CN113794765A - Gate load balancing method and device based on file transmission - Google Patents

Gate load balancing method and device based on file transmission Download PDF

Info

Publication number
CN113794765A
CN113794765A CN202111061025.9A CN202111061025A CN113794765A CN 113794765 A CN113794765 A CN 113794765A CN 202111061025 A CN202111061025 A CN 202111061025A CN 113794765 A CN113794765 A CN 113794765A
Authority
CN
China
Prior art keywords
node
data
control node
target file
state
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111061025.9A
Other languages
Chinese (zh)
Inventor
刘锦锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qianxin Technology Group Co Ltd
Secworld Information Technology Beijing Co Ltd
Original Assignee
Qianxin Technology Group Co Ltd
Secworld Information Technology Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qianxin Technology Group Co Ltd, Secworld Information Technology Beijing Co Ltd filed Critical Qianxin Technology Group Co Ltd
Priority to CN202111061025.9A priority Critical patent/CN113794765A/en
Publication of CN113794765A publication Critical patent/CN113794765A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Abstract

The embodiment of the invention provides a method and a device for balancing network gate load based on file transmission, which are applied to a network gate cluster, wherein the network gate cluster comprises at least two network gates, each network gate is identified as a node, one network gate is identified as a control node, and the rest network gate is identified as a data node, and the method comprises the following steps: scanning an external network side server through a control node, and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the control node and the data node pull the target file from the external network side server according to the target file data to be transmitted by each node; and the control node and the data node upload the pulled target file to the intranet side server. Because the control node can control each data node to pull and transmit the same number of target files, the load balance of the gatekeeper cluster is realized, and the overall transmission capability of the gatekeeper is improved.

Description

Gate load balancing method and device based on file transmission
Technical Field
The invention relates to the technical field of network security, in particular to a gatekeeper load balancing method and device based on file transmission.
Background
A security isolation gatekeeper, also called a gatekeeper, is a network security device that has multiple control functions and can perform secure and appropriate application data exchange between networks. The security isolation gatekeeper supports the service synchronization function of the file class. In a big data scene, a security gatekeeper can be used for pulling and pushing file data in two server clusters, so that the file data can be synchronized between two networks.
In the prior art, a security isolation gatekeeper is arranged in two server clusters to realize cross-domain transmission of files in the two server clusters. However, due to the evolution of tandem service expansion and cluster deployment, a security isolation gatekeeper cannot efficiently and quickly transmit a large amount of file data.
Disclosure of Invention
Aiming at the problems in the prior art, the embodiment of the invention provides a gatekeeper load balancing method and device based on file transmission.
Specifically, the embodiment of the invention provides the following technical scheme:
in a first aspect, an embodiment of the present invention provides a gatekeeper load balancing method based on file transmission, which is applied to a gatekeeper cluster, where the gatekeeper cluster includes at least two gatekeepers, and each gatekeeper identifier is a node, where one gatekeeper identifier is a control node, and the remaining gatekeepers are data nodes, and the method includes: scanning an external network side server through the control node, and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the control node and the data node pull the target file on the external network side server according to the target file data required to be transmitted by each node; and the control node and the data node upload the pulled target file to an intranet side server.
Further, before the scanning of the extranet side server by the control node and the determination of the target file data to be transmitted, the method further includes: determining the control node and the data node in the initialized nodes through node election; the initialized nodes comprise nodes corresponding to the control nodes before election and nodes corresponding to the data nodes before election; the initialized node is in an election state, the control node is in a control state, and the data node is in a data state; and if the control node and/or the data node have faults, the control node and/or the data node with the faults are in a fault state.
Further, the gatekeeper load balancing method based on file transmission further comprises the following steps: the control node periodically announces the state on the external network side; transmitting the state of the control node to the intranet side through a switch card, and announcing the state at the intranet side; the data node periodically announces the state on the external network side; and transmitting the state of the data node to the intranet side through the switch card, and announcing the state at the intranet side.
Further, the data node periodically declares the status on the external network side, including: when the data node fails, synchronizing the fault state of the failed data node to the extranet side server and the intranet side server, and stopping the failed data node; the control node switches the target file data which needs to be pulled by the failed data node to the data node which does not fail; and/or, the control node periodically announces the state on the external network side, including: the control node is failed, the fault state of the control node is synchronized to the extranet side server and the intranet side server, and the control node is deactivated; and initiating a new election optional period and electing a new control node.
Further, the failed control node recovers the failure and/or the failed data node, and the existing control node declares the failed control node and/or the failed data node as a new data node.
Further, the gatekeeper load balancing method based on file transmission further includes: if the internal network is divided into at least two subnets, the election of the new control node is not carried out; if the external network is divided into at least two subnets, the election of the new control node is not carried out; if the internal network is divided into at least two subnets and the external network is divided into at least two subnets, the election of the new control node is not performed; and if the at least two divided subnets of the external network are recombined, electing the new control node.
In a second aspect, an embodiment of the present invention further provides a gatekeeper load balancing apparatus based on file transmission, including: the synchronization module is used for scanning the external network side server through the control node and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the load management module is used for the control node and the data node to pull the target file on the extranet side server according to the target file data required to be transmitted by each node; and the control node and the data node upload the pulled target file to an intranet side server.
In a third aspect, an embodiment of the present invention further provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the file transfer-based gatekeeper load balancing method according to the first aspect when executing the program.
In a fourth aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the file transfer-based gatekeeper load balancing method according to the first aspect.
In a fifth aspect, an embodiment of the present invention further provides a computer program product, on which executable instructions are stored, and when executed by a processor, the instructions cause the processor to implement the steps of the file transfer-based gatekeeper load balancing method according to the first aspect.
The embodiment of the invention provides a method and a device for balancing network gate load based on file transmission, which are applied to a network gate cluster, wherein the network gate cluster comprises at least two network gates, each network gate is identified as a node, one network gate is identified as a control node, and the rest network gate is identified as a data node, and the method comprises the following steps: scanning an external network side server through a control node, and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the control node and the data node pull the target file from the external network side server according to the target file data to be transmitted by each node; and the control node and the data node upload the pulled target file to the intranet side server. Because the control node can control each data node to pull and transmit the same number of target files, the load balance of the gatekeeper cluster is realized, and simultaneously, the performance of each gatekeeper device in the cluster can be fully utilized, thereby improving the transmission capability of the gatekeeper as a whole.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
FIG. 1 is a flowchart of an embodiment of a method for balancing gatekeeper load based on file transfer according to the present invention;
FIG. 2 is a flow chart of an embodiment of control node election according to the present invention;
FIG. 3 is a schematic diagram of a gatekeeper cluster according to an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of an embodiment of a gatekeeper load balancing apparatus based on file transfer according to the present invention;
FIG. 5 is a schematic diagram of an application scenario embodiment of the present invention;
FIG. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a flowchart of an embodiment of a gatekeeper load balancing method based on file transfer according to the present invention. As shown in fig. 1, the method for balancing load of a gatekeeper based on file transmission according to the embodiment of the present invention includes:
s101, scanning an external network side server through a control node, and determining target file data to be transmitted. In the embodiment of the present invention, the control node may periodically scan the extranet-side server. The periodic time may be 1 minute, 3 minutes, or 5 minutes, which is not limited in the embodiment of the present invention. The extranet-side server is a server that stores the target file. The extranet-side server may be a NAS server or may be a file server. The embodiment of the invention does not limit the type of the external network side server. Before scanning the extranet side server through the control node and determining the target file data, the method further comprises the following steps: initializing a network gate, namely starting HA service, and networking a three-layer Virtual Router Redundancy Protocol (VRRP); starting the Raft service, and carrying out User Datagram Protocol (UDP) multicast networking. The Raft service is realized by a Raft protocol, the Raft protocol can enable a cluster gatekeeper to form a duplicate state machine, and each gatekeeper is a state machine. The operational state of the gatekeeper can only be changed by a series of commands, each state machine storing a log containing a series of instructions. As long as the consistency of the logs is ensured, the consistency of the state of each gatekeeper can be ensured.
And S102, obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node.
In the embodiment of the invention, the target file data required to be transmitted by each node can be obtained according to the obtained target file data to be transmitted and the sum of the number of the control nodes and the data nodes, and the target file data required to be transmitted by each node is sent to each node, so that each node can clearly determine the target file data required to be transmitted.
And S103, the control node and the data node pull the target file from the external network side server according to the target file data required to be transmitted by each node.
In the embodiment of the invention, when the control node sends the instruction for pulling the target file, all nodes including the control node and the data node pull the corresponding target file according to the instruction and the data of the target file to be pulled.
And S104, the control node and the data node upload the pulled target file to an intranet side server.
In the embodiment of the invention, the intranet side server is a server for receiving the target file. Similar to the extranet-side server, the intranet-side server may be a NAS server, or may be a file server. The embodiment of the invention does not limit the type of the intranet side server. And after all the nodes pull the corresponding target files, the control node sends a file uploading instruction, and all the nodes including the control node and the data node upload the target files to the intranet side server according to the instruction.
According to the gatekeeper load balancing method based on file transmission provided by the embodiment of the invention, target file data to be transmitted is determined by scanning an external network side server through a control node; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the control node and the data node pull the target file from the external network side server according to the target file data to be transmitted by each node; and the control node and the data node upload the pulled target file to the intranet side server. Because the control node can control each data node to pull and transmit the same number of target files, the load balance of the gatekeeper cluster is realized, and simultaneously, the performance of each gatekeeper device in the cluster can be fully utilized, thereby improving the transmission capability of the gatekeeper as a whole.
In some optional embodiments, scanning, by the control node, the extranet-side server, and before determining the target file data to be transmitted, further includes: determining a control node and a data node in the initialized nodes through node election; the initialized nodes comprise nodes corresponding to the control nodes before election and nodes corresponding to the data nodes before election; the initialized node is in an election state, the control node is in a control state, and the data node is in a data state; if the control node and/or the data node fails, the failed control node and/or the failed data node is in a failure state.
Fig. 2 is a flowchart of an embodiment of a control node election according to the present invention. The process of controlling node election is shown in figure 2. First, a data node, also called a slave node, is initialized and election begins. All nodes are in an election state, electing the nodes to carry out election, waiting for the votes of other nodes, and if a certain node acquires votes of other nodes, selecting the node as a control node; if the control node is informed of the existence, the data and node are switched to. If the election time-out has no result, a new round of election is performed.
The node election method provided by the embodiment of the invention can determine the control node and the data node before the target file is transmitted, so that the target file is conveniently transmitted.
In some optional embodiments, the method for load balancing of a gatekeeper based on file transmission further includes: the control node periodically announces the state at the external network side; transmitting the state of the control node to the intranet side through the exchange card, and announcing the state at the intranet side; the data node periodically announces the state at the external network side; and transmitting the state of the data node to the intranet side through the switch card, and announcing the state at the intranet side.
The announcement by the control node and the data node is to judge whether the nodes are healthy or not. The periodic time may be 5 minutes or may also be 10 minutes, which is not limited in the embodiment of the present invention. The control node first makes the announcement because it controls other data nodes to execute instructions, and it is necessary to first determine the state of the control node. Because the gatekeeper exists between the external network side and the internal network side and has an isolation effect, after the control node announces the external network, the announcement state of the control node cannot be transmitted to the internal network side, and the transmission of the announcement state needs to be realized through the switch. A switch is a device that performs information exchange functions in a communication system and provides an exclusive electrical signal path for any two network nodes accessing the switch. The process of transmitting the announcement and declaration status of the data node is similar to that of transmitting the announcement and declaration status of the control node, and is not described herein again.
The declaration method of the control node and the data node provided by the embodiment of the invention can determine whether the control node and the data node are healthy or not, so that the control node can send out the instruction for pulling the target file and uploading the target file, and the control node can execute the instruction for pulling the target file and uploading the target file.
In some optional embodiments, the periodically performing, by the data node, a status announcement on the external network side includes: when the data node fails, synchronizing the fault state of the failed data node to an extranet side server and an intranet side server, and stopping the failed data node; and the control node switches the target file data required to be pulled by the failed data node to the data node which does not fail.
The method comprises the steps that a control node switches target file data required to be pulled by a failed data node to a data node which does not fail, namely the control node switches a service flow of the failed data node to a data node which does not fail. The control node may distribute the failed data node traffic flow equally to the non-failed data nodes. The target file data to be pulled may be the number of target files to be pulled. Fig. 3 is a schematic diagram of a gatekeeper cluster according to an embodiment of the present invention. As shown in fig. 3, a gatekeeper cluster has 3 gatekeepers, which are respectively labeled as gatekeeper No. 1, gatekeeper No. 2, and gatekeeper No. 3. Correspondingly, each gatekeeper is marked as a node, and a node 1, a node 2 and a node 3 can be obtained. Wherein, the node No. 1 is a control node, and the nodes No. 2-3 are data nodes. And the No. 2-3 node declares the data node on the external network side, wherein the No. 2 data node is in a fault state, synchronizes the fault state of the No. 2 data node to the internal network side server and the external network side server, and stops the No. 2 data node, so that the No. 1 control node does not execute the target file pulling and target file uploading instructions. The number of the target files pulled by the data node 2 before failure is 3, and the control node 1 allocates the 3 target files to the data node 3 when the data node fails, that is, each data node in the data node 3 pulls and uploads 3 target files.
For another example, a gatekeeper cluster has 5 gatekeepers, which are respectively labeled as gatekeeper No. 1, gatekeeper No. 2, gatekeeper No. 3, gatekeeper No. 4, and gatekeeper No. 5. Correspondingly, each gatekeeper is marked as a node, and a node 1, a node 2, a node 3, a node 4 and a node 5 can be obtained. Wherein, node No. 1 is a control node, and node No. 2-5 is a data node. And the No. 2-5 node declares the data node on the external network side, wherein the No. 2 data node is in a fault state, synchronizes the fault state of the No. 2 data node to the internal network side server and the external network side server, and stops the No. 2 data node, so that the No. 1 control node does not execute the target file pulling and target file uploading instructions. The number of target files pulled by the data node 2 before failure is 3, and the control node 1 allocates the 3 target files to the data nodes 3-5 when the data node fails, that is, each data node in the data nodes 3-5 pulls and uploads 1 target file more.
The method for processing the data node failure provided by the embodiment of the invention can ensure that the work of the failed node is taken over, and meanwhile, the load balance of the network gate can be realized.
In some optional embodiments, the periodically performing, by the control node, the state announcement at the external network side includes: the control node is failed, the fault state of the control node is synchronized to the outer network side server and the inner network side server, and the control node is stopped; and initiating a new election optional period, and electing a new control node to take over the work of the failed control node.
The control node also needs to synchronize the fault status and deactivate the failed node when it fails. After the control node with the fault is stopped, a new optional election needs to be initiated, and a new control node need to be elected. Electing a new control node may include: each data node in the data nodes elects itself to become a control node; and the data nodes for acquiring the votes of the data nodes except the data nodes become new control nodes. The node election process is shown in fig. 2, and will not be described herein.
And after a new control node is selected, networking the new control node and the data node, respectively synchronizing the states of the new control node and the data node, restarting a file synchronization service by the new control node, automatically comparing directory information by the new control node and the data node, and continuously sending the target file which is not sent.
Optionally, when a new node joins or a failed node recovers from a failure, the network can be re-accessed in a node election mode.
According to the method for processing the control node failure provided by the embodiment of the invention, the control of the control node on the data node and the transmission of the target file can be realized again by selecting a new control node.
In some optional embodiments, the method for load balancing of a gatekeeper based on file transmission further includes: if the internal network is divided into at least two subnets, electing the control node is not carried out; if the external network is divided into at least two subnets, no new control node election is performed; if the internal network is divided into at least two subnets and the external network is divided into at least two subnets, no new control node election is performed; and if the at least two divided subnets of the outer network are recombined, carrying out election of a new control node.
The intranet is divided into at least two subnets, and because node election only exists in the extranet and the intranet service is in a passive notification mode, the intranet still keeps receiving the target file of the extranet and uploads the target file to the extranet side server, the intranet is split and the service migration problem cannot be caused. The network of the external network still keeps normal without switching the state.
The outer network is divided into at least two sub-networks, each sub-network has a control node, but the inner network is still a network; the fault-tolerant protection mechanism uses the internal network as a passive receiving mode, so that two control nodes appear in the external network, only the external network robs a target file from a server on the external network side, the external network is acceptable, but the internal network competition problem cannot be caused, and the problems of service switching and abnormal interruption cannot be caused.
The inner network is divided into at least two subnets and the outer network is divided into at least two subnets, the condition processing is consistent with the occurrence of the splitting of the outer network, and service interruption is not caused.
If the external network is recombined by at least two divided subnets, if a plurality of control nodes exist in the external network, state migration is triggered, after the plurality of control nodes become data nodes, a new round of election is started until the election is normal, and finally, the service is recovered to be normal.
The processing method for network splitting and merging provided by the embodiment of the invention determines whether to elect a new control node according to the actual situation, so that the normal operation of target file transmission can be ensured.
Fig. 4 is a schematic structural diagram of an embodiment of a gatekeeper load balancing apparatus based on file transmission according to the present invention.
As shown in fig. 4, the gatekeeper load balancing apparatus based on file transmission includes:
the synchronization module 401 is configured to scan an extranet side server through a control node, and determine target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node;
a load management module 402, configured to pull the target file by the control node and the data node according to the target file data that each node needs to transmit; and the control node and the data node upload the pulled target file to the intranet side server.
Optionally, the gatekeeper load balancing apparatus based on file transmission further includes:
the first election module is used for determining a control node and a data node in the initialized nodes through node election; the initialized nodes comprise nodes corresponding to the control nodes before election and nodes corresponding to the data nodes before election; the initialized node is in an election state, the control node is in a control state, and the data node is in a data state; and if the control node and/or the data node have faults, the control node and/or the data node with the faults are in a fault state.
Optionally, the gatekeeper load balancing apparatus based on file transmission further includes:
the first declaration module is used for controlling the node to periodically perform state declaration on the external network side;
the first synchronization module is used for transmitting the state of the control node to the intranet side through the exchange card and announcing the state of the control node on the intranet side;
the second declaration module is used for the data node to perform state declaration on the external network side periodically;
and the second synchronization module is used for transmitting the state of the data node to the intranet side through the switch card and announcing the state at the intranet side.
Optionally, the first announcement module includes:
the first processing unit is used for synchronizing the fault state of the fault data node to the extranet side server and the intranet side server and stopping the fault data node when the data node is in fault;
and the second processing unit is used for controlling the node to switch the target file data which needs to be pulled by the failed data node to the data node which does not fail.
Optionally, the second announcement module includes:
the third processing unit is used for controlling the node to have a fault, synchronizing the fault state of the control node to the extranet side server and the intranet side server and stopping the control node;
and the fourth processing unit is used for initiating a new election optional period and electing a new control node.
Optionally, the gatekeeper load balancing apparatus based on file transmission further includes:
and the fault recovery module is used for recovering the fault of the control node with the fault and/or the fault recovery of the data node with the fault, and the existing control node declares the control node with the fault and/or the data node with the fault as a new data node.
Optionally, the gatekeeper load balancing apparatus based on file transmission further includes:
the first processing module is used for not electing a new control node if the internal network side is divided into at least two subnets;
the second processing module is used for not electing a new control node if the external network side is divided into at least two subnets;
the third processing module is used for not selecting a new control node if the inner network side is divided into at least two subnets and the outer network side is divided into at least two subnets;
and the fourth processing module is used for carrying out election of a new control node if the at least two sub-networks divided at the outer network side are recombined.
Fig. 5 is a schematic diagram of an application scenario according to an embodiment of the present invention. As shown in fig. 5, each gatekeeper includes a load management module and a synchronization module. The load management module runs on the network gate system, a single device is identified as a node, and a plurality of device nodes are networked in a cluster mode; the load management module HAs an HA + Raft function, a Raft protocol is added on the basis of the original HA of the network gate to carry out auxiliary networking election, and the state change of each node is maintained. In the load management module, HA is responsible for monitoring the overall health condition of the internal and external networks of the equipment, and Raft is similar to the role of a sentinel and is matched with the synchronization module to complete the election of the main node.
The Raft protocol standard is divided into an election state, a control state, a data state and a fault state; initialization is in an election state, the election becomes a leader and then becomes a control state (a master node), other followers are data states (slave nodes), and the process is called an tenure. Because of the hardware shape of the internal and external networks 2+1 dual hosts of the network gate, the internal and external networks need to keep the same state, and a state synchronization mechanism is introduced. The selection of the Raft is executed in an external network, and a state synchronization program is designed: the outer network sends the state in real time through the exchange card in a timing and water level triggering mode and synchronously sends the state to the network gate inner network side host; by the mode, the intranet can acquire the latest state in real time.
The synchronization module refers to a gatekeeper file synchronization module, also called a file module. The synchronization module is responsible for sensing, pulling and uploading operations of the target file. And a load management module is added to be matched with the synchronization module for linkage, the synchronization module provides interfaces for starting, stopping and state query, and the load management module calls the interfaces to complete control.
The Raft controller in the load management module pulls up the task of the synchronization module, and respectively starts the tasks according to the states of the control node, also called a master node and a data node, also called a slave node as follows: a control node and a data node; under the control state, the synchronization module scans the external network side server at regular time, senses the change and pushes out the target file; and under the data state, the synchronization module pulls and uploads the target file sent by the control node to finish the final file synchronization work.
Fig. 6 illustrates a schematic physical structure diagram of an electronic device, and as shown in fig. 6, the electronic device may include: a processor (processor)601, a communication Interface (Communications Interface)602, a memory (memory)603 and a communication bus 604, wherein the processor 601, the communication Interface 602 and the memory 603 complete communication with each other through the communication bus 604. The processor 601 may call logic instructions in the memory 603 to perform the following method: scanning an external network side server through a control node, and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the control node and the data node pull the target file from the external network side server according to the target file data to be transmitted by each node; and the control node and the data node upload the pulled target file to the intranet side server.
In addition, the logic instructions in the memory 603 may be implemented in the form of software functional units and stored in a computer readable storage medium when the logic instructions are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, an embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program stored on a non-transitory computer-readable storage medium, where the computer program includes program instructions, and when the program instructions are executed by a computer, the computer is capable of executing the load balancing method for a gatekeeper cluster based on file transfer provided in the foregoing embodiments, for example, including: scanning an external network side server through a control node, and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the control node and the data node pull the target file from the external network side server according to the target file data to be transmitted by each node; and the control node and the data node upload the pulled target file to the intranet side server.
In yet another aspect, the present invention further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program is implemented to perform the method for load balancing of a gatekeeper cluster based on file transmission provided in the foregoing embodiments, for example, the method includes: scanning an external network side server through a control node, and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node; the control node and the data node pull the target file from the external network side server according to the target file data to be transmitted by each node; and the control node and the data node upload the pulled target file to the intranet side server.
The above-described embodiments of the apparatus are merely illustrative, and the modules described as separate parts may or may not be physically separate, and the parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods of the various embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A network gate load balancing method based on file transmission is characterized in that the method is applied to a network gate cluster, the network gate cluster comprises at least two network gates, each network gate is identified as a node, one network gate is identified as a control node, and the rest network gate is identified as a data node, and the method comprises the following steps:
scanning an external network side server through the control node, and determining target file data to be transmitted;
obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node;
the control node and the data node pull the target file on the external network side server according to the target file data required to be transmitted by each node;
and the control node and the data node upload the pulled target file to an intranet side server.
2. The method for load balancing of gatekeeper based on file transmission according to claim 1, wherein before scanning the extranet side server by the control node and determining the target file data to be transmitted, further comprising:
determining the control node and the data node in the initialized nodes through node election; the initialized nodes comprise nodes corresponding to the control nodes before election and nodes corresponding to the data nodes before election; the initialized node is in an election state, the control node is in a control state, and the data node is in a data state;
and if the control node and/or the data node have faults, the control node and/or the data node with the faults are in a fault state.
3. The method for load balancing of gatekeeper based on file transfer according to claim 1, further comprising:
the control node periodically announces the state on the external network side;
transmitting the state of the control node to the intranet side through a switch card, and announcing the state at the intranet side;
the data node periodically announces the state on the external network side;
and transmitting the state of the data node to the intranet side through the switch card, and announcing the state at the intranet side.
4. The method for load balancing of gatekeeper based on file transfer according to claim 3, wherein said data node periodically declares status on said external network side, comprising:
when the data node fails, synchronizing the fault state of the failed data node to the extranet side server and the intranet side server, and deactivating the failed data node;
the control node switches the target file data which needs to be pulled by the failed data node to the data node which does not fail; and/or the presence of a gas in the gas,
the control node periodically announces the state on the external network side, including:
the control node is failed, the fault state of the control node is synchronized to the extranet side server and the intranet side server, and the control node is deactivated;
and initiating a new election optional period and electing a new control node.
5. The method for load balancing of gatekeepers based on file transfer according to claim 4, wherein the failed control node recovers the failure and/or the failed data node recovers the failure, and the existing control node declares the failed control node and/or the failed data node as a new data node.
6. The method for load balancing of gatekeeper based on file transfer according to claim 1, further comprising:
if the internal network is divided into at least two subnets, the election of the new control node is not carried out;
if the external network is divided into at least two subnets, the election of the new control node is not carried out;
if the internal network is divided into at least two subnets and the external network is divided into at least two subnets, the election of the new control node is not performed;
and if the at least two divided subnets of the external network are recombined, electing the new control node.
7. A network gate load balancing device based on file transmission is characterized by comprising:
the synchronization module is used for scanning the external network side server through the control node and determining target file data to be transmitted; obtaining target file data to be transmitted of each node according to the target file data to be transmitted, and sending the target file data to each node;
the load management module is used for the control node and the data node to pull the target file on the extranet side server according to the target file data required to be transmitted by each node; and the control node and the data node upload the pulled target file to an intranet side server.
8. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the steps of the file transfer based gatekeeper load balancing method according to any one of claims 1 to 6.
9. A non-transitory computer readable storage medium, having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the steps of the method for load balancing for gatekeeper based on file transfer according to any of claims 1 to 6.
10. A computer program product having executable instructions stored thereon, which when executed by a processor cause the processor to carry out the steps of the method for file transfer based gateload balancing according to any one of claims 1 to 6.
CN202111061025.9A 2021-09-10 2021-09-10 Gate load balancing method and device based on file transmission Pending CN113794765A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111061025.9A CN113794765A (en) 2021-09-10 2021-09-10 Gate load balancing method and device based on file transmission

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111061025.9A CN113794765A (en) 2021-09-10 2021-09-10 Gate load balancing method and device based on file transmission

Publications (1)

Publication Number Publication Date
CN113794765A true CN113794765A (en) 2021-12-14

Family

ID=79182969

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111061025.9A Pending CN113794765A (en) 2021-09-10 2021-09-10 Gate load balancing method and device based on file transmission

Country Status (1)

Country Link
CN (1) CN113794765A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115550289A (en) * 2022-11-28 2022-12-30 网御安全技术(深圳)有限公司 Data transmission method, device and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115550289A (en) * 2022-11-28 2022-12-30 网御安全技术(深圳)有限公司 Data transmission method, device and storage medium

Similar Documents

Publication Publication Date Title
US10979286B2 (en) Method, device and computer program product for managing distributed system
CN106331098B (en) Server cluster system
CN110224871B (en) High-availability method and device for Redis cluster
CN100387017C (en) High usable self-healing Logic box fault detecting and tolerating method for constituting multi-machine system
WO2016150066A1 (en) Master node election method and apparatus, and storage system
US10728099B2 (en) Method for processing virtual machine cluster and computer system
CN102916825A (en) Management equipment of dual-computer hot standby system, management method and dual-computer hot standby system
US20140095925A1 (en) Client for controlling automatic failover from a primary to a standby server
CN102394914A (en) Cluster brain-split processing method and device
CN106850255A (en) A kind of implementation method of multi-computer back-up
CN109639512B (en) Hot backup method of VTS multi-sensor information comprehensive processing system
CN103856357A (en) Stack system fault processing method and stack system
CN111385107A (en) Main/standby switching processing method and device for server
CN110971662A (en) Two-node high-availability implementation method and device based on Ceph
CN114124650A (en) Master-slave deployment method of SPTN (shortest Path bridging) network controller
CN113794765A (en) Gate load balancing method and device based on file transmission
KR101075462B1 (en) Method to elect master nodes from nodes of a subnet
CN113438111A (en) Method for restoring RabbitMQ network partition based on Raft distribution and application
CN117370316A (en) High availability management method and device for database, electronic equipment and storage medium
KR101358995B1 (en) Method and system for managing high availability
CN111953808A (en) Data transmission switching method of dual-machine dual-active architecture and architecture construction system
CN114124803B (en) Device management method and device, electronic device and storage medium
CN110399254A (en) A kind of server CMC dual-locomotive heat activating method, system, terminal and storage medium
CN111510336B (en) Network equipment state management method and device
CN112948177A (en) Disaster recovery backup method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination