CN112187671A - Network access method and related equipment thereof - Google Patents
Network access method and related equipment thereof Download PDFInfo
- Publication number
- CN112187671A CN112187671A CN202011224128.8A CN202011224128A CN112187671A CN 112187671 A CN112187671 A CN 112187671A CN 202011224128 A CN202011224128 A CN 202011224128A CN 112187671 A CN112187671 A CN 112187671A
- Authority
- CN
- China
- Prior art keywords
- accessed
- network
- container group
- container
- group
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 68
- 238000004590 computer program Methods 0.000 claims description 12
- 238000012545 processing Methods 0.000 claims description 3
- 241001026509 Kata Species 0.000 description 9
- 238000010586 diagram Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 5
- 230000002159 abnormal effect Effects 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/70—Admission control; Resource allocation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application discloses a network access method and related equipment thereof, wherein the method comprises the following steps: firstly, determining a network name space of a container group to be accessed as a network name space of a target host machine so as to enable the target host machine to be positioned in the network name space of the container group to be accessed; and then acquiring the virtual network equipment corresponding to the to-be-accessed container group, and configuring network card data of the to-be-accessed container group according to the virtual network equipment corresponding to the to-be-accessed container group, so that the to-be-accessed container group can be accessed to the VPC network through the virtual network equipment, thereby achieving the purpose of accessing the container group to the VPC network.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a network access method and a related device.
Background
In a cluster system based on kubernets (k 8s for short) and kata, at least one Container group (Pod) can be deployed in a virtual machine as a computing Node (Work Node), and a plurality of containers (containers) in the same Container group can share the same network namespace.
In some cases, the container groups located on different hosts may be respectively accessed into a Virtual Private Cloud (VPC) network, so that the VPC network can maintain the container groups located on different hosts in the same subnet, thereby enabling network communication between the container groups.
However, how to access the group of containers to the VPC network still remains a technical problem to be solved.
Disclosure of Invention
In order to solve the above technical problems in the prior art, the present application provides a network access method and related devices, which can solve the technical problem of accessing a container group to a VPC network.
In order to achieve the above purpose, the technical solutions provided in the embodiments of the present application are as follows:
the embodiment of the application provides a network access method, which comprises the following steps:
determining a network name space of a container group to be accessed as a network name space of a target host machine so as to enable the target host machine to be positioned in the network name space of the container group to be accessed; the group of the containers to be accessed is deployed on a target virtual machine, and the target virtual machine is installed on the target host machine;
acquiring virtual network equipment corresponding to the to-be-accessed container group;
and configuring network card data of the container group to be accessed according to the virtual network equipment corresponding to the container group to be accessed so as to enable the container group to be accessed to a virtual private cloud network through the virtual network equipment.
In a possible implementation manner, the obtaining the virtual network device corresponding to the to-be-accessed container group includes:
acquiring the name identification of the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group.
In a possible implementation manner, the determining, according to the name identifier of the to-be-accessed container group, a virtual network device corresponding to the to-be-accessed container group includes:
determining a container network interface file path corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group;
determining a container network interface file corresponding to the to-be-accessed container group according to the container network interface file path corresponding to the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the container network interface file corresponding to the to-be-accessed container group.
In a possible implementation manner, the determining, according to the name identifier of the to-be-accessed container group, a container network interface file path corresponding to the to-be-accessed container group includes:
and splicing the preset file path information and the name identification of the to-be-accessed container group according to a preset mode to obtain a container network interface file path corresponding to the to-be-accessed container group.
In one possible embodiment, the method further comprises:
judging whether the network name space of the target host machine meets a first condition or not;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network name space of the target host machine meets the first condition, determining the network name space of the container group to be accessed as the network name space of the target host machine.
In one possible embodiment, the method further comprises:
acquiring network access parameters of the to-be-accessed container group;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network access parameters of the to-be-accessed container group meet the second condition, determining the network name space of the to-be-accessed container group as the network name space of the target host.
In a possible implementation manner, the obtaining the network access parameter of the group of containers to be accessed includes:
acquiring a configuration file of the to-be-accessed container group;
and determining the network access parameters of the to-be-accessed container group according to the configuration file of the to-be-accessed container group.
An embodiment of the present application further provides a network access apparatus, where the apparatus includes:
the system comprises a space determining unit, a storage unit and a processing unit, wherein the space determining unit is used for determining a network name space of a container group to be accessed as a network name space of a target host machine so as to enable the target host machine to be positioned in the network name space of the container group to be accessed; the group of the containers to be accessed is deployed on a target virtual machine, and the target virtual machine is installed on the target host machine;
the device acquisition unit is used for acquiring the virtual network device corresponding to the to-be-accessed container group;
and the network access unit is used for configuring network card data of the container group to be accessed according to the virtual network equipment corresponding to the container group to be accessed so as to enable the container group to be accessed to the virtual private cloud network through the virtual network equipment.
An embodiment of the present application further provides an apparatus, where the apparatus includes a processor and a memory:
the memory is used for storing a computer program;
the processor is configured to execute any implementation manner of the network access method provided by the embodiment of the application according to the computer program.
Embodiments of the present application further provide a computer-readable storage medium, where the computer-readable storage medium is used to store a computer program, where the computer program is used to execute any implementation manner of the network access method provided in the embodiments of the present application.
Compared with the prior art, the embodiment of the application has at least the following advantages:
in the network access method provided by the embodiment of the application, a network name space of a container group to be accessed is determined as a network name space of a target host machine, so that the target host machine is located in the network name space of the container group to be accessed; and then acquiring the virtual network equipment corresponding to the to-be-accessed container group, and configuring network card data of the to-be-accessed container group according to the virtual network equipment corresponding to the to-be-accessed container group, so that the to-be-accessed container group can be accessed to the VPC network through the virtual network equipment, thereby achieving the purpose of accessing the container group to the VPC network. The group of the containers to be accessed is deployed on the target virtual machine, and the target virtual machine is installed on the target host machine.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a network access method according to an embodiment of the present application;
fig. 2 is a corresponding relationship among a host, a virtual machine, and a container group provided in the embodiment of the present application;
fig. 3 is a schematic diagram of a CNI file path provided in an embodiment of the present application;
fig. 4 is a schematic diagram of a VPC network access method based on k8s + kata according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a network access device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an apparatus according to an embodiment of the present application.
Detailed Description
In order to facilitate understanding of the technical solutions of the present application, some terms related to the present application are described below.
kubernets (k 8s for short) is a container-based cluster management platform, and a kubernets cluster may include a Master Node (Master Node) and a plurality of computing nodes (Work nodes) respectively communicatively connected to the Master Node. Wherein a master node may be used to manage and control a plurality of compute nodes. The computing nodes are workload nodes, and each computing node may have at least one Container group (Pod) deployed therein, and each Container group may have one or more containers (containers) for carrying software programs encapsulated therein.
Pod is the basic unit of operation of Kubernetes and is the smallest unit of deployment that can be created, debugged, and managed. In addition, multiple containers (containers) located in the same Pod may share network resources (e.g., IP addresses). For example, when a first Pod includes 3 containers and the first Pod has a first IP address, the 3 containers on the first Pod share the first IP address.
kata is an open source container project that aims to unify the security advantages of virtual machines with the speed and manageability of containers. In addition, kata is obtained by merging two existing open source projects, i.e. Intel Clear Containers and Hyper runV, so that kata solves the security and isolation problem of the shared kernel of the traditional container.
The kata-runtime is a component in kata, and is used to handle all commands specified by the OCI (Oracle Call Interface) runtime specification and to launch kata-shim instances when an OCI (Oracle Call Interface) compliant container runtime is running. Among them, kata-shim is also a component in kata, and is used for monitoring the progress of the container.
qemu is a virtual operating system simulator, and kata-runtime can call instructions (e.g., hot plug instructions that call a cloud hard disk) through the qmp interface provided by qemu.
A tap device is a virtual network device in the kernel of an operating system. Alternatively, the tap device may be equivalent to an ethernet device, and the tap device may be capable of handling data link layer packets (e.g., ethernet data frames). In addition, tap devices are typically created on the host.
kvgw is a kernel file for maintaining a VPC network, and vgw-agent is a component for managing kvgw.
The dhclient command is a commonly used Linux command, and functions to dynamically configure network parameters of a network interface using a dynamic host configuration protocol.
The network namespace is used to achieve network isolation and can partition the use of network devices, addresses, ports, routes, firewall rules, etc. into different boxes to achieve virtualization of the network in a single running kernel instance. In addition, network resources can be shared among multiple objects in the same network namespace. For example, multiple containers deployed in one Pod are all in the same network namespace, so that multiple containers located in the same Pod can share network resources.
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Method embodiment one
Referring to fig. 1, the figure is a flowchart of a network access method according to an embodiment of the present application.
The network access method provided by the embodiment of the application comprises S101-S103:
s101: and determining the network name space of the to-be-accessed container group as the network name space of the target host machine so as to enable the target host machine to be positioned in the network name space of the to-be-accessed container group.
The container group to be accessed is a container group which needs to be accessed to the VPC network, and the container group to be accessed comprises at least one container. For example, as shown in fig. 2, if the group of containers to be accessed is Pod203, the group of containers to be accessed may include N containers. Wherein N is a positive integer.
In addition, the group of containers to be accessed is deployed on the target virtual machine, and the target virtual machine is installed on the target host machine. For example, as shown in fig. 2, when the host 201 has the virtual machine 202 installed thereon, the Pod203 is deployed on the virtual machine 202, and the Pod203 includes N containers, if the group of containers to be accessed is the Pod203, the target virtual machine is the virtual machine 202, and the target host is the host 201.
Based on the related content of S101, in this embodiment of the application, if the to-be-accessed container group is to be accessed to the VPC network, the network namespace of the to-be-accessed container group may be determined as the network namespace of the target host, so that the target host is located in the network namespace of the to-be-accessed container group, and thus the to-be-accessed container group and the target host are located in the same network namespace, and further, communication between the to-be-accessed container group and the target host is enabled.
It should be noted that, the embodiment of the present application is not limited to the implementation of S101, and any method capable of determining the network namespace of the group of containers to be accessed as the network namespace of the target host may be used for implementation.
S102: and acquiring the virtual network equipment corresponding to the to-be-accessed container group.
The virtual network equipment is used for accessing the container group to be accessed into the VPC network. In addition, the embodiment of the present application is not limited to the virtual network device, and for example, the virtual network device may be a tap device.
In addition, the embodiment of the present application does not limit the manner of acquiring the virtual network device corresponding to the group of containers to be accessed. For ease of understanding, the following description is made with reference to examples.
As an example, S102 may specifically include S1021-S1022:
s1021: and acquiring the name identification of the group of the containers to be accessed.
The name identifier of the to-be-accessed container group (also called ID of the to-be-accessed container group) is used for uniquely identifying the to-be-accessed container group. In addition, the embodiment of the present application does not limit the manner of obtaining the name identifier of the to-be-accessed container group, and may be implemented by using any existing or future method capable of obtaining the name identifier of the to-be-accessed container group.
S1022: and determining the virtual network equipment corresponding to the to-be-accessed container group according to the name identification of the to-be-accessed container group.
The present embodiment does not limit the implementation of S1022, and for facilitating understanding of S1022, the following description is given with reference to an example.
As an example, S1022 may specifically include S10221-S10223:
s10221: and determining a container network interface file path corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group.
The Container Network Interface file path refers to a storage path of a Container Network Interface (CNI) file corresponding to a Container group to be accessed. Wherein, the container network interface file (CNI file for short) is used to record the VPC network parameters of the container group to be accessed (for example, the virtual network device name corresponding to the container group to be accessed)
The present embodiment does not limit the embodiment of S10221. For example, S10221 may specifically be: and splicing the preset file path information and the name identification of the to-be-accessed container group according to a preset mode to obtain a container network interface file path corresponding to the to-be-accessed container group.
The preset file path information refers to preset path information, and the preset file path information may include at least one level of directory. For example, if the container network interface file path includes a T-level directory, the predetermined file path information may refer to a 1 st-level directory to a T-1 st-level directory, and the name identifier of the to-be-accessed container group may be the T-level directory. Therefore, different container groups to be accessed have different name identifications, so that the path of the container network interface file can uniquely identify the storage path of the container network interface file corresponding to the container group to be accessed. Wherein T is a positive integer.
In addition, the preset mode may be preset, for example, the preset mode may be a directory splicing mode (that is, a symbol "\" needs to be added between different splicing objects).
Based on the related content of S10221, in some cases, the container network interface file path corresponding to the to-be-accessed container group may be determined according to the name identifier of the to-be-accessed container group. For example, as shown in fig. 3, when the container network interface file path includes a T-level directory, the preset file path information includes a 1 st-level directory to a T-1 st-level directory, and the name identifier of the to-be-accessed container group may be used as the T-level directory, the preset file path information and the name identifier of the to-be-accessed container group may be spliced according to a directory splicing manner, so as to obtain a container network interface file path corresponding to the to-be-accessed container group.
S10222: and determining the container network interface file corresponding to the to-be-accessed container group according to the container network interface file path corresponding to the to-be-accessed container group.
In this embodiment of the application, after the path of the container network interface file corresponding to the to-be-accessed container group is obtained, the file stored in the path of the container network interface file may be determined as the container network interface file corresponding to the to-be-accessed container group, so that the virtual network device corresponding to the to-be-accessed container group may be subsequently determined based on the container network interface file.
S10223: and determining the virtual network equipment corresponding to the to-be-accessed container group according to the container network interface file corresponding to the to-be-accessed container group.
In this embodiment of the present application, after the container network interface file corresponding to the to-be-accessed container group is obtained, the virtual network device corresponding to the to-be-accessed container group may be determined according to the container network interface file, and the determining process may specifically be: and reading the name of the virtual network equipment from the container network interface file, and determining the virtual network equipment corresponding to the to-be-accessed container group according to the name of the virtual network equipment.
Based on the related contents of the foregoing S10221 to S10223, in some cases, a container network interface file path corresponding to a to-be-accessed container group may be determined according to a name identifier of the to-be-accessed container group; and then, according to the container network interface file stored in the path of the container network interface file, determining a virtual network device (for example, a tap device) corresponding to the container group to be accessed, so that the VPC network can be accessed based on the virtual network device in the following.
S103: and configuring network card data of the container group to be accessed according to the virtual network equipment corresponding to the container group to be accessed so as to enable the container group to be accessed to the virtual private cloud network through the virtual network equipment.
In the embodiment of the application, after the virtual network device corresponding to the to-be-accessed container group is determined, the network card data of the to-be-accessed container group can be configured according to the virtual network device, so that the configured to-be-accessed container group can be accessed to the VPC network through the virtual network device.
Based on the related contents of S101 to S103, in the network access method provided in the embodiment of the present application, the network namespace of the to-be-accessed container group is determined as the network namespace of the target host, so that the to-be-accessed container group and the target host share the same network namespace; and then acquiring the virtual network equipment corresponding to the to-be-accessed container group, and configuring network card data of the to-be-accessed container group according to the virtual network equipment corresponding to the to-be-accessed container group, so that the to-be-accessed container group can be accessed to the VPC network through the virtual network equipment, thereby achieving the purpose of accessing the container group to the VPC network.
Method embodiment two
In practice, some of the groups of containers need to access the VPC network, while some do not. In order to meet the service requirement, an embodiment of the present application further provides a possible implementation manner of a network access method, where the implementation manner may further include, in addition to the foregoing S101 to S103, S104:
s104: and acquiring the network access parameters of the container group to be accessed.
The network access parameter is used for describing whether the group of the containers to be accessed needs to be accessed to the VPC network.
In addition, the network access parameter is not limited in the embodiments of the present application, for example, the network access parameter may be denoted as UseVPC, and if the UseVPC is true, it is determined that the group of containers to be accessed needs to be accessed to the VPC network; if the UseVPC is false, it is determined that the group of containers to be accessed does not need to be accessed to the VPC network.
In addition, the embodiment of the present application does not limit the manner of acquiring the network access parameter. For example, in some cases, the network access parameters may be recorded in a profile of the group of containers to be accessed, so the network access parameters may be determined from the profile. Based on this, the embodiment of the present application further provides a possible implementation manner of S104, which may specifically include S1041 to S1042:
s1041: and acquiring a configuration file of the group of the containers to be accessed.
The configuration file is used for recording configuration parameters related to the container group to be accessed. In addition, the configuration file is not limited in the embodiments of the present application, for example, the configuration file of the group of containers to be accessed may record the network access parameters of the group of containers to be accessed.
S1042: and determining the network access parameters of the container group to be accessed according to the configuration file of the container group to be accessed.
In the embodiment of the application, after the configuration file of the to-be-accessed container group is obtained, the network access parameter of the to-be-accessed container group can be read from the configuration file, so that whether the to-be-accessed container group needs to be accessed to the VPC network or not can be determined subsequently based on the network access parameter, and therefore whether a VPC network access flow needs to be started for the to-be-accessed container group or not is determined.
Based on the related contents of S1041 to S1042, in some cases, a configuration file of the to-be-accessed container group may be obtained first, and then a network access parameter of the to-be-accessed container group is read from the configuration file, so that it can be determined whether a VPC network access procedure (that is, the network access method provided in the embodiment of the present application) needs to be started for the to-be-accessed container group based on the network access parameter in the following.
S105: judging whether the network access parameters of the to-be-accessed container group meet a second condition, if so, executing S101; if not, network setting is carried out on the group of the to-be-accessed containers according to a preset network setting flow.
Wherein the second condition may be predetermined. For example, the second condition may be equal to a preset parameter value. It should be noted that, the preset parameter value is not limited in the embodiment of the present application, for example, if the parameter value of the network access parameter may be true or false, the preset parameter value may be true, so that the second condition may be set to be equal to true.
The preset network setting process refers to a preset container group network setting process. In addition, the preset network setting flow is not limited in the embodiment of the present application, for example, the preset network setting flow may be any existing or future flow that can perform network setting for a group of containers.
Based on the related content of S105, after the network access parameter of the container group to be accessed is obtained, it may be directly determined whether the network access parameter satisfies the second condition (e.g., whether the network access parameter is equal to true), and if so, it is determined that the container group to be accessed needs to be accessed to the VPC network, so as to determine that a VPC network access procedure (i.e., the network access method provided in the embodiment of the present application) needs to be started for the container group to be accessed; if not, determining that the to-be-accessed container group is not required to be accessed to the VPC network, and thus carrying out network setting on the to-be-accessed container group according to a preset network setting flow.
Based on the related contents of S104 to S105, in the embodiment of the present application, when a network setting needs to be performed on a container group to be accessed, a network access parameter of the container group to be accessed may be obtained first, and then it is determined whether a VPC network access procedure needs to be started for the container group to be accessed according to the network access parameter, so that when it is determined that the VPC network access procedure needs to be started for the container group to be accessed, the container to be accessed is accessed to the VPC network by using any implementation manner of the network access method provided in the embodiment of the present application (for example, using S101 to S103).
In some cases, in order to avoid that the VPC network access flow of the to-be-accessed container group is in an abnormal state due to the influence of other flows on the VPC network access flow of the to-be-accessed container group, whether the VPC network access flow of the to-be-accessed container group is in an undisturbed state may be determined according to the setting state of the network namespace of the target host. Based on this, an embodiment of the present application further provides another possible implementation manner of the network access method, where the implementation manner may further include, in addition to the above partial steps or all steps, S106:
s106: judging whether the network name space of the target host machine meets a first condition, if so, executing S101; if not, generating alarm information carrying the abnormity of the VPC network access flow.
Wherein the first condition may be predetermined. For example, the first condition may be that the network namespace of the target host is not configured, and particularly that the network namespace of the target host is not configured as the network namespace of the group of containers to be accessed.
Based on the above-mentioned related content of S106, in some cases, before the step of "determining the network namespace of the group of containers to be accessed as the network namespace of the target host", it may be determined whether the network namespace of the target host meets the first condition, so that the step of "determining the network namespace of the group of containers to be accessed as the network namespace of the target host" may be continuously performed only when it is determined that the network namespace of the target host meets the first condition; and when the network name space of the target host machine is determined not to meet the first condition, an error prompt is carried out, so that a technician can timely know that the VPC network access flow of the to-be-accessed container group is in an abnormal state.
In order to facilitate understanding of the network access method provided in the embodiments of the present application, the embodiments of the present application are described with reference to scenario embodiments.
Scene embodiment
In some cases, the network access method provided by the embodiment of the present application may be applied in the application scenario shown in fig. 4. Fig. 4 is a schematic diagram of a VPC network access method based on k8s + kata according to an embodiment of the present application.
In the application scenario shown in fig. 4, a virtual machine 401 is installed on a host 400, a container group 402 is deployed on the virtual machine 401, and the container group 402 includes a container 403 and a container 404. The tap device 405 corresponds to the network card eth0, so that the container group 402 can access the VPC network through the tap device 405. In addition, the dhclient command can control eth0 to automatically acquire a network IP address when the virtual machine is started.
Based on the application scenario shown in fig. 4, kata-runtime may perform network configuration for the container group 402, and the network configuration process may specifically include steps 1 to 10:
step 1: the kata-runtime obtains the configuration file for the container group 402.
Step 2: the kata-runtime reads the network access parameter UseVPC of the container group 402 from the configuration file of the container group 402.
And step 3: kata-runtime judges whether the UseVPC is true, if so, the step 4 is executed; if not, network setting is performed on the container group 402 according to a preset network setting flow.
And 4, step 4: kata-runtime judges whether the network name space of the host 400 meets a first condition, if so, the step 5 is executed; if not, determining that the VPC network access flow of the container group 402 is in an abnormal state, and generating alarm information carrying that the VPC network access flow of the container group 402 is abnormal.
And 5: kata-runtime determines the network namespace for the container group 402 as the network namespace for the host 400, such that the host 400 is located in the network namespace for the container group 402.
Step 6: the kata-runtime obtains the name identification of the container group 402.
And 7: and the kata-runtime splices the preset file path information and the name identifier of the container group 402 according to a directory splicing mode to obtain a CNI interface file path corresponding to the container group 402.
And 8: and acquiring the CNI interface file corresponding to the container group 402 under the CNI interface file path corresponding to the kata-runtime container group 402.
And step 9: the kata-runtime reads the name of the tap device corresponding to the container group 402 from the CNI interface file corresponding to the container group 402, so as to determine the tap device 405 corresponding to the container group 402 according to the name of the tap device corresponding to the container group 402.
Step 10: the network card data of the container group 402 is configured according to the tap device 405, so that the tap device 405 becomes a network device of the container group 402, thereby enabling the container group 402 to access the VPC network through the tap device 405.
Based on the related contents of the above steps 1 to 10, for the k8s + kata-based application scenario, a network configuration process of the container group 402 may be performed by the kata-runtime, so that when it is determined that the container group 402 needs to be accessed to the VPC network, the kata-runtime accesses the container group 402 to the VPC network by performing the VPC network access procedure provided in the embodiment of the present application, so that the container group 402 can communicate with other VPC network access container groups by means of the VPC network, and all the container groups accessed to the VPC network are maintained in the same subnet, thereby achieving the purpose of communicating the container groups located on different hosts.
Based on the network access method provided by the above method embodiment, the embodiment of the present application further provides a network access apparatus, which is explained and explained with reference to the accompanying drawings.
Device embodiment
Please refer to the above method embodiments for technical details of a network access device provided by the device embodiments.
Referring to fig. 5, this figure is a schematic structural diagram of a network access apparatus according to an embodiment of the present application.
The network access apparatus 500 provided in the embodiment of the present application includes:
a space determining unit 501, configured to determine a network namespace of a to-be-accessed container group as a network namespace of a target host, so that the target host is located in the network namespace of the to-be-accessed container group; the group of the containers to be accessed is deployed on a target virtual machine, and the target virtual machine is installed on the target host machine;
a device obtaining unit 502, configured to obtain a virtual network device corresponding to the to-be-accessed container group;
a network access unit 503, configured to configure network card data of the to-be-accessed container group according to the virtual network device corresponding to the to-be-accessed container group, so that the to-be-accessed container group is accessed to a virtual private cloud network through the virtual network device.
In a possible implementation, the device obtaining unit 502 includes:
the first obtaining subunit is configured to obtain a name identifier of the to-be-accessed container group;
and the first determining subunit is configured to determine, according to the name identifier of the to-be-accessed container group, the virtual network device corresponding to the to-be-accessed container group.
In one possible embodiment, the first determining subunit includes:
the second determining subunit is configured to determine, according to the name identifier of the to-be-accessed container group, a container network interface file path corresponding to the to-be-accessed container group;
a third determining subunit, configured to determine, according to the path of the container network interface file corresponding to the to-be-accessed container group, a container network interface file corresponding to the to-be-accessed container group;
and the fourth determining subunit is configured to determine, according to the container network interface file corresponding to the container group to be accessed, the virtual network device corresponding to the container group to be accessed.
In a possible implementation manner, the second determining subunit is specifically configured to:
and splicing the preset file path information and the name identification of the to-be-accessed container group according to a preset mode to obtain a container network interface file path corresponding to the to-be-accessed container group.
In a possible implementation, the network access apparatus 500 further includes:
the condition judging unit is used for judging whether the network name space of the target host machine meets a first condition or not;
the space determining unit 501 is specifically configured to: and when the network name space of the target host machine meets the first condition, determining the network name space of the container group to be accessed as the network name space of the target host machine.
In a possible implementation, the network access apparatus 500 further includes:
a parameter obtaining unit, configured to obtain a network access parameter of the group of containers to be accessed;
the space determining unit 501 is specifically configured to: and when the network access parameters of the to-be-accessed container group meet the second condition, determining the network name space of the to-be-accessed container group as the network name space of the target host.
In a possible implementation manner, the parameter obtaining unit is specifically configured to:
acquiring a configuration file of the to-be-accessed container group;
and determining the network access parameters of the to-be-accessed container group according to the configuration file of the to-be-accessed container group.
Based on the related content of the network access device 500, for the network access device 500, the network namespace of the group of the to-be-accessed containers is determined as the network namespace of the target host, so that the target host is located in the network namespace of the group of the to-be-accessed containers; and then acquiring the virtual network equipment corresponding to the to-be-accessed container group, and configuring network card data of the to-be-accessed container group according to the virtual network equipment corresponding to the to-be-accessed container group, so that the to-be-accessed container group can be accessed to the VPC network through the virtual network equipment, thereby achieving the purpose of accessing the container group to the VPC network.
Based on the network access method provided by the above method embodiment, the embodiment of the present application further provides a device, which is explained and explained with reference to the drawings below.
Apparatus embodiment
Please refer to the above method embodiment for the device technical details provided by the device embodiment.
Referring to fig. 6, the drawing is a schematic structural diagram of an apparatus provided in the embodiment of the present application.
The device 600 provided by the embodiment of the application comprises: a processor 601 and a memory 602;
the memory 602 is used for storing computer programs;
the processor 601 is configured to execute any implementation of the network access method provided by the above method embodiments according to the computer program. That is, the processor 601 is configured to perform the following steps:
determining a network name space of a container group to be accessed as a network name space of a target host machine so as to enable the target host machine to be positioned in the network name space of the container group to be accessed; the group of the containers to be accessed is deployed on a target virtual machine, and the target virtual machine is installed on the target host machine;
acquiring virtual network equipment corresponding to the to-be-accessed container group;
and configuring network card data of the container group to be accessed according to the virtual network equipment corresponding to the container group to be accessed so as to enable the container group to be accessed to a virtual private cloud network through the virtual network equipment.
In a possible implementation manner, the obtaining the virtual network device corresponding to the to-be-accessed container group includes:
acquiring the name identification of the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group.
In a possible implementation manner, the determining, according to the name identifier of the to-be-accessed container group, a virtual network device corresponding to the to-be-accessed container group includes:
determining a container network interface file path corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group;
determining a container network interface file corresponding to the to-be-accessed container group according to the container network interface file path corresponding to the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the container network interface file corresponding to the to-be-accessed container group.
In a possible implementation manner, the determining, according to the name identifier of the to-be-accessed container group, a container network interface file path corresponding to the to-be-accessed container group includes:
and splicing the preset file path information and the name identification of the to-be-accessed container group according to a preset mode to obtain a container network interface file path corresponding to the to-be-accessed container group.
In one possible embodiment, the method further comprises:
judging whether the network name space of the target host machine meets a first condition or not;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network name space of the target host machine meets the first condition, determining the network name space of the container group to be accessed as the network name space of the target host machine.
In one possible embodiment, the method further comprises:
acquiring network access parameters of the to-be-accessed container group;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network access parameters of the to-be-accessed container group meet the second condition, determining the network name space of the to-be-accessed container group as the network name space of the target host.
In a possible implementation manner, the acquiring the network access parameter of the group of containers to be accessed includes:
acquiring a configuration file of the to-be-accessed container group;
and determining the network access parameters of the to-be-accessed container group according to the configuration file of the to-be-accessed container group.
The above is related to the apparatus 600 provided in the embodiment of the present application.
Based on the network access method provided by the method embodiment, the embodiment of the application also provides a computer readable storage medium.
Media embodiments
Media embodiments provide technical details of computer-readable storage media, please refer to method embodiments.
Embodiments of the present application provide a computer-readable storage medium, which is used to store a computer program, where the computer program is used to execute any implementation manner of the network access method provided by the foregoing method embodiments. That is, the computer program is for performing the steps of:
determining a network name space of a container group to be accessed as a network name space of a target host machine so as to enable the target host machine to be positioned in the network name space of the container group to be accessed; the group of the containers to be accessed is deployed on a target virtual machine, and the target virtual machine is installed on the target host machine;
acquiring virtual network equipment corresponding to the to-be-accessed container group;
and configuring network card data of the container group to be accessed according to the virtual network equipment corresponding to the container group to be accessed so as to enable the container group to be accessed to a virtual private cloud network through the virtual network equipment.
In a possible implementation manner, the obtaining the virtual network device corresponding to the to-be-accessed container group includes:
acquiring the name identification of the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group.
In a possible implementation manner, the determining, according to the name identifier of the to-be-accessed container group, a virtual network device corresponding to the to-be-accessed container group includes:
determining a container network interface file path corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group;
determining a container network interface file corresponding to the to-be-accessed container group according to the container network interface file path corresponding to the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the container network interface file corresponding to the to-be-accessed container group.
In a possible implementation manner, the determining, according to the name identifier of the to-be-accessed container group, a container network interface file path corresponding to the to-be-accessed container group includes:
and splicing the preset file path information and the name identification of the to-be-accessed container group according to a preset mode to obtain a container network interface file path corresponding to the to-be-accessed container group.
In one possible embodiment, the method further comprises:
judging whether the network name space of the target host machine meets a first condition or not;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network name space of the target host machine meets the first condition, determining the network name space of the container group to be accessed as the network name space of the target host machine.
In one possible embodiment, the method further comprises:
acquiring network access parameters of the to-be-accessed container group;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network access parameters of the to-be-accessed container group meet the second condition, determining the network name space of the to-be-accessed container group as the network name space of the target host.
In a possible implementation manner, the acquiring the network access parameter of the group of containers to be accessed includes:
acquiring a configuration file of the to-be-accessed container group;
and determining the network access parameters of the to-be-accessed container group according to the configuration file of the to-be-accessed container group.
The above is related to the computer-readable storage medium provided in the embodiments of the present application.
It should be understood that in the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" for describing an association relationship of associated objects, indicating that there may be three relationships, e.g., "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
The foregoing is merely a preferred embodiment of the invention and is not intended to limit the invention in any manner. Although the present invention has been described with reference to the preferred embodiments, it is not intended to be limited thereto. Those skilled in the art can make numerous possible variations and modifications to the present teachings, or modify equivalent embodiments to equivalent variations, without departing from the scope of the present teachings, using the methods and techniques disclosed above. Therefore, any simple modification, equivalent change and modification made to the above embodiments according to the technical essence of the present invention are still within the scope of the protection of the technical solution of the present invention, unless the contents of the technical solution of the present invention are departed.
Claims (10)
1. A method for network access, the method comprising:
determining a network name space of a container group to be accessed as a network name space of a target host machine so as to enable the target host machine to be positioned in the network name space of the container group to be accessed; the group of the containers to be accessed is deployed on a target virtual machine, and the target virtual machine is installed on the target host machine;
acquiring virtual network equipment corresponding to the to-be-accessed container group;
and configuring network card data of the container group to be accessed according to the virtual network equipment corresponding to the container group to be accessed so as to enable the container group to be accessed to a virtual private cloud network through the virtual network equipment.
2. The method according to claim 1, wherein the obtaining the virtual network device corresponding to the group of containers to be accessed includes:
acquiring the name identification of the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group.
3. The method according to claim 2, wherein the determining, according to the name identifier of the to-be-accessed container group, the virtual network device corresponding to the to-be-accessed container group includes:
determining a container network interface file path corresponding to the to-be-accessed container group according to the name identifier of the to-be-accessed container group;
determining a container network interface file corresponding to the to-be-accessed container group according to the container network interface file path corresponding to the to-be-accessed container group;
and determining the virtual network equipment corresponding to the to-be-accessed container group according to the container network interface file corresponding to the to-be-accessed container group.
4. The method according to claim 3, wherein the determining, according to the name identifier of the to-be-accessed container group, a container network interface file path corresponding to the to-be-accessed container group includes:
and splicing the preset file path information and the name identification of the to-be-accessed container group according to a preset mode to obtain a container network interface file path corresponding to the to-be-accessed container group.
5. The method of claim 1, further comprising:
judging whether the network name space of the target host machine meets a first condition or not;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network name space of the target host machine meets the first condition, determining the network name space of the container group to be accessed as the network name space of the target host machine.
6. The method of claim 1, further comprising:
acquiring network access parameters of the to-be-accessed container group;
the determining the network name space of the group of the to-be-accessed containers as the network name space of the target host machine comprises the following steps:
and when the network access parameters of the to-be-accessed container group meet the second condition, determining the network name space of the to-be-accessed container group as the network name space of the target host.
7. The method of claim 6, wherein the obtaining the network access parameter of the group of containers to be accessed comprises:
acquiring a configuration file of the to-be-accessed container group;
and determining the network access parameters of the to-be-accessed container group according to the configuration file of the to-be-accessed container group.
8. A network access apparatus, the apparatus comprising:
the system comprises a space determining unit, a storage unit and a processing unit, wherein the space determining unit is used for determining a network name space of a container group to be accessed as a network name space of a target host machine so as to enable the target host machine to be positioned in the network name space of the container group to be accessed; the group of the containers to be accessed is deployed on a target virtual machine, and the target virtual machine is installed on the target host machine;
the device acquisition unit is used for acquiring the virtual network device corresponding to the to-be-accessed container group;
and the network access unit is used for configuring network card data of the container group to be accessed according to the virtual network equipment corresponding to the container group to be accessed so as to enable the container group to be accessed to the virtual private cloud network through the virtual network equipment.
9. An apparatus, comprising a processor and a memory:
the memory is used for storing a computer program;
the processor is configured to perform the method of any one of claims 1-7 in accordance with the computer program.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium is used to store a computer program for performing the method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011224128.8A CN112187671B (en) | 2020-11-05 | 2020-11-05 | Network access method and related equipment thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011224128.8A CN112187671B (en) | 2020-11-05 | 2020-11-05 | Network access method and related equipment thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112187671A true CN112187671A (en) | 2021-01-05 |
| CN112187671B CN112187671B (en) | 2024-03-12 |
Family
ID=73917857
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011224128.8A Active CN112187671B (en) | 2020-11-05 | 2020-11-05 | Network access method and related equipment thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112187671B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112953908A (en) * | 2021-01-28 | 2021-06-11 | 中国工商银行股份有限公司 | Network isolation configuration method, device and system |
| CN115086166A (en) * | 2022-05-19 | 2022-09-20 | 阿里巴巴(中国)有限公司 | Computing system, container network configuration method, and storage medium |
| CN115314448A (en) * | 2022-08-11 | 2022-11-08 | 北京百度网讯科技有限公司 | Method and device for accessing cloud network, electronic equipment and computer medium |
| CN115473760A (en) * | 2022-08-31 | 2022-12-13 | 上海仙途智能科技有限公司 | Data transmission method and device, terminal equipment and computer readable storage medium |
| WO2023098645A1 (en) * | 2021-12-01 | 2023-06-08 | 百果园技术(新加坡)有限公司 | Container network configuration method and apparatus, computing node, master node, and storage medium |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130133061A1 (en) * | 2011-11-22 | 2013-05-23 | Vmware, Inc. | Method and system for vpn isolation using network namespaces |
| CN106060122A (en) * | 2016-05-20 | 2016-10-26 | 北京奇虎科技有限公司 | Docker container uploading/downloading feature control method and device |
| CN106789363A (en) * | 2017-02-20 | 2017-05-31 | 郑州云海信息技术有限公司 | A kind of method and device to virtual machine configuration network interface card |
| CN108111470A (en) * | 2016-11-25 | 2018-06-01 | 华为技术有限公司 | Communication means and relevant apparatus between the dispositions method of container, service |
| US20190052598A1 (en) * | 2017-08-14 | 2019-02-14 | Nicira, Inc. | Managing network connectivity between cloud computing service endpoints and virtual machines |
| CN109582441A (en) * | 2018-11-30 | 2019-04-05 | 北京百度网讯科技有限公司 | For providing system, the method and apparatus of container service |
| CN110704155A (en) * | 2018-07-09 | 2020-01-17 | 阿里巴巴集团控股有限公司 | Container network construction method and device, physical host and data transmission method |
| US20200076685A1 (en) * | 2018-08-30 | 2020-03-05 | Juniper Networks, Inc. | Multiple networks for virtual execution elements |
| CN111404923A (en) * | 2020-03-12 | 2020-07-10 | 北京金山云网络技术有限公司 | Control method and system for access authority of container cluster |
| CN111796904A (en) * | 2020-05-21 | 2020-10-20 | 北京中软华泰信息技术有限责任公司 | Docker file access control method based on namespace |
-
2020
- 2020-11-05 CN CN202011224128.8A patent/CN112187671B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130133061A1 (en) * | 2011-11-22 | 2013-05-23 | Vmware, Inc. | Method and system for vpn isolation using network namespaces |
| CN106060122A (en) * | 2016-05-20 | 2016-10-26 | 北京奇虎科技有限公司 | Docker container uploading/downloading feature control method and device |
| WO2017198035A1 (en) * | 2016-05-20 | 2017-11-23 | 北京奇虎科技有限公司 | Method and apparatus for controlling uploading/downloading characteristic of docker container |
| CN108111470A (en) * | 2016-11-25 | 2018-06-01 | 华为技术有限公司 | Communication means and relevant apparatus between the dispositions method of container, service |
| CN106789363A (en) * | 2017-02-20 | 2017-05-31 | 郑州云海信息技术有限公司 | A kind of method and device to virtual machine configuration network interface card |
| US20190052598A1 (en) * | 2017-08-14 | 2019-02-14 | Nicira, Inc. | Managing network connectivity between cloud computing service endpoints and virtual machines |
| CN110704155A (en) * | 2018-07-09 | 2020-01-17 | 阿里巴巴集团控股有限公司 | Container network construction method and device, physical host and data transmission method |
| US20200076685A1 (en) * | 2018-08-30 | 2020-03-05 | Juniper Networks, Inc. | Multiple networks for virtual execution elements |
| CN109582441A (en) * | 2018-11-30 | 2019-04-05 | 北京百度网讯科技有限公司 | For providing system, the method and apparatus of container service |
| CN111404923A (en) * | 2020-03-12 | 2020-07-10 | 北京金山云网络技术有限公司 | Control method and system for access authority of container cluster |
| CN111796904A (en) * | 2020-05-21 | 2020-10-20 | 北京中软华泰信息技术有限责任公司 | Docker file access control method based on namespace |
Non-Patent Citations (1)
| Title |
|---|
| 韩玲;蔡皖东;: "面向Microsoft Virtual PC的虚拟机远程检测方法", 计算机技术与发展, no. 12 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112953908A (en) * | 2021-01-28 | 2021-06-11 | 中国工商银行股份有限公司 | Network isolation configuration method, device and system |
| WO2023098645A1 (en) * | 2021-12-01 | 2023-06-08 | 百果园技术(新加坡)有限公司 | Container network configuration method and apparatus, computing node, master node, and storage medium |
| CN115086166A (en) * | 2022-05-19 | 2022-09-20 | 阿里巴巴(中国)有限公司 | Computing system, container network configuration method, and storage medium |
| CN115086166B (en) * | 2022-05-19 | 2024-03-08 | 阿里巴巴(中国)有限公司 | Computing system, container network configuration method, and storage medium |
| CN115314448A (en) * | 2022-08-11 | 2022-11-08 | 北京百度网讯科技有限公司 | Method and device for accessing cloud network, electronic equipment and computer medium |
| CN115314448B (en) * | 2022-08-11 | 2023-12-05 | 北京百度网讯科技有限公司 | Method and device for accessing cloud network, electronic equipment and computer medium |
| CN115473760A (en) * | 2022-08-31 | 2022-12-13 | 上海仙途智能科技有限公司 | Data transmission method and device, terminal equipment and computer readable storage medium |
| CN115473760B (en) * | 2022-08-31 | 2023-12-26 | 上海仙途智能科技有限公司 | Data transmission method and device, terminal equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112187671B (en) | 2024-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112187671B (en) | Network access method and related equipment thereof | |
| US11044230B2 (en) | Dynamically opening ports for trusted application processes hosted in containers | |
| CN109067877B (en) | Control method for cloud computing platform deployment, server and storage medium | |
| US9654458B1 (en) | Unauthorized device detection in a heterogeneous network | |
| US11563799B2 (en) | Peripheral device enabling virtualized computing service extensions | |
| CN106789363A (en) | A kind of method and device to virtual machine configuration network interface card | |
| US11520530B2 (en) | Peripheral device for configuring compute instances at client-selected servers | |
| US11665023B2 (en) | Configuration validation of a device | |
| CN109491889A (en) | The method and apparatus of automatic test in NFV | |
| CN114826969B (en) | Network connectivity checking method, device, equipment and storage medium | |
| CN112328363B (en) | Cloud hard disk mounting method and device | |
| CN106487633B (en) | method and device for monitoring abnormity of virtual machine | |
| CN112637377A (en) | Method and equipment for detecting IP address conflict | |
| CN107493204B (en) | Mirror image detection method and device | |
| CN114598500B (en) | Security service providing method, platform, electronic device, medium and program | |
| US20140359114A1 (en) | Computer-readable recording medium, usage mode data generation method, and usage mode data generation device | |
| CN110880990B (en) | Configuration checking method and device for big data cluster component and computing equipment | |
| EP4035003A1 (en) | Peripheral device for configuring compute instances at client- selected servers | |
| EP3284214B1 (en) | Converged system compliance checking | |
| US11588697B2 (en) | Network time parameter configuration based on logical host group | |
| CN115185637A (en) | Communication method and device for PaaS component management end and virtual machine agent | |
| CN114647488A (en) | Task training method, device, equipment and storage medium | |
| CN112887118B (en) | VNF information acquisition and control method and device, NFVO, VNFM and storage medium | |
| CN114448691B (en) | Data forwarding method, data plane and switch | |
| CN118573458A (en) | Firewall management method, device, computing equipment and machine-readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |