CN114726774A - Method and device for realizing service chain of cloud platform and system based on cloud platform - Google Patents

Method and device for realizing service chain of cloud platform and system based on cloud platform Download PDF

Info

Publication number
CN114726774A
CN114726774A CN202210367519.8A CN202210367519A CN114726774A CN 114726774 A CN114726774 A CN 114726774A CN 202210367519 A CN202210367519 A CN 202210367519A CN 114726774 A CN114726774 A CN 114726774A
Authority
CN
China
Prior art keywords
data center
service chain
network
cloud platform
vrouter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210367519.8A
Other languages
Chinese (zh)
Other versions
CN114726774B (en
Inventor
张胜
胡进
廖桥生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anchao Cloud Software Co Ltd
Original Assignee
Jiangsu Anchao Cloud Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Anchao Cloud Software Co Ltd filed Critical Jiangsu Anchao Cloud Software Co Ltd
Priority to CN202210367519.8A priority Critical patent/CN114726774B/en
Publication of CN114726774A publication Critical patent/CN114726774A/en
Application granted granted Critical
Publication of CN114726774B publication Critical patent/CN114726774B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/58Association of routers
    • H04L45/586Association of routers of virtual routers

Abstract

The application discloses a method for realizing a cloud platform service chain, wherein a cloud platform comprises a first data center and a second data center, interaction between the first data center and the second data center is realized through the service chain, and the method comprises the following steps: receiving a user instruction, and creating a source network and a destination network according to the user instruction, wherein a first data center comprises a data packet to be sent and is connected to the source network, and a second data center is connected to the destination network; inquiring a network port of the acquired service chain; sending a data packet to be sent from a first data center to a network port of a service chain through a source network; sending the received data packet to be sent to a second data center from a network of a service chain through a destination network, wherein the second data center generates response information; the network of the service chain receives the response message and sends the response message to the first data center. According to the method and the device, the creation of network interfaces can be reduced, and the convenience and maintainability of the operation and maintenance of the cloud platform are improved.

Description

Method and device for realizing service chain of cloud platform and system based on cloud platform
Technical Field
The present application relates to the field of cloud computing, and in particular, to a method and an apparatus for implementing a service chain of a cloud platform, and a system based on the cloud platform.
Background
With the application of virtualization technology, there are more and more virtual machines in an IT (information technology) environment, and the on-going cloud computing/cloud service can perform uniform and efficient management of virtual machines in the IT environment, which can provide available, convenient, on-demand network access into a configurable pool of computing resources. OpenStack is an open source project in which large enterprises and individuals actively participate as a current popular cloud service platform. Specifically, the OpenStack is a community, a project and open source software, and can provide open source code software to establish public and private clouds; but it can provide an operating platform or toolset for deploying the cloud. Currently, when a large-scale data center OpenStack cloud computing environment is deployed by an enterprise, a Software Defined Network (SDN) architecture is generally used as a Network component of a cloud computing platform, various Network functions are virtualized and effectively managed through the SDN, the Network quality of the whole cloud environment is improved, rich functions are provided, and the cloud environment is more flexible and more powerful than the cloud environment of a traditional non-SDN Network.
The service chain can provide flexible Network service for users in cloud computing, and by defining Virtual Network Function (VNF) Virtual machines as nodes in the middle of the service chain, connecting the nodes in series or in parallel with the associated Network, and defining a flow matching rule on a path, the Network function with high degree of freedom can be realized, and the requirements of different users are met. At present, each cloud manufacturer defines a plurality of interfaces in a VNF virtual machine as an access of a service chain, and uses a traffic direction technology to connect different virtual networks, so as to provide a specific service for a user. For example, chinese patent application CN201610998563.3 discloses a service chain policy implementation method and a service chain policy implementation system, which adopt the following schemes: firstly, generating a service chain instruction according to a new security policy issued by security application, a subject and an object corresponding to the new security policy and security equipment corresponding to the new security policy, so that the flow of the object corresponding to the new security policy reaches a destination address after being processed by the security equipment; and then, carrying out policy consistency detection according to the service chain instruction and issuing a corresponding flow item to the destination switch. As another example, chinese patent application CN201910911308.4 discloses an inter-network service chain in which a centralized controller builds a service chain between a Bare Metal Server (BMS) and a virtual execution element or a remote BMS across multiple networks, and the controller builds a service chain between the BMS and the virtual execution element or the remote BMS using an ethernet virtual private network-virtual extensible local area network and an IP VPN such as a BGP/multiprotocol label switching (BGP/MPLS) internet protocol virtual private network.
However, the service chain in the existing cloud computing platform mostly has the following problems: on one hand, a service chain usually needs two network interfaces, one network interface is used as a data packet source to be connected with a source virtual network, and the other network interface is connected with a target virtual network, so that the original network is influenced, the original network resources are occupied, and the resource management of a cloud platform is complicated; on the other hand, in the case of cascading service chains, multiple pairs of interfaces need to be created in the source service network and the destination service network, and the routing configuration is complex, and there is also a performance problem in large-scale deployment. Under the above conditions, when a problem occurs in the data center, the fault recovery state is difficult to query, and the problem can be found only by executing a professional command for query and configuration, which increases the operation and maintenance difficulty. Based on this, there is a need for an improvement of the existing cloud platform-based service chaining scheme.
Disclosure of Invention
The application aims to provide a service chain scheme based on a cloud platform, which can realize fault recovery, so that the convenience and maintainability of a cloud platform system are improved.
The purpose of the application is realized by adopting the following technical scheme:
in a first aspect, a method for implementing a cloud platform service chain is provided, where a cloud platform includes a first data center and a second data center, and interaction is implemented between the first data center and the second data center through the service chain, and the method includes: receiving a user instruction, and creating a source network and a destination network according to the user instruction, wherein a first data center comprises a data packet to be sent and is connected to the source network, and a second data center is connected to the destination network; inquiring a network port of a service chain, wherein the service chain is a single-arm service chain; sending a data packet to be sent from a first data center to a network port of a service chain through a source network; sending the received data packet to be sent to a second data center from a network of a service chain through a destination network, wherein the second data center generates response information; and the network of the service chain receives the response information and sends the response information to the first data center.
In some optional embodiments, the network IP address of the service chain is different from the source network IP address and the destination network IP address, the service chain includes a first functional service chain and a second functional service chain, and the first functional service chain and the second functional service chain are arranged in series.
In some optional embodiments, the first functional service chain or the second functional service chain is a network function virtualization based service chain.
In some optional embodiments, the first data center or the second data center includes a compute node capable of executing a vRouter agent process and a management control node capable of executing a control routing manager.
In some optional embodiments, the vRouter agent process comprises: creating a BGP protocol thread: responding to the change of the local port, and informing the BGP protocol to a control routing management program; waiting for the control route manager to return the updated BGP route to perform a destination lookup of the packet.
In some optional embodiments, the vRouter agent process further includes creating a management service thread or creating a vRouter kernel thread.
In some optional embodiments, the control routing manager includes a flow of accepting user instructions: receiving a user instruction, and sending the user instruction to a vRouter agent management unit of a computing node of a first data center or a second data center; waiting for the vRouter agent management unit to execute the corresponding function and receiving an execution result; and returning the execution result and sending the execution result to the user.
In a second aspect, an apparatus for implementing a service chain of a cloud platform is provided, where the cloud platform includes a first data center and a second data center, and interaction is implemented between the first data center and the second data center through the service chain, and the apparatus includes: the command receiving module is used for receiving a command of a user and creating a source network and a destination network according to the command of the user, the first data center comprises a data packet to be sent and is connected to the source network, and the second data center is connected to the destination network; the query module is used for querying the network port of the acquired service chain, and the service chain is a single-arm service chain; the data packet sending module is used for sending a data packet to be sent from the first data center to a network port of the service chain through the source network; the response module is used for sending the received data packet to be sent to the second data center from the network of the service chain through the destination network, the second data center generates response information, the response information can be received by the network of the service chain, and the network of the service chain can send the response information to the first data center.
In a third aspect, a system based on a cloud platform is provided, where the cloud platform includes a first data center and a second data center, and interaction between the first data center and the second data center is realized through a service chain, and the system includes: the source network is used for being accessed by the first data center; the destination network is used for being accessed by the second data center; the service chain is used for transmitting a data packet to be transmitted from the first data center to a network port of the service chain through a source network; the data transmission system is used for transmitting a received data packet to be transmitted to a second data center through a destination network, and the second data center can generate response information; and the data center is used for receiving the response information and sending the response information to the first data center.
In some alternative embodiments, the network IP address of the service chain is different from the source network IP address and the destination network IP address.
In some optional embodiments, the service chain includes a first functional service chain and a second functional service chain, the first functional service chain and the second functional service chain are NFV-based service chains, and the first functional service chain and the second functional service chain are arranged in series.
In some optional embodiments, the first data center or the second data center comprises a vRouter agent process module, the vRouter agent process module comprising at least one of a management unit, a functional unit, and a port db unit; the management unit is used for controlling the communication of a control management program on a computing node of the first data center or the second data center and responding to the instruction of a user; the function unit comprises a preset function of a computing node of the first data center or the second data center; and the port db unit is used for recording the port type of the virtual machine on the current VRUTer node of the first data center or the second data center and the service chain rule of port binding.
In some optional embodiments, the first data center or the second data center further comprises a control route manager module, the control route manager module comprising at least one of a user interface unit, an agent communication unit, a route calculation unit, a BGP db unit; the user interface unit is used for receiving a user instruction, creating resources and/or generating an operation and maintenance instruction according to the user instruction; the agent communication unit is used for issuing a command of a user to the vRouter agent process module; the route calculation unit is used for carrying out route calculation according to the state reported by the vRouter agent of the current vRouter node; the BGP db unit is used for storing the route calculation result and recording BGP route information calculated by the current control route management program.
In a fourth aspect, an electronic device is provided, where the electronic device includes a memory, a processor, and a hardware module for executing a task, the memory stores a computer program, and the processor executes the computer program to implement: receiving a user instruction, and creating a source network and a destination network according to the user instruction, wherein a first data center comprises a data packet to be sent and is connected to the source network, and a second data center is connected to the destination network; inquiring a network port of a service chain, wherein the service chain is a single-arm service chain; sending a data packet to be sent from a first data center to a network port of a service chain through a source network; sending the received data packet to be sent to a second data center from a network of a service chain through a destination network, wherein the second data center generates response information; and the network of the service chain receives the response information and sends the response information to the first data center.
In a fifth aspect, a computer-readable storage medium is proposed, in which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the method as described above.
Different data centers are interacted through a single-arm service chain, the single-arm service chain NFV does not need to be accessed into a network served by the service chain, and compared with the existing service chain of the existing network structure with two ports, the method and the system can reduce the creation of network interfaces, reduce the fault occurrence of the NFV, reduce the influence on the existing virtual network as much as possible, and facilitate system upgrading; the control routing management program of the data center can provide interfaces for system operation and maintenance and management personnel to check cluster states of all the VROUR agent nodes in the cloud environment and maintain the cluster states, and compared with the traditional scheme that a fault problem can be found only by executing a professional command for query and configuration, the control routing management program can improve the convenience of operation and maintenance. Furthermore, compared with a dual-arm service chain, the single-arm service chain in the embodiment of the application can reduce the generated BGP routing table entries, reduce the communication data of a BGP protocol, is suitable for large-scale service chain deployment, and can improve the maintainability of the system.
Drawings
The present application is further described below with reference to the drawings and examples.
Fig. 1 is a schematic flowchart of a method for implementing a cloud platform service chain according to an embodiment of the present application;
fig. 2 is a diagram of a data center structure included in a system of a cloud platform according to an embodiment of the present application;
fig. 3 is a block diagram of a control routing manager module according to an embodiment of the present application;
fig. 4 is a schematic flowchart of a response user instruction request executed by a control routing manager module according to an embodiment of the present application;
fig. 5 is a schematic flowchart illustrating a vruter agent update request executed by a control routing manager module according to an embodiment of the present application;
fig. 6 is a block diagram of a vRouter agent process module according to an embodiment of the present application;
fig. 7 is a schematic flow chart of a vRouter agent process provided in an embodiment of the present application;
fig. 8 is a schematic diagram illustrating interaction between a first data center and a second data center through a service chain according to an embodiment of the present application;
fig. 9 is a schematic diagram of interaction between a first data center and a second data center through a service chain according to another embodiment of the present application;
fig. 10 is a device structure diagram for implementing a service chain of a cloud platform according to an embodiment of the present application
Fig. 11 is a block diagram of an electronic device according to an embodiment of the present application;
fig. 12 is a block diagram of a program product for implementing pipeline building according to an embodiment of the present application.
The present teachings will be described in more detail below with reference to exemplary embodiments thereof as illustrated in the accompanying drawings. While the present teachings are described in conjunction with various embodiments and examples, the present teachings are not intended to be limited to these embodiments.
Detailed Description
As will be recognized by those skilled in the art, the present teachings encompass various alternatives, modifications, and equivalents. Those of ordinary skill in the art having access to the teachings herein will recognize additional implementations, modifications, and embodiments, as well as other fields of use, which are within the scope of the present disclosure as described herein. Reference in the specification to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the teachings. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment. It should be understood that the various steps of the methods of the present teachings may be performed in any order and/or simultaneously as long as the teachings remain operational. Further, it should be understood that the apparatus and methods of the present teachings can include any number or all of the described embodiments as long as the teachings remain operable.
The technical scheme related by the application can realize the interaction between the user and the equipment, and the equipment comprises but is not limited to user equipment, network equipment or equipment formed by integrating the user equipment and the network equipment through a network. User equipment includes, but is not limited to, any mobile electronic product that can interact with a user, such as through a touch pad, for example: the mobile electronic product can adopt any operating system, such as an Android operating system and an iOS operating system. The network Device includes an electronic Device capable of automatically performing numerical calculation and information processing according to instructions set in advance or stored in advance, and the hardware includes, but is not limited to, a microprocessor, an Application Specific Integrated Circuit (ASIC), a Programmable Logic Device (PLD), a Field Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded Device, and the like. Network devices include, but are not limited to, computers, network hosts, a single network server, multiple sets of network servers, or a cloud of multiple servers; here, the Cloud is composed of a large number of computers or web servers based on Cloud Computing (Cloud Computing), which is a kind of distributed Computing, one virtual supercomputer consisting of a collection of loosely coupled computers. Including, but not limited to, the internet, a wide area Network, a metropolitan area Network, a local area Network, a VPN Network, a wireless Ad Hoc Network (Ad Hoc Network), etc. Preferably, the device may also be a program running on the user device, the network device, or a device formed by integrating the user device and the network device, the touch terminal, or the network device and the touch terminal through a network.
As described above, the service chain in the existing cloud computing platform has the following disadvantages: the existing service chain usually needs two network interfaces, one is used as a data packet source to be connected with a source virtual network, and the other is connected with a target virtual network, so that the original network is influenced, the original network resources are occupied, and the resource management of a cloud platform is relatively complicated; when the service chain is in cascade connection, multiple pairs of interfaces need to be established between the source service network and the destination service network, the routing configuration is complex, and the performance problem exists under large-scale deployment. With the two service chain structures, when a problem occurs in the data center, the fault recovery state is difficult to query, and the problem can be found only by executing a professional command for query and configuration, so that the operation and maintenance difficulty is increased. The application provides an improved service chain for a cloud platform, which can improve the convenience and maintainability of a cloud platform system.
The present application is further described with reference to the accompanying drawings and the detailed description, and it should be noted that, in the present application, the embodiments or technical features described below may be arbitrarily combined to form a new embodiment without conflict.
As shown in fig. 1, a method for implementing a cloud platform service chain according to an embodiment of the present application includes steps S101 to S105. The cloud platform can comprise one or more data centers, and interaction among different data centers can be realized through a service chain. In this embodiment, it is exemplified that the cloud platform includes a first data center and a second data center.
Step S101, receiving a user instruction, and creating a source network and a destination network according to the user instruction, wherein a first data center comprises a data packet to be sent and accesses the source network, and a second data center accesses the destination network.
In this embodiment, the cloud platform is a cloud environment formed based on an Openstack architecture, and the Tungsten fabric SDN is a component of a network management control unit in the cloud computing platform, and can provide a basic network service for Openstack. The user's instructions may be one or a combination of viewing instructions, execution instructions, maintenance instructions, management instructions, and the like.
Optionally, the vruter agent program running on the cloud computing node and the control routing management program running on the management control node can implement fault recovery of the cloud platform. And all the vRouter agent programs on all the running computing nodes of the data center contained in the cloud platform are connected and interacted with the control service of the management control node. In this embodiment, the first data center includes a compute node and a management control node, wherein: the compute node can execute a vroutier agent process and the management control node can execute a control routing manager. Similarly, the second data center also includes a compute node and a management control node.
Illustratively, a vRouter agent process may include: creating a BGP protocol thread; and responding to the local port change, performing BGP protocol notification to the control route manager, and waiting for the control route manager to return the updated BGP route so as to perform destination search of the data packet. Illustratively, the bgp (border Gateway Protocol) Protocol is a routing Protocol of an autonomous system running on a Transmission Control Protocol (TCP), and is mainly used to exchange routing information between different Autonomous Systems (AS). BGP is the only protocol for processing the network with the size of the Internet, and is also the only protocol capable of properly processing the multi-path connection between unrelated routing domains, and the reliability and the stability under the large-scale environment are well guaranteed. The state of the BGP finite state machine may be a combination of one or more of Idle, Connect, Active, openset, OpenConfirm, and Established.
Optionally, the vRouter agent process further includes creating a management service thread or creating a vRouter kernel thread.
Illustratively, the control routing management program includes a flow for receiving a user instruction, specifically: receiving a user instruction, and sending the user instruction to a vRouter agent management unit of a computing node of a first data center and/or a second data center; waiting for the result execution to complete to receive the execution result; and returning the execution result and sending the execution result to the user.
Step S102, a network port of the service chain is inquired and obtained, and the service chain is a single-arm service chain.
The network of the service chain, the source network and the destination network have corresponding IP addresses, respectively. In this embodiment, the network IP address of the service chain is different from the source network IP address and the destination network IP address. Specifically, the service chain may include a first functional service chain and a second functional service chain, and the first functional service chain and the second functional service chain are arranged in series. The first functional service chain or the second functional service chain is a Network Function Virtualization (NFV) based service chain.
Optionally, the port state of the NFV virtual machine on the current compute node can be recorded inside each vRouter agent process. And if the port state of the NFV virtual machine changes and the NFV virtual machine fails, notifying the control service of the management control node, receiving a BGP route sent to the NFV virtual machine by the control service of the control node, and providing a directional service for the flow on the current computing node.
Step S103, sending the data packet to be sent from the first data center to the network port of the service chain through the source network.
In this embodiment, the network port of the service chain NFV does not need to access the source virtual network nor the destination virtual network, and uses its own service chain independent network alone, and the data traffic is automatically introduced to the network interface of the service chain NFV through the vRouter agent and under the control of the BGP route.
Step S104, the received data packet to be sent is sent to a second data center from the network of the service chain through the destination network, and the second data center generates response information.
Step S105, the network of the service chain receives the response information and sends the response information to the first data center.
Illustratively, the control service running on the management control node can be responsible for receiving the virtual machine port information reported by each compute node vRouter agent, calculating a relevant BGP route and distributing the BGP route to other compute nodes, and simultaneously can communicate with the vRouter agent on each compute node, that is, communicate with the compute node, query the current state, execute an instruction of an operation/maintenance administrator, and return a relevant result.
In the embodiment of the application, the single-arm service chain NFV does not need to be accessed into a network served by the service chain, and compared with the existing service chain of the network structure with two ports, the single-arm service chain NFV can reduce the creation of network interfaces and the occurrence of faults of the NFV, can reduce the influence on the existing virtual network as much as possible, and is convenient for system upgrade; the control routing management program of the data center can provide interfaces for system operation and maintenance and management personnel to check cluster states of all the VROUR agent nodes in the cloud environment and maintain the cluster states, and compared with the traditional scheme that a fault problem can be found only by executing a professional command for query and configuration, the control routing management program can improve the convenience of operation and maintenance. Furthermore, compared with a dual-arm service chain, the single-arm service chain in the embodiment of the application can reduce the generated BGP routing table entries, reduce the communication data of a BGP protocol, is suitable for large-scale service chain deployment, and can improve the maintainability of the system.
A cloud platform based system may include a plurality of data centers. Fig. 2 is a schematic structural diagram of a data center included in the system of the cloud platform according to an embodiment of the present application, where the data center may be the first data center or the second data center as described above. Of course, the first data center or the second data center has the same structural composition, and the first data center and the second data center can realize interaction through the service chain. The client (the end C in the figure) can realize data interaction with the data center of the cloud platform in a wired connection mode or a wireless connection mode. The administrator or the user inputs an operation instruction, a maintenance instruction or a query instruction through the client. In one embodiment, the administrator logs into the hypervisor through the client to perform the execution.
The data center of the system of the cloud platform comprises a computing node and a control node. The control node can be connected with the client and the computing node at the same time, and the control node comprises a control routing management program module which can execute a control routing management program. A computing node may comprise a plurality of interconnected nodes. In this embodiment, the data center includes compute node1, compute node 2, and compute node 3, each compute node including a vrounter agent process module capable of running a vrounter agent program. Each computing node is provided with a control plane and a data plane, and the control plane is responsible for operation and maintenance, reporting the state and receiving BGP (border gateway protocol) routing; the data plane is responsible for Network Function Virtualization (NFV) packet forwarding. In this embodiment, the computing node1, the computing node 2, and the computing node 3 are independently connected to the control node at the control plane, and data interaction can be implemented between the three at the data plane.
Fig. 3 is a block diagram of a control routing manager module according to an embodiment of the present invention, which includes a user interface unit 310, an agent communication unit 320, a routing calculation unit 330, a first BGP db unit 340, a first BGP protocol unit 350, and the like. The user interface unit 310 is configured to receive an instruction from a user, create a resource according to the instruction from the user, and/or generate an operation and maintenance instruction. agent communication unit 320 is configured to issue the user's instruction to the vRouter agent process module. The route calculating unit 330 is configured to perform route calculation according to the state reported by the vRouter agent of the current vRouter node. The first BGP db unit 340 is configured to store the route calculation result and record BGP route information calculated by the current control route manager. The first BGP protocol unit 305 includes a BGP protocol portion that may be an open, update, notification, keepalive, or route-refresh message type.
In one embodiment, the user's instruction received by the user interface unit 310 may be a create resource or an operation and maintenance instruction. Illustratively, when a user creates a service chaining rule, the following information needs to be provided:
key with a key body Value of Description of the invention
Src Net1 Source network
Dst Net2 Destination network
Match Tcp/80 Matched packet types
To NFVport Port name of NFV
In one embodiment, the first BGP db unit 340 records BGP routing information computed by the current control routing manager as follows:
key(s) Value of Description of the invention
Route_prefix 10.0.0.0/24 Destination network routing prefix
Proto 80/tcp Data packet protocol
Path Vrouter-agent2 Destination vroutergent name of transmission
Prio 1 Priority of routing
The control routing management program can be divided into two parts, wherein one part is responsible for responding to the user instruction request, the other part is responsible for the updating request of the virtual router agent, and the two parts can respectively and independently run. Wherein, the process responsible for responding to the user instruction request may include: receiving a user instruction flow: starting to wait for user instruction input after the program is started; receiving a corresponding instruction, and sending the instruction to a VROUTER agent management unit of a corresponding node; waiting for the execution of the corresponding function by the VRouter agent management unit to be completed, and receiving an execution result; and returning the execution result to the user. The control routing manager may respond only to user command requests, only to vroutter agent update requests, or both.
Fig. 4 is a flowchart of response to a user command request executed by the control routing manager module. Which includes steps S401-S403.
Step S401, receiving the instruction of the user through the user interface unit 310, and sending the instruction of the user to the vrounter agent process module of the computing node of the first data center. In this embodiment, the instruction of the user can be parsed into an instruction for management and operation and maintenance, specifically:
instructions Action
GetbgpNode1 Obtaining the content of the bgpdb table on Node1
GetportNode1 Obtaining port database content on Node1
Step S402, waiting for the vRouter agent process module to execute the corresponding function and receiving the execution result; the corresponding function refers to a function corresponding to an instruction of a user.
Step S403, returns the execution result and sends it to the user.
Fig. 5 is a flowchart of a vRouter agent update request executed by a control routing manager module, which includes:
step S501, monitoring a vRouter agent update request through the agent communication unit 320;
step S502, in response to monitoring the vRouter agent update request, calculating a BGP route through the route calculation unit 330, and updating the calculated BGP route to the first BGP db unit 340;
step S503, the updated BGP route is returned to the vRouter agent node through the BGP protocol in the first BGP protocol unit 350.
In one embodiment, a vRouter agent update request may include:
firstly, reporting port data on a current node by a vRouter agent;
secondly, the route calculating unit 330 of the control route manager module calculates a BGP route according to the service chain rule of the port connection of the current environment and records the calculated BGP route result to the first BGP db unit 340; obtaining a vRouter agent node passed by each subsequent hop and a port passed by the previous hop according to the service chain rule and port data on the current node;
finally, all the connected vRouter agent nodes are synchronized through the BGP protocol of the first BGP protocol unit 350, and the first BGP db unit 340 of the aforementioned nodes is updated.
Fig. 6 is a block diagram of a vRouter agent process module according to an embodiment of the present application, which includes a management unit 610, a functional unit 620, a port db unit 630, and the like. Management unit 610 is used to control hypervisor communications on the compute nodes of the first data center or the second data center, as well as to respond to user instructions. The function unit 620 includes a preset function of a computing node of the first data center or the second data center. The port db unit 630 is configured to record a port type of a virtual machine on a current vRouter node of the first data center or the second data center and a service chain rule of port binding. Further, the vroutier agent process module may also include a second BGP db unit 640 and a second BGP protocol unit 650. Optionally, the second BGP db unit 640 may record BGP routing information on the current vRouter node, and the BGP protocol included in the second BGP protocol unit 650 may be a standard library of a common BGP communication protocol algorithm implemented in any programming language, and in this embodiment, no specific limitation is imposed on the type of the BGP protocol.
In one embodiment, management unit 610 is responsible for communicating with the control manager on the control node, responding to the administrator/operation and maintenance command, invoking function unit 620 to execute the preset function, and returning the result after the preset function is executed.
Illustratively, the inclusion of predefined node functions in functional unit 620 may include one or more of the following:
1) stopping or starting the vRouter service of the current node;
2) configuring a current node vRouter service parameter;
3) the current state of the vRouter is monitored and the ports in the vRouter are updated into the port db unit 630.
4) The contents of the second BGP db unit 640 in the current BGP db are obtained.
5) Obtaining the content in the current port db unit 630;
6) receiving the BGP route sent by the management unit 610 and updating the BGP route to the second BGP db unit 640;
7) and receiving the data packet sent out by the current node vRouter and performing path search in the second BGP db unit 640.
In one embodiment, the port db unit 630 records the virtual machine port type on the current vRouter node and the service chaining rules of the port binding in real time. Illustratively, the port types are as follows:
port type Description of the invention
NFV Port used by service chain NFV
Compute Port used by virtual machine in common virtual network
In one embodiment, the second BGP db unit 640 records BGP routing information on the current vruterer node as follows:
key(s) Value of Description of the invention
Route_prefix 10.0.0.0/24 Destination network routing prefix
Proto 80/tcp Data packet protocol
Path Vrouter-agent2 Destination vroutergent name of transmission
Prio 1 Priority of routing
In one embodiment, when the vroutagent process program of the vroutagent process module is started, three threads, namely a management service thread, a vRouter kernel thread and a BGP protocol thread, are created in parallel. The management service thread can respond to a query and/or management command issued by a user, and is mainly used for investigating and debugging problems; the vruter kernel thread is responsible for forwarding a specific data surface, and informs the second local BGP db unit 640 to update data when a data surface port changes or a new flow occurs; the BGP protocol thread is responsible for communicating with the BGP protocol portion of the control routing manager, responding to BGP messages, and updating data to the BGP db unit.
Fig. 7 is a schematic view of a process flow of a vRouter agent according to an embodiment of the present application, which mainly includes three parallel thread flows.
The flow of the corresponding management service thread comprises the following steps: step S711, creating a management service thread; step S712, waiting for the control node to issue a management command; step S713, in response to the management command, calls the relevant management function of the management unit 610.
The process corresponding to the vRouter kernel thread includes: step S721, creating a vRouter kernel thread; step S722, waiting for the vRouter core to notify the port and/or the data wrapper; step S723, requesting to update the local second BGP db unit 640, and sending the data to the control route management node; step S724, according to the data packet, querying BGP db, and sending the data packet to the destination.
The flow corresponding to the BGP protocol thread comprises the following steps: step S731, creating a BGP protocol thread; step S732, waiting for the control route management to send the BGP protocol; step S733, updating the BGP protocol content of the second BGP db unit 640 in response to the received BGP protocol and the update request of the second BGP db unit 640.
Optionally, the first data center is accessed to the source network, the second data center is accessed to the destination network, and the interaction between the first data center and the second data center is implemented through a service chain. The service chain can firstly send a data packet to be sent from a first data center to a network port of the service chain through a source network; then, the service chain sends the received data packet to be sent to a second data center through a destination network, and the second data center can generate response information; then, the service chain receives the response information; finally, the service chain sends the response information to the first data center.
In one embodiment, the cloud platform is illustrated as including a first data center and a second data center. As shown in fig. 8, in an embodiment of the application, a schematic diagram of interaction between a first data center and a second data center through a service chain includes specific parameters set as: at vRouter agent node1 (vRouter-agent 1 in fig. 8), first data center VM1 accesses virtual network 1 (virtual net11 in fig. 8) with an ip address of 10.0.0.1; at vRouter agent node 2 (vRouter-agent 2 in fig. 8), second data center VM2 accesses virtual network 2 (virtual net12 in fig. 8) with an ip address of 20.0.0.1; in vRouter agent node 3 (vRouter-agent 3 in fig. 8), the service chain is a single-arm service chain NFV and is set in virtual network 3 (virtual net13 in fig. 8), the ip address is 30.0.0.1, and neither access virtual network 1 nor virtual network 2 is accessed. Illustratively, the user creates the following service chaining rules:
Src Dst Match To
10.0.0.0/24 20.0.0.0/24 Any 30.0.0.1
the simplest service chain created by the user is for traffic from virtual network 1 to virtual network 2 to go through the single-arm service chain NFV (20.0.0.1). And the service chain rule is converted by a control routing management program and finally sent to each Router agent node through a BGP protocol. Referring further to fig. 8, BGP tables at each vRouter agent node of the cloud platform are arranged in a format of "route _ prefix, proto, path, prio".
Corresponding to the interaction between the first data center and the second data center through the service chain in the cloud platform, the parsing of the data stream in the cloud platform may include:
a. a data packet (to-be-sent data packet) sent from the first data center VM1 to the second data center VM2 is looked up in the BGP table of the net1 of the vrouter-agent 1 node, and it is found that the path is 30.0.0.1/net 3/vrouter-agent 3, that is, the 30.0.0.1 interface on the net3 that needs to be sent to the vrouter-agent 3, and the network card of the NFV1 is determined.
b. After the single-arm service chain NFV receives and processes, the single-arm service chain NFV is sent out from 30.0.0.1, and a BGP table on net3 of vrouter-agent 3 is searched, where path is net 2/vrouter-agent 2, that is, the path needs to be sent to the net2 network of vrouter-agent 2.
c. The second data center VM2 is on the net2, and therefore can directly receive the message and return the response packet, and at this time, look up the BGP table of net2 corresponding to the node of vrouter-agent2, with a path of 30.0.0.1/net 3/vrouter-agent 3, and send the response packet to the 30.0.0.1 interface (network card of NFV 1) on net3 of vrouter-agent 3.
d. And the single-arm service chain NFV searches a BGP table of net3 of the vrouter-agent 3 node after receiving the response message, and sends a response data packet to the VM1 of the vrouter-agent 1 node.
In this embodiment, the control routing management program provides an interface for system operation and maintenance personnel to check the cluster state of each vrouter-agent node in the cloud environment and maintain the cluster state. In the whole process, the NFV does not need to be accessed into the virtual network 1 of the first data center or the virtual network 2 of the second data center, BGP routes obtained by calculating the control route management program are distributed to different router agent nodes through a BGP route protocol, so that a single-arm service chain can be realized, and the establishment of network interfaces is reduced. And reduces the occurrence of NFV failures. The BGP routing technology is used for realizing the function of externally providing the service chain under the condition that no network card is added in the service chain NFV, and the method has great convenience and maintainability. In addition, compared with a double-arm service chain, the single-arm service chain reduces BGP routing table entries, reduces communication data of a BGP protocol, and is suitable for large-scale service chain deployment.
In one embodiment, the cloud platform including the first data center and the second data center is also taken as an example, and the difference is that a plurality of service chains are connected in series to form the NFV. As shown in fig. 9, in another embodiment of the present application, a schematic diagram of a serial interaction between a first data center and a second data center through a service chain includes the following specific parameters: at vRouter agent node1 (vRouter-agent 1 in fig. 9), first data center VM1 accesses virtual network 1 (virtual net11 in fig. 9) with an ip address of 10.0.0.1; at vRouter agent node 2 (vRouter-agent 2 in fig. 9), second data center VM2 accesses virtual network 2 (virtual net12 in fig. 9) with an ip address of 20.0.0.1. In vRouter agent node 3 (vRouter-agent 3 in fig. 9), the single-arm tandem service chain NFV1 has an ip address of 30.0.0.1 in virtual network 3 (virtual net13 in fig. 9), and has neither access to virtual network 1 nor virtual network 2. Likewise, in vRouter agent node 4 (vRouter-agent 4 in fig. 9), the single-arm tandem service chain NFV2 has an ip address of 40.0.0.1 in virtual network 4 (virtual net14 in fig. 9), and has neither access to virtual network 1 nor virtual network 2. Corresponding to the aforementioned settings, the user now creates the following service chaining rules.
Src Dst Match To
10.0.0.0/24 20.0.0.0/24 Tcp 30.0.0.1,40.0.0.1
Corresponding to fig. 9, traffic from VM1 to VM2 needs to pass through NFV1 and then NFV2 to reach VM2 virtual machine. In one embodiment, a data stream parsing process in a cloud platform includes the following steps.
I. A packet sent from VM1 to VM2 is sent to a 30.0.0.1 interface on a network of vrouter-agent 3 nodes net3 by first looking up a port of NFV1 in a BGP table of net1 on vrouter-agent 1, where the path is 30.0.0.1/net 3/vrouter-agent 3.
And II, sending a port for inquiring NFV2 from 30.0.0.1 after the NFV1 receives the message processing, searching a BGP table of net3 of the virtual router-agent 3 at the moment, wherein the path is 40.0.0.1/net 4/virtual router-agent 3, and sending the port to a 40.0.0.1 interface of a virtual router-agent 4 node net4 network.
And III, after the NFV2 receives the processed message, sending a port for inquiring the VM1 from 40.0.0.1, searching a BGP table of net4 of the virtual router-agent 3 at the moment, wherein the path is net 2/virtual router-agent2, and sending the port to a virtual router-agent2 node net2 network.
And IV, the VM2 receives the message and returns a response packet. Since VM2 is on net2, the BGP table of net2 of vrouter-agent2 can be searched at this time, and the path is 40.0.0.1/net4/vrouter-agent 3, and the reply packet is sent to 40.0.0.1 interface on net4 of vrouter-agent 3, that is, the network card of NFV 2.
And V, the NFV2 searches a BGP table of net4 of the vrouter-agent 3 after receiving the response message, the path is 30.0.0.1/net 3/vrouter-agent 3, and a data packet is sent to the NFV 1.
And VI, the NFV1 searches a BGP table of net3 of the vroutter-agent 3 after receiving the response message, the path is net 1/vroutter-agent 1, and the VM1 receives the response message.
In the embodiment of the application, a plurality of NFV service chains are connected in series without accessing to the virtual network 1 and the virtual network 2, so that the service chain use scene is greatly improved, the existing virtual machine and network are not influenced, and the purpose can be achieved only by using an additional network. In addition, the single-arm service chain NFV uses an additional network, does not access the existing network, has little influence on the existing virtual network, and is convenient for system upgrade.
On the basis of the foregoing method, the embodiment of the present application further provides a device for implementing a service chain of a cloud platform, where the cloud platform includes a first data center and a second data center, and the first data center and the second data center implement interaction through the service chain, and the device includes a command receiving module 1010, an inquiry module 1020, a data packet sending module 1030, and a response module 1040. The command receiving module 1010 is configured to receive an instruction of a user, and create a source network and a destination network according to the instruction of the user, where a first data center includes a data packet to be sent and accesses the source network, and a second data center accesses the destination network. The query module 1020 is configured to query a network port for obtaining a service chain, where the service chain is a single-arm service chain. The data packet sending module 1030 is configured to send a data packet to be sent from the first data center to a network port of the service chain through the source network. The response module 1040 is configured to send the received data packet to be sent from the network of the service chain to the second data center via the destination network, and the second data center generates response information, where the response information can be received by the network of the service chain, and the network of the service chain can send the response information to the first data center.
Optionally, the network IP address of the service chain is different from the source network IP address and the destination network IP address, the service chain includes a first functional service chain and a second functional service chain, and the first functional service chain and the second functional service chain are arranged in series.
Optionally, the first functional service chain or the second functional service chain is a Network Function Virtualization (NFV) based service chain.
Optionally, the first data center or the second data center includes a compute node and a management control node, where the compute node can execute a vruter agent process, and the management control node can execute a control routing management program. Illustratively, a vRouter agent process may include creating a BGP protocol thread, creating a management service thread, or creating a vRouter kernel thread.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, all functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may be separately regarded as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
Referring to fig. 11, an electronic device 200 is further provided in an embodiment of the present application, where the electronic device 200 includes at least one memory 210, at least one processor 220, and a bus 230 connecting different platform systems.
The memory 210 may include readable media in the form of volatile memory, such as Random Access Memory (RAM)211 and/or cache memory 212, and may further include Read Only Memory (ROM) 213.
Wherein the memory 210 further stores a computer program executable by the processor 220 to cause the processor 220 to perform: receiving a user instruction, and creating a source network and a destination network according to the user instruction, wherein a first data center comprises a data packet to be sent and is connected to the source network, and a second data center is connected to the destination network; inquiring a network port of a service chain, wherein the service chain is a single-arm service chain; sending a data packet to be sent from a first data center to a network port of a service chain through a source network; sending the received data packet to be sent to a second data center from a network of a service chain through a destination network, wherein the second data center generates response information; and the network of the service chain receives the response information and sends the response information to the first data center.
Memory 210 may also include a program/utility 214 having a set (at least one) of program modules 215, such program modules 215 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment. Accordingly, the processor 220 can execute the computer programs described above, as well as execute the programs/utilities 214.
Bus 230 may be any type representing one or more of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or a local bus using any of a variety of bus architectures.
The electronic device 200 may also communicate with one or more external devices 240, such as a keyboard, pointing device, Bluetooth device, etc., and may also communicate with one or more devices capable of interacting with the electronic device 200, and/or with any devices (e.g., routers, modems, etc.) that enable the electronic device 200 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 250. Also, the electronic device 200 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the Internet) via the network adapter 260. The network adapter 260 may communicate with other modules of the electronic device 200 via the bus 230. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 200, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, and data backup storage platforms, to name a few.
Fig. 12 shows a program product 300 for implementing the above method provided by the present embodiment, which may adopt a portable compact disc read only memory (CD-ROM) and include program codes, and may run on a terminal device, such as a personal computer: receiving a user instruction, and creating a source network and a destination network according to the user instruction, wherein a first data center comprises a data packet to be sent and is connected to the source network, and a second data center is connected to the destination network; inquiring a network port of a service chain, wherein the service chain is a single-arm service chain; sending a data packet to be sent from a first data center to a network port of a service chain through a source network; sending the received data packet to be sent to a second data center from a network of a service chain through a destination network, wherein the second data center generates response information; and the number of the first and second groups,
the network of the service chain receives the response message and sends the response message to the first data center.
The program product 300 of the present application is not so limited, and in the present application, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. Program product 300 may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing. Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The above description and drawings are only for the purpose of illustrating preferred embodiments of the present application and are not to be construed as limiting the present application, so that all the similar or equivalent structures, devices, features and the like which are similar or equivalent to the structure, the device and the feature of the present application, i.e., the equivalent replacement or modification made in accordance with the scope of the present application, are all within the scope of the present application.

Claims (15)

1. A method for realizing a cloud platform service chain is provided, the cloud platform comprises a first data center and a second data center, and the first data center and the second data center realize interaction through the service chain, and the method comprises the following steps:
receiving a user instruction, and creating a source network and a destination network according to the user instruction, wherein the first data center comprises a data packet to be sent and is accessed to the source network, and the second data center is accessed to the destination network;
inquiring and acquiring a network port of the service chain, wherein the service chain is a single-arm service chain;
sending the data packet to be sent from the first data center to a network port of the service chain through the source network;
sending the received data packet to be sent from the network of the service chain to the second data center through the destination network, wherein the second data center generates response information; and the number of the first and second groups,
and the network of the service chain receives the response information and sends the response information to the first data center.
2. The method for implementing the service chain of the cloud platform according to claim 1, wherein the network IP address of the service chain is different from the source network IP address and the destination network IP address, the service chain comprises a first functional service chain and a second functional service chain, and the first functional service chain and the second functional service chain are arranged in series.
3. The method for implementing the service chain of the cloud platform according to claim 2, wherein the first functional service chain or the second functional service chain is a Network Function Virtualization (NFV) based service chain.
4. The method for service chaining implementation for a cloud platform according to any one of claims 1 to 3, wherein said first or second data center comprises a compute node capable of executing a vRouter agent process and a management control node capable of executing a control routing manager.
5. The method for service chaining implementation for a cloud platform as in claim 4, wherein said vRouter agent process comprises:
creating a BGP protocol thread:
responding to the change of the local port, and informing the BGP protocol to a control routing management program;
waiting for the control route manager to return the updated BGP route to perform a destination lookup of the packet.
6. The method for service chaining implementation of a cloud platform of claim 5, wherein said VRouter agent process further comprises creating a management service thread or creating a VRouter kernel thread.
7. The method for service chaining implementation by a cloud platform according to claim 4, wherein said control routing management program comprises a user instruction accepting flow:
receiving a user instruction, and sending the user instruction to a vRouter agent management unit of a computing node of the first data center or the second data center;
waiting for the corresponding function executed by the VROUNT management unit and receiving an execution result;
and returning an execution result and sending the execution result to the user.
8. An apparatus for implementing a service chain of a cloud platform, the cloud platform including a first data center and a second data center, the first data center and the second data center implementing interaction through the service chain, the apparatus comprising:
the command receiving module is used for receiving a command of a user and creating a source network and a destination network according to the command of the user, the first data center comprises a data packet to be sent and is connected to the source network, and the second data center is connected to the destination network;
the query module is used for querying and acquiring the network port of the service chain, and the service chain is a single-arm service chain;
a data packet sending module, configured to send the data packet to be sent from the first data center to a network port of the service chain via the source network;
the response module is configured to send the received data packet to be sent from the network of the service chain to the second data center via the destination network, and the second data center generates response information, where the response information can be received by the network of the service chain, and the network of the service chain can send the response information to the first data center.
9. A system based on a cloud platform, wherein the cloud platform comprises a first data center and a second data center, and the first data center and the second data center realize interaction through a service chain, and the system comprises:
a source network for access by the first data center;
a destination network for access by the second data center;
the service chain is used for sending a data packet to be sent from the first data center to a network port of the service chain through the source network; the data transmission system is used for transmitting the received data packet to be transmitted to the second data center through the destination network, and the second data center can generate response information; and the data center is used for receiving the response information and sending the response information to the first data center.
10. The cloud platform-based system of claim 9, wherein the network IP address of the service chain is different from the source network IP address and the destination network IP address.
11. The cloud platform-based system of claim 10, wherein the service chain comprises a first functional service chain and a second functional service chain, the first functional service chain and the second functional service chain are NFV-based service chains, and the first functional service chain and the second functional service chain are arranged in series.
12. The cloud platform-based system of claim 9, wherein the first data center or the second data center comprises a vruter agent process module comprising at least one of a management unit, a functional unit, a port db unit;
the management unit is used for controlling c ontrol management program communication on a computing node of the first data center or the second data center and responding to the instruction of the user;
the functional unit comprises a preset function of a computing node of the first data center or the second data center;
and the port db unit is used for recording the port type of the virtual machine on the current vRoute node of the first data center or the second data center and the service chain rule of port binding.
13. The cloud platform-based system of claim 12, wherein the first data center or the second data center further comprises a control route manager module comprising at least one of a user interface unit, an agent communication unit, a route calculation unit, a BGP db unit;
the user interface unit is used for receiving a user instruction, creating resources and/or generating an operation and maintenance instruction according to the user instruction;
the agent communication unit is used for issuing the instruction of the user to the vRouter agent process module;
the route calculation unit is used for carrying out route calculation according to the state reported by the vRouter agent of the current vRouter node;
and the BGP db unit is used for storing a route calculation result and recording BGP route information calculated by the current control route management program.
14. An electronic device comprising a memory, a processor and hardware modules for performing tasks, the memory storing a computer program, the processor implementing the steps of the method according to any of claims 1-7 when executing the computer program.
15. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7.
CN202210367519.8A 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system Active CN114726774B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210367519.8A CN114726774B (en) 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210367519.8A CN114726774B (en) 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system

Publications (2)

Publication Number Publication Date
CN114726774A true CN114726774A (en) 2022-07-08
CN114726774B CN114726774B (en) 2023-06-23

Family

ID=82242419

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210367519.8A Active CN114726774B (en) 2022-04-08 2022-04-08 Method and device for realizing service chain of cloud platform and cloud platform-based system

Country Status (1)

Country Link
CN (1) CN114726774B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115174474A (en) * 2022-09-08 2022-10-11 浙江九州云信息科技有限公司 Private cloud SFC implementation method and device based on SRv6

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104780099A (en) * 2014-01-10 2015-07-15 瞻博网络公司 Dynamic end-to-end network path setup across multiple network layers with network service chaining
CN107819663A (en) * 2017-11-27 2018-03-20 锐捷网络股份有限公司 A kind of method and apparatus for realizing virtual network function service chaining
CN112019437A (en) * 2019-05-31 2020-12-01 瞻博网络公司 Inter-network service chaining
WO2021173318A1 (en) * 2020-02-24 2021-09-02 Cisco Technology, Inc. Vrf segregation for shared services in multi-fabric cloud networks

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104780099A (en) * 2014-01-10 2015-07-15 瞻博网络公司 Dynamic end-to-end network path setup across multiple network layers with network service chaining
CN107819663A (en) * 2017-11-27 2018-03-20 锐捷网络股份有限公司 A kind of method and apparatus for realizing virtual network function service chaining
CN112019437A (en) * 2019-05-31 2020-12-01 瞻博网络公司 Inter-network service chaining
WO2021173318A1 (en) * 2020-02-24 2021-09-02 Cisco Technology, Inc. Vrf segregation for shared services in multi-fabric cloud networks

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115174474A (en) * 2022-09-08 2022-10-11 浙江九州云信息科技有限公司 Private cloud SFC implementation method and device based on SRv6

Also Published As

Publication number Publication date
CN114726774B (en) 2023-06-23

Similar Documents

Publication Publication Date Title
CN110830357B (en) Multi-cloud virtual computing environment provisioning using advanced topology description
US11700237B2 (en) Intent-based policy generation for virtual networks
CN111355604B (en) System and method for user customization and automation operations on software defined networks
EP3582441B1 (en) Virtualization infrastructure underlay network performance measurement and monitoring
US11588708B1 (en) Inter-application workload network traffic monitoring and visuailization
KR101692890B1 (en) Chassis controllers for converting universal flows
US11290367B2 (en) Hierarchical network configuration
US7941539B2 (en) Method and system for creating a virtual router in a blade chassis to maintain connectivity
US11451450B2 (en) Scalable control plane for telemetry data collection within a distributed computing system
CN104584491A (en) System and method providing distributed virtual routing and switching (DVRS)
CN106302076B (en) Method and system for establishing VXLAN tunnel and SDN controller
CN114500169A (en) Method for establishing VXLAN tunnel, method and device for forwarding message
Chen et al. An sdn-based fabric for flexible data-center networks
CN114726774B (en) Method and device for realizing service chain of cloud platform and cloud platform-based system
JP2024507146A (en) Packet flow in cloud infrastructure based on cached and non-cached configuration information
CN112968879A (en) Method and equipment for realizing firewall management
JP2019075785A (en) Computer device and operation method thereof, and cloud network system
Xiong et al. Architecture Design of SDN Operating System Based on Linux Kernel
JP2024507147A (en) Disabling cached flow information in cloud infrastructure
JP2024503599A (en) Synchronization of communication channel state information for highly available flows
CN115941513A (en) Cloud-local software-defined network architecture

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20230601

Address after: Room 1602, No. 6, Financial Third Street, Wuxi Economic Development Zone, Jiangsu Province, 214,000

Applicant after: Anchao cloud Software Co.,Ltd.

Address before: Room 1601, no.6, financial Third Street, Wuxi Economic Development Zone, Jiangsu Province, 214000

Applicant before: Jiangsu Anchao cloud Software Co.,Ltd.

GR01 Patent grant
GR01 Patent grant