CN116016438A

CN116016438A - Method and system for uniformly distributing IP addresses by multiple subnets based on container cloud platform

Info

Publication number: CN116016438A
Application number: CN202211591218.XA
Authority: CN
Inventors: 蓝维洲; 吴锟; 薛子谦; 杨涛; 颜开
Original assignee: Shanghai Daoke Network Technology Co ltd
Current assignee: Shanghai Daoke Network Technology Co ltd
Priority date: 2022-12-12
Filing date: 2022-12-12
Publication date: 2023-04-25
Anticipated expiration: 2042-12-12
Also published as: CN116016438B

Abstract

The application relates to the technical field of container cloud platforms and provides a method and a system for uniformly distributing IP addresses by multiple subnets based on a container cloud platform. The method comprises the following steps: establishing a binding relation between a target application and a plurality of IP address pools; the container cloud platform comprises a plurality of subnets, each subnet comprises all IP addresses in at least one IP address pool, each subnet corresponds to at least one node in the container cloud platform, and the IP address pools are bound with at least one node in the container cloud platform; in response to receiving a request for allocating an IP address to a target application instance of a target application, determining a target IP address pool bound with a target node based on identification information of the target node for deploying the target application instance; and selecting a target IP address from at least one unassigned IP address contained in the target IP address pool, and assigning the target IP address to the target application instance. Therefore, the target application instance is classified into the designated subnet through IP address allocation under the multi-subnet scene.

Description

Method and system for uniformly distributing IP addresses by multiple subnets based on container cloud platform

Technical Field

The application relates to the technical field of container cloud platforms, in particular to a method, a system, a computer readable storage medium and electronic equipment for uniformly distributing IP addresses based on multiple subnets of a container cloud platform.

Background

In a container cloud platform, an application typically contains multiple application instances, each running in a container group (Pod). To enable application instances to communicate with each other, an IP address needs to be assigned to the set of containers in which each application instance is located.

Under the traditional application scene, the IP addresses of different nodes in the same cluster are generally set in the same network, so that communication data packets can be directly sent between different application instances in the same cluster for communication. With the rapid development of container technology, a service system in a container cloud platform is more and more complex, corresponding network environments are diversified, and in some use cases of production practice, the situation that different nodes of the same cluster belong to different networks occurs, at this time, a container cloud platform manager generally divides the different networks into one or more subnets, and when an application is deployed, IP addresses of the specified subnets need to be manually allocated to the application instance according to the node where the application instance is located.

Taking the Kubernetes system as an example, in the deployment process of an application instance, the IP address of the container group is generally allocated by the CNI (Container Network Interface) plugin, and in a default situation, the CNI plugin randomly selects a certain unallocated IP address from all the IP addresses to allocate to the newly-built container group, that is, the CNI plugin cannot allocate the IP address of the designated subnet to the application instance according to the node deployed by the application instance, and cannot realize the uniform allocation of the IP address in the multi-subnet scenario, although the related technology allows the container cloud platform administrator to manually allocate the IP address of the designated subnet to the application instance, the allocation mode is complex in operation, low in efficiency and easy to make mistakes.

Accordingly, there is a need to provide an improved solution to the above-mentioned deficiencies of the prior art.

Disclosure of Invention

The invention aims to provide a method, a system, a computer readable storage medium and electronic equipment for uniformly distributing IP addresses based on multiple subnets of a container cloud platform, so as to solve or alleviate the problems in the prior art.

In order to achieve the above object, the present application provides the following technical solutions:

the application provides a method for uniformly distributing IP addresses by multiple subnets based on a container cloud platform, which comprises the following steps:

Establishing a binding relation between the target application and a plurality of IP address pools; each IP address pool comprises at least one IP address, the container cloud platform comprises a plurality of subnets, each subnet comprises all IP addresses in at least one IP address pool, each subnet corresponds to at least one node in the container cloud platform, and the IP address pool is bound with at least one node in the container cloud platform;

in response to receiving a request for allocating an IP address to a target application instance of the target application, determining a target IP address pool bound with a target node for deploying the target application instance based on identification information of the target node;

and selecting a target IP address from at least one unassigned IP address contained in the target IP address pool, and assigning the target IP address to the target application instance so as to realize the assignment of the target application instance to the subnet corresponding to the target IP address pool.

In this embodiment, the container cloud platform includes multiple subnets, and because each subnet corresponds to at least one node in the container cloud platform, the IP address pool is bound to at least one node, when the target application instance is deployed to the target node of the container cloud platform, the target IP address pool bound to the target node can be found based on the identification information of the target node, and the target IP address is selected from the target IP address pool and allocated to the target application instance, so that the application instance of the target application can be allocated to the designated subnet without manual operation of a container cloud platform administrator, and unified allocation of IP addresses under the multi-subnet scenario is achieved.

In the above technical solution, the establishing a binding relationship between the target application and the plurality of IP address pools specifically includes:

setting an address pool tag field in a resource file of the target application, and writing identification information of a plurality of IP address pools into the address pool tag field.

In this embodiment, an address pool tag field (such as an isolation field) is set in a development file of an application, and identification information of an IP address pool is written into the address pool tag field to establish a binding relationship between a target application and a plurality of IP address pools.

In the above technical solution, the IP address pool and the node in the container cloud platform are bound by:

setting a node affinity field in a resource file of each IP address pool;

writing identification information of the nodes in at least one container cloud platform in the node affinity field so as to bind the IP address pool with the at least one node in the container cloud platform.

In this embodiment, by setting a node affinity field in a resource file of the IP address pool, and pre-establishing and storing a binding relationship between the IP address pool and the node based on the node affinity field, when an IP address is allocated to a target application instance, the target IP address pool can be searched and determined by a target node for deploying the target application instance.

In the above technical solution, the container cloud platform includes a first subnet and a second subnet, the target IP address pool belongs to the first subnet, and after binding the target IP address pool with the target node, the method further includes:

removing the identification information of the target node in a node affinity field in a resource file of the target IP address pool so as to release the corresponding relation between the target node and the first subnet;

writing the identification information of the target node in a node affinity field in a resource file of an IP address pool corresponding to the second subnet so as to establish a corresponding relation between the target node and the second subnet.

In this embodiment, after an application instance is deployed, the value of the node affinity field in the YAML file of the IP address pool may be changed according to service requirements, so as to dynamically assign the application instance originally deployed in different subnets to one subnet, or dynamically assign the application instance originally deployed in the same subnet to different subnets, so that IP address management is more flexible in a multi-subnet scenario, and service requirements are met.

In the above technical solution, the identification information of the node specifically includes: node labels;

writing identification information of at least one node in the container cloud platform in the node affinity field so as to bind the IP address pool with at least one node in the container cloud platform, specifically:

setting the node label in a resource file of at least one node in the container cloud platform, so as to take the at least one node provided with the same node label as a node group;

writing at least one of the node labels into a node affinity field of the IP address pool to bind the IP address pool with at least one of the node groups.

In this embodiment, the plurality of nodes are divided into one node group by the node tag, and the tag node is written into the node affinity field of the IP address pool, so that the IP address pool and one group of nodes in the container cloud platform can be bound quickly, and the efficiency of IP address management is improved.

In the above technical solution, the determining, in response to receiving a request for allocating an IP address to a target application instance of the target application, a target IP address pool bound to a target node based on identification information of the target node for deploying the target application instance specifically includes:

Responding to a received request for distributing an IP address to a target application instance of the target application, and analyzing a resource file of the target node to acquire identification information of the target node;

determining an IP address pool bound with the target node based on the identification information of the target node;

and taking the IP address pool bound with the target node as the target IP address pool.

In this embodiment, when a request for allocating an IP address to a target application instance is received, identification information (such as a node tag) of the target node is obtained by analyzing a resource file (such as a YAML file of the node), and the target IP address pool is determined according to a node affinity relationship recorded in the IP address pool to which the target application is bound, so that it is ensured that the target application instance can be allocated to an IP address in the target IP address pool, that is, an IP address of a designated subnet is allocated to the target application instance, so that an IP address allocation process under a multi-subnet scenario and an IP address allocation process under a single subnet are unified with each other, and efficiency of IP address management is improved.

In the above technical solution, after determining the target IP address pool bound to the target node, the method further includes:

detecting whether an available IP address exists in the subnet in response to the target IP address pool not containing an unallocated IP address;

And in response to the existence of at least one available IP address in the subnet, selecting the target IP address from at least one available IP address and scribing the target IP address pool.

In this embodiment, the failure of the allocation of the IP address of the target application instance is not immediately caused by the absence of the available IP address in the target IP address pool, and if the subnet still has the available IP address, the target IP address may be selected from the available IP addresses to be allocated to the target application instance, so as to ensure that the service application can smoothly expand when the load is higher.

The embodiment of the application provides a system for uniformly distributing IP addresses by multiple subnets based on a container cloud platform, which comprises the following steps:

the binding unit is configured to establish a binding relationship between the target application and a plurality of IP address pools; each IP address pool comprises at least one IP address, the container cloud platform comprises a plurality of subnets, each subnet comprises all IP addresses in at least one IP address pool, each subnet corresponds to at least one node in the container cloud platform, and the IP address pool is bound with at least one node in the container cloud platform;

a determining unit configured to determine, in response to receiving a request to allocate an IP address for a target application instance of the target application, a target IP address pool bound with a target node for deploying the target application instance based on identification information of the target node;

And the allocation unit is configured to select a target IP address from at least one unassigned IP address contained in the target IP address pool, and allocate the target IP address to the target application instance so as to realize the grouping of the target application instance into a subnet corresponding to the target IP address pool.

The embodiment of the application also provides a computer readable storage medium, on which a computer program is stored, the computer program is used for uniformly distributing IP addresses for multiple subnets based on the container cloud platform.

The embodiment of the application also provides electronic equipment, which comprises: the system comprises a memory, a processor and a program stored in the memory and capable of running on the processor, wherein the processor realizes the method for uniformly distributing IP addresses based on the multiple subnets of the container cloud platform when executing the program.

The beneficial effects are that:

in the technical scheme, the container cloud platform comprises a plurality of subnets, each subnet corresponds to at least one node in the container cloud platform, each subnet comprises all IP addresses in at least one IP address pool, and the IP address pools are bound with at least one node in the container cloud platform; establishing a binding relation between a target application and a plurality of IP address pools; when a request for distributing IP addresses to target application instances of target applications is received, a target IP address pool bound with target nodes is determined based on identification information of target nodes for deploying the target application instances, a target IP address is selected from at least one unassigned IP address contained in the target IP address pool, and the target IP address is distributed to the target application instances, so that the target application instances are classified into subnets corresponding to the target IP address pool. Because each subnet corresponds to at least one node in the container cloud platform, the IP address pool is bound with at least one node, when the target application instance is deployed to the target node of the container cloud platform, the target IP address pool bound with the target node can be found based on the identification information of the target node, and the target IP address is selected from the target IP address pool to be distributed to the target application instance, thus, the IP address uniform distribution under the scene of multiple subnets can be realized without manual operation of a container cloud platform manager, and the application instance of the target application can be classified into the designated subnets through IP address distribution.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute an undue limitation to the application. Wherein:

FIG. 1 is a schematic illustration of application instances deployed in a Kubernetes cluster in communication with each other;

FIG. 2 is a logic diagram of a process of assigning IP addresses to application instances in the related art;

fig. 3 is a logic schematic diagram of unified allocation of IP addresses by multiple subnets based on a container cloud platform according to some embodiments of the present application;

fig. 4 is a schematic system architecture diagram of unified allocation of IP addresses for multiple subnets based on a container cloud platform according to some embodiments of the present application;

fig. 5 is a flow chart of unified IP address allocation for multiple subnets based on a container cloud platform according to some embodiments of the present application;

fig. 6 is a schematic system architecture diagram of a unified IP address allocation system for multiple subnets based on a container cloud platform according to some embodiments of the present application;

fig. 7 is a schematic structural diagram of an electronic device provided according to some embodiments of the present application;

fig. 8 is a hardware block diagram of an electronic device provided according to some embodiments of the present application.

Detailed Description

The present application will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.

In the following description, the terms "first/second/third" are used merely to distinguish between similar objects and do not represent a particular ordering of the objects, it being understood that the "first/second/third" may be interchanged with a particular order or precedence where allowed, to enable embodiments of the present application described herein to be implemented in other than those illustrated or described herein.

Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs. The terminology used herein is for the purpose of describing embodiments of the present disclosure only and is not intended to be limiting of the present disclosure.

In order to facilitate understanding of the technical solutions of the present application, the following explanation will be given to related art.

The container cloud platform is a lightweight cloud platform which is built by means of container technology and cloud native technology, and technologies such as containers, container arrangement, service grids and micro services are adopted, and a Kubernetes cluster is one of the most widely applied container cloud platforms. The Kubernetes system is a Google open-source container orchestration engine used for managing containerized application instances on multiple hosts in a container cloud platform. A Kubernetes cluster is a cluster deployed with a Kubernetes system, comprising a plurality of nodes. From the perspective of cluster management, the Kubernetes system divides a host in a cluster into a control node and a working node, a group of programs related to cluster management is operated on the control node, and the control node is used for automatically completing the management capacities of the whole cluster, such as resource management, container group scheduling, elastic expansion and contraction, safety control, system monitoring, error correction and the like, and the working node is used for deploying application examples corresponding to a service system.

The container network interface CNI (Container Network Interface) specification is a set of specifications and libraries for configuring Linux container network interfaces that includes a network resource allocation interface and a network resource release interface.

The CNI plug-in is a set of programs for implementing the CNI specification, and is used for allocating network resources such as IP addresses to the container group when the container group is created, and releasing network resources such as IP addresses occupied by the container group when the container group is deleted.

In the related art, a container cloud platform performs unified management on server nodes based on a flat network model, in the flat network model, container groups are in a unified network, and are deployed between container groups of different nodes to directly communicate without network address translation (NAT translation), and it can be understood that application instances running in the container groups can directly communicate without network address translation (NAT translation).

Fig. 1 is a schematic diagram of application instances deployed in Kubernetes clusters in communication with each other. As shown in fig. 1, a container cloud platform typically manages a plurality of nodes, such as node a and node B. The node A and the node B are respectively provided with a plurality of Pod, and each Pod is provided with at least one application instance. Because the network model of the container cloud platform is a flat network model, all application instances in the node A and the node B are located in the same network, and communication data packets can be directly sent between different application instances for communication without gateway jump or network address conversion.

In production practice, in order to meet the use requirements in some special scenarios, a container cloud platform administrator generally divides the network of the container cloud platform into a plurality of subnets, and the communication between the different subnets needs gateway hops, so that the different subnets cannot directly communicate with each other to realize network logic isolation. For example, application instances belonging to different service systems are classified into different subnets, so that the application instances belonging to the different service systems cannot be directly communicated, and network communication safety inside the service systems is ensured. For another example, for the requirement of application development, the cluster needs to be divided into a production environment and a test environment, which respectively belong to different subnets, so that all application instances in the production environment and the test environment are isolated from each other.

In the scenario of multiple service systems, in order to categorize application instances belonging to different service systems into different subnets, it is necessary to assign an IP address of the subnet 1 to an application instance of the service system a and an IP address of the subnet 2 to an application instance of the service system B when assigning IP addresses to application instances belonging to different service systems.

In the scenario of dividing the test environment and the production environment within the same cluster, in order to divide the inside of the cluster into the test environment and the production environment, it is necessary to deploy application instance 1 and application instance 2 of each application in the test environment and the production environment, respectively, assign the IP address of the subnet 1 to the application instance 1, and assign the IP address of the subnet 2 to the application instance 2.

However, in the two scenarios, when the CNI plug-in allocates an IP address to an application instance, the CNI plug-in cannot allocate an IP address of a specific subnet to the application instance according to actual requirements.

Specifically, fig. 2 is a logic diagram of a process of allocating an IP address to an application instance in the related art. As shown in FIG. 2, the Kubernetes cluster has disposed therein an API-Server component, a Scheduler component, a Kubelet component, a CNI plug-in, and an IP address pool. The IP address pool includes at least one IP address, so that in order to divide multiple application instances of an application into different subnets, the IP address pool may include IP addresses of multiple subnets, where the IP address pool corresponds to the CNI plug-in.

When an application is deployed to a Kubernetes cluster, a Scheduler component selects a suitable node from a plurality of nodes of the cluster as a scheduling target node according to relevant screening conditions and scores, and schedules an application instance of the application to the target node.

And each node of the Kubernetes cluster is provided with a Kubelet component, the Kubelet component of each node monitors the scheduling of the application through an API-Server component, after the application is determined to be scheduled to the node, the Kubelet component of the target node creates a new Pod for deploying the application, and in the process of creating the Pod, the Kubelet component sends a request for IP address allocation to the CNI plug-in unit, and the request is used for indicating the CNI plug-in unit to allocate an IP address for the created Pod.

The CNI plug-in receives the request of IP address allocation, and selects an unassigned IP address from the corresponding IP address pool to be allocated to the Pod.

However, when the existing CNI plug-in allocates an IP address to Pod, a certain unassigned IP address is randomly selected from all IP addresses in the corresponding IP address pool to allocate to Pod. That is, even if the corresponding IP address pool includes IP addresses of multiple subnets, the existing CNI plug-in cannot allocate IP addresses of the designated subnets to the application instance, and thus uniform allocation of IP addresses in the multi-subnet scenario cannot be achieved.

At present, the related technology allows a container cloud platform administrator to manually set an IP address belonging to a certain subnet for a specific application instance, so that the application instance of the same application in the same cluster is classified into different specified subnets, but the allocation mode is complex in operation, low in efficiency and easy to make mistakes.

To this end, the embodiments of the present application provide a method, a system, a computer readable storage medium and an electronic device for uniformly assigning IP addresses based on multiple subnets of a container cloud platform. In the technical scheme, a container cloud platform comprises a plurality of subnets, each subnet corresponds to at least one node in the container cloud platform, a corresponding IP address pool is built for each subnet, a binding relation between a target application and the plurality of IP address pools is built, when a request for distributing IP addresses for target application instances of the target application is received, the subnets corresponding to the target nodes are searched and determined based on identification information of the target nodes for deploying the target application instances, the relationship between the subnets and the IP address pools is combined, a target IP address pool bound with the target nodes is determined, then a target IP address is selected from at least one unassigned IP address contained in the target IP address pool, and the target IP address is distributed to the target application instances, so that the target application instances are distributed to the corresponding subnets.

Exemplary method

The embodiment of the application provides a method for uniformly distributing IP addresses by multiple subnets based on a container cloud platform, as shown in fig. 3, fig. 4 and fig. 5, the method comprises the following steps:

step S101, establishing a binding relation between a target application and a plurality of IP address pools.

Each IP address pool comprises at least one IP address, the container cloud platform comprises a plurality of subnets, each subnet comprises all IP addresses in the at least one IP address pool, each subnet corresponds to at least one node in the container cloud platform, and the IP address pools are bound with at least one node in the container cloud platform.

In this embodiment of the present application, the container cloud platform manages a plurality of service nodes, taking Kubernetes cluster as an example, in the scenario shown in fig. 3, according to different functions, the nodes in the cluster include two kinds of nodes: a control Node (such as Master Node in the figure) and a working Node (such as Node1, node2 and Node3 in the figure), wherein a control plane component for managing the whole cluster, such as an API-Server component and a Scheduler component, is deployed on the control Node; the working nodes are used for running the workload and are mainly used for deploying the application instance.

In production practice, for convenience of unified management, a cluster administrator groups nodes and network resources, for example, groups a plurality of nodes in the same cluster as one group, and divides the network resources into a plurality of subnets; and then establishing a corresponding relation between the sub-network and the nodes or the node group consisting of a plurality of nodes. In other words, by establishing a correspondence between a subnet and a node or a node group, a cluster administrator classifies several nodes in the same cluster into the same subnet, and accordingly, application instances deployed in these nodes should also be classified into the same subnet.

In the scene of a plurality of service systems, in order to classify the application instances belonging to different service systems into different subnets, a plurality of nodes (such as Node 1) can be selected from the cluster to deploy the application instance of the service system A, and then the IP address in the subnet 1 is allocated to the application instance of the service system A; and then selecting a plurality of nodes (such as Node 2) from the rest nodes to deploy the application instance of the service system B, and then distributing the IP address in the subnet 2 to the application instance of the service system B.

In the scene of dividing the test environment and the production environment in the same cluster, in order to meet the requirement of dividing the inside of the cluster into the test environment and the production environment, a plurality of nodes (such as Node1 and Node 2) can be selected from the cluster as the test environment for deploying the application instance of each application, and the IP address of the subnet 1 is allocated to the application instances; and selecting a plurality of nodes (such as Node 3) from the rest nodes as a production environment for deploying other application examples of each application, and distributing the IP address of the subnet 2 to the application examples.

It can be appreciated that a corresponding IP address pool can be established for each subnet based on the partitioned subnets, each IP address pool containing at least one IP address, and the IP address pool being bound to at least one node in the container cloud platform. Since the IP address pool is created based on the subnets, all IP addresses in at least one IP address pool should be contained in the subnet corresponding to the IP address pool. When the application is deployed, the application is only bound with the IP address pool, and the IP address under the bound IP address pool can be distributed to the application instance.

It should be understood that, although a pool of IP addresses is also used in the related art, the pool of IP addresses used in the related art is a set of one or more IP addresses manually specified by a container cloud platform administrator, and management and maintenance work thereof is in charge of the container cloud platform administrator. The IP address pool provided in the present application is a custom resource (Custom Resources Definition, CRD) of the container cloud platform, and the corresponding resource file is called an address pool CRD. For this purpose, an address pool controller (as shown in fig. 4) is further disposed in the container cloud platform, and is configured to automatically manage and maintain the IP address pool according to the configuration information in the address pool CRD.

Specifically, using Kubernetes as an example, the address pool CRD may be a YAML format file or a JSON format file. And creating a corresponding IP address pool for each subnet, namely defining at least one IP address pool in an address pool CRD file, wherein the address pool CRD file records the IP address contained in each IP address pool, and the IP addresses in the corresponding IP address pools created for each subnet belong to different subnets.

For example, referring to fig. 3, in the Kubernetes cluster, an IP address pool 1 may be established for a subnet 1 corresponding to Node1, an IP address pool 2 may be established for a subnet 2 corresponding to Node2, and an IP address pool 3 may be established for a subnet 3 corresponding to Node3 in the form of a YAML file. The YAML file records network segments corresponding to each IP address pool, and each network segment includes at least one IP address.

For example, in one example, YAML file contents of IP address pool 1, IP address pool 2, IP address pool 3 are as follows:

/>

according to the above, the cluster administrator uses the IP address segment (172.16.0.2-172.16.0.50) corresponding to the subnet 1 as the IP address pool 1 (ippool 1), the IP address segment (172.16.1.2-172.16.1.50) corresponding to the subnet 2 as the IP address pool 2 (ippool 2), and the IP address segment (172.16.2.2-172.16.2.50) corresponding to the subnet 3 as the IP address pool 3 (ippool 3).

To assign an IP address pool to an application, the application needs to be bound to the IP address pool at the time of application deployment. For example, to allocate the IP addresses in the IP address pool 1, the IP address pool 2, and the IP address pool 3 to the target application, a binding relationship needs to be established between the target application and the 3 IP address pools, that is, a binding relationship between the target application and the plurality of IP address pools.

It should be appreciated that in different application scenarios, each of the multiple IP address pools bound to the target application may belong to the same subnet or may belong to different subnets.

Taking the scenario shown in fig. 3 as an example, binding the service system a with the IP address pool 1 belonging to the same subnet, and the application instance of the service system a can be allocated to the IP address of the subnet 1; and establishing a binding relation between the service system B and the IP address pool 2, wherein an application instance of the service system B can be distributed to the IP address of the subnet 2. Because the IP address pool 1 belongs to the subnet 1, and the IP address pool 2 belongs to the subnet 2, after being respectively bound with the service system A and the service system B, the inside of the service system A can be directly communicated, and the inside of the service system B can also be directly communicated; unlike the sub-network to which the IP address pool 1 and the IP address pool 2 belong, the service system a and the service system B cannot directly communicate with each other. Thus, the normal communication inside the service system A and the service system B is realized, and the service system A and the service system B are isolated from the network.

For example, assume that the target application needs to be deployed to the test environment and the production environment respectively, node1 and Node2 are the test environments, node3 is the production environment, only the target application needs to be in binding relation with the IP address pool 1 of Node1, the IP address pool 2 of Node2 and the IP address pool 3 of Node3, that is, the application instance deployed on Node1 automatically obtains the IP address of the subnet 1 (i.e. the IP address pool 1), the application instance deployed on Node2 automatically obtains the IP address of the subnet 2 (i.e. the IP address pool 2), the application instance deployed on Node3 automatically obtains the IP address of the subnet 2 (i.e. the IP address pool 3), and the application instances deployed on the test environments Node1 and Node2 are isolated from the application instance deployed on the production environment Node 3.

That is, for the target application, whether the multiple bound IP address pools belong to the same subnet or belong to different subnets, the embodiment of the present application can allocate IP addresses for the corresponding application instances under unified logic, without the need for the container cloud platform administrator to manually set the IP addresses, thereby implementing unified allocation of IP addresses in a multi-subnet environment.

In some embodiments, a binding relationship between the target application and the plurality of IP address pools is established, specifically: setting an address pool tag field in a resource file of the target application, and writing identification information of a plurality of IP address pools into the address pool tag field.

Specifically, an address pool tag field (such as an identification field of a address file) is newly added in a resource file (such as a address file in the form of YAML) of the target application, and is used for setting identification information of an IP address pool, and writing the identification information of a plurality of IP address pools into the address pool tag field so as to establish a binding relationship between the target application and the plurality of IP address pools.

For example, taking the example of deploying the target application to the test environment and the production environment respectively, referring to fig. 3, an accounting field may be set in a development file of the target application, and identification information of the IP address pool 1, the IP address pool2, and the IP address pool 3 may be written in the accounting field, so that a binding relationship between the target application and the IP address pool 1, the IP address pool2, and the IP address pool 3 may be established.

The identification information of the IP address pool may be the name of the IP address pool (such as ippool 1, ippool2, and ippool 3), or a unique identifier UUID automatically allocated when the IP address pool is created.

As one example, the content of the destination application's deviyment file is as follows:

therefore, when the application manager deploys the target application, the binding relation between the target application and the plurality of IP address pools can be established by only setting the identification information of the target IP address pools in the IP address pool label field of the resource file of the target application, and the method is simple, convenient and easy to operate.

In order to assign application instances deployed in different nodes in a container cloud platform to corresponding subnets, an IP address pool assigned to the corresponding subnets needs to be bound to the corresponding nodes, and for this purpose, in the embodiment of the present application, the IP address pool is bound to a node in the container cloud platform by: setting a node affinity field in a resource file of each IP address pool; and writing identification information of the nodes in the at least one container cloud platform in the node affinity field so as to bind the IP address pool with the at least one node in the container cloud platform.

In this embodiment of the present application, the resource file of the IP address pool is also referred to as an address pool CRD file, a node affinity field is newly added in each address pool CRD file, and as a node affinity field, the identification information of the node is written in the node affinity field, so that a corresponding relationship can be established between the node and the IP address pool. When the CNI plug-in allocates an IP address to an application instance of a target application, a node deployed according to the application instance selects an unallocated IP address from a corresponding IP address pool for allocation based on the corresponding relation, so that the application instance is classified into a corresponding subnet.

It should be understood that in the embodiment of the present application, the node affinity field of the address pool CRD may be written with identification information of one node, or may be written with identification information of a plurality of nodes, so as to establish a correspondence between the IP address pool and one or more nodes. When the IP address pool has a corresponding relation with a plurality of nodes, the application instances deployed on the plurality of nodes can acquire unassigned IP addresses from the IP address pool for assignment.

Still taking the Kubernetes cluster in fig. 3 as an example, by setting a Node affinity field in the address pool CRD file corresponding to the IP address pool 1, a cluster administrator can establish a corresponding relationship between the Node1 and the IP address pool 1 only by setting identification information of a Node having an affinity relationship with the IP address pool 1 under the Node affinity field. Thus, when the application instance of the target application is scheduled to the Node1, the corresponding IP address pool 1 can be found according to the identification information of the Node1 based on the corresponding relation, and the unassigned IP address is selected from the IP address pool 1 to be assigned.

When the node and the IP address pool have a correspondence, the identification information of the node written in the node affinity field may be a node name, a node ID, or a node label (nodeLabel).

Preferably, the identification information of the node is specifically: node labels; writing identification information of nodes in at least one container cloud platform in the node affinity field so as to bind the IP address pool with at least one node in the container cloud platform, wherein the identification information comprises the following specific steps: setting a node tag in a resource file of at least one node in the container cloud platform, so as to take the at least one node with the same node tag as a node group; at least one node tag is written into a node affinity field of the IP address pool to bind the IP address pool with the at least one node group.

Note that node labels (nodebalels) are key/value pairs attached to resource files (such as YAML files) of nodes, and are used for organizing and managing the nodes. In the embodiment of the application, the node label is used for being matched with the selection operator, the node subset with the same node label is selected from all nodes of the container cloud platform to serve as the node group, and the node group and the IP address pool are bound by writing the node label into the node affinity field of the IP address pool.

Specifically, the same key value pairs in YAML files corresponding to a plurality of nodes of the container cloud platform are enabled to have the same node labels, so that the plurality of nodes are used as node groups to manage an IP address pool uniformly. Meanwhile, the node tag is written in a node affinity field in an address pool CRD file corresponding to the IP address pool, so that a plurality of nodes can be classified into the same subnet.

It can be understood that one or more node labels can be written into the node affinity field of the IP address pool, and when the node affinity field is written into a plurality of node labels, a plurality of groups of nodes corresponding to the plurality of node labels can be classified into the same subnet, so that the management efficiency of the IP address pool is greatly improved.

In one example, the container cloud platform includes nodes 1 to 6, where nodes 1, 2 and 3 use the same node tag zone1, nodes 4, 5 and 6 use the same node tag zone2, to divide nodes 1, 2 and 3 into sub-network 1, nodes 4, 5 and 6 into sub-network 2, only the node tag zone1 is set under a node affinity field in a CRD of the IP address pool 1 corresponding to the sub-network 1, and the node tag zone2 is set under a node affinity field in a CRD of the IP address pool 2 corresponding to the sub-network 2; to unify the nodes 4, 5, 6 in the subnet 2 into the subnet 1, only the node tag zone2 under the node affinity field in the CRD of the IP address pool 2 corresponding to the subnet 2 needs to be deleted, and the node tags zone1 and zone2 are set under the node affinity field in the CRD of the IP address pool 1 corresponding to the subnet 1; to remove the nodes 4, 5, 6 in the subnet 1 from the subnet 1, the subnet 3 is allocated, the node tag zone2 under the node affinity field in the CRD of the IP address pool 1 corresponding to the subnet 1 is only required to be deleted, and the node tag zone2 is only required to be set under the node affinity field in the CRD of the IP address pool 3 corresponding to the subnet 3.

Step S102, in response to receiving a request for allocating an IP address to a target application instance of a target application, a target IP address pool bound with a target node is determined based on identification information of the target node for deploying the target application instance.

In the embodiment of the present application, the container cloud platform dispatches the target application instance to the target node, and since the target application is bound to a plurality of IP address pools, each IP address pool is bound to at least one node in the container cloud platform, when a request for allocating an IP address to the target application instance of the target application is received, the target IP address pool can be determined from the plurality of IP address pools bound to the target application according to the identification information of the target node.

Further, in response to receiving a request for allocating an IP address to a target application instance of a target application, determining a target IP address pool bound to a target node based on identification information of the target node for deploying the target application instance, specifically: responding to a received request for distributing an IP address to a target application instance of a target application, and analyzing a resource file of a target node to acquire identification information of the target node; determining an IP address pool bound with the target node based on the identification information of the target node; and taking the IP address pool bound with the target node as a target IP address pool.

Illustratively, referring to FIG. 3, when deploying a target application into a Kubernetes cluster, the Scheduler component determines that the target application is to be scheduled to a target Node, such as Node1, based on relevant screening conditions and scores. After determining that the target application instance is scheduled to the Node where the Kubelet component is located, the Kubelet component on the Node1 creates a Pod for deploying the target application instance, and sends a request for distributing an IP address to the CNI plugin in the process of creating the Pod. After the CNI plug-in receives the request for allocating the IP address, the destination IP address pool corresponding to the Node1, that is, the IP address pool 1, is determined according to the Node tag (for example, zone 1) set in the resource file of the Node1.

In some embodiments, a subnet corresponding to any node in the container cloud platform may be changed by setting a node affinity field, specifically, the container cloud platform includes a first subnet and a second subnet, the target IP address pool belongs to the first subnet, and after binding the target IP address pool with the target node, the method further includes: removing the identification information of the target node in the node affinity field in the resource file of the target IP address pool so as to release the corresponding relation between the target node and the first subnet; and writing the identification information of the target node in a node affinity field in a resource file of the IP address pool corresponding to the second subnet so as to establish the corresponding relation between the target node and the second subnet.

Based on the foregoing, the container cloud platform includes a plurality of subnets. In this embodiment of the present application, the target IP address pool bound to the target node belongs to a first subnet, and the second subnet is any subnet other than the first subnet. And removing the identification information of the target node in the node affinity field in the YAML file of the target IP address pool, so that the corresponding relation between the target IP address pool and the target node is relieved, namely the corresponding relation between the target node and the first subnet is relieved, and the application instance deployed on the target node is not classified into the first subnet any more. Then, the identification information of the target node is written in the node affinity field of the YAML file of the IP address pool corresponding to the second subnet, so that the application instance deployed on the target node is dynamically divided into the second subnet. That is, after the application instance is deployed, the node affinity field in the YAML file of the IP address pool may be changed according to the service requirement, so as to dynamically assign the application instance originally deployed in different subnets to one subnet, or dynamically assign the application instance originally deployed in the same subnet to different subnets.

Illustratively, in the scenario shown in fig. 3, the target application is deployed to a test environment and a production environment, respectively, where Node1 and Node2 are test environments, corresponding to subnet 1 and subnet 2, and Node3 is a production environment, corresponding to subnet 3. When the test is completed and all application examples of the subnet 1 meet the service requirement, the corresponding relation between the Node1 and the subnet 3 can be established only by deleting the identification information of the Node1 from the nodeanpreference field in the IP address pool 1 to release the corresponding relation between the Node1 and the subnet 1 and then writing the identification information of the Node1 into the nodeanpreference field of the YAML file of the IP address pool 3, so that the application examples deployed on the Node1 are integrally classified into the subnet 3, namely, the production environment is classified from the test environment.

In some embodiments, after determining the target IP address pool bound to the target node, further comprising: detecting whether an available IP address exists in the subnet in response to the target IP address pool not containing the unassigned IP address; in response to the presence of at least one available IP address in the subnet, a destination IP address is selected from the at least one available IP address and is populated into the destination IP address pool.

Wherein, the available IP address refers to the IP address not being classified into any IP address pool or occupied by any application instance.

Specifically, in the container cloud platform, the CNI plug-in maintains the IP address allocation data recorded in all the IP address pools, and after determining the target IP address pool bound with the target node, the CNI plug-in queries the IP address allocation data of the target IP address pool, so that whether the target IP address pool has an unallocated IP address or not can be determined. If the target IP address pool has no unassigned IP address, it indicates that there is no assignable IP address in the target IP address pool, and in order to ensure that the newly-built Pod can be successfully assigned to the IP address, in this embodiment of the present application, if there is no assignable IP address in the target IP address pool, whether there is an available IP address in a subnet where the target IP address pool is located is detected, if at least one available IP address exists in the subnet is detected, a target IP address is selected from the available IP addresses and assigned to the newly-built Pod, and the target IP address is classified into the target IP address pool.

Step S103, selecting a target IP address from at least one unassigned IP address contained in the target IP address pool, and assigning the target IP address to the target application instance to realize grouping the target application instance into a subnet corresponding to the target IP address pool.

In this embodiment of the present application, after determining a target IP address pool bound to a target node, a CNI plug-in selects a certain unassigned IP address according to IP address allocation data recorded in an address pool CRD corresponding to the target IP address pool, binds the IP address to the Pod, that is, binds the IP address to the application instance, and marks the IP address as an assigned state in the IP address allocation data, so as to implement grouping the target application instance into a subnet corresponding to the target IP address pool.

It should be noted that CNI plug-ins can be divided into three categories, namely: main plug-ins, IPAM plug-ins, and meta plug-ins. The main plug-in is mainly used for creating a binary file of specific network equipment; the IPAM plug-in is mainly responsible for distributing IP addresses for Pod in the Kubernetes cluster; the meta plug-in is an expansion plug-in, and needs to be realized by combining a main plug-in and an IPAM plug-in.

Based on the functions of the three types of CNI plug-ins, the specific process of calling the CNI plug-ins to allocate IP addresses for Pod by the Kubelet component is as follows: the Kubelet component invokes the main plugin, and the main plugin invokes the IPAM plugin to allocate an IP address to Pod.

In order to realize unified allocation of IP addresses for multiple subnets, in the embodiment of the application, an address pool controller component, an address pool proxy and an address pool CRD are adopted to replace an IPAM plug-in the original CNI plug-in to allocate the IP addresses for the target application instance of the target application.

Specifically, referring to fig. 4, the address pool controller component is deployed on the control node in a form of a depoyment, and is used for managing the custom resource provided in the embodiment of the present application, that is, managing the address pool CRD, that is, automatically creating, updating, and maintaining the state of the IP address pool based on the content of the address pool CRD. The address pool proxy is deployed in the form of Daemonset in all working nodes of the Kubernetes cluster. When a target application instance of a target application is scheduled to a certain working node (target node) of the Kubernetes cluster, a Kubelet component on the working node creates a Pod for deploying the application instance, sends a request for allocating an IP address to the Pod to a CNI plug-in, and an address pool proxy receives the request for allocating the IP address forwarded by the IPAM plug-in the CNI plug-in, and selects an unallocated IP address from a target IP address pool to allocate to the Pod, so as to realize the allocation of the target application instance to a subnet corresponding to the target IP address pool.

In summary, in the technical solution of the present application, the container cloud platform includes a plurality of subnets, each of the subnets corresponds to at least one node in the container cloud platform, the subnets include all IP addresses in at least one IP address pool, and the IP address pool is bound to at least one node in the container cloud platform; establishing a binding relation between a target application and a plurality of IP address pools; when a request for distributing IP addresses to target application instances of target applications is received, a target IP address pool bound with target nodes is determined based on identification information of target nodes for deploying the target application instances, a target IP address is selected from at least one unassigned IP address contained in the target IP address pool, and the target IP address is distributed to the target application instances, so that the target application instances are classified into subnets corresponding to the target IP address pool. Because each subnet corresponds to at least one node in the container cloud platform, the IP address pool is bound with at least one node, when the target application instance is deployed to the target node of the container cloud platform, the target IP address pool bound with the target node can be found based on the identification information of the target node, and the target IP address is selected from the target IP address pool to be distributed to the target application instance, thus, the IP address uniform distribution under the scene of multiple subnets can be realized without manual operation of a container cloud platform manager, and the application instance of the target application can be classified into the designated subnets through IP address distribution.

Exemplary System

The embodiment of the application provides a system for uniformly distributing IP addresses by multiple subnets based on a container cloud platform, as shown in fig. 6, the system comprises: a binding unit 601, a determining unit 602, and an allocating unit 603.

Wherein:

a binding unit 601 configured to establish a binding relationship between a target application and a plurality of IP address pools; each IP address pool comprises at least one IP address, the container cloud platform comprises a plurality of subnets, each subnet comprises all IP addresses in the at least one IP address pool, each subnet corresponds to at least one node in the container cloud platform, and the IP address pools are bound with at least one node in the container cloud platform.

A determining unit 602, configured to determine, in response to receiving a request for allocating an IP address to a target application instance of a target application, a target IP address pool bound to a target node based on identification information of the target node for deploying the target application instance.

The allocation unit 603 is configured to select a target IP address from at least one unassigned IP address included in the target IP address pool, and allocate the target IP address to the target application instance, so as to implement classifying the target application instance into a subnet corresponding to the target IP address pool.

The system for uniformly distributing the IP addresses by the multiple subnets based on the container cloud platform provided by the embodiment of the present application can implement the flow and steps of the method for uniformly distributing the IP addresses by the multiple subnets based on the container cloud platform of any one of the embodiments, and achieve the same technical effects, and are not described in detail herein.

Exemplary apparatus

Fig. 7 is a schematic structural diagram of an electronic device provided according to some embodiments of the present application; as shown in fig. 7, the electronic device includes:

one or more processors 701;

a computer readable medium may be configured to store one or more programs 702, the one or more processors 701, when executing the one or more programs 702, implement the steps of: establishing a binding relation between a target application and a plurality of IP address pools; each IP address pool comprises at least one IP address, the container cloud platform comprises a plurality of subnets, each subnet comprises all IP addresses in the at least one IP address pool, each subnet corresponds to at least one node in the container cloud platform, and the IP address pools are bound with at least one node in the container cloud platform; in response to receiving a request for allocating an IP address to a target application instance of a target application, determining a target IP address pool bound with a target node based on identification information of the target node for deploying the target application instance; and selecting a target IP address from at least one unassigned IP address contained in the target IP address pool, and assigning the target IP address to the target application instance to realize the grouping of the target application instance into the subnet corresponding to the target IP address pool.

FIG. 8 is a hardware architecture of an electronic device provided in accordance with some embodiments of the present application; as shown in fig. 8, the hardware structure of the electronic device may include: a processor 801, a communication interface 802, a computer readable medium 803, and a communication bus 804.

Wherein the processor 801, the communication interface 802, and the computer-readable storage medium 803 communicate with each other via a communication bus 804.

Alternatively, the communication interface 802 may be an interface of a communication module, such as an interface of a GSM module.

The processor 801 may be specifically configured to: establishing a binding relation between a target application and a plurality of IP address pools; each IP address pool comprises at least one IP address, the container cloud platform comprises a plurality of subnets, each subnet comprises all IP addresses in the at least one IP address pool, each subnet corresponds to at least one node in the container cloud platform, and the IP address pools are bound with at least one node in the container cloud platform; in response to receiving a request for allocating an IP address to a target application instance of a target application, determining a target IP address pool bound with a target node based on identification information of the target node for deploying the target application instance; and selecting a target IP address from at least one unassigned IP address contained in the target IP address pool, and assigning the target IP address to the target application instance to realize the grouping of the target application instance into the subnet corresponding to the target IP address pool.

The processor 801 may be a general purpose processor including a central processing unit (central processing unit, CPU for short), a network processor (Network Processor, NP for short), etc., or may be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

The electronic device of the embodiments of the present application exist in a variety of forms including, but not limited to:

(1) A mobile communication device: such devices are characterized by mobile communication capabilities and are primarily aimed at providing voice, data communications. Such terminals include: smart phones (e.g., iPhone), multimedia phones, functional phones, and low-end phones, etc.

(2) Ultra mobile personal computer device: such devices are in the category of personal computers, having computing and processing functions, and generally also having mobile internet access characteristics. Such terminals include: PDA, MID, and UMPC devices, etc., such as iPad.

(3) Portable entertainment device: such devices may display and play multimedia content. The device comprises: audio, video players (e.g., iPod), palm game consoles, electronic books, and smart toys and portable car navigation devices.

(4) And (3) a server: the configuration of the server includes a processor, a hard disk, a memory, a system bus, and the like, and the server is similar to a general computer architecture, but is required to provide highly reliable services, and thus has high requirements in terms of processing capacity, stability, reliability, security, scalability, manageability, and the like.

(5) Other electronic devices with data interaction function.

It should be noted that, according to implementation requirements, each component/step described in the embodiments of the present application may be split into more components/steps, and two or more components/steps or part of operations of the components/steps may be combined into new components/steps, so as to achieve the purposes of the embodiments of the present application.

The above-described methods according to embodiments of the present application may be implemented in hardware, firmware, or as software or computer code storable in a recording medium such as a CD ROM, RAM, floppy disk, hard disk, or magneto-optical disk, or as computer code originally stored in a remote recording medium or a non-transitory machine storage medium and to be stored in a local recording medium downloaded through a network, so that the methods described herein may be stored on such software processes on a recording medium using a general purpose computer, a special purpose processor, or programmable or dedicated hardware such as an ASIC or FPGA. It is understood that a computer, processor, microprocessor controller, or programmable hardware includes a memory component (e.g., RAM, ROM, flash memory, etc.) that can store or receive software or computer code that, when accessed and executed by the computer, processor, or hardware, implements the methods described herein for uniformly assigning IP addresses based on multiple subnets of a container cloud platform. Furthermore, when a general purpose computer accesses code for implementing the methods illustrated herein, execution of the code converts the general purpose computer into a special purpose computer for performing the methods illustrated herein.

Those of ordinary skill in the art will appreciate that the elements and method steps of the examples described in connection with the embodiments disclosed herein can be implemented as electronic hardware, or as a combination of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the embodiments of the present application.

It should be noted that, in the present specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment is mainly described in a different point from other embodiments. In particular, for the apparatus and system embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, with reference to the description of the method embodiments in part.

The above-described apparatus and system embodiments are merely illustrative, in which elements illustrated as separate elements may or may not be physically separate, and elements illustrated as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.

The foregoing description is only of the preferred embodiments of the present application and is not intended to limit the same, but rather, various modifications and variations may be made by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present application should be included in the protection scope of the present application.

Claims

1. A method for uniformly distributing IP addresses by multiple subnets based on a container cloud platform, comprising the steps of:

2. The method for uniformly distributing IP addresses by multiple subnets based on the container cloud platform according to claim 1, wherein the establishing a binding relationship between the target application and the multiple IP address pools is specifically as follows:

3. The method for uniformly distributing IP addresses based on multiple subnets of a container cloud platform according to claim 1, wherein the IP address pool is bound with nodes in the container cloud platform by:

setting a node affinity field in a resource file of each IP address pool;

4. The method for unified allocation of IP addresses for a container cloud platform based multi-subnet of claim 3, wherein the container cloud platform comprises a first subnet and a second subnet, the target IP address pool belongs to the first subnet, and after binding the target IP address pool with the target node, the method further comprises:

5. The method for uniformly distributing IP addresses by multiple subnets based on the container cloud platform according to claim 3, wherein the identification information of the nodes specifically comprises: node labels;

6. The method for uniformly distributing IP addresses by multiple subnets based on a container cloud platform as claimed in claim 3,

the response to receiving a request for allocating an IP address to a target application instance of the target application, determining a target IP address pool bound to a target node based on identification information of the target node for deploying the target application instance, specifically:

7. The method for unified allocation of IP addresses for a container cloud platform based multi-subnet according to any of claims 1-6, further comprising, after determining a pool of target IP addresses bound to the target node:

8. A system for uniformly distributing IP addresses based on multiple subnets of a container cloud platform, comprising:

9. A computer readable storage medium having stored thereon a computer program, wherein the computer program is a method for unified allocation of IP addresses for a container cloud platform based multi-subnetwork as claimed in any of claims 1-7.

10. An electronic device, comprising: a memory, a processor, and a program stored in the memory and executable on the processor, the processor implementing the method for uniformly assigning IP addresses based on multiple subnets of a container cloud platform according to any one of claims 1 to 7 when the program is executed.