety threat processing method |
| CN112187517A (en) * | 2020-09-07 | 2021-01-05 | 烽火通信科技股份有限公司 | Configuration method, platform and controller for SDN virtual routing of data center |
| CN112492003A (en) * | 2020-11-18 | 2021-03-12 | 中盈优创资讯科技有限公司 | Cloud network convergence service processing method and device based on service orchestrator |
| CN113300881A (en) * | 2021-04-23 | 2021-08-24 | 北京邮电大学 | 5G network-based scheduling method, device, equipment and storage medium |
| CN113630270A (en) * | 2021-08-04 | 2021-11-09 | 中国联合网络通信集团有限公司 | Online cutover method, device, equipment and storage medium |
| CN113810206A (en) * | 2020-06-11 | 2021-12-17 | ***通信有限公司研究院 | Network automation arrangement management method, entity, controller and electronic equipment |
| CN113810348A (en) * | 2020-06-17 | 2021-12-17 | 华为技术有限公司 | Network security detection method, system, equipment and controller |
| WO2022126389A1 (en) * | 2020-12-15 | 2022-06-23 | 华为技术有限公司 | Method and device for establishing network connection |
| CN114765579A (en) * | 2021-01-11 | 2022-07-19 | ***通信有限公司研究院 | Data transmission method, device, related equipment and storage medium |
| EP4083795A4 (en) * | 2020-01-19 | 2023-03-22 | Huawei Technologies Co., Ltd. | Method for deploying virtual machine, and related apparatus |
| CN116566752A (en) * | 2023-07-11 | 2023-08-08 | 苏州浪潮智能科技有限公司 | Safety drainage system, cloud host and safety drainage method |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219127A (en) * | 2014-08-30 | 2014-12-17 | 华为技术有限公司 | Creation method and device of virtual network instance |
| CN105955824A (en) * | 2016-04-21 | 2016-09-21 | 华为技术有限公司 | Method and device for configuring virtual resource |
| CN105975330A (en) * | 2016-06-27 | 2016-09-28 | 华为技术有限公司 | Virtual network function deployment method, device and system adopting NEC (network edge computing) |
| CN106533935A (en) * | 2015-09-14 | 2017-03-22 | 华为技术有限公司 | Method for obtaining business chain information in cloud computing system and devices |
| CN106549792A (en) * | 2015-09-22 | 2017-03-29 | ***通信集团公司 | A kind of method of the security control of VNF, apparatus and system |
| CN107005434A (en) * | 2015-05-15 | 2017-08-01 | 华为技术有限公司 | A kind of method, device and the equipment of synchronous virtual network function VNF states |
| CN107005426A (en) * | 2015-06-10 | 2017-08-01 | 华为技术有限公司 | A kind of life cycle management method of virtual network function, and device |
| US20180018203A1 (en) * | 2016-07-14 | 2018-01-18 | Zte Usa (Tx) | Method and system for accelerating orchestration in network function virtualization (nfv) environment |
| CN107689882A (en) * | 2016-08-05 | 2018-02-13 | 华为技术有限公司 | The method and apparatus of service deployment in a kind of virtualization network |
| CN107948006A (en) * | 2018-01-09 | 2018-04-20 | 重庆邮电大学 | A kind of method of combination and device for virtualizing network function |
| WO2018130883A1 (en) * | 2017-01-14 | 2018-07-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Scalable application level monitoring for sdn networks |
| CN108400945A (en) * | 2017-02-04 | 2018-08-14 | 中兴通讯股份有限公司 | A kind of layout management system and network sliced sheet processing method |
| CN108667777A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of service chaining generation method and network function composer NFVO |
| CN108781166A (en) * | 2016-04-27 | 2018-11-09 | 华为技术有限公司 | The determination method and network function of VNFM virtualizes composer |
-
2018
- 2018-11-27 CN CN201811425055.1A patent/CN111221619B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219127A (en) * | 2014-08-30 | 2014-12-17 | 华为技术有限公司 | Creation method and device of virtual network instance |
| CN107005434A (en) * | 2015-05-15 | 2017-08-01 | 华为技术有限公司 | A kind of method, device and the equipment of synchronous virtual network function VNF states |
| CN107005426A (en) * | 2015-06-10 | 2017-08-01 | 华为技术有限公司 | A kind of life cycle management method of virtual network function, and device |
| CN106533935A (en) * | 2015-09-14 | 2017-03-22 | 华为技术有限公司 | Method for obtaining business chain information in cloud computing system and devices |
| CN106549792A (en) * | 2015-09-22 | 2017-03-29 | ***通信集团公司 | A kind of method of the security control of VNF, apparatus and system |
| CN105955824A (en) * | 2016-04-21 | 2016-09-21 | 华为技术有限公司 | Method and device for configuring virtual resource |
| CN108781166A (en) * | 2016-04-27 | 2018-11-09 | 华为技术有限公司 | The determination method and network function of VNFM virtualizes composer |
| CN105975330A (en) * | 2016-06-27 | 2016-09-28 | 华为技术有限公司 | Virtual network function deployment method, device and system adopting NEC (network edge computing) |
| US20180018203A1 (en) * | 2016-07-14 | 2018-01-18 | Zte Usa (Tx) | Method and system for accelerating orchestration in network function virtualization (nfv) environment |
| CN107689882A (en) * | 2016-08-05 | 2018-02-13 | 华为技术有限公司 | The method and apparatus of service deployment in a kind of virtualization network |
| WO2018130883A1 (en) * | 2017-01-14 | 2018-07-19 | Telefonaktiebolaget Lm Ericsson (Publ) | Scalable application level monitoring for sdn networks |
| CN108400945A (en) * | 2017-02-04 | 2018-08-14 | 中兴通讯股份有限公司 | A kind of layout management system and network sliced sheet processing method |
| CN108667777A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of service chaining generation method and network function composer NFVO |
| CN107948006A (en) * | 2018-01-09 | 2018-04-20 | 重庆邮电大学 | A kind of method of combination and device for virtualizing network function |
Non-Patent Citations (4)
| Title |
|---|
| CHARALAMPOS ROTSOS 等: "Network service orchestration standardization: A technology survey", 《COMPUTER STANDARDS & INTERFACES》, pages 203 - 215 * |
| 张晨等: "网络编排技术进展研究", 《信息通信技术》 * |
| 张晨等: "网络编排技术进展研究", 《信息通信技术》, no. 01, 15 February 2016 (2016-02-15), pages 68 - 74 * |
| 曹畅;张帅;刘莹;唐雄燕;: "基于通信云和承载网协同的算力网络编排技术", 电信科学, no. 07, pages 55 - 62 * |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP4083795A4 (en) * | 2020-01-19 | 2023-03-22 | Huawei Technologies Co., Ltd. | Method for deploying virtual machine, and related apparatus |
| CN113810206B (en) * | 2020-06-11 | 2023-01-13 | ***通信有限公司研究院 | Network automation arrangement management method, entity, controller and electronic equipment |
| CN113810206A (en) * | 2020-06-11 | 2021-12-17 | ***通信有限公司研究院 | Network automation arrangement management method, entity, controller and electronic equipment |
| CN113810348B (en) * | 2020-06-17 | 2023-04-07 | 华为技术有限公司 | Network security detection method, system, equipment and controller |
| CN113810348A (en) * | 2020-06-17 | 2021-12-17 | 华为技术有限公司 | Network security detection method, system, equipment and controller |
| CN111901154A (en) * | 2020-07-04 | 2020-11-06 | 烽火通信科技股份有限公司 | Safety architecture system based on NFV and safety deployment and safety threat processing method |
| CN111769992A (en) * | 2020-07-13 | 2020-10-13 | 迈普通信技术股份有限公司 | Network data management method, cloud platform and storage medium |
| CN112187517A (en) * | 2020-09-07 | 2021-01-05 | 烽火通信科技股份有限公司 | Configuration method, platform and controller for SDN virtual routing of data center |
| CN112187517B (en) * | 2020-09-07 | 2022-06-07 | 烽火通信科技股份有限公司 | Configuration method, platform and controller for SDN virtual routing of data center |
| CN112492003A (en) * | 2020-11-18 | 2021-03-12 | 中盈优创资讯科技有限公司 | Cloud network convergence service processing method and device based on service orchestrator |
| CN112492003B (en) * | 2020-11-18 | 2023-03-28 | 中盈优创资讯科技有限公司 | Cloud network convergence service processing method and device based on service orchestrator |
| WO2022126389A1 (en) * | 2020-12-15 | 2022-06-23 | 华为技术有限公司 | Method and device for establishing network connection |
| CN114765579A (en) * | 2021-01-11 | 2022-07-19 | ***通信有限公司研究院 | Data transmission method, device, related equipment and storage medium |
| CN113300881A (en) * | 2021-04-23 | 2021-08-24 | 北京邮电大学 | 5G network-based scheduling method, device, equipment and storage medium |
| CN113300881B (en) * | 2021-04-23 | 2022-08-05 | 北京邮电大学 | 5G network-based scheduling method, device, equipment and storage medium |
| CN113630270B (en) * | 2021-08-04 | 2022-08-16 | 中国联合网络通信集团有限公司 | Online cutover method, device, equipment and storage medium |
| CN113630270A (en) * | 2021-08-04 | 2021-11-09 | 中国联合网络通信集团有限公司 | Online cutover method, device, equipment and storage medium |
| CN116566752A (en) * | 2023-07-11 | 2023-08-08 | 苏州浪潮智能科技有限公司 | Safety drainage system, cloud host and safety drainage method |
| CN116566752B (en) * | 2023-07-11 | 2023-09-12 | 苏州浪潮智能科技有限公司 | Safety drainage system, cloud host and safety drainage method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111221619B (en) | 2023-09-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111221619B (en) | Method, device and equipment for opening and arranging business | |
| US11093257B2 (en) | Resource configuration based on dynamic group membership | |
| US20230198857A1 (en) | Model driven process for automated deployment of domain 2.0 virtualized services and applications on cloud infrastructure | |
| CN108475251B (en) | Virtual network, hot swapping, hot scaling and disaster recovery for containers | |
| US10545750B2 (en) | Distributed upgrade in virtualized computing environments | |
| US10481933B2 (en) | Enabling virtual machines access to switches configured by different management entities | |
| CN110611588B (en) | Network creation method, server, computer readable storage medium and system | |
| EP3235186B1 (en) | Vlant tagging in a virtual environment | |
| JP2020129800A (en) | Virtual network interface object | |
| US9304793B2 (en) | Master automation service | |
| US10826768B2 (en) | Controlled node configuration | |
| US11070396B2 (en) | Virtual cloud exchange system and method | |
| CN110995480B (en) | Block chain network deployment method, device, electronic equipment and medium | |
| CN107896191B (en) | Container-based virtual security component cross-cloud system and method | |
| JP2018519736A (en) | Method and apparatus for VNF failover | |
| WO2018137520A1 (en) | Service recovery method and apparatus | |
| CN108028827A (en) | The management method and device of certificate in network function virtualization architecture | |
| US11902329B2 (en) | Integration of an orchestration services with a cloud automation services | |
| CN113709810A (en) | Method, device and medium for configuring network service quality | |
| US9774600B1 (en) | Methods, systems, and computer readable mediums for managing infrastructure elements in a network system | |
| US9654390B2 (en) | Method and apparatus for improving cloud routing service performance | |
| US10277422B2 (en) | Virtual port support in a logical switch architecture | |
| US10291553B2 (en) | Logical switch architecture for network virtualization | |
| US9798571B1 (en) | System and method for optimizing provisioning time by dynamically customizing a shared virtual machine | |
| US20210385194A1 (en) | System and method for using private native security groups and private native firewall policy rules in a public cloud |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |