CN116095080B - Cross-cloud data interconnection network communication method, device and system - Google Patents

Cross-cloud data interconnection network communication method, device and system Download PDF

Info

Publication number
CN116095080B
CN116095080B CN202310356975.7A CN202310356975A CN116095080B CN 116095080 B CN116095080 B CN 116095080B CN 202310356975 A CN202310356975 A CN 202310356975A CN 116095080 B CN116095080 B CN 116095080B
Authority
CN
China
Prior art keywords
vpn
cloud node
cloud
configuration information
connection configuration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310356975.7A
Other languages
Chinese (zh)
Other versions
CN116095080A (en
Inventor
李勇
史晓婧
刘可
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Zhuyun Technology Co ltd
Original Assignee
Shenzhen Zhuyun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Zhuyun Technology Co ltd filed Critical Shenzhen Zhuyun Technology Co ltd
Priority to CN202310356975.7A priority Critical patent/CN116095080B/en
Publication of CN116095080A publication Critical patent/CN116095080A/en
Application granted granted Critical
Publication of CN116095080B publication Critical patent/CN116095080B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2575NAT traversal using address mapping retrieval, e.g. simple traversal of user datagram protocol through session traversal utilities for NAT [STUN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the technical field of internet communication, and particularly discloses a cross-cloud data internet communication method, device and system, wherein the method comprises the following steps: sending a temporary VPN communication request to a registry; sending a binding request to the registry; the binding request includes VPN connection configuration information of the VPN temporary session; sending a call request of a registration record to the registration center; the registration record comprises VPN connection configuration information of cloud nodes bound with the registration center; and loading VPN connection configuration information of the target cloud node returned by the registry in the registry record, and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node. The cloud node access point cloud data interconnection method and device achieve point-to-point cross-cloud data interconnection among cloud nodes, access points of all cloud nodes are equal, and transfer through a central gateway node is not needed.

Description

Cross-cloud data interconnection network communication method, device and system
Technical Field
The disclosure relates to the technical field of internet communication, and in particular relates to a method, a device and a system for cross-cloud data internet communication.
Background
In the technical field of the internet, as the requirements of users on the Level of Service-Level Agreement (SLA) of a system and an application platform are higher and higher, more and more systems and applications require deployment modes such as two places, three centers, multiple clouds, multiple lives, different places, multiple lives, distributed multiple lives and the like on deployment, and the premise of realizing the deployment modes is to open network communication among a plurality of clouds and among data centers.
In the related art, the method is often implemented through a private network, VPN (virtual private network ) hardware device or cloud technology service and products of cloud manufacturers, but implementation difficulty is high, technology is complex, and implementation and maintenance costs are high. And because of the technical fort existing among cloud-crossing manufacturers, the communication is difficult to be compatible, and only tunnel network communication in a central radiation mode can be realized, and the interconnection and intercommunication in a full interconnection mode are difficult to realize.
Disclosure of Invention
Based on this, there is a need to provide a method, an apparatus, a system, a computer device, a storage medium and a computer program product for inter-cloud data networking communication.
In a first aspect, the present disclosure provides a method of inter-cloud data networking communication. The method comprises the following steps:
Sending a temporary VPN communication request to a registry, wherein the VPN communication request is used for indicating the registry to establish a VPN temporary session with a cloud node;
sending a binding request to the registry, wherein the binding request is used for indicating the registry to bind the cloud node and forming a registration record; the binding request includes VPN connection configuration information of the VPN temporary session;
sending a call request of a registration record to the registration center; the registration record comprises VPN connection configuration information of cloud nodes bound with the registration center;
and loading VPN connection configuration information of the target cloud node returned by the registry in the registry record, and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node.
In one embodiment, the method further comprises:
and storing VPN connection configuration information of the target cloud node, and performing visual monitoring and management on the target cloud node.
In a second aspect, the present disclosure further provides a method for inter-cloud data networking communication. The method comprises the following steps:
receiving a temporary VPN communication request sent by a cloud node, and responding to the temporary VPN communication request to establish a VPN temporary session with the cloud node;
Receiving a binding request sent by a cloud node, analyzing the binding request, and acquiring VPN connection configuration information of the cloud node for establishing a temporary VPN temporary session;
generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to finish binding with the cloud node;
and sending VPN connection configuration information of the target cloud node in the registration record to the cloud node so that the cloud node can establish VPN persistent communication with the target cloud node according to the VPN connection configuration information.
In one embodiment, the establishing a VPN temporary session with the cloud node in response to the temporary VPN communication request includes:
analyzing the temporary VPN communication request and determining access identity information of the cloud node;
and after the access identity information is successfully verified according to the VPN communication request, establishing a VPN temporary session with the cloud node.
In one embodiment, the VPN connection configuration information includes a public key of a VPN temporary session of the cloud node, and a web site translation public network address and port;
generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to complete binding with the cloud node:
Encoding according to the public key of the VPN temporary session of the cloud node to obtain a public key encoding;
and generating the domain name resource record by combining the public key code with the web address conversion public network address and port, and registering the domain name resource record to the registration record.
In one embodiment, the sending VPN connection configuration information of the target cloud node in the registration record to the cloud node, so that the cloud node establishes VPN persistent communication with the target cloud node according to the VPN connection configuration information includes:
and responding to the call request of the cloud node to the registration record, inquiring the registration record, and returning VPN connection configuration information of the target cloud node in the registration record to the cloud node.
In a third aspect, the present disclosure further provides a cross-cloud data interconnection network communication apparatus. The device comprises:
the temporary session module is used for sending a temporary VPN communication request to a registry, wherein the VPN communication request is used for indicating the registry to establish a VPN temporary session with a cloud node;
the binding request module is used for sending a binding request to the registry, wherein the binding request is used for indicating the registry to bind the cloud node and forming a registration record; the binding request includes VPN connection configuration information of the VPN temporary session;
The registration record module is used for sending a call request of registration records to the registration center; the registration record comprises VPN connection configuration information of cloud nodes bound with the registration center;
and the network communication module is used for loading VPN connection configuration information of the target cloud node returned by the registration center in the registration record and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node.
In one embodiment, the apparatus further comprises:
and the visualization module is used for storing the VPN connection configuration information of the target cloud node and carrying out visual monitoring and management on the target cloud node.
In a fourth aspect, the present disclosure further provides a cross-cloud data interconnection network communication apparatus. The device comprises:
the temporary session establishment module is used for receiving a temporary VPN communication request sent by a cloud node and responding to the temporary VPN communication request to establish a VPN temporary session with the cloud node;
the binding analysis module is used for receiving a binding request sent by a cloud node, analyzing the binding request and acquiring VPN connection configuration information of the cloud node for establishing the temporary VPN temporary session;
The registration module is used for generating a domain name resource record according to the VPN connection configuration information, registering VPN domain name service to generate a registration record, and completing the binding with the cloud node;
and the configuration information module is used for sending VPN connection configuration information of the target cloud node in the registration record to the cloud node so that the cloud node can establish VPN persistent communication with the target cloud node according to the VPN connection configuration information.
In one embodiment, the temporary session establishment module includes:
the identity recognition unit is used for analyzing the temporary VPN communication request and determining access identity information of the cloud node;
and the session establishment unit is used for establishing a VPN temporary session with the cloud node after the access identity information is successfully verified according to the VPN communication request.
In one embodiment, the VPN connection configuration information includes a public key of a VPN temporary session of the cloud node, and a web site translation public network address and port; the registration module includes:
the public key coding unit is used for coding according to the public key of the VPN temporary session of the cloud node to obtain a public key code;
and the record registering unit is used for generating the domain name resource record by combining the public key code with the website conversion public network address and the port, and registering the domain name resource record to the registration record.
In one embodiment, the configuration information module includes:
and the information return unit is used for responding to the call request of the cloud node to the registration record, inquiring the registration record and returning VPN connection configuration information of the target cloud node in the registration record to the cloud node.
In a fifth aspect, the present disclosure further provides a cross-cloud data internetwork communication system, the system comprising: the cloud nodes comprise the cross-cloud data interconnection network communication device and are used for realizing a cross-cloud data interconnection network communication method applied to the cloud nodes; the registration center comprises the cross-cloud data internet communication device, and the cross-cloud data internet communication device is used for realizing the cross-cloud data internet communication method applied to the registration center.
In one embodiment, the cloud node comprises a network peer-to-peer access component and a network service discovery client, and the registry comprises a messenger server, a network service discovery server and a domain name resolution server;
the network peer-to-peer access component is configured to send a temporary VPN communication request to the messenger server; and establishing VPN persistent communication with a network peer-to-peer access component of the target cloud node;
The network service discovery client is used for sending a binding request to the network service discovery server and sending a call request for registering records to the registration center; the method is also used for loading VPN connection configuration information of the target cloud node returned by the registry, and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node;
the messenger server is used for receiving a temporary VPN communication request sent by a cloud node, responding to the temporary VPN communication request and establishing a VPN temporary session with the cloud node;
the network service discovery server is used for receiving a binding request sent by the cloud node, analyzing the binding request and acquiring VPN connection configuration information of the cloud node for establishing the temporary VPN temporary session; the method is also used for generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to finish binding with the cloud node; the VPN connection configuration information of the target cloud node in the registration record is sent to the cloud node;
the domain name resolution server is configured to provide the registration record service.
In a sixth aspect, the present disclosure also provides a computer device. The computer device comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the cross-cloud data interconnection network communication method when executing the computer program.
In a seventh aspect, the present disclosure also provides a computer-readable storage medium. The computer readable storage medium has stored thereon a computer program which when executed by a processor implements the steps of the above-described inter-cloud data networking communication method.
In an eighth aspect, the present disclosure also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of the above-described inter-cloud data internetwork communication method.
The method, the device, the system, the computer equipment, the storage medium and the computer program product for cross-cloud data interconnection network communication at least comprise the following beneficial effects:
according to the cloud node, a binding request is sent to the registry for binding through a VPN temporary session with the registry, and then the connection information of other cloud nodes is obtained through reading the registration record of the registry, so that point-to-point cross-cloud data interconnection among the cloud nodes is realized, access points of all the cloud nodes are equal, and the switching of a central gateway node is not needed; meanwhile, a STUN binding protocol mechanism is adopted to acquire the NAT public network IP and the port of the cloud node, so that the direct external opening of the fixed IP and the port is avoided, and the security of cross-cloud interconnection is ensured; and the virtualization and containerization deployment are supported, and the method does not depend on third-party cloud manufacturers or equipment manufacturers, so that the operation and maintenance cost is reduced, and meanwhile, the method has strong flexibility and applicability, and can be suitable for network communication among various public clouds, private clouds, mixed clouds and offline data centers.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments or the conventional techniques of the present disclosure, the drawings required for the descriptions of the embodiments or the conventional techniques will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present disclosure, and other drawings may be obtained according to the drawings without inventive effort to those of ordinary skill in the art.
FIG. 1 is a schematic diagram of an application of communication interconnections between cross-cloud data in the background;
FIG. 2 is an application environment diagram of a method of communication across a cloud data interconnect network in one embodiment;
FIG. 3 is a flow chart of a method of inter-cloud data networking communication in one embodiment;
FIG. 4 is a flow chart of a method of communication across a cloud data interconnect network in another embodiment;
FIG. 5 is a flow diagram of the steps for establishing a VPN temporary session in one embodiment;
FIG. 6 is a flow chart illustrating a process for forming registration records in one embodiment;
FIG. 7 is a block diagram of a cross-cloud data interconnect network communication device in one embodiment;
FIG. 8 is a block diagram of another embodiment of a cross-cloud data interconnect network communication device;
FIG. 9 is a block diagram of the temporary session establishment module in one embodiment;
FIG. 10 is a block diagram of the registration module in one embodiment;
FIG. 11 is a signal flow diagram of a communication system across a cloud data interconnect network in one embodiment;
FIG. 12 is a block diagram of the internal architecture of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs. The terminology used in the description of the disclosure herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure.
It should be noted that the terms "first," "second," and the like in the description and claims of the present disclosure and in the foregoing figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the disclosure described herein may be capable of operation in sequences other than those illustrated or described herein. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, it is not excluded that additional identical or equivalent elements may be present in a process, method, article, or apparatus that comprises a described element. For example, if first, second, etc. words are used to indicate a name, but not any particular order.
It will be understood that when an element is referred to as being "connected" to another element, it can be directly connected to the other element or be connected to the other element through intervening elements. Further, "connection" in the following embodiments should be understood as "electrical connection", "communication connection", and the like if there is transmission of electrical signals or data between objects to be connected.
As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," and/or the like, specify the presence of stated features, integers, steps, operations, elements, components, or groups thereof, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or groups thereof. Also, in this specification, the term "and/or" includes any and all combinations of the associated listed items.
As stated in the background, in order to implement communication interconnection between the cross-cloud data, a VPN tunnel solution is generally adopted, where VPN nodes include a server and a client, if VPN tunnel communication needs to be established between multiple networks (e.g. cross-cloud and cross-data center) and interconnection between the networks is guaranteed, one node must be used as a transit node, that is, a VPN gateway, then all nodes are connected to the gateway, and other nodes communicate through the gateway, which is called a central radiation VPN network topology. For example, referring to the architecture diagram of the VPN tunnel solution shown in FIG. 1, the VPN network includes 4 CLOUD nodes, CLOUD-A, CLOUD-B, CLOUD-C and CLOUD-D, respectively. The CLOUD-A is selected as a transit node, namely a VPN gateway, and other CLOUD nodes can only establish VPN connection with the CLOUD-A, namely only the CLOUD-A is directly connected with other CLOUD nodes, so that direct communication can be realized between the CLOUD-A and the other CLOUD nodes without third party transit; but other CLOUD nodes cannot be directly connected (such as CLOUD-B and CLOUD-C, clOUD-B and CLOUD-D, CLOUD-C and COULD-D), and communication between other CLOUD nodes must be transferred through the VPN gateway on CLOUD-a.
Therefore, as more and more access nodes are provided, VPN gateway nodes become a bottleneck for vertical expansion, and there is an obvious single point of failure, i.e. when network communication or equipment failure occurs in the network of the node where the VPN gateway is located, communication between other clouds is directly interrupted. In addition, traffic is forwarded through the VPN gateway of a single cloud node, which often generates high communication delay due to the network bandwidth limitation and different geographic locations of the single node. Based on the above, the embodiment of the disclosure provides a cross-cloud data internet communication method.
The cross-cloud data interconnection network communication method provided by the embodiment of the disclosure can be applied to an application environment as shown in fig. 2. Wherein, a plurality of cloud nodes communicate with the registry 102 through a network, and the cloud nodes are VPN connected with each other. For example, a CLOUD node includes 4 CLOUD nodes, CLOUD-A, CLOUD-B, CLOUD-C and CLOUD-D, respectively. The registry 102 is further connected to the terminal 104 through a network, and the terminal 104 is configured to provide a display interface to monitor and manage the cloud node. The data storage system may store data that the registry 102 needs to process. The cloud node and registry 102 may each be integrated with one or more servers or service components. The terminal 104 may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, industrial computers, and the like.
In some embodiments of the present disclosure, as shown in fig. 3, a method for communication across cloud data interconnection networks is provided, and the method is applied to cloud nodes in fig. 2 for illustration, and includes the following steps:
step 310, a temporary VPN communication request is sent to a registry, where the VPN communication request is used to instruct the registry to establish a VPN temporary session with a cloud node.
Wherein the temporary VPN communication request may be a VPN temporary handshake signal.
Illustratively, the cloud node actively initiates a VPN temporary handshake signal to the registry such that the registry can establish a VPN temporary session with the cloud node in accordance with the VPN temporary handshake signal.
Step 320, a binding request is sent to the registry, where the binding request is used to instruct the registry to bind the cloud node, and form a registration record; the binding request includes VPN connection configuration information for the VPN temporary session.
The binding request may refer to a STUN (Session Traversal Utilities for NAT, NAT session traversal application) binding request, where STUN is a network protocol defined by RFC6389, and serves as a protocol tool when handling NAT (Network AddressTranslator, network address translation) session traversal. STUN is used to detect the presence of a NAT device in the network and to obtain the IP address (Internet Protocol Address ) and port number assigned by both communication endpoints via the NAT device. A peer-to-peer (P2P) connection is then established between the two communication endpoints that can traverse the NAT, enabling P2P communication.
Illustratively, the cloud node sends a STUN binding request to the registry, where the STUN binding request carries VPN connection configuration information of a VPN temporary session established by the cloud node and the registry. The VPN connection configuration information may include NAT public network IP and ports of the VPN temporary session.
Further, the VPN connection configuration information may further include public key information, where the public key may be used to encrypt the VPN temporary session key. The public key and the accessible IP address list can be associated by adopting an encryption key routing technology, so that the network interface of each cloud node is provided with a private key and a cloud node list, and each cloud node is provided with a public key and an accessible IP address list, and the routing control and the access control of the data receiving and transmitting are simplified.
Step 330, sending a call request of the registration record to the registration center; the registration record includes VPN connection configuration information for cloud nodes bound with the registry.
Illustratively, the cloud node may send a call request to the registry for the registration record, e.g., may send a call request to read the registration record by calling an API interface (Application Programming Interface ) of the registry. The call request may trigger the registry to return VPN connection configuration information for the cloud node that is bound in the registration record. The registration record is recorded with VPN connection configuration information of VPN temporary sessions established between all cloud nodes bound with the registration center and the registration center. The target cloud node may refer to other cloud nodes than the own cloud node.
Step 340, loading VPN connection configuration information of the target cloud node returned by the registry, and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node.
The cloud nodes load VPN connection configuration information of the target cloud nodes obtained through the registry, and determine connection information such as source IP addresses and ports of the target nodes, so that a persistent VPN session between the cloud nodes and the target cloud nodes is established, and cross-cloud data interconnection between the cloud nodes is achieved through VPN technology based on UDP (User Datagram Protocol ).
In the cross-cloud data interconnection network communication method, the cloud nodes send a binding request to the registry for binding through the VPN temporary session with the registry, and further the connection information of other cloud nodes is obtained through reading the registration record of the registry, so that point-to-point cross-cloud data interconnection among the cloud nodes is realized, access points of all the cloud nodes are equal, and the switching of a central gateway node is not needed; meanwhile, a STUN binding protocol mechanism is adopted to acquire the NAT public network IP and the port of the cloud node, so that the direct external opening of the fixed IP and the port is avoided, and the security of cross-cloud interconnection is ensured; and the virtualization and containerization deployment are supported, and the method does not depend on third-party cloud manufacturers or equipment manufacturers, so that the operation and maintenance cost is reduced, and meanwhile, the method has strong flexibility and applicability, and can be suitable for network communication among various public clouds, private clouds, mixed clouds and offline data centers.
In some embodiments of the present disclosure, the method further comprises:
and storing VPN connection configuration information of the target cloud node, and performing visual monitoring and management on the target cloud node.
The cloud node stores the obtained VPN connection configuration information of the target cloud node, and displays a UI (User Interface) through an external display terminal to perform monitoring management, specifically, the connection state of each target cloud node may be displayed on the UI Interface, and deleting and adding action instructions of the target cloud node are supported.
According to the cloud node monitoring and managing method and device, the cloud nodes can monitor and manage the target cloud nodes through the UI interface, so that the convenience of man-machine interaction is improved, and interconnection among the cloud nodes is more flexible.
In some embodiments of the present disclosure, as shown in fig. 4, a method for cross-cloud data interconnection network communication is provided, and the method is applied to the registry in fig. 2 for illustration, and includes the following steps:
step 410, receiving a temporary VPN communication request sent by a cloud node, and establishing a VPN temporary session with the cloud node in response to the temporary VPN communication request.
Wherein the temporary VPN communication request may be a VPN temporary handshake signal.
For example, the registry may receive VPN temporary handshake signals sent by the respective cloud nodes, and the registry establishes VPN temporary sessions with the cloud nodes in response to the VPN temporary handshake signals.
Step 420, receiving a binding request sent by a cloud node, analyzing the binding request, and obtaining VPN connection configuration information of the cloud node for establishing a temporary VPN temporary session.
Illustratively, after the registry establishes a VPN temporary session with the cloud node, the STUN binding request sent by the cloud node may be received. The registration node analyzes the received STUN binding request and acquires the NAT public network IP and the port of the cloud node VPN temporary session.
And 430, generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to finish the binding with the cloud node.
For example, the registry may store the obtained VPN connection configuration information of each cloud node, for example, the VPN connection configuration information may be stored in a registration record form. The registration record can be read and inquired by a registration center, so that the registration center can quickly read VPN connection configuration information of the cloud node. For example, the registry may generate a domain name resource record according to VPN connection configuration information, and register through VPN domain name service to generate a registration record, thereby completing binding with the cloud node.
Step 440, the VPN connection configuration information of the target cloud node in the registration record is sent to the cloud node, so that the cloud node establishes VPN persistent communication with the target cloud node according to the VPN connection configuration information.
For example, the registry may send VPN connection configuration information of the target cloud node, i.e. VPN connection configuration information of other cloud nodes than the cloud node itself, to the cloud node in response to a call request of the cloud node to the registration record. Therefore, the cloud nodes can load VPN connection configuration information of other cloud nodes, and interconnection between the cloud nodes is achieved.
In the cross-cloud data interconnection network communication method, the registration center receives the binding request sent by the cloud nodes by establishing the VPN temporary session with the cloud nodes, analyzes the binding request to obtain VPN connection configuration information of each cloud node, stores the VPN connection configuration information in the registration record, and sends VPN connection configuration information of other cloud nodes on the registration record to each cloud node, so that point-to-point cross-cloud data interconnection among the cloud nodes is realized, the registration center can perform session with each cloud node, and finally establishes a point-to-point communication tunnel among the cloud nodes without transferring through a central gateway node; meanwhile, a STUN binding protocol mechanism is adopted to acquire the NAT public network IP and the port of the cloud node, so that the direct external opening of the fixed IP and the port is avoided, and the security of cross-cloud interconnection is ensured; and the virtualization and containerization deployment are supported, and the method does not depend on third-party cloud manufacturers or equipment manufacturers, so that the operation and maintenance cost is reduced, and meanwhile, the method has strong flexibility and applicability, and can be suitable for network communication among various public clouds, private clouds, mixed clouds and offline data centers.
In some embodiments of the present disclosure, as shown in fig. 5, step 410 includes:
and step 412, analyzing the temporary VPN communication request, and determining the access identity information of the cloud node.
Illustratively, the registry parses a received temporary VPN communication request (e.g., VPN temporary handshake signal) and parses identity information of the cloud node according to the VPN temporary handshake signal. The identity information of the cloud node may include an identity of the cloud node, VPN access point information, and the like.
Step 414, after the access identity information is successfully verified according to the VPN communication request, a VPN temporary session is established with the cloud node.
The registration center may verify the access identity information according to the VPN communication request of the cloud node after determining the identity information of the cloud node, and establish a VPN temporary session with the cloud node after the verification is successful.
According to the embodiment, the registration center receives the network communication request of the cloud node, analyzes and obtains the identity information of the cloud node, and further establishes a VPN temporary session with the cloud node according to the identity information, so that the subsequent registration center can obtain VPN connection configuration information of the VPN temporary session of the cloud node.
In some embodiments of the present disclosure, as shown in fig. 6, step 430 includes:
And step 432, encoding according to the public key of the VPN temporary session of the cloud node to obtain a public key encoding.
Illustratively, the VPN connection configuration information includes a public key of the VPN temporary session of the cloud node, and a web site translation public network address and port. The registry may encode the public key from the public key of the cloud node, such as BASE32 encoding.
Further, in some embodiments of the present disclosure, the public key may be used to encrypt the VPN temporary session key. The public key and the accessible IP address list can be associated by adopting an encryption key routing technology, so that the network interface of each cloud node is provided with a private key and a cloud node list, and each cloud node is provided with a public key and an accessible IP address list, and the routing control and the access control of the data receiving and transmitting are simplified.
Step 434, generating the domain name resource record by combining the public key code with the web address translation public network address and port, and registering the domain name resource record with the registration record.
Illustratively, the registry may generate domain name resource records, such as SRV records, which are types of resource records supported in the database of DNS servers, with public key encodings and web address translations. The registration center registers the generated SRV record, and associates the public key with the accessible IP address list, so that each cloud node network interface has a private key and a cloud node list, and each cloud node has a public key and an accessible IP address list, thereby simplifying the routing control and access control of the transceiving data.
In the embodiment, the registration center encodes the public key of the cloud node and generates the SRV record by combining the public network address converted by the website and the port, and finally forms the registration record, thereby greatly simplifying the routing control and the access control of the data receiving and transmitting.
In some embodiments of the present disclosure, step 440 includes:
and responding to the call request of the cloud node to the registration record, inquiring the registration record, and returning VPN connection configuration information of the target cloud node in the registration record to the cloud node.
When the cloud node sends a call request of the registration record to the registration center, the registration center responds to query service call of the cloud node to the registration record, and the registration center obtains VPN connection configuration information of other cloud nodes of the cloud node for query by querying the registration record and returns the VPN connection configuration information to the cloud node.
In the embodiment, the registry returns the VPN connection configuration information of other cloud nodes to the cloud node by inquiring the registration record, so that the stability and the safety of information transmission are improved.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the disclosure further provides a cross-cloud data interconnection network communication device for implementing the above-mentioned cross-cloud data interconnection network communication method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in the embodiments of one or more cross-cloud data internet communication devices provided below may refer to the limitation of the cross-cloud data internet communication method hereinabove, and will not be repeated herein.
In some embodiments of the present disclosure, as shown in fig. 7, a cross-cloud data internetwork communication device is provided. The apparatus 700 includes:
a temporary session module 710, configured to send a temporary VPN communication request to a registry, where the VPN communication request is used to instruct the registry to establish a VPN temporary session with a cloud node;
a binding request module 720, configured to send a binding request to the registry, where the binding request is used to instruct the registry to bind the cloud node and form a registration record; the binding request includes VPN connection configuration information of the VPN temporary session;
a registration record module 730, configured to send a call request of a registration record to the registry; the registration record comprises VPN connection configuration information of cloud nodes bound with the registration center;
The network communication module 740 is configured to load VPN connection configuration information of the target cloud node returned by the registry, and establish VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node.
In some embodiments of the present disclosure, the apparatus further comprises:
and the visualization module is used for storing the VPN connection configuration information of the target cloud node and carrying out visual monitoring and management on the target cloud node.
In some embodiments of the present disclosure, as shown in fig. 8, a cross-cloud data interconnection network communication apparatus is also provided. The apparatus 800 includes:
a temporary session establishment module 810, configured to receive a temporary VPN communication request sent by a cloud node, and establish a VPN temporary session with the cloud node in response to the temporary VPN communication request;
the binding analysis module 820 is configured to receive a binding request sent by a cloud node, analyze the binding request, and obtain VPN connection configuration information of the cloud node for establishing a temporary VPN temporary session;
a registration module 830, configured to generate a domain name resource record according to the VPN connection configuration information, and perform registration of VPN domain name service to generate a registration record, so as to complete binding with the cloud node;
The configuration information module 840 is configured to send VPN connection configuration information of a target cloud node in the registration record to the cloud node, so that the cloud node establishes VPN persistent communication with the target cloud node according to the VPN connection configuration information.
In some embodiments of the present disclosure, as shown in fig. 9, the temporary session establishment module 810 includes:
an identity identifying unit 812, configured to parse the temporary VPN communication request and determine access identity information of the cloud node;
the session establishment unit 814 is configured to establish a VPN temporary session with the cloud node after the access identity information is successfully verified according to the VPN communication request.
In some embodiments of the present disclosure, as shown in fig. 10, the VPN connection configuration information includes a public key of a VPN temporary session of the cloud node, and a web site translation public network address and port; the registration module 830 includes:
a public key encoding unit 832, configured to encode according to a public key of the VPN temporary session of the cloud node to obtain a public key encoding;
a record registration unit 834, configured to generate the domain name resource record by combining the public key code with the web address translation public network address and port, and register the domain name resource record to the registration record.
In some embodiments of the present disclosure, the configuration information module includes:
and the information return unit is used for responding to the call request of the cloud node to the registration record, inquiring the registration record and returning VPN connection configuration information of the target cloud node in the registration record to the cloud node.
The modules in the cross-cloud data interconnection network communication device may be implemented in whole or in part by software, hardware, and a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules. It should be noted that, in the embodiment of the present disclosure, the division of the modules is merely a logic function division, and other division manners may be implemented in actual practice.
Based on the same inventive concept, the embodiment of the disclosure also provides a cross-cloud data interconnection network communication system for implementing the above-mentioned cross-cloud data interconnection network communication method. The implementation of the solution provided by the system is similar to the implementation described in the above method, so the specific limitation in one or more embodiments of the inter-cloud data internet communication system provided below may refer to the limitation of the inter-cloud data internet communication method hereinabove, and will not be described herein.
In some embodiments of the present disclosure, a cross-cloud data internetwork communication system is provided. The system comprises: the cloud nodes comprise the cross-cloud data interconnection network communication device and are used for realizing a cross-cloud data interconnection network communication method applied to the cloud nodes; the registration center comprises the cross-cloud data internet communication device, and the cross-cloud data internet communication device is used for realizing the cross-cloud data internet communication method applied to the registration center.
In some embodiments of the present disclosure, a cloud node includes a network peer-to-peer access component and a network service discovery client. The network peer-to-peer access component and network service discovery client may be highly integrated and deployed together. The registry comprises a messenger server, a network service discovery server and a domain name resolution server. Messenger servers, web service discovery servers, and domain name resolution servers may be highly integrated and deployed together. The registry can store and manage the registration services of the cloud nodes, and provide a registration interface of the network peer-to-peer access component based on the gRPC protocol, and visually manage, configure and monitor the UI. The gRPC protocol is an RPC (Remote Procedure Call ) protocol developed by Google and open source. Through the gRPC protocol, a client consumer service can invoke a server method on another host as a local method.
The network peer-to-peer access component is used for sending a temporary VPN communication request to the messenger server and establishing VPN persistent communication with the network peer-to-peer access component of the target cloud node. The network peer-to-peer access component can be deployed on the cloud node and is based on a VPN service component of UDP protocol, and has NAT-to-NAT penetration capability.
The network service discovery client is used for sending a binding request to the network service discovery server, wherein the binding request comprises VPN connection configuration information of a VPN temporary session, and a call request for sending a registration record to the registration center, and the registration record comprises VPN connection configuration information of a cloud node bound with the registration center; and the VPN connection configuration information of the target cloud node in the registration record returned by the registration center is loaded so that the network peer-to-peer access assembly and the network peer-to-peer access assemblies of other cloud nodes can establish VPN persistent communication.
The messenger server is used for receiving the temporary VPN communication request sent by the cloud node and responding to the temporary VPN communication request to establish a VPN temporary session with the cloud node.
The network service discovery server is used for receiving a binding request sent by the cloud node, analyzing the binding request and acquiring VPN connection configuration information of the cloud node for establishing the temporary VPN temporary session; the method is also used for generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to complete binding with cloud nodes; and the VPN connection configuration information of the target cloud node in the registration record is sent to the cloud node.
The domain name resolution server is used for providing registration record service.
By way of example, taking the application scenario shown in fig. 2 as an example, the steps of the system for performing inter-cloud data internet communication are described with reference to the signal flow diagram of the system shown in fig. 11.
Yun Jiedian network peer access components (e.g., VPN peer access points) of CLOUD-A, CLOUD-B, CLOUD-C and CLOUD-D each send temporary VPN handshake signals to the messenger server of the registry (only CLOUD node CLOUD-A, CLOUD-B is illustrated in FIG. 11, CLOUD-C and CLOUD-D are not shown in the figure).
The messenger server may establish a VPN temporary session with VPN peer access points of respective cloud nodes after authenticating identity information of the VPN peer access points of the cloud nodes.
The network service discovery client (VPN-SD client) of each cloud node may send a STUN binding request to the network service discovery server (VPN-SD server) of the registry. The VPN-SD server may parse after receiving the STUN binding request to obtain VPN connection configuration information such as NAT public IP and port of the VPN temporary session of the cloud node.
The VPN-SD server may convert the VPN connection configuration information of the obtained VPN temporary session of the cloud node into an SRV record to form a registration record and register the registration record to a domain name resolution server (VPN-DNS server). The VPN-DNS server may provide a private DNS (Domain Name System ) resolved DNS Service for VPN Service discovery, and may use a DNS protocol standard SRV Record (Service Record) to save VPN connection configuration information of cloud nodes, thereby implementing UDP tunneling (UDP hole punching) capability.
The VPN-SD client may send a call request through an API (Application Programming Interface ) interface of the call VPN-SD server to obtain VPN connection configuration information of other VPN peer access points (e.g. VPN peer access points of CLOUD-B).
The VPN-SD server may query the VPN-DNS server and return VPN connection configuration information for other VPN peer access points (e.g., VPN peer access points of CLOUD-B).
The VPN-SD client may dynamically update the local VPN peer access point configuration.
The VPN peer access point of the CLOUD-A discovers the configuration change of the local VPN peer access point, can simulate the identity of the messenger server, initiatively initiates VPN handshake with other VPN peer access points (such as the VPN peer access point of the CLOUD-B), loads VPN connection information such as source IP addresses and ports of the other VPN peer access points, and accordingly establishes a persistent VPN session between the CLOUD-A and other CLOUD nodes.
Based on the foregoing description of the embodiments of the method for inter-cloud data networking, in another embodiment provided by the present disclosure, a computer device is provided, where the computer device may be a server, and an internal structure diagram thereof may be as shown in fig. 12. The computer device includes a processor, a memory, an Input/Output interface (I/O) and a communication interface. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface is connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is for storing data. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements a method of inter-cloud data networking communication.
It will be appreciated by those skilled in the art that the structure shown in fig. 12 is merely a block diagram of some of the structures associated with the present application and is not limiting of the computer device to which the present application may be applied, and that a particular computer device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
Based on the foregoing description of the embodiments of the inter-cloud data networking communication method, in another embodiment provided in the present disclosure, a computer-readable storage medium is provided, on which a computer program is stored, which when executed by a processor, implements the steps in the method embodiments described above.
Based on the foregoing description of embodiments of the inter-cloud data networking communication method, in another embodiment provided by the present disclosure, a computer program product is provided, which includes a computer program that, when executed by a processor, implements the steps of the method embodiments described above.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (FerroelectricRandom Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.
In the description of the present specification, reference to the terms "some embodiments," "other embodiments," "desired embodiments," and the like, means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, schematic descriptions of the above terms do not necessarily refer to the same embodiment or example.
It should be understood that, in the present specification, each embodiment of the method is described in a progressive manner, and the same/similar parts of each embodiment are referred to each other, where each embodiment focuses on a difference from other embodiments. For relevance, reference should be made to the description of other method embodiments.
The technical features of the above embodiments may be arbitrarily combined, and for brevity, all of the possible combinations of the technical features of the above embodiments are not described, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples merely represent a few embodiments of the present disclosure, which are described in more detail and are not to be construed as limiting the scope of the claims. It should be noted that variations and modifications can be made by those skilled in the art without departing from the spirit of the disclosure, which are within the scope of the disclosure. Accordingly, the scope of protection of the present disclosure should be determined by the following claims.

Claims (12)

1. A method for cross-cloud data internet communication, applied to Yun Jiedian, the method comprising:
sending a temporary VPN communication request to a registry, wherein the VPN communication request is used for indicating the registry to establish a VPN temporary session with a cloud node;
sending a binding request to the registry, wherein the binding request is used for indicating the registry to bind the cloud node and forming a registration record; the binding request includes VPN connection configuration information of the VPN temporary session;
sending a call request of a registration record to the registration center; the registration record comprises VPN connection configuration information of cloud nodes bound with the registration center;
and loading VPN connection configuration information of the target cloud node returned by the registry in the registry record, and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node.
2. The method according to claim 1, wherein the method further comprises:
and storing VPN connection configuration information of the target cloud node, and performing visual monitoring and management on the target cloud node.
3. A method for inter-cloud data networking communication, applied to a registry, the method comprising:
Receiving a temporary VPN communication request sent by a cloud node, and responding to the temporary VPN communication request to establish a VPN temporary session with the cloud node;
receiving a binding request sent by a cloud node, analyzing the binding request, and acquiring VPN connection configuration information of the cloud node for establishing a temporary VPN temporary session;
generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to finish binding with the cloud node;
and sending VPN connection configuration information of the target cloud node in the registration record to the cloud node so that the cloud node can establish VPN persistent communication with the target cloud node according to the VPN connection configuration information.
4. The method of claim 3, wherein establishing a VPN temporary session with the cloud node in response to the temporary VPN communication request comprises:
analyzing the temporary VPN communication request and determining access identity information of the cloud node;
and after the access identity information is successfully verified according to the VPN communication request, establishing a VPN temporary session with the cloud node.
5. A method according to claim 3, wherein the VPN connection configuration information comprises a public key of a VPN temporary session of the cloud node, and a web site translation public network address and port;
Generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to complete binding with the cloud node:
encoding according to the public key of the VPN temporary session of the cloud node to obtain a public key encoding;
and generating the domain name resource record by combining the public key code with the web address conversion public network address and port, and registering the domain name resource record to the registration record.
6. The method of claim 3, wherein the sending VPN connection configuration information of the target cloud node in the registration record to the cloud node for the cloud node to establish VPN persistent communication with the target cloud node according to the VPN connection configuration information comprises:
and responding to the call request of the cloud node to the registration record, inquiring the registration record, and returning VPN connection configuration information of the target cloud node in the registration record to the cloud node.
7. A cross-cloud data internetwork communication device, the device comprising:
the temporary session module is used for sending a temporary VPN communication request to a registry, wherein the VPN communication request is used for indicating the registry to establish a VPN temporary session with a cloud node;
The binding request module is used for sending a binding request to the registry, wherein the binding request is used for indicating the registry to bind the cloud node and forming a registration record; the binding request includes VPN connection configuration information of the VPN temporary session;
the registration record module is used for sending a call request of registration records to the registration center; the registration record comprises VPN connection configuration information of cloud nodes bound with the registration center;
and the network communication module is used for loading VPN connection configuration information of the target cloud node returned by the registration center in the registration record and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node.
8. A cross-cloud data internetwork communication device, the device comprising:
the temporary session establishment module is used for receiving a temporary VPN communication request sent by a cloud node and responding to the temporary VPN communication request to establish a VPN temporary session with the cloud node;
the binding analysis module is used for receiving a binding request sent by a cloud node, analyzing the binding request and acquiring VPN connection configuration information of the cloud node for establishing the temporary VPN temporary session;
The registration module is used for generating a domain name resource record according to the VPN connection configuration information, registering VPN domain name service to generate a registration record, and completing the binding with the cloud node;
and the configuration information module is used for sending VPN connection configuration information of the target cloud node in the registration record to the cloud node so that the cloud node can establish VPN persistent communication with the target cloud node according to the VPN connection configuration information.
9. A cross-cloud data internetwork communication system, the system comprising: a number of cloud nodes comprising the inter-cloud data internetwork communication device of claim 7, and a registry comprising the inter-cloud data internetwork communication device of claim 8.
10. The system of claim 9, wherein the cloud node comprises a network peer-to-peer access component and a network service discovery client, and wherein the registry comprises a messenger server, a network service discovery server and a domain name resolution server;
the network peer-to-peer access component is configured to send a temporary VPN communication request to the messenger server; and establishing VPN persistent communication with a network peer-to-peer access component of the target cloud node;
The network service discovery client is used for sending a binding request to the network service discovery server and sending a call request for registering records to the registration center; the method is also used for loading VPN connection configuration information of the target cloud node returned by the registry, and establishing VPN persistent communication with the target cloud node according to the VPN connection configuration information of the target cloud node;
the messenger server is used for receiving a temporary VPN communication request sent by a cloud node, responding to the temporary VPN communication request and establishing a VPN temporary session with the cloud node;
the network service discovery server is used for receiving a binding request sent by the cloud node, analyzing the binding request and acquiring VPN connection configuration information of the cloud node for establishing the temporary VPN temporary session; the method is also used for generating a domain name resource record according to the VPN connection configuration information, and registering VPN domain name service to generate a registration record so as to finish binding with the cloud node; the VPN connection configuration information of the target cloud node in the registration record is sent to the cloud node;
the domain name resolution server is configured to provide the registration record service.
11. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 6 when the computer program is executed.
12. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 6.
CN202310356975.7A 2023-04-06 2023-04-06 Cross-cloud data interconnection network communication method, device and system Active CN116095080B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310356975.7A CN116095080B (en) 2023-04-06 2023-04-06 Cross-cloud data interconnection network communication method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310356975.7A CN116095080B (en) 2023-04-06 2023-04-06 Cross-cloud data interconnection network communication method, device and system

Publications (2)

Publication Number Publication Date
CN116095080A CN116095080A (en) 2023-05-09
CN116095080B true CN116095080B (en) 2023-06-09

Family

ID=86187201

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310356975.7A Active CN116095080B (en) 2023-04-06 2023-04-06 Cross-cloud data interconnection network communication method, device and system

Country Status (1)

Country Link
CN (1) CN116095080B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102710509A (en) * 2012-05-18 2012-10-03 杭州华三通信技术有限公司 Automatic data center configuration method and method
GB201513649D0 (en) * 2014-08-01 2015-09-16 Kingston Digital Inc Private and secure communication architecture without utilizing a public cloud based routing server
CN111030912A (en) * 2018-10-09 2020-04-17 华为技术有限公司 Method for intercommunication between virtual private cloud VPCs
CN111404801A (en) * 2020-03-27 2020-07-10 四川虹美智能科技有限公司 Data processing method, device and system for cross-cloud manufacturer
WO2021063028A1 (en) * 2019-09-30 2021-04-08 华为技术有限公司 Method and apparatus for providing network service for service, and computing device
US11095534B1 (en) * 2019-11-29 2021-08-17 Amazon Technologies, Inc. API-based endpoint discovery of resources in cloud edge locations embedded in telecommunications networks
CN113452592A (en) * 2021-06-09 2021-09-28 北京奥星贝斯科技有限公司 Cross-cloud data access method and device under hybrid cloud architecture
CN115701037A (en) * 2021-07-31 2023-02-07 华为云计算技术有限公司 Configuration method for intercommunication between virtual private cloud VPCs and related device
WO2023016248A1 (en) * 2021-08-13 2023-02-16 华为技术有限公司 Method for intercommunication between data centre cloud network and operator network, and communication apparatus
CN115865601A (en) * 2022-11-01 2023-03-28 杭州视洞科技有限公司 SDN network communication system of cross-cloud data center

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11683292B2 (en) * 2011-09-09 2023-06-20 Kingston Digital, Inc. Private cloud routing server connection mechanism for use in a private communication architecture

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102710509A (en) * 2012-05-18 2012-10-03 杭州华三通信技术有限公司 Automatic data center configuration method and method
GB201513649D0 (en) * 2014-08-01 2015-09-16 Kingston Digital Inc Private and secure communication architecture without utilizing a public cloud based routing server
CN111030912A (en) * 2018-10-09 2020-04-17 华为技术有限公司 Method for intercommunication between virtual private cloud VPCs
WO2021063028A1 (en) * 2019-09-30 2021-04-08 华为技术有限公司 Method and apparatus for providing network service for service, and computing device
US11095534B1 (en) * 2019-11-29 2021-08-17 Amazon Technologies, Inc. API-based endpoint discovery of resources in cloud edge locations embedded in telecommunications networks
CN111404801A (en) * 2020-03-27 2020-07-10 四川虹美智能科技有限公司 Data processing method, device and system for cross-cloud manufacturer
CN113452592A (en) * 2021-06-09 2021-09-28 北京奥星贝斯科技有限公司 Cross-cloud data access method and device under hybrid cloud architecture
CN115701037A (en) * 2021-07-31 2023-02-07 华为云计算技术有限公司 Configuration method for intercommunication between virtual private cloud VPCs and related device
WO2023016248A1 (en) * 2021-08-13 2023-02-16 华为技术有限公司 Method for intercommunication between data centre cloud network and operator network, and communication apparatus
CN115865601A (en) * 2022-11-01 2023-03-28 杭州视洞科技有限公司 SDN network communication system of cross-cloud data center

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Virtualized Software-Defined Networks and Services;Qiang Duan等;《Artech》;全文 *
云数据中心SDN/NFV组网方案、测试及问题分析;顾戎;王瑞雪;李晨;黄璐;;电信科学(第01期);全文 *
虚拟私有云安全互联***设计与实现;程闪闪;《万方数据库》;全文 *
跨数据中心大二层组网技术探讨与分析;索凤莲;刘芹;;互联网天地(第11期);全文 *

Also Published As

Publication number Publication date
CN116095080A (en) 2023-05-09

Similar Documents

Publication Publication Date Title
JP7203444B2 (en) Selectively provide mutual transport layer security using alternate server names
US10764244B1 (en) Systems and methods providing a multi-cloud microservices gateway using a sidecar proxy
CN108650182B (en) Network communication method, system, device, equipment and storage medium
CN103108089B (en) Connection establishment management method of network system and related system thereof
Granville et al. Managing computer networks using peer-to-peer technologies
Alberti et al. Platforms for smart environments and future internet design: A survey
Matsubara et al. Toward future networks: A viewpoint from ITU-T
CN105430059A (en) Smart client routing
CN107710695B (en) Method for accessing home network additional storage equipment, corresponding device and system
US11843642B1 (en) Serverless signaling in peer-to-peer session initialization
US11102166B2 (en) Explicit service function chaining (SFC) using DNS extensions
US20230179522A1 (en) Executing workloads across multiple cloud service providers
Forsström et al. Challenges when realizing a fully distributed internet-of-things-how we created the sensiblethings platform
CN112995247A (en) Method, device and system for transmitting or processing data
US11652697B1 (en) Transmitting request and response information through different proxies
CN104219257A (en) Web real-time communication method, system, server and client
CN116095080B (en) Cross-cloud data interconnection network communication method, device and system
US11595471B1 (en) Method and system for electing a master in a cloud based distributed system using a serverless framework
CN111107126B (en) Method and apparatus for encrypted volume replication
Lardies et al. Deploying pervasive web services over a p2p overlay
CN111315037B (en) Communication link establishing method and device, computer equipment and storage medium
Mafamane et al. Study of the heterogeneity problem in the Internet of Things and Cloud Computing integration
Piron Master thesis: Implementation and Evaluation of LISP Publish/Subscribe Functionality in NS3
CN116634012A (en) Request processing method, apparatus, computer device, storage medium, and program product
US11968180B2 (en) Building a mesh virtual private network (VPN) in a hybrid or multi-cloud cluster

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant