CN109039765B

Movatterモバイル変換

Info

Publication number: CN109039765B
Application number: CN201810990887.1A
Authority: CN
Inventors: 张晓安
Original assignee: New H3C Technologies Co Ltd
Current assignee: New H3C Technologies Co Ltd
Priority date: 2018-08-28
Filing date: 2018-08-28
Publication date: 2022-02-25
Anticipated expiration: 2038-08-28
Also published as: CN109039765A

Abstract

The method comprises the steps of firstly, receiving a network configuration request sent by a first container; and then, sending the network configuration request to a second container, wherein the network configuration request is used for enabling the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request. In the method, the network configuration of the container running the network operating system is realized in the container, and meanwhile, in the method, the dynamic configuration of the interface can be realized when the first container has a new interface needing to be configured, and the configuration quantity, type, time and the like of the container interface are determined by the first container in the configuration process, so that the container interface needing to be configured in the first container can be ensured to be configured.

Description

Network configuration method and device

Technical Field

The present application relates to the field of communications technologies, and in particular, to a network configuration method and apparatus.

Background

The network operating system of the virtual network device may be implemented using a container (Docker). Because the virtual network device is virtual, a certain number of container interfaces need to be created in the container for simulating the network interfaces of the virtual network device when data communication is performed.

The container is a virtualization technology, through the container technology, one physical device can simulate a plurality of virtual network devices, a network operating system of each virtual network device can be realized by adopting a single container, and a plurality of containers can be subjected to independent configuration management.

In the prior art, a container interface is generally configured by a Docker engine before the container is started, and because the configuration of the container interface is completed before the container is started, a container interface configuration mode which can be realized by the Docker engine has the defects of limited number of configuration interfaces and fixed configuration time (some container interfaces can be configured after the container is started).

Because of different versions and functional requirements of network operating systems, the types, the number, and the creation time of container interfaces of containers that need to implement the network operating systems are different, and the existing container interface configuration mode cannot meet the situation that the network operating systems are implemented by using containers.

Disclosure of Invention

The application describes a network configuration method and device, which are used for realizing the configuration of a container of a network operating system.

In a first aspect, the present application provides a network configuration method, including:

receiving a network configuration request sent by a first container, wherein the first container is used for realizing a network operating system of a virtual network device;

Optionally, in this application, before receiving the network configuration request sent by the first container, the method includes:

starting the first container and the second container, and acquiring a container address of the first container and a container address of the second container;

sending the container address of the second container to the first container so that the first container generates the network configuration request, wherein the network configuration request comprises the container address of the first container, the container address of the second container and network configuration information obtained through an interface management process of the first container

Optionally, in the application, the sending the network configuration request to the second container to enable the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request includes:

and sending the network configuration request to the second container according to the container address of the second container, so that the second container performs network configuration on the first container according to the network configuration information in the network configuration request.

Optionally, in this application, the receiving a network configuration request sent by a first container includes:

and receiving a network configuration request sent by an interface management process of the first container, wherein the network configuration request is sent by the interface management process in a docker command mode.

Optionally, in this application, the network configuration request further includes an address of a network configuration agent, the sending of the network configuration request to a second container is used for enabling the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request, and the method includes:

and sending the network configuration request to a network configuration agent in the second container according to the address of the network configuration agent, and performing network configuration on the first container by the network configuration agent according to the container address of the first container and the network configuration information needing to be configured.

In a second aspect, the present application further provides a network configuration apparatus, including:

a receiving module, configured to receive a network configuration request sent by a first container, where the first container is used to implement a network operating system of a virtual network device;

a sending module, configured to send the network configuration request to a second container, where the network configuration request is used to enable the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request, where the second container has a network configuration right for the first container.

Optionally, in this application, the apparatus further includes:

the starting module is used for starting the first container and the second container and acquiring a container address of the first container and a container address of the second container;

the sending module is further configured to send the container address of the second container to the first container, so that the first container generates the network configuration request, where the network configuration request includes the container address of the first container, the container address of the second container, and network configuration information obtained through an interface management process of the first container.

Optionally, in this application, the sending module is configured to:

Optionally, in this application, the receiving module is configured to:

Optionally, in this application, the network configuration request further includes an address of a network configuration agent, and the sending module is further configured to:

In a third aspect, the present application further provides a network device, where the network device includes a processor and a non-volatile memory storing computer instructions, and when the computer instructions are executed by the processor, the network device performs the network configuration method of the first aspect.

In a fourth aspect, the present application further provides a readable storage medium, where the readable storage medium includes a computer program, and the computer program controls, when running, a network device in which the readable storage medium is located to perform the network configuration method according to the first aspect.

Compared with the prior art, the method has the following beneficial effects:

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.

Fig. 1 is a block diagram of a network device according to an embodiment of the present disclosure;

FIG. 2 is a diagram of a container frame provided by an embodiment of the present application;

fig. 3 is a schematic flowchart of a network configuration method according to an embodiment of the present application;

fig. 4 is another schematic flow chart of a network configuration method according to an embodiment of the present application;

fig. 5 is a functional block diagram of a network configuration apparatus according to an embodiment of the present disclosure.

Icon: 100-a network device; 110-a network configuration device; 1101-a receiving module; 1102-a sending module; 1103-a start module; 111-a memory; 112-a processor; 113-a communication unit; 200-a first container; 300-a second container; 400-container engine.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations.

Thus, the following detailed description of the embodiments of the present application, as presented in the figures, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present application without any creative effort belong to the protection scope of the embodiments of the present application.

It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the embodiments of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.

In the description of the embodiments of the present application, it should also be noted that, unless otherwise explicitly stated or limited, the terms "disposed," "mounted," "connected," and "connected" are to be construed broadly and may, for example, be fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. Specific meanings of the above terms in the embodiments of the present application can be understood in specific cases by those of ordinary skill in the art.

Referring to fig. 1, fig. 1 is a schematic structural diagram of a network device 100 according to an embodiment of the present disclosure. The network device 100 includes anetwork configuration apparatus 110, amemory 111, aprocessor 112, and acommunication unit 113.

The elements of thememory 111, theprocessor 112 and thecommunication unit 113 are directly or indirectly electrically connected to each other to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines.

TheMemory 111 may be, but not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like. Thememory 111 is used for storing a program, and theprocessor 112 executes the program after receiving the execution instruction. Thecommunication unit 113 is used for establishing a communication connection between the network device 100 and another device (such as a user terminal) via a network, and for receiving and transmitting data via the network.

Thenetwork configuration device 110 includes at least one software functional module, which can be stored in thememory 111 in the form of software or firmware (firmware) or is fixed in an Operating System (OS) of the network device 100. Theprocessor 112 is used for executing executable modules stored in thememory 111, such as software functional modules and computer programs included in thenetwork configuration device 110.

It should be understood that the configuration shown in fig. 1 is merely illustrative, and that the network device 100 may include more or fewer components than shown in fig. 1, or may have a different configuration than shown in fig. 1. The components shown in fig. 1 may be implemented in hardware, software, or a combination thereof.

Referring to fig. 2, fig. 2 is a container framework diagram running on the network device 100 according to an embodiment of the present application, where a container does not simulate physical devices such as a CPU and a memory, and does not have its own kernel, and generally only runs a set of user mode programs, and shares one kernel with a host. The containers are mainly used for meeting the blank between virtual machine isolation and process isolation, wherein the virtual machine isolation belongs to heavyweight isolation and has the defect of large consumption of hardware resources (such as memory, hard disk and CPU); the process isolation belongs to lightweight isolation and has the defect of unsatisfactory isolation effect.

The container encapsulates the running environment, the cache environment, the database environment and the like required by the application, and supports the application running in the simplest way. A container may correspond to a stand-alone complete software system (e.g., a comware software system). In the embodiment of the present application, a plurality of containers may be run on the network device 100.

In the container framework diagram, afirst container 200 for implementing a network operating system of a virtual network device on the network device 100, asecond container 300 having a network configuration right for thefirst container 200, and acontainer engine 400 are included.

In this embodiment, thefirst container 200 includes an interface management process, and the interface management process is configured to obtain network configuration information required by a network operating system implemented by thefirst container 200.

Specifically, the interface management process may acquire the required interface configuration information at the time of starting thefirst container 200, or during the operation of thefirst container 200. The interface management process may obtain the network configuration information to be configured by detecting the version of the network operating system when thefirst container 200 is started; the interface management process may also obtain the network configuration information to be configured by detecting the service requirement (for example, whether an interface needs to be added) of thefirst container 200 during the operation of thefirst container 200. The network configuration information may include the number of interfaces, the types of interfaces, and the specific content to be configured on each corresponding interface.

Thesecond container 300 includes a network configuration agent, which is used to complete the network configuration of thefirst container 200 according to the network configuration information sent by thefirst container 200, and in the implementation of the present application, the network configuration agent may be implemented in the form of a script.

Thecontainer engine 400 is used for starting thefirst container 200 and thesecond container 300 and performing communication management with thefirst container 200 and thesecond container 300.

Specifically, in the embodiment of the present application, thecontainer engine 400 may perform bidirectional communication with thefirst container 200, thecontainer engine 400 may be configured to start thefirst container 200, and thecontainer engine 400 is further configured to receive a network configuration request sent by thefirst container 200 to thesecond container 300. Thesecond container 300 may implement unidirectional communication with thefirst container 200, and thesecond container 300 performs network configuration on thefirst container 200 according to the network configuration information in the network configuration request.

Referring to fig. 3, fig. 3 is a flowchart of a network configuration method applied to the network device 100 in fig. 1 according to an embodiment of the present application, and with reference to fig. 2, the following describes various steps included in the method in detail.

Step S310, receiving a network configuration request sent by the first container.

Thecontainer engine 400 receives a network configuration request sent by thefirst container 200, wherein the network configuration request includes a container address of thefirst container 200, a container address of thesecond container 300, and network configuration information that thefirst container 200 needs to be configured. The network configuration information may be network configuration information obtained by an interface management process in thefirst container 200 according to a version of a network operating system when thefirst container 200 is started, or network configuration information obtained by the interface management process in the operation process of thefirst container 200 according to service needs.

In the network configuration request, the container address of thefirst container 200 is a source address, the container address of thesecond container 300 is a destination address, and the network configuration information is specific content. The container address is recorded in the network configuration request, so that thefirst container 200 transmits the network configuration information to thesecond container 300 through thecontainer engine 400, and the configuration of the own network is realized through thesecond container 300. In the present embodiment, thefirst container 200 may interact with thecontainer engine 400 through communication via a docker command.

Specifically, thefirst container 200 may send a docker command through a docker Application Programming Interface (API), where the docker command includes a network configuration request.

Step S320, sending a network configuration request to the second container, where the network configuration request is used to enable the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request.

After receiving the network configuration request, thecontainer engine 400 forwards the network configuration request to thesecond container 300 according to the destination address in the network configuration request.

After receiving the network configuration request, thesecond container 300 performs network configuration on thefirst container 200 according to the network configuration information in the network configuration request and the container address of thefirst container 200.

In this embodiment, the network configuration request may further include an address of a network configuration agent, and the network configuration agent is configured in thesecond container 300.

Step S320 may also be implemented by:

after receiving the network configuration request, thecontainer engine 400 sends the network configuration request to the network configuration agent of thesecond container 300 according to the destination address in the network configuration request and the address of the network configuration agent, and the network configuration agent performs network configuration on the first container according to the container address and the network configuration information of thefirst container 200.

Specifically, in the embodiment of the present application, the network configuration agent may be implemented in the form of a script. In the above method, a bridge is established between thefirst container 200 and thesecond container 300 by thecontainer engine 400, and the network configuration is performed on thefirst container 200 by thecontainer engine 400 and thesecond container 300, so that the network operating system has a function of configuring its own network in thefirst container 200.

Referring to fig. 4, in the embodiment of the present application, before step S310, the method may further include step S308 and step S309.

Step S308, starting a first container and a second container, and acquiring a container address of the first container and a container address of the second container.

Step S309, sending the container address of the second container to the first container, so that the first container generates the network configuration request, where the network configuration request includes the container address of the first container, the container address of the second container, and the network configuration information obtained through the interface management process of the first container.

In the above process, thecontainer engine 400 first starts thesecond container 300, and obtains the container address of thesecond container 300.

In the embodiment of the present application, a technician may configure a container in advance, so that the container has a network configuration right. Further, a network configuration agent may also be configured in the container such that the network configuration agent has network configuration rights.

Thecontainer engine 400 starts thefirst container 200 after starting thesecond container 300. After the start of thefirst container 200 is completed, the container address of thesecond container 300 is transmitted to thefirst container 200. So that thefirst container 200 generates a network configuration request according to its own container address, the container address of thesecond container 300, and the network configuration information that thefirst container 200 needs to configure.

In the network configuration method provided in the embodiment of the present application, the network configuration information to be configured is obtained by the interface management process in thefirst container 200, and is sent to thesecond container 300, and thesecond container 300 completes the network configuration on thefirst container 200 according to the network configuration information in the network configuration request. The network configuration of the container running the network operating system in the container is realized. Meanwhile, in the above process, when thefirst container 200 has a new network requirement that needs to be configured, the container engine sends the network configuration request to thesecond container 300 again, so as to implement dynamic network configuration on thefirst container 200, and because the container configuration requirement and the configuration time in the configuration process are determined by thefirst container 200, it is ensured that the network requirement that needs to be configured in thefirst container 200 can be configured in time.

The method can solve the problem that the existing container configuration method cannot be suitable for network configuration of the container for realizing the network operating system due to the factors such as the number, the type, the opportunity and the like of configuration interfaces when thecontainer engine 400 is adopted for configuration before the container is opened in the prior art.

The embodiment of the present application further provides anetwork configuration apparatus 110, and unlike the above embodiments, thenetwork configuration apparatus 110 describes the solution of the present application from the perspective of a virtual device. Referring to fig. 5, thenetwork configuration apparatus 110 may include the following modules.

Areceiving module 1101, configured to receive a network configuration request sent by a first container, where the first container is used to implement a network operating system of a virtual network device.

Thereceiving module 1101 receives a network configuration request sent by thefirst container 200, where the network configuration request includes a container address of thefirst container 200, a container address of thesecond container 300, and network configuration information that thefirst container 200 needs to be configured. As described above, the network configuration information may be the network configuration information acquired by the interface management process in thefirst container 200 according to the version of the network operating system when thefirst container 200 is started, or may be the newly added network configuration information acquired by the interface management process in the operation process of thefirst container 200 according to the service requirement.

In the network configuration request, the container address of thefirst container 200 is a source address, the container address of thesecond container 300 is a destination address, and the network configuration information that thefirst container 200 needs to configure is specific content.

In an embodiment of the present application, thefirst container 200 may send information to thecontainer engine 400 through a docker command. Specifically, thefirst container 200 may send a docker command through a docker application programming interface, where the docker command includes a network configuration request.

A sendingmodule 1102, configured to send the network configuration request to the second container, where the network configuration request is used to enable the second container to perform network configuration on thefirst container 200 according to the network configuration information in the received network configuration request.

After receiving the network configuration request, the sendingmodule 1102 forwards the network configuration request to thesecond container 300 according to the destination address in the network configuration request.

Referring to fig. 5 again, in the embodiment of the present application, thenetwork configuration apparatus 110 may include:

astarting module 1103, configured to start a first container and a second container, and obtain a container address of the first container and a container address of the second container;

the sendingmodule 1102 is further configured to send the container address of the second container to the first container, so that the first container generates the network configuration request, where the network configuration request includes the container address of the first container, the container address of the second container, and network configuration information obtained through the interface management process of the first container.

Thestart module 1103 starts thesecond container 300 first, and obtains the container address of thesecond container 300. In the embodiment of the present application, a technician may configure a container in advance, so that the container has a network configuration right. Further, a network configuration agent may also be configured in the container such that the network configuration agent has network configuration rights.

Thepriming module 1103 primes thefirst container 200 after priming thesecond container 300. After completing the activation of thefirst container 200, the sendingmodule 1102 sends the container address of thesecond container 300 to thefirst container 200. So that thefirst container 200 generates a network configuration request according to its own container address, the container address of thesecond container 300, and the network configuration information that thefirst container 200 needs to configure.

If the above functions are implemented in the form of software functional modules and sold or used as a separate product, they may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing the network device 100 to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

In summary, the network configuration method and device provided in the embodiments of the present application. Firstly, receiving a network configuration request sent by a first container; and then, sending the network configuration request to a second container, wherein the network configuration request is used for enabling the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request. The network configuration of the container running the network operating system in the container is realized. Meanwhile, in the above process, when the first container has a new network requirement to be configured, the network configuration request is sent to the second container again through the container engine, so as to implement dynamic network configuration on the first container, and because the container configuration requirement and the configuration time and the like in the configuration process are determined by the first container, it is ensured that the network requirement to be configured in the first container can be configured in time.

The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A method of network configuration, the method comprising:

sending the network configuration request to a second container, wherein the network configuration request is used for enabling the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request;

wherein the second container has network configuration rights to the first container;

before the receiving of the network configuration request sent by the first container, the method includes:

and sending the container address of the second container to the first container so that the first container generates the network configuration request, wherein the network configuration request comprises the container address of the first container, the container address of the second container and network configuration information obtained by an interface management process of the first container.

2. The method of claim 1, wherein the sending the network configuration request to a second container, the network configuration request being for the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request, comprises:

3. The method of claim 2, wherein receiving the network configuration request sent by the first container comprises:

and receiving the network configuration request sent by the interface management process of the first container, wherein the network configuration request is sent by the interface management process in a docker command mode.

4. The method of claim 3, wherein the network configuration request further includes an address of a network configuration agent;

the sending the network configuration request to a second container, where the network configuration request is used for enabling the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request, and includes:

and sending the network configuration request to a network configuration agent in the second container according to the address of the network configuration agent, and performing network configuration on the first container by the network configuration agent according to the container address of the first container and the network configuration information.

5. A network configuration apparatus, the apparatus comprising:

a sending module, configured to send the network configuration request to a second container, where the network configuration request is used to enable the second container to perform network configuration on the first container according to the network configuration information in the received network configuration request;

the device further comprises:

6. The apparatus of claim 5, wherein the sending module is to:

7. The apparatus of claim 6, wherein the receiving module is to:

8. The apparatus of claim 7, wherein the network configuration request further comprises an address of a network configuration agent, the sending module further to: