Summary of the invention
The purpose of the application is to provide a kind of method and apparatus for realizing inter-virtual machine communication, solves existing skillBeing forwarded in art using routing leads to increase delay, and the logic complexity in path causes error rate height and network availability lowThe problems such as.
According to the one aspect of the application, a kind of method for realizing inter-virtual machine communication is provided, this method comprises:
It is located at the optimization message information that agency's capture primary proxy on same host is sent to the virtual machine with virtual machine;
Based on optimization message information creation for connecting the first virtual LAN interface bridge and the second virtual local areaThe route-bridge of network interface bridge, wherein the virtual machine includes the first virtual machine and the second virtual machine;
Determine the address translation rule and water conservancy diversion rule that flow is forwarded by the route-bridge, wherein the flowIncluding message and message feedback information;
The communication between the virtual machine is completed according to the address translation rule and water conservancy diversion rule.
Further, the address translation rule includes:
When first virtual machine to second virtual machine send message when, by the target MAC (Media Access Control) address of the message byThe MAC Address of the corresponding routing gateway of first virtual machine is revised as the MAC Address of second virtual machine;
When second virtual machine sends message feedback information to first virtual machine, by the message feedback informationTarget MAC (Media Access Control) address the MAC of first virtual machine is revised as by the MAC Address of the corresponding routing gateway of second virtual machineAddress.
Further, the water conservancy diversion rule includes:
When first virtual machine sends message to second virtual machine, by the first virtual local area network interface netBridge forwarded by the route-bridge after to the second virtual LAN interface bridge;
When second virtual machine sends message feedback information to first virtual machine, by second virtual local areaNetwork interface bridge forwarded by the route-bridge after to the first virtual LAN interface bridge.
Further, the optimization message information is determined by the primary proxy according to the routing iinformation of the first message.
Further, the optimization that agency's capture primary proxy on same host is sent to the virtual machine is located at virtual machineBefore message information, comprising:
The routing iinformation of first message is captured by the primary proxy, wherein the primary proxy and first reportThe routing that text passes through is located on same host, and the routing iinformation of first message is recorded in connection tracking table by the routingIn.
Further, the routing iinformation of first message includes: the transmission routing iinformation of first message and describedThe feedback routing iinformation of first message,
Wherein, the transmission routing iinformation of first message includes being sent first message by first virtual machineTo the first virtual local area network interface, it is interfaced to after the gateway forwards of the routing from second virtual LAN describedThe channel status information of second virtual machine;
The feedback routing iinformation of first message includes that will to receive first message by second virtual machine trueFixed feedback information is sent to the second virtual local area network interface, virtual from described first after the gateway forwards of the routingLan interfaces to first virtual machine channel status information.
Further, based on optimization message information creation for connecting the first virtual LAN interface bridge and secondAfter the route-bridge of virtual LAN interface bridge, comprising:
The flow is identified on the virtual LAN interface bridge of transmitted traffic, and the flow is guided to the roadBy bridge;
The flow is forwarded to the void for receiving flow by the matching that MAC Address and port are carried out by the route-bridgeOn quasi- lan interfaces bridge.
Further, the optimization message information is determined by the primary proxy according to the routing iinformation of the first message, comprising:
The primary proxy is believed based on the routing iinformation of first message and preset trigger condition to determining optimization messageBreath.
Further, the trigger condition includes any one of following:
The feedback for sending channel status information and first message in routing iinformation of first message routes letterChannel status information in breath is intercommunication state;
Flow between first virtual machine and second virtual machine degrades.
Further, based on optimization message information creation for connecting the first virtual LAN interface bridge and secondBefore the route-bridge of virtual LAN interface bridge, comprising:
Routing iinformation of the primary proxy based on first message sends to the virtual machine and checks command information;
It is located at the agency on same host with the virtual machine and captures the inspection command information, and is referred to according to the inspectionInformation is enabled to feed back inspection result to the primary proxy;
The primary proxy sends optimization message letter according to preset protocol format to the virtual machine according to the inspection resultBreath.
On the other hand according to the application, a kind of computer-readable medium is additionally provided, is stored thereon with computer-readableInstruction, the computer-readable instruction can be executed by processor to realize a kind of aforementioned side for realizing inter-virtual machine communicationMethod.
According to the application another aspect, a kind of equipment for realizing inter-virtual machine communication is additionally provided, wherein describedEquipment includes:
One or more processors;And
It is stored with the memory of computer-readable instruction, the computer-readable instruction makes the processor when executedExecute the operation of the aforementioned method for realizing inter-virtual machine communication.
Compared with prior art, the application captures primary proxy to described by the agency that is located on same host with virtual machineThe optimization message information that virtual machine is sent;Based on optimization message information creation for connecting the first virtual local area network interface netThe route-bridge of bridge and the second virtual LAN interface bridge, wherein the virtual machine includes that the first virtual machine and second are virtualMachine;Determine the address translation rule and water conservancy diversion rule that flow is forwarded by the route-bridge, wherein the flow includes reportText and message feedback information;The communication between the virtual machine is completed according to the address translation rule and water conservancy diversion rule.Rule andIt is few to configure opposite existing way, so as to reduce the probability of error;When the rule failure of distribution routing or generation problem,Flow can be downgraded to legacy paths, it is available guarantee network, while not interfering traditional routing, what traditional equipment can be convenient connectsEnter.In addition, having lower delay preferentially to ensure that customer service is unaffected in any case independent of database.
Specific embodiment
The application is described in further detail with reference to the accompanying drawing.
In a typical configuration of this application, terminal, the equipment of service network and trusted party include one or moreProcessor (CPU), input/output interface, network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/orThe forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable mediumExample.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any methodOr technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), movesState random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasableProgrammable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),Digital versatile disc (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices orAny other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, computerReadable medium does not include non-temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
A kind of method flow for realizing inter-virtual machine communication that the one aspect that Fig. 1 shows the application provides is illustratedFigure, this method comprises: step S11~step S14,
In step s 11, it is located at what agency's capture primary proxy on same host was sent to the virtual machine with virtual machineOptimize message information;Here, primary proxy Agent is router network agency, virtual machine can be sent by control command, be located atNetwork agent (computer node network agency) where virtual machine in physical machine captures the control command, calculate node network generationReturn information is managed to act on behalf of to router network.In SDN network, cloud routing is distributed routing.Primary proxy is sent to virtual machineThe agency being located on same host on optimization message information, with virtual machine captures the optimization message information.
Then, in step s 12, based on optimization message information creation for connecting the first virtual local area network interface netThe route-bridge of bridge and the second virtual LAN interface bridge, wherein the virtual machine includes that the first virtual machine and second are virtualMachine;Here, creating route-bridge, the routing after the agency being located on same host with virtual machine captures optimization message informationBridge connects the first virtual machine lan interfaces bridge and the second virtual LAN interface bridge, wherein the first virtual LANInterface bridge (VLAN1 bridge) is the virtual LAN interface bridge of the first virtual machine, the second virtual LAN interface bridge(VLAN2 bridge) is the virtual LAN interface bridge of the second virtual machine.
In step s 13, the address translation rule and water conservancy diversion rule that flow is forwarded by the route-bridge are determined,In, the flow includes message and message feedback information;Here, determining the direct flow warp of virtual machine after creation route-bridgeAddress translation rule and water conservancy diversion rule when route-bridge is forwarded, wherein when the first virtual machine is sent to the second virtual machineWhen message, flow is message, when the second virtual machine sends message feedback information to the first virtual machine according to the message received,Flow is message feedback information, and address translation rule is used to modify the virtual machine of transmitted traffic and receives the ground of the virtual machine of flowLocation (such as MAC Address) is forwarded flow by established route-bridge to facilitate, and water conservancy diversion rule is for introducing flowRoute-bridge realizes transmission of the flow between virtual machine by route-bridge.
In step S14, the communication between the virtual machine is completed according to the address translation rule and water conservancy diversion rule.?This, sets up the packet route between virtual machine according to determining address translation rule and water conservancy diversion rule, from the first virtual machine toThe message that second virtual machine is sent reaches the second virtual machine according to the packet route, avoids passing through cloud routing and is forwarded, andIt is few with rule and configuration, reduce the probability of error.
Specifically, the address translation rule includes: when first virtual machine sends message to second virtual machineWhen, the target MAC (Media Access Control) address of the message is revised as described by the MAC Address of the corresponding routing gateway of first virtual machineThe MAC Address of two virtual machines;When second virtual machine sends message feedback information to first virtual machine, by the reportThe target MAC (Media Access Control) address of literary feedback information is revised as described first by the MAC Address of the corresponding routing gateway of second virtual machineThe MAC Address of virtual machine.Here, issuing address when the first virtual machine (VM1) sends message to the second virtual machine (VM2) and turningRule is changed to modify the target MAC (Media Access Control) address of VM1 toward the flow of VM2 by the MAC Address of the corresponding cloud routing gateway of the first virtual machineFor the MAC Address of virtual machine VM2;When the feedback information of the second virtual machine VM2 returned packet, address translation rule is past by VM2The target MAC (Media Access Control) address of the flow of VM1 is revised as virtual machine VM1's by the MAC Address of the corresponding cloud routing gateway of the second virtual machineMAC Address, for example, the first virtual machine is located on the network of 10.0.1.0/24, the second virtual machine is located at the net of 10.0.2.0/24On network, when the first virtual machine sends message to the second virtual machine, the legacy paths walked are by cloud routing forwarding, and cloud is routed and wrappedInclude gateway 10.0.1.1 and gateway 10.0.2.1, wherein gateway 10.0.1.1 is that the first virtual machine is reported to the transmission of the second virtual machineTarget MAC (Media Access Control) address when literary, gateway 10.0.2.1 be the second virtual machine to the first virtual machine return information when purpose MACLocation, then after setting up route-bridge, when the first virtual machine sends subsequent packet to the second virtual machine, needing will be virtual from firstMachine is revised as by gateway 10.0.1.1 the MAC Address of the second virtual machine to the target MAC (Media Access Control) address of the flow of the second virtual machine, togetherSample, in the second virtual machine return information, need by from the second virtual machine to the target MAC (Media Access Control) address of the flow of the first virtual machine byGateway 10.0.2.1 is revised as the MAC Address of the first virtual machine.
Specifically, the water conservancy diversion rule include: when first virtual machine to second virtual machine send message when, byThe first virtual LAN interface bridge forwarded by the route-bridge after to the second virtual LAN interface bridge;When second virtual machine sends message feedback information to first virtual machine, by the second virtual local area network interface netBridge forwarded by the route-bridge after to the first virtual LAN interface bridge.Here, when the first virtual machine VM1 is to theWhen two virtual machine VM2 send message, need the message flow passing through route-bridge from VLAN1 bridge water conservancy diversion to route-bridgeIt is forwarded to VLAN2 bridge.When the second virtual machine VM2 is to the first virtual machine VM1 return information, by the flow of the return information fromVLAN2 bridge water conservancy diversion is forwarded to VLAN1 bridge to route-bridge, by route-bridge.
In one embodiment of the application, the optimization message information is by the primary proxy according to the routing iinformation of the first messageIt determines.Specifically: the routing iinformation of first message is captured by the primary proxy, wherein the primary proxy and described theThe routing that one message passes through is located on same host, and the routing iinformation of first message is recorded in connection tracking by the routingIn table.Here, first message that the first message is sent when being communicated between the virtual machine in heterogeneous networks, virtuallyBecause the MAC Address of other side's virtual machine can not be found when machine sends the first message, need to be forwarded by cloud routing, the first messageIt is routed when being forwarded by cloud routing, the cloud routing passed through with the first message is located at the primary proxy on same host(Agent) routing procedure is captured, routing iinformation is obtained.The routing iinformation of first message is recorded in connection tracking table by cloud routingIn.
In one embodiment of the application, the routing iinformation of first message includes: the transmission routing of first messageThe feedback routing iinformation of information and first message, wherein the transmission routing iinformation of first message includes by describedFirst message is sent to the first virtual local area network interface by one virtual machine, from institute after the gateway forwards of the routingState the channel status information that the second virtual LAN is interfaced to second virtual machine;The feedback routing iinformation of first messageIncluding being sent to second virtual local area for the feedback information that first message determines is received by second virtual machineNetwork interface is interfaced to the access shape of first virtual machine after the gateway forwards of the routing from first virtual LANState information.Here, virtual machine 2 is located in physical machine 2 as shown in Fig. 2, virtual machine 1 is located in physical machine 1, cloud routing is located at objectOn reason machine 3, the virtual machine 1 positioned at network 10.0.1.11/24 sends message to the virtual machine 2 positioned at network 10.0.2.12/24When, the path that first message is walked is successively to pass through VLAN1 bridge, on vlan sub-interface to physical machine 1 from Microsoft Loopback AdapterOne physical network card reaches cloud road by the third physical network card in physical machine 3 to VLAN1 sub-interface, VLAN bridge, Microsoft Loopback AdapterBy upper gateway 10.0.1.1, is forwarded by the gateway 10.0.2.1 that cloud routes, successively pass through virtual machine network interface card, VLAN2 netBridge, vlan sub-interface to third physical network card reach the Physical Network in the physical machine 2 on virtual machine 2 by third physical network cardBlock (the second physical network card), arrives virtual machine 2 again after VLAN2 sub-interface, VLAN bridge reach Microsoft Loopback Adapter, routed by cloudThis path being forwarded is recorded in connection tracking table;Likewise, when from the information that virtual machine 2 returns to virtual machine 1,Cloud routing forwarding is also passed through, the path of return is also recorded in connection tracking table.Primary proxy judgement is captured from virtual machine 1Whether this path to the flow of virtual machine 2 Jing Guo cloud routing forwarding is channel status and returns to virtual machine 1 from virtual machine 2This path Jing Guo cloud routing forwarding of flow whether be channel status, can be under virtual machine when being all channel statusHair subsequent packet walks the instruction of path optimizing (the second packet route), establishes the path optimizing that subsequent packet is walked, wherein optimization roadDiameter is by establishing the true path of the address translation rule of route-bridge and determination, water conservancy diversion rule.
In one embodiment of the application, the optimization message information creation that is sent to virtual machine based on primary proxy is for connecting theAfter the route-bridge of one virtual LAN interface bridge and the second virtual LAN interface bridge, in the virtual office of transmitted trafficThe flow is identified on the network interface bridge of domain, and the flow is guided to the route-bridge;By the route-bridge intoThe flow is forwarded on the virtual LAN interface bridge for receiving flow by the matching of row MAC Address and bridge interface.?This, when VM1 sends message to VM2, VM1 is the virtual machine of transmitted traffic, then VLAN1 bridge is the virtual local area of transmitted trafficNetwork interface bridge, VM2 are the virtual machine for receiving flow, then VLAN2 bridge is the virtual LAN interface bridge for receiving flow,After recognizing the flow on VLAN1 bridge, by the flow from VLAN1 bridge water conservancy diversion into route-bridge, route-bridge passes through MACThe flow is forwarded to VLAN2 bridge by address and port match.Likewise, when VM2 is to VM1 return information, the VLAN2 of VM2Bridge is the virtual LAN interface bridge of transmitted traffic, and return path is the MAC Address and bridge interface by route-bridgeMatching is forwarded on VLAN1 bridge.
In one embodiment of the application, routing iinformation and preset triggering item of the primary proxy based on first messagePart optimizes message information to determining.Wherein, the trigger condition includes any one of following: the transmission routing letter of first messageChannel status information in the feedback routing iinformation of channel status information and first message in breath is intercommunication state;InstituteThe flow stated between the first virtual machine and second virtual machine degrades.
Here, the path that the first message is passed by is first path, routing iinformation is determined according to first path, and then analyzing shouldRouting iinformation determines whether first path is normal, if normal, meets preset trigger condition, the message of triggering following walks secondPacket route, wherein the second packet route be not by the path of router, but by primary proxy it is associated to the first messageVirtual machine optimizes message information, creates route-bridge, is forwarded by route-bridge, to carry out first virtual machineWith the communication between the second virtual machine.The information for obtaining message in embodiment described herein in a manner of bypass, does not depend onIn database, to preferentially guarantee that customer service is unaffected under any circumstance, wherein the mode of bypass is to be supervised by agencyThe mode listened.Trigger condition include thes case where that the flow between first virtual machine and the second virtual machine degrades, whenAfter flow degradation occurs, the walked path of message is reduced to away first path, if the flow between the first virtual machine and the second virtual machineIt is still active state, then will triggers again message and walk path optimizing.And then meet and only active connection is optimized, it does not do non-essentialOptimization movement, and only flow can caused to degrade without interrupting the communication link between virtual machine under worst network condition.It needsIt is noted that when the channel status information of first message be obstructed state when, virtual machine shutdown or carry out secure group everyFrom.
In one embodiment of the application, which comprises step S10, the primary proxy is based on first messageRouting iinformation sends to the virtual machine and checks command information;It is located at described in the capture of the agency on same host with the virtual machineIt checks command information, and inspection result is fed back to the primary proxy according to the inspection command information;The primary proxy is according to instituteIt states inspection result and sends optimization message information according to preset protocol format to the virtual machine.Here, the primary proxy in cloud routingIt sends and checks instruction to calculate node, to check whether each calculate node is normal, whether the network agent in calculate node is depositedLiving, the network agent in calculate node captures inspection instruction by way of intercepting and capturing, checks whether that normal rear reply checksAs a result, primary proxy sends optimization message information to virtual machine according to preset protocol format when inspection result is normal.Wherein,Preset protocol format is based on IP agreement, and it is preset protocol format that the network agent in calculate node, which is monitored into calculate node,Whole flows, the network agent on router monitors the whole flows for entering that router is preset protocol format, to routeNetwork agent on device only needs to send the message of preset protocol format to the virtual machine for needing to optimize flow, and message is in physical machineControl instruction is passed through preset protocol format calculate node where not knowing virtual machine to reach by upper intercepted and parsingUnder the premise of be sent to correct calculate node, and this correctness is ensured by the operation of network bottom layer, therefore does not have numberAccording to the risks such as library information errors, out-of-date.Wherein, calculate node is the host and the where the first virtual machine in distributed networkHost where two virtual machines.
In one embodiment of the application, with continued reference to Fig. 2, virtual machine 1 sends the first message to virtual machine 2, first passes throughVLAN1 is dealt into gateway 10.0.1.1, and the first message reaches virtual machine 2 by cloud routing forwarding to VLAN2, and virtual machine 2 is logicalIt crosses same paths and replys message, the connection tracking table in cloud routing records this connection.Network agent (main generation in cloud routingReason) inspection instruction is sent to the virtual machine (virtual machine 1 and virtual machine 2) in calculate node, to check the network in calculate nodeWhether agency's (network agent 1 and network agent 2) survives, and when survival, primary proxy issues optimization to virtual machine 1 and virtual machine 2Message information, network agent 1 and network agent 2 obtain the instruction of the optimization message information by intercepting and capturing mode, thus virtual machine 1Network agent 1 in the calculate node at place will create route-bridge, connect VLAN1 bridge and VLAN2 bridge, and issue addressThe target MAC (Media Access Control) address of virtual machine 1 toward the flow of VM2 is revised as virtual machine 2 by the MAC of cloud routing 10.0.1.1 by transformation ruleMAC Address issues water conservancy diversion rule for virtual machine 1 and is sent to the flow of virtual machine 2 from VLAN1 bridge water conservancy diversion to route-bridge, then turnsIt is dealt into VLAN2 bridge.Network agent 2 equally in the calculate node where virtual machine 2 creates route-bridge and base areaLocation transformation rule and water conservancy diversion rule, it is established that the path of the flow of virtual machine 1 is sent to from virtual machine 2.The road that subsequent packet is walkedDiameter is the path being forwarded above by route-bridge.
By the method described herein for realizing inter-virtual machine communication, rule and configuration can reduce the general of error lessRate, when the rule failure of distribution routing or generation problem, flow can be downgraded to legacy paths, guarantee that network is available,Traditional routing, the access that traditional equipment can be convenient are not interfered simultaneously.In addition, there is lower delay, independent of database,It preferentially ensure that customer service is unaffected in any case.
Embodiment described herein is based on SDN network, wherein SDN network is software defined network (SoftwareDefined Network) it is a kind of novel transmission via net framework, by the way that network equipment control plane is solved with data surfaceCoupling, to realize the flexible control to network flow.
In addition, it is stored thereon with computer-readable instruction the embodiment of the present application also provides a kind of computer-readable medium,The computer-readable instruction can be executed by processor to realize the aforementioned method for realizing inter-virtual machine communication.
According to the application another aspect, a kind of equipment for realizing inter-virtual machine communication is additionally provided, wherein describedEquipment includes:
One or more processors;And
It is stored with the memory of computer-readable instruction, the computer-readable instruction makes the processor when executedExecute the operation of aforementioned the method.
For example, computer-readable instruction makes one or more of processors when executed:
It is located at the optimization message information that agency's capture primary proxy on same host is sent to the virtual machine with virtual machine;
Based on optimization message information creation for connecting the first virtual LAN interface bridge and the second virtual local areaThe route-bridge of network interface bridge, wherein the virtual machine includes the first virtual machine and the second virtual machine;
Determine the address translation rule and water conservancy diversion rule that flow is forwarded by the route-bridge, wherein the flowIncluding message and message feedback information;
The communication between the virtual machine is completed according to the address translation rule and water conservancy diversion rule.
Obviously, those skilled in the art can carry out various modification and variations without departing from the essence of the application to the applicationMind and range.In this way, if these modifications and variations of the application belong to the range of the claim of this application and its equivalent technologiesWithin, then the application is also intended to include these modifications and variations.
It should be noted that the application can be carried out in the assembly of software and/or software and hardware, for example, can adoptWith specific integrated circuit (ASIC), general purpose computer or any other realized similar to hardware device.In one embodimentIn, the software program of the application can be executed to implement the above steps or functions by processor.Similarly, the applicationSoftware program (including relevant data structure) can be stored in computer readable recording medium, for example, RAM memory,Magnetic or optical driver or floppy disc and similar devices.In addition, hardware can be used to realize in some steps or function of the application, exampleSuch as, as the circuit cooperated with processor thereby executing each step or function.
In addition, a part of the application can be applied to computer program product, such as computer program instructions, when its quiltWhen computer executes, by the operation of the computer, it can call or provide according to the present processes and/or technical solution.And the program instruction of the present processes is called, it is possibly stored in fixed or moveable recording medium, and/or pass throughBroadcast or the data flow in other signal-bearing mediums and transmitted, and/or be stored according to described program instruction operationIn the working storage of computer equipment.Here, including a device according to one embodiment of the application, which includes usingMemory in storage computer program instructions and processor for executing program instructions, wherein when the computer program refers toWhen enabling by processor execution, method and/or skill of the device operation based on aforementioned multiple embodiments according to the application are triggeredArt scheme.
It is obvious to a person skilled in the art that the application is not limited to the details of above-mentioned exemplary embodiment, Er QieIn the case where without departing substantially from spirit herein or essential characteristic, the application can be realized in other specific forms.Therefore, no matterFrom the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and scope of the present application is by appended powerBenefit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent elements of the claimsVariation is included in the application.Any reference signs in the claims should not be construed as limiting the involved claims.ThisOutside, it is clear that one word of " comprising " does not exclude other units or steps, and odd number is not excluded for plural number.That states in device claim is multipleUnit or device can also be implemented through software or hardware by a unit or device.The first, the second equal words are used to tableShow title, and does not indicate any particular order.