CN103841186A

Movatterモバイル変換

Info

Publication number: CN103841186A
Application number: CN201410063233.6A
Authority: CN
Inventors: 康暖
Original assignee: Opzoon Technology Co Ltd
Current assignee: Opzoon Technology Co Ltd
Priority date: 2014-02-25
Filing date: 2014-02-25
Publication date: 2014-06-04
Anticipated expiration: 2034-02-25
Also published as: CN103841186B

Abstract

The invention relates to a private cloud grouping method and system. The method includes the following steps that a grouping plan of private cloud is obtained; virtual domain partition is executed on the private cloud according to the grouping plan; an identifying ID is set for each domain and used for identifying a message sent by a virtual computer in the domain, the identifying IDs are used for identifying the domains where virtual computers sending out the messages are located, and each domain corresponds to one unique identifying ID; based on one identifying ID, whether the virtual computer sending out the message and a virtual computer receiving the message belong to the same domain or not is detected; if the virtual computer sending out the message and the virtual computer receiving the message belong to the same domain, the virtual computer sending out the message and the virtual computer receiving the message are allowed to be communicated. The invention further provides the private cloud grouping system. The use ratio of resources is improved, and using cost is reduced.

Description

A kind of group technology of privately owned cloud and system

Technical field

The present invention relates to cloud computing technology field, particularly a kind of group technology of privately owned cloud and the grouping system of privately owned cloud.

Background technology

Privately owned cloud can offer the private virtual pc(Personal Computer of user as employee, personal computer conventionally) private is all to realize in a territory conventionally.If carry out secondary grouping on the basis of a privately owned cloud, divide territory, prior art is that privately owned cloud is carried out to physical isolation, and each server is configured to different network environments by physically-isolated mode.

Particularly, prior art solution in the following ways:

Prior art one: each hardware server for example can be supported the growing amount of 50 virtual pc, cloud service cluster is exactly the integral multiple of 50 conventionally.For example, if user need to use the demand in two groups of territories, one group is 100, and one group is 300, just needs the equipment that one group of cluster of framework is 2 station servers, and the cluster device of one group of framework 6 station server, in the time being less than 50 multiple, needs upwards to accept or reject.The shortcoming of this mode is to waste hardware resource, in the time that user does not need so much performance, cannot branch away a part of virtual resource and use to other territories.

Prior art two: in the time that network changes, must physically re-start framework equipment, carry out the layout again of hardware net connection.The shortcoming of this mode is, in the time that changing appears in demand, must carry out overall architecture design, and the framework of need to again advancing is ordered, and causes the lifting of purchase cost.

Summary of the invention

The object of this invention is to provide a kind of group technology of privately owned cloud, represent the not ID of same area by increase by one in virtual pc message, only has the message ability intercommunication that ID is identical, the message that ID is different carries out virtual isolation, make many virtual machines in same Virtual Cluster, be divided into a Virtual Cluster by ID, reached physically-isolated effect.

For achieving the above object, embodiments of the invention provide a kind of group technology of privately owned cloud, comprise the steps:

Obtain the group programs of described privately owned cloud;

According to described group programs, described privately owned cloud being carried out to virtual Domain divides;

Each territory is arranged to mark ID, and for identifying the message that in described territory, virtual machine sends, wherein, described mark ID is for identifying the territory, place of the virtual machine that sends message, and each mark ID corresponding to described territory is unique;

Whether the virtual machine that sends message described in detecting based on described mark ID belongs to same territory with the virtual machine that receives message;

If the virtual machine of described reception message with described in send message virtual machine belong to same territory, allow the two to carry out intercommunication.

According to an aspect of the present invention, describedly according to group programs, described privately owned cloud is carried out to virtual Domain and divide, comprise the steps: the group programs according to described privately owned cloud, described privately owned cloud is divided into the territory of predetermined quantity, and the virtual machine of predetermined quantity is set in each territory.

According to another aspect of the present invention, before described mark ID is positioned at the IP address of described message.

According to a further aspect of the invention, whether the described virtual machine based on sending message described in mark ID detection belongs to same territory with the virtual machine that receives message, the virtual machine that comprises the steps: described reception message is in the time receiving the message that other virtual machines send, whether the mark ID that detects above-mentioned reception message is identical with the mark ID of this TV station virtual machine place virtual Domain, if so, the virtual machine that sends message and the virtual machine that receives message belong to same territory described in judgement.

According to a further aspect of the invention, also comprise the steps: if receive the territory at virtual machine place of message different with the mark ID of received packet, the virtual machine that sends message described in judgement belongs to not same area with the virtual machine that receives message, by the virtual machine of described reception message with described in send message virtual machine carry out virtual isolation.

The group technology of the privately owned cloud that the present invention proposes, represent the not ID of same area by increase by one in virtual pc message, only has the message ability intercommunication that ID is identical, the message that ID is different carries out virtual isolation, make many virtual machines in same Virtual Cluster, be divided into a Virtual Cluster by ID, reached physically-isolated effect.

Beneficial effect of the present invention is to realize freely to be cut apart, in the time that the demand of cloud computing changes, can simply use the mode of cutting apart in territory just can realize the object of reallocation, carry out networking without again buying hardware, thereby improve resource utilization, reduced use cost.

Another object of the present invention is to provide a kind of grouping system of privately owned cloud, represent the not ID of same area by increase by one in virtual pc message, only has the message ability intercommunication that ID is identical, the message that ID is different carries out virtual isolation, make many virtual machines in same Virtual Cluster, be divided into a Virtual Cluster by ID, reached physically-isolated effect.

For achieving the above object, embodiments of the invention provide a kind of grouping system of privately owned cloud, comprising: group programs acquisition device, for obtaining the group programs of privately owned cloud; Virtual Domain is divided device, and described virtual Domain is divided device and is connected to described group programs acquisition device, for privately owned cloud being carried out to virtual Domain division according to the group programs of obtaining described in described group programs acquisition device; Mark ID setting device, described mark ID setting device is connected to described virtual Domain and divides device, for each territory being arranged to mark ID to identify the message that in this territory, virtual machine sends, described mark ID is for identifying the territory, place of the virtual machine that sends message, and each mark ID corresponding to described territory is unique; Mark ID checkout gear, whether the virtual machine that sends message for detecting based on described mark ID belongs to same territory with the virtual machine that receives message; Network control unit, described network control unit is connected to described mark ID checkout gear, for detecting that at described mark ID checkout gear the virtual machine that receives message belongs to same territory with the virtual machine that sends message, allows the two to carry out intercommunication.

According to an aspect of the present invention, described virtual Domain is divided device for according to the group programs of described privately owned cloud, described privately owned cloud is divided into the territory of predetermined quantity, and the virtual machine of predetermined quantity is set in each territory.

According to a further aspect of the invention, described mark ID checkout gear is in the time receiving the message that other virtual machines send, whether the mark ID that detects above-mentioned message is identical with the mark ID of this TV station virtual machine place virtual Domain, if so the virtual machine that, sends message described in the judgement of described mark ID checkout gear belongs to same territory with the virtual machine that receives message.

According to a further aspect of the invention, described mark ID checkout gear is for receiving the territory at virtual machine place of message when different with the mark ID of received packet detecting, the virtual machine that message is sent in judgement belongs to not same area with the virtual machine that receives message, and described network control unit is for carrying out virtual isolation by the virtual machine of described reception message.

The grouping system of the privately owned cloud that the present invention proposes, represent the not ID of same area by increase by one in virtual pc message, only has the message ability intercommunication that ID is identical, the message that ID is different carries out virtual isolation, make many virtual machines in same Virtual Cluster, be divided into a Virtual Cluster by ID, reached physically-isolated effect.

Accompanying drawing explanation

Fig. 1 is according to the flow chart of the group technology of the privately owned cloud of first embodiment of the invention;

Fig. 2 is according to the flow chart of the group technology of the privately owned cloud of second embodiment of the invention;

Fig. 3 is schematically illustrated according to the schematic diagram of the grouping system of privately owned cloud of the present invention.

Embodiment

For making the object, technical solutions and advantages of the present invention more cheer and bright, below in conjunction with embodiment and with reference to accompanying drawing, the present invention is described in more detail.Should be appreciated that, these descriptions are exemplary, and do not really want to limit the scope of the invention.In addition, in the following description, omitted the description to known features and technology, to avoid unnecessarily obscuring concept of the present invention.

In cloud computing group system, the virtual pc(in each territory is virtual machine) between data communication normally send and respond by message and realize.Further, the message that each virtual pc is sent, no matter be need to carry out data transmission or need to carry out request of data, this message is conventionally with independent unique ip address (the Internet Protocol in the same network segment (in same territory), the agreement interconnecting between network), for identifying and confirming a virtual pc.Based on These characteristics, in the present invention, before the IP address of the message that the virtual pc of same area does not send, add mark ID, whether being similar to message, on network, to identify the mac address of hardware device the same, be the device data in same territory thereby can distinguish.

Fig. 1 is according to the flow chart of the group technology of the privately owned cloud of first embodiment of the invention.

As shown in Figure 1, the group technology of the privately owned cloud that first embodiment of the invention provides, comprises the steps:

Step S1, obtains the group programs of privately owned cloud.

Cloud computing cluster server obtains the group programs of privately owned cloud from keeper, mainly comprise that setting is divided in the territory of privately owned cloud, for example, need privately owned cloud to be divided into how many territories, and how many virtual machines are set in each territory.

Step S2, carries out virtual Domain according to group programs to privately owned cloud and divides.

According to the group programs of obtained privately owned cloud, privately owned cloud is divided into the territory of predetermined quantity, and the virtual machine of predetermined quantity is set in each territory.For example, privately owned cloud is divided into two group territories, 100 virtual machines of configuration in a territory, 300 virtual machines of configuration in another territory.It should be noted that the present invention relates generally to carries out virtual territory to privately owned cloud and divides, and do not relate to, privately owned cloud is carried out to physical isolation.

In prior art, if user need to use the virtual pc in two groups of territories, one group is 100, one group is 300, that just need to arrange two groups of physically-isolated cluster devices, comprises the cluster device of one group of 2 station server, the cluster device of one group of 5 station server, in the time being less than 50 multiple, just need to upwards accept or reject.

Step S3, arranges mark ID to each territory, for identifying the message that in this territory, virtual machine sends.Here, mark ID is for identifying the territory, place of the virtual machine that sends message.Preferably, mark ID corresponding to each territory is unique.

In an embodiment of the present invention, before mark ID can be positioned at the IP address of message.For example, message format is set to " mark ID-IP address-message content ".

Step S4, detects based on mark ID the virtual machine that sends the virtual machine of message and receive message and whether belongs to same territory.

Every virtual machine is in the time receiving the message that other virtual machines send, whether the mark ID that detects above-mentioned reception message is identical with the mark ID of this TV station virtual machine place virtual Domain, and whether the virtual Domain that also detects the virtual machine place of sending message is identical with the virtual Domain at the virtual machine place of reception message.

Step S5, belongs to same territory if receive the virtual machine of message with the virtual machine that sends message, allows the two to carry out intercommunication.

Whether the territory at virtual machine place and the mark ID of received packet that receive message by detection be identical, can judge that whether the virtual Domain at the virtual machine place of sending message is identical with the virtual Domain at the virtual machine place of reception message.The message that mark ID is identical allows intercommunication, and the different message of mark ID carries out virtual isolation.

In Fig. 2, all use the same reference numerals to represent with step identical in Fig. 1, for do not relate to improvement of the present invention in steps, will simply introduce or not introduce, and introduce the composition step making improvements with respect to prior art.

Fig. 2 shows according to the flow chart of the group technology of the privately owned cloud of second embodiment of the invention.

As shown in Figure 2, in step S4, if it is different with the mark ID of received packet to receive the territory at virtual machine place of message, execution step S6.

Step S6, carries out virtual isolation by the virtual machine that receives message with the virtual machine that sends message.

If it is different with the mark ID of received packet to receive the territory at virtual machine place of message, can judge the virtual machine that receives the virtual machine of message and send message and belong to not same area, carry out virtual isolation thereby can dock the civilian virtual machine of receiving with the virtual machine that sends message.Like this, by the different message of mark ID is carried out to virtual isolation, make many virtual units in same Virtual Cluster, by mark, ID is divided into multiple Virtual Clusters, thereby reaches physically-isolated effect.

Whether in summary, between the message of same area, do not add and stamp a virtual ID in message IP address, can distinguish is the device data in same territory.At the inner data message sending of a cluster, before IP address, stamp the method for different ID, the message that each ID is identical is illustrated in a territory, and the IP address difference in each ID territory can complete whole isolation work.

The present invention is intended to protect a kind of group technology of privately owned cloud; represent the not ID of same area by increase by one in virtual pc message; only has the message ability intercommunication that ID is identical; the message that ID is different carries out virtual isolation; make many virtual machines in same Virtual Cluster; be divided into a Virtual Cluster by ID, reached physically-isolated effect.By mode simple and that save, concentrated dividing domain makes to carry out secondary or repeatedly grouping in a cloud centralized servers thus, and reaching user in each territory can intra-area communication, the object of isolating between territory.

As shown in Figure 3, the grouping system of privately owned cloud provided by the invention, comprise: groupprograms acquisition device 1, virtual Domain are divided device 2, mark ID setting device 3, mark ID checkout gear 4 andnetwork control unit 5, wherein, described virtual Domain is divided device 2 and is connected to described groupprograms acquisition device 1, mark ID setting device 3 is connected to described virtual Domain and divides device 2, and mark ID checkout gear 4 andnetwork control unit 5 are positioned at virtual machine 10.

Groupprograms acquisition device 1 is for obtaining the group programs of privately owned cloud.Specifically, groupprograms acquisition device 1 is arranged in cloud computing cluster server.Groupprograms acquisition device 1 obtains the group programs of privately owned cloud from keeper, the territory of privately owned cloud is divided and arranged, for example, need privately owned cloud to be divided into how many territories, and how many virtual machines are set in each territory.

Virtual Domain is divided device 2, for the group programs of obtaining according to group programs acquisition device, privately owned cloud is carried out to virtual Domain division.Virtual Domain is divided device 2 according to the group programs of privately owned cloud, privately owned cloud is divided into the territory of predetermined quantity, and the virtual machine of predetermined quantity is set in each territory.For example, virtual Domain is divided device 2 privately owned cloud is divided into two group territories, 100 virtual machines of configuration in a territory, 300 virtual machines of configuration in another territory.It should be noted that the present invention relates generally to carries out virtual territory to privately owned cloud and divides, and do not relate to, privately owned cloud is carried out to physical isolation.

In prior art, if user need to use the virtual pc in two groups of territories, one group is 100, one group is 300, that just need to arrange the cluster device of two groups of physics with Lee, comprises the cluster device of one group of 2 station server, the cluster device of one group of 5 station server, in the time being less than 50 multiple, just need to upwards accept or reject.

Mark ID setting device 3 is for arranging mark ID to identify the message that in this territory, virtual machine sends to each territory.Wherein, mark ID is for identifying the territory, place of the virtual machine that sends message.Preferably, mark ID corresponding to each territory is unique.

Mark ID checkout gear 4 detects based on mark ID the virtual machine that sends the virtual machine of message and receive message and whether belongs to same territory.Wherein, mark ID checkout gear 4 is arranged in every virtual machine 10.Specifically, every virtual machine 10 is in the time receiving the message that other virtual machines send, whether the mark ID that is detected above-mentioned reception message by mark ID checkout gear 4 is identical with the mark ID of this TV station virtual machine place virtual Domain, and whether the virtual Domain that also detects the virtual machine place of sending message is identical with the virtual Domain at the virtual machine place of reception message.

Network control unit 5 detects that at mark ID checkout gear 4 virtual machine that receives message belongs to same territory with the virtual machine that sends message, allows the two to carry out intercommunication.Specifically, whether mark ID checkout gear 4 sends message the mark ID of virtual machine and the mark ID of received packet by detection be identical, can judge that whether the virtual Domain at the virtual machine place of sending message is identical with the virtual Domain at the virtual machine place of reception message.Network control unit 5 allows the identical message intercommunication of mark ID.

In an embodiment of the present invention, if mark ID checkout gear 4 detects that the territory at the virtual machine place that receives message is different from the mark ID of described reception message, bynetwork control unit 5, the virtual machine that receives message is carried out to virtual isolation with the virtual machine that sends message.

Specifically, if mark ID checkout gear 4 detects that the territory at virtual machine place of reception message is different with the mark ID of received packet, can judge the virtual machine that receives the virtual machine of message and send message and belong to not same area, carry out virtual isolation thereby dock the civilian virtual machine of receiving bynetwork control unit 5 with the virtual machine that sends message.Like this, by the different message of mark ID is carried out to virtual isolation, thereby make many virtual units in same Virtual Cluster, by mark, ID is divided into multiple Virtual Clusters, reaches physically-isolated effect.

The present invention is intended to protect a kind of grouping system of privately owned cloud; represent the not ID of same area by increase by one in virtual pc message; only has the message ability intercommunication that ID is identical; the message that ID is different carries out virtual isolation; make many virtual machines in same Virtual Cluster; be divided into a Virtual Cluster by ID, reached physically-isolated effect.By mode simple and that save, concentrated dividing domain makes to carry out secondary or repeatedly grouping in a cloud centralized servers thus, and reaching user in each territory can intra-area communication, the object of isolating between territory.

Should be understood that, above-mentioned embodiment of the present invention is only for exemplary illustration or explain principle of the present invention, and is not construed as limiting the invention.Therefore any modification of, making, be equal to replacement, improvement etc., within protection scope of the present invention all should be included in without departing from the spirit and scope of the present invention in the situation that.In addition, claims of the present invention are intended to contain whole variations and the modification in the equivalents that falls into claims scope and border or this scope and border.

Claims

1. a group technology for privately owned cloud, is characterized in that, comprises the steps:

Obtain the group programs of privately owned cloud;

According to described group programs, privately owned cloud being carried out to virtual Domain divides;

Detect based on described mark ID the virtual machine that sends the virtual machine of message and receive message and whether belong to same territory;

2. the group technology of privately owned cloud according to claim 1, is characterized in that, describedly according to group programs, described privately owned cloud is carried out to virtual Domain and divides, and comprises the steps:

According to the group programs of described privately owned cloud, described privately owned cloud is divided into the territory of predetermined quantity, and the virtual machine of predetermined quantity is set in each territory.

3. the group technology of privately owned cloud according to claim 1, is characterized in that, before described mark ID is arranged on the IP address of described message.

4. the group technology of privately owned cloud according to claim 1, is characterized in that, described based on identifying, the virtual machine of message is sent in ID detection and whether the virtual machine of reception message belongs to same territory, comprises the steps:

The virtual machine of described reception message is in the time receiving the message that other virtual machines send, whether the mark ID that detects above-mentioned reception message is identical with the mark ID of this TV station virtual machine place virtual Domain, if so, the virtual machine that sends message and the virtual machine that receives message belong to same territory described in judgement.

5. according to the group technology of the privately owned cloud described in claim 1 or 4, it is characterized in that, also comprise the steps: if receive the territory at virtual machine place of message different with the mark ID of received packet, the virtual machine that sends message described in judgement belongs to not same area with the virtual machine that receives message, by the virtual machine of described reception message with described in send message virtual machine carry out virtual isolation.

6. a grouping system for privately owned cloud, comprising:

Group programs acquisition device, for obtaining the group programs of privately owned cloud;

Virtual Domain is divided device, and it is connected to described group programs acquisition device, for the group programs of obtaining according to described group programs acquisition device, privately owned cloud is carried out to virtual Domain division;

Mark ID setting device, it is connected to described virtual Domain and divides device, for each territory being arranged to mark ID to identify the message that in this territory, virtual machine sends, described mark ID is for identifying the territory, place of the virtual machine that sends message, and each mark ID corresponding to described territory is unique;

Mark ID checkout gear, whether the virtual machine that sends message for detecting based on described mark ID belongs to same territory with the virtual machine that receives message;

Network control unit, it is connected to described mark ID checkout gear, for detecting that at described mark ID checkout gear the virtual machine that receives the virtual machine of message and send message allows the two to carry out intercommunication while belonging to same territory.

7. the grouping system of privately owned cloud according to claim 6, it is characterized in that, described virtual Domain is divided device for according to the group programs of described privately owned cloud, described privately owned cloud is divided into the territory of predetermined quantity, and the virtual machine of predetermined quantity is set in each territory.

8. the grouping system of privately owned cloud according to claim 6, is characterized in that, before described mark ID is arranged on the IP address of described message.

9. the grouping system of privately owned cloud according to claim 6, it is characterized in that, described mark ID checkout gear is in the time receiving the message that other virtual machines send, whether the mark ID that detects above-mentioned message is identical with the mark ID of this TV station virtual machine place virtual Domain, if so the virtual machine that, sends message described in the judgement of described mark ID checkout gear belongs to same territory with the virtual machine that receives message.

10. according to the grouping system of the privately owned cloud described in claim 6 or 9, it is characterized in that, described mark ID checkout gear is for receiving the territory at virtual machine place of message when different with the mark ID of received packet detecting, the virtual machine that message is sent in judgement belongs to not same area with the virtual machine that receives message, and described network control unit is for carrying out virtual isolation by the virtual machine of described reception message.