CN111585800B

Movatterモバイル変換

Info

Publication number: CN111585800B
Application number: CN202010354728.XA
Authority: CN
Inventors: 覃华伟
Original assignee: Ping An Technology Shenzhen Co Ltd
Current assignee: Ping An Technology Shenzhen Co Ltd
Priority date: 2020-04-29
Filing date: 2020-04-29
Publication date: 2022-06-28
Anticipated expiration: 2040-04-29
Also published as: WO2021217872A1; CN111585800A

Abstract

The invention relates to the technical field of cloud, and provides a network node configuration method based on a virtual private cloud, which is based on a gateway cluster comprising a plurality of gateway nodes; the virtual private cloud comprises a plurality of VPC networks, and each gateway node serves one group of VPC networks; the method comprises the following steps: determining a target gateway node corresponding to each VPC network, wherein the target gateway node corresponding to each VPC network comprises a main gateway node and at least one backup gateway node; respectively determining the routing priority of each main gateway node and each backup gateway node; providing network access service for users in the VPC network based on a main gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority; and the main gateway node corresponding to each VPC network synchronizes the resource data of the network access service to the corresponding backup gateway node in real time. The invention can reduce the service interruption caused by the gateway node failure and improve the user experience.

Description

Virtual private cloud-based network node configuration method, device and medium

Technical Field

The invention relates to the technical field of cloud, in particular to a method, a device, a terminal and a computer readable storage medium for configuring a network node based on a virtual private cloud.

Background

In a Virtual Private Cloud (VPC), the internal IP is used by the client, and when the client needs to access an external network, the external network access can be realized only through a NAT (network address translation) gateway. If the VPC network provides services to the outside, for example as a WEB site, load balancing (gateway clustering) is usually used to the VPC internal real servers. It can provide high performance Internet access services for VPC users. Through the NAT gateway, resources in the VPC can access the Internet more safely.

In specific implementation, the internal server finally selected is determined according to the target address and the port in the message and the server selection mode set by the load balancing device. However, if a server (i.e. a gateway) goes down, the Session (Session control) on the machine disappears, and the user cannot complete forwarding due to no Session after requesting to switch to another machine, resulting in interruption or reconnection of user services.

Disclosure of Invention

Based on this, it is necessary to provide a method, an apparatus, a terminal and a computer readable storage medium for configuring a virtual private cloud-based gateway node in order to solve the above problems.

A configuration method of a gateway node based on a virtual private cloud is based on a gateway cluster comprising a plurality of gateway nodes; the virtual private cloud comprises a plurality of VPC networks, wherein each gateway node serves a group of VPC networks, each group of VPC networks comprising at least one VPC network;

the method comprises the following steps:

determining a target gateway node corresponding to each VPC network through a preset resource configuration algorithm, wherein the target gateway node corresponding to each VPC network comprises a main gateway node and at least one backup gateway node corresponding to the VPC network;

respectively determining the routing priority corresponding to a main gateway node and at least one backup gateway node of each VPC network;

aiming at each VPC network, providing network access service for users in the VPC network based on a main gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority;

and the main gateway node corresponding to each VPC network synchronizes the resource data of the network access service to at least one backup gateway node corresponding to the VPC network in real time.

Wherein the routing priority of the master gateway node is higher than the routing priority corresponding to the backup gateway node.

Wherein, aiming at each VPC network, based on a main gateway node and at least one backup gateway node corresponding to the VPC network and providing network access service for users in the VPC network according to the routing priority, the method further comprises the following steps:

for each VPC network:

according to the routing priority, determining a gateway node with the highest routing priority as a service gateway node from a main gateway node and at least one backup gateway node corresponding to the VPC network;

providing network access service for users in the VPC network through the service gateway node;

wherein, according to the routing priority, determining the gateway node with the highest routing priority as a service gateway node in a main gateway node and at least one backup gateway node corresponding to the VPC network, further comprises:

judging whether the gateway node with the highest routing priority has a fault or not;

then, according to the routing priority, selecting other gateway nodes except the gateway node with the highest determined routing priority from the main gateway node and the at least one backup gateway node, and determining the service gateway node.

Wherein the method further comprises:

and aiming at each gateway node, establishing an internal BFD session link between the gateway node and a router of the underlay network through the underlay network, and establishing an external BFD session link between the gateway node and the external router.

Wherein, the said one based on a main gateway node and at least one backup gateway node corresponding to the VPC network, and providing network access service for users in the VPC network according to the routing priority, further comprises:

detecting, for each gateway node, whether the internal BFD session link and/or external BFD session link is broken;

determining that the gateway node fails when the internal BFD session link and/or the external BFD session link are/is broken;

and aiming at a VPC network served by the failed gateway node, determining at least one target gateway node corresponding to the VPC network, and providing network access service for users in the VPC network through the determined target gateway node.

Wherein, when determining that the gateway node has a failure in the case that the internal BFD session link and/or the external BFD session link are disconnected, the method further comprises:

when the gateway node with the fault recovers from the fault, synchronizing the resource data corresponding to the gateway node point through the gateway cluster;

After the resource data synchronization is completed, the routing information of the gateway node is updated so that the gateway node can provide network access services for users within the VPC network served by the gateway node.

A network node configuration device based on a virtual private cloud is based on a gateway cluster comprising a plurality of gateway nodes; the virtual private cloud comprises a plurality of VPC networks, wherein each gateway node serves a group of VPC networks, each group of VPC networks comprising at least one VPC network;

the device comprises:

the system comprises a resource configuration unit, a gateway node selection unit and a gateway node selection unit, wherein the resource configuration unit is used for determining a target gateway node corresponding to each VPC network through a preset resource configuration algorithm, and the target gateway node corresponding to each VPC network comprises a main gateway node and at least one backup gateway node corresponding to the VPC network;

the route priority determining module is used for respectively determining the route priority corresponding to the main gateway node and the at least one backup gateway node of each VPC network;

the network access module is used for providing network access service for users in each VPC network based on a main gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority;

And the data synchronization module is used for synchronizing the resource data of the network access service of the main gateway node corresponding to each VPC network to at least one backup gateway node corresponding to the VPC network in real time.

A terminal comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to perform the steps of:

determining a target gateway node corresponding to each VPC network through a preset resource allocation algorithm, wherein the target gateway node corresponding to each VPC network comprises a main gateway node and at least one backup gateway node corresponding to the VPC network;

A readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the steps of:

The invention has the following beneficial effects:

after the configuration method, the device terminal and the computer readable storage medium of the network node based on the virtual private cloud are adopted, when the VPC network is provided with services based on the gateway cluster comprising a plurality of gateway nodes, configuring one master gateway node and at least one backup gateway node for each VPC network, and configuring a routing priority for the corresponding gateway node, then, when the VPC network is provided with services through the gateway node, the currently provided gateway node is determined through the routing priority, e.g., the primary gateway node, and synchronizes the traffic data to other backup gateway nodes in real time, such that in the event of a failure of one gateway node, the service on the gateway node does not disappear, and the gateway node can be switched to other gateway nodes with service data backed up, so that the service of the user is not interrupted, the stability of the service is improved, and the user experience is improved.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.

Wherein:

fig. 1 is a schematic flowchart of a configuration method of a virtual private cloud-based gateway node according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of a routing relationship between a gateway node and a VPC network according to an embodiment of the present invention;

fig. 3 is a schematic flow chart illustrating service data synchronization between multiple gateway nodes according to an embodiment of the present invention;

FIG. 4 is a schematic diagram of a routing relationship between a gateway node and a VPC network according to an embodiment of the present invention;

FIG. 5 is a schematic diagram of a routing relationship between a gateway node and a VPC network according to an embodiment of the present invention;

FIG. 6 is a schematic diagram of a routing relationship between a gateway node and a VPC network according to an embodiment of the present invention;

fig. 7 is a schematic flow chart illustrating a process of performing service data recovery between a plurality of gateway nodes according to an embodiment of the present invention;

Fig. 8 is a schematic structural diagram of a configuration apparatus of a virtual private cloud-based gateway node according to an embodiment of the present invention;

fig. 9 is a schematic structural diagram of a configuration apparatus of a virtual private cloud-based gateway node according to an embodiment of the present invention;

fig. 10 is a schematic structural diagram of a computer device running the above configuration method for a virtual private cloud-based gateway node according to an embodiment of the present application;

fig. 11 is a schematic structural diagram of an embodiment of a readable storage medium provided in the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

In this embodiment, in order to solve the problem of service data interruption or reconnection caused by a gateway node failure during the process of accessing an external network by a client of a virtual private cloud, a configuration method of a gateway node based on a virtual private cloud is provided.

In this embodiment, the method for configuring a gateway node based on a virtual private cloud is based on a gateway cluster including a plurality of gateway nodes. Each gateway node is a node server in the gateway cluster and is an internal server. Further, in the virtual private cloud, it is necessary to use load balancing to an internal server (i.e. a gateway node in a gateway cluster, which is an internal real server), and when an external network accesses, resources in the internal server are accessed through an external routing device.

In this embodiment, the virtual private cloud based on the configuration method of the gateway node based on the virtual private cloud includes a plurality of VPC networks, and the VPC networks provide external network access services depending on a plurality of gateway nodes in a gateway cluster. Each gateway node serves a group of VPC networks, each group of VPC networks including at least one VPC network.

In this embodiment, in order to avoid a service interruption caused by a gateway node failure in an external network access process, for each VPC network, in addition to providing one gateway node, a corresponding backup gateway node needs to be provided, so that, in the case of a gateway node failure, a service can be provided for a user in the corresponding VPC network, and a corresponding service interruption is avoided.

Referring to fig. 1, fig. 1 is a schematic flowchart illustrating a configuration method of a virtual private cloud-based gateway node according to an embodiment of the present invention.

Specifically, as shown in fig. 1, the configuration method of the virtual private cloud-based gateway node provided by the present invention includes steps S102 to S108:

step S102: and determining a target gateway node corresponding to each VPC network through a preset resource allocation algorithm, wherein the target gateway node corresponding to each VPC network comprises a main gateway node and at least one backup gateway node corresponding to the VPC network.

In this embodiment, the gateway nodes are allocated to the VPC network according to a resource allocation algorithm, for example, a VPC network served by each gateway node is determined according to a hash algorithm, so that the VPC networks served by each gateway node are balanced.

In a specific embodiment, the method may be implemented by a four-layer load balancing component (L4-LB), and an internal server (i.e. a gateway node) of a user in the VPC network in the process of accessing an external network is determined by a destination address and a port in a message and by a server selection mode set by a load balancing device.

In this embodiment, one gateway node may serve multiple VPC networks, for example, one gateway stage serves one group of VPC networks, and one group of VPC networks includes multiple VPC networks. And each VPC network corresponds to more than one gateway node and comprises a main gateway node and at least one backup gateway node.

In a specific embodiment, each VPC network corresponds to one VPCID, and in the process of determining a target gateway node corresponding to each VPC network, a range of serving VPCIDs is configured for each gateway node.

In a specific embodiment, each VPC network is configured with 2 target gateway nodes, wherein the 2 target gateway nodes include 1 master gateway node and 1 backup gateway node. In other embodiments, each VPC network may further be configured with 1+ N target gateway nodes, where 1 main gateway node and N backup gateway nodes are included in the 1+ N target gateway nodes, where N is a positive integer greater than 1.

In this embodiment, each VPC network is provided with a plurality of gateway nodes so that, in case of a failure of a certain gateway node, the gateway node can be replaced by another gateway node to ensure uninterrupted operation. Therefore, in this embodiment, in order to determine the services of the gateway node, it is also necessary to determine the routing priority corresponding to each gateway node.

Step S104: and respectively determining the routing priority corresponding to the main gateway node and the at least one backup gateway node of each VPC network.

In this embodiment, priorities of a plurality of gateway nodes corresponding to a VPC network are different, and in a determined VPC network, routes accessing an external network all point to one of the gateway nodes corresponding to a current VPC network, and the determination of the gateway node is determined according to the route priority of the gateway node. And the routing priority of the master gateway node is higher than the routing priority of the backup gateway node. And determining through which gateway node a routing path accessing an external network in the current VPC network passes according to the routing priority among the available gateway nodes.

In a specific embodiment, in the case that the number of gateway nodes corresponding to the VPC network is 2 (one main gateway node, one alternative gateway node), the routing priority islevel 2. When the number of gateway nodes corresponding to the VPC network is 1+ N (1 master gateway node, N candidate gateway nodes), the routing priority is 2 (the routing priorities of the N candidate gateway nodes are the same) or 1+ N (the reason priorities of the N candidate gateway nodes are all different).

Taking the example that each VPC network is configured with two gateway nodes (one master gateway node and one alternative gateway node), on the external network side, each gateway node needs to issue two-priority routes, or statically configure two-priority routes on the egress router. Wherein, for both VPC networks, the routes issued by the master gateway node take high priority.

Such as: suppose that a main gateway node corresponding to VPC network 1 (VPCID corresponding to VPC network is VPC0001) is GW-1, an alternative main gateway node is GW-3, a main gateway node corresponding to VPC network 2 (VPCID corresponding to VPC network is VPC2001) is GW-3, and an alternative gateway node is GW-1. The routing priority settings of the main gateway node GW-1 and the main gateway node GW-2 are as follows:

on the main gateway node GW-1,

BGP:VPC0001_VIP/32Priority N+1

BGP:VPC0001_NAT/32Priority N+1

...

BGP:VPC2001_VIP/32Priority N

BGP:VPC2001_NAT/32Priority N

…

at GW-3

BGP:VPC0001_VIP/32Priority N

BGP:VPC0001_NAT/32Priority N

...

BGP:VPC2001_VIP/32Priority N+1

BGP:VPC2001_NAT/32Priority N+1

Where BGP denotes a border gateway protocol, NAT denotes a route used when accessing an external network, and VIP denotes a gateway route used when accessing an external network.

In VPC0001, all routes accessing an external network point to a default gateway VPC0001_ GW in VPC, all messages accessing the default gateway are sealed in an overlay tunnel, and the far end endpoint of the tunnel is represented as VPC0001_ overlay _ tunnel _ endpoint and is a floating IP in GW-1/GW-3. The default gateway usually refers to a configuration parameter on each host, and the parameter value is an IP address of a router port connected to the same network, that is, a default gateway node.

Two priority routes are added to the underlay network of VPC 0001. GW1_ IP is the service network interface address of GW1 on the VPC underlay network side.

Taking VPC0001 as an example:

VPC0001:vpc0001_overlay_tunnel_endpoint next hop GW1_IP priority high

VPC0001:vpc0001_overlay_tunnel_endpoint next hop GW3_IP priority low。

this may be particularly shown in figure 2. Fig. 2 is a schematic diagram showing routing relationships among gateway nodes, VPC networks and external routes when 4 gateway nodes, GW-1, GW-2, GW-3 and GW-4, are included in a gateway cluster, and when a gateway node is used as an example when GW-1 and GW-3 are backup gateway nodes for each other.

Step S106: and aiming at each VPC network, providing network access service for users in the VPC network based on one main gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority.

When the VPC network accesses external network resources, only one gateway node corresponding to the VPC network is needed. Typically, the network access service is provided through the master gateway node. However, in the event of a failure of the primary gateway node, network access services are provided within the VPC network through the backup gateway node.

Specifically, for each VPC network: determining a gateway node with the highest routing priority as a service gateway node in a main gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority; and providing network access service for users in the VPC network through the service gateway node. And if the gateway node with the highest routing priority has a fault, selecting a service gateway node from other gateway nodes.

That is, after determining the gateway node with the highest routing priority, determining whether the determined gateway node with the highest routing priority has a fault; and if so, according to the routing priority, selecting a gateway node with the highest determined routing priority from the main gateway node and the at least one backup gateway node, and then determining a service gateway node from other gateway nodes.

Step S108: and the main gateway node corresponding to each VPC network synchronizes the resource data of the network access service to at least one backup gateway node corresponding to the VPC network in real time.

In this embodiment, in order to ensure that the service is not interrupted when a certain gateway node goes down or fails, the gateway node needs to synchronize resource data corresponding to the network access service to other gateway nodes. In a specific embodiment, a main gateway node generally provides a network access service, and in this process, the main gateway node needs to synchronize resource data of the network access service to other backup gateway nodes corresponding to the same VPC network, so that the other backup gateway nodes can take over the main gateway node to provide the network access service when the main gateway node is down or in failure.

It should be noted that, in order to ensure that the service is not interrupted, in this embodiment, the resource data is synchronized in real time, so as to ensure that the resource data in the multiple target gateway nodes are synchronized, and in the case that one gateway node is down or has a fault, other gateway nodes can take over to provide the service, so as to ensure that the service is not interrupted.

Further, the resource data of the network access service synchronized by the gateway node is synchronization of the session object. Wherein, Session refers to Session control, and the Session object stores the attribute and configuration information required by the Session of a specific user.

The process of synchronization of Session objects may be as shown in fig. 3. After gateway node GW-1 receives a message from an external network, a corresponding session object is created, and then the session object is forwarded to a backup gateway node GW-3 which needs to be backed up. Wherein the determination of the backup gateway node GW-3 is determined by resource allocation of the gateway cluster.

After the configuration method of the network node based on the virtual private cloud is adopted, when a VPC network is provided with services based on a gateway cluster comprising a plurality of gateway nodes, a main network node and at least one backup gateway node are configured for each VPC network, and a routing priority is configured for the corresponding gateway node, then when the VPC network is provided with services through the gateway nodes, the gateway node which provides the services at present, such as the main network node, is determined through the routing priority, and service data is synchronized to other backup gateway nodes in real time, so that under the condition that one gateway node fails, the service on the gateway node does not disappear, and the gateway node can be switched to other gateway nodes with the service data, so that the service of a user is not interrupted, the stability of the service is improved, and the user experience is improved.

Further, in this embodiment, in the configuration method of a gateway node based on a virtual private cloud, the method further includes: and aiming at each gateway node, establishing an internal BFD session link between the gateway node and a router of the underlay network through the underlay network, and establishing an external BFD session link between the gateway node and the external router.

On the internal network side, the gateway node establishes BFD session link with a router of the underlay network; on the external network side, the gateway node and the external router establish a BFD session link. The BFD session link is a network protocol for detecting faults between two forwarding points, and whether user services corresponding to the network joint point are interrupted or not can be detected through the BFD session link. As shown in fig. 4 in detail, the gateway node GW-1 establishes a BFD session link with a router of the underlay network, and establishes a BFD session link with an external router; under the condition that the two BFD session links are connected, the gateway node GW-1 works normally and can provide network access service for the VPC network.

In this embodiment, for each gateway node, whether the gateway node fails or not may be detected by detecting whether one of the internal BFD session link and the external BFD session link corresponding to the gateway node is disconnected or simultaneously disconnected. Specifically, when the internal BFD session link and/or the external BFD session link is detected to be disconnected, it is determined that the gateway node has failed. If one gateway node fails, the user service of the VPC network served by the gateway node is interrupted, and other gateway nodes corresponding to the VPC network need to be switched to continue to provide service for the user service, so that the user service is ensured not to be interrupted. That is to say, the underlay exchange node is used for detecting the BFD session link, and when the disconnection of the BFD session link is detected, the routing is switched (i.e. the switching of the gateway nodes), so that compared with the conventional technology in which the disconnection of the BFD session link is detected by using the gateway nodes, the deployment of the gateway cluster is simplified by detecting with the help of the external device (i.e. the underlay exchange node).

Specifically, under the condition that a gateway node fails, for one or more VPC networks served by the failed gateway node, if a failed main gateway node occurs, at least one backup gateway node corresponding to the VPC network is determined, and network access service is provided for users in the VPC network through the determined backup gateway node.

As shown in fig. 5, in case of a single gateway node failure, such as gateway node GW-1 failure, the switching nodes on both sides will detect the BFD session link interruption, and thus the data flow of the VPC network (VPC0001) will pass through gateway node GW-3. Because the data corresponding to the session object corresponding to the VPC network (VPC0001) has been synchronized to the gateway node GW-3 in real time before, the gateway node GW-3 can continue to provide services for the VPC network (VPC 0001). Otherwise, if the Session object is not synchronized in advance, the user service is interrupted or reconnected; if the Session object is synchronized, the user service only has a short packet loss.

Furthermore, in order to avoid the unilateral interruption of the BFD session link of the gateway node, two BFD session links on the same gateway node need to be linked, for example, if the BFD session link on the VPC network side on the gateway node GW-1 is interrupted, the BFD session link on the external network side also needs to be actively interrupted, so as to ensure that the BFD session links on both sides of the gateway node GW-1 can work simultaneously or fail simultaneously.

Specifically, as shown in fig. 6, after the external BFD session link corresponding to the gateway node GW-1 is disconnected, the internal BFD session link corresponding to the gateway node GW-1 is also disconnected, so that the BFD session links on both sides of the gateway node GW-1 are simultaneously disabled.

Further, after the failed gateway node recovers from the failure, it needs to recover the resource data corresponding to the VPC network served by the gateway node, and access the gateway node to provide the network access service again.

Specifically, after determining that the gateway node fails, it needs to continuously detect whether the gateway node recovers from the failure. When the gateway node with the fault recovers from the fault, synchronizing the resource data corresponding to the gateway node point through the gateway cluster; after the resource data synchronization is completed, the routing information of the gateway node is updated so that the gateway node can provide network access services for users in the VPC network served by the gateway node.

In the specific implementation, taking a gateway node with a fault as GW-1 as an example, when the gateway node GW-1 recovers from the fault, as shown in fig. 7, it is not possible to directly access the service first; the method comprises the steps of firstly starting, electrifying the gateway node GW-1, then continuously receiving Session object synchronization of other gateway nodes (such as GW-3), and after the Session object synchronization is completed, carrying out route updating on the gateway node GW-1 so as to introduce a service message, so that the gateway node GW-1 continuously provides services.

In a specific embodiment, whether the gateway node GW-1 completes synchronization of Session objects is determined according to whether the number of Session objects on the gateway node GW-1 matches the number of Session objects on other gateway nodes. For example, in the application scenario shown in fig. 7, it is determined whether the number of Session objects on gateway node GW-1 is greater than or equal to 90% of the number of Session objects on gateway node GW-3.

That is to say, in this embodiment, when the gateway node recovers from the failure, the service data of the gateway node is synchronized according to the resource configuration, and then the route is updated so that the route corresponding to the gateway node can be selected, so as to implement the service recovery of the gateway node.

In one embodiment, as shown in fig. 8, a configuration apparatus of a virtual private cloud-based gateway node is also provided. Specifically, the configuration device for the virtual private cloud-based gateway node is based on a gateway cluster including a plurality of gateway nodes; the virtual private cloud comprises a plurality of VPC networks, wherein each gateway node serves a group of VPC networks, each group of VPC networks comprising at least one VPC network. Further, as shown in fig. 8, the configuration apparatus for a virtual private cloud-based gateway node includes:

Aresource configuration unit 102, configured to determine, through a preset resource configuration algorithm, a target gateway node corresponding to each VPC network, where the target gateway node corresponding to each VPC network includes a master gateway node and at least one backup gateway node corresponding to the VPC network;

a routingpriority determining module 104, configured to determine routing priorities corresponding to a master gateway node and at least one backup gateway node of each VPC network respectively;

anetwork access module 106, configured to provide, for each VPC network, a network access service for a user in the VPC network according to the routing priority based on a master gateway node and at least one backup gateway node corresponding to the VPC network;

and thedata synchronization module 108 is configured to synchronize, in real time, resource data of the network access service of the master gateway node corresponding to each VPC network to at least one backup gateway node corresponding to the VPC network.

After the configuration device of the network node based on the virtual private cloud is adopted, when a VPC network is provided with services based on a gateway cluster comprising a plurality of gateway nodes, a main network node and at least one backup gateway node are configured for each VPC network, and a routing priority is configured for the corresponding gateway node, then when the VPC network is provided with services through the gateway nodes, the gateway node which provides the services at present, such as the main network node, is determined through the routing priority, and service data is synchronized to other backup gateway nodes in real time, so that under the condition that one gateway node fails, the service on the gateway node does not disappear, and the gateway node can be switched to other gateway nodes with the service data, so that the service of a user is not interrupted, the stability of the service is improved, and the user experience is improved.

In one embodiment, the routing priority of the primary gateway node is higher than the routing priority corresponding to the backup gateway node.

In one embodiment, thenetwork access module 106 is further configured to determine, for each VPC network, a gateway node with the highest routing priority as a serving gateway node from among a master gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority; providing network access service for users in the VPC network through the service gateway node;

in one embodiment, thenetwork access module 106 is further configured to determine whether a failure exists in the gateway node with the highest determined routing priority; then, according to the routing priority, selecting other gateway nodes except the gateway node with the highest determined routing priority from the main gateway node and the at least one backup gateway node, and determining the service gateway node.

In one embodiment, thenetwork access module 106 is further configured to, for each gateway node, construct an internal BFD session link between the gateway node and a router of the underlay network through the underlay network, and construct an external BFD session link between the gateway node and the external router.

In one embodiment, as shown in fig. 9, the configuration apparatus of the virtual private cloud-based gateway node further includes a BFDsession construction module 110, configured to construct, for each gateway node, an internal BFD session link between the gateway node and a router of the underlay network through the underlay network, and an external BFD session link between the gateway node and the external router.

In one embodiment, thenetwork access module 106 is further configured to detect, for each gateway node, whether the internal BFD session link and/or the external BFD session link is disconnected; determining that the gateway node fails when the internal BFD session link and/or the external BFD session link are disconnected; and aiming at the VPC network served by the failed gateway node, determining at least one target gateway node corresponding to the VPC network, and providing network access service for users in the VPC network through the determined target gateway node.

In one embodiment, as shown in fig. 9, the configuration apparatus of the virtual private cloud-based gateway node further includes adata recovery module 112, configured to synchronize, by the gateway cluster, resource data corresponding to the gateway node when the failed gateway node recovers from the failure; after the resource data synchronization is completed, the routing information of the gateway node is updated so that the gateway node can provide network access services for users in the VPC network served by the gateway node.

FIG. 10 is a diagram that illustrates an internal structure of the computer device in one embodiment. The computer device may be specifically a terminal, and may also be a server. As shown in fig. 10, the computer device includes a processor, a memory, and a network interface connected by a system bus. The memory comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium of the computer device stores an operating system and may also store a computer program which, when executed by the processor, causes the processor to implement a method of configuring a virtual private cloud-based gateway node. The internal memory may also have a computer program stored therein, which when executed by the processor, causes the processor to perform a method for configuring a virtual private cloud-based gateway node. Those skilled in the art will appreciate that the architecture shown in fig. 10 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.

In one embodiment, a smart terminal is presented comprising a memory and a processor, the memory storing a computer program that, when executed by the processor, causes the processor to perform the steps of:

As can be seen from the above description, in this embodiment, the terminal collects, from the preset content database, at least one piece of recall content matched with the recall content according to the search keyword input by the user, then calculates, based on the constructed user behavior map and the preset association score calculation method, an association score corresponding to each piece of recall content, and sorts the recall content according to the association score, so that the sorted recall content is used as a final target search result and is output to the user. That is to say, after the virtual private cloud-based gateway node configuration method, the device terminal and the computer-readable storage medium are adopted, further ranking processing can be performed on the retrieval results obtained according to the input retrieval keywords based on the user behavior maps, so that the effectiveness of ranking and displaying the retrieval results is improved, and the subsequent conversion rate of content retrieval is improved.

In an embodiment, please refer to fig. 11, which is a schematic structural diagram of an embodiment of a readable storage medium provided in the present invention. Thereadable storage medium 10 has stored therein at least onecomputer program 20, thecomputer program 20 being for execution by a processor to implement the method of:

In one embodiment, thereadable storage medium 20 may be a memory chip in a terminal, a hard disk, or other readable and writable storage tool such as a mobile hard disk or a flash drive, an optical disk, or the like, and may also be a server or the like.

After the terminal and the computer-readable storage medium are adopted, when a VPC network is provided with services based on a gateway cluster comprising a plurality of gateway nodes, a main gateway node and at least one backup gateway node are configured for each VPC network, a routing priority is configured for the corresponding gateway node, then when the VPC network is provided with services through the gateway nodes, the gateway node which provides the services at present, such as the main gateway node, is determined through the routing priority, and service data is synchronized to other backup gateway nodes in real time, so that under the condition that one gateway node has a fault, the service on the gateway node does not disappear and can be switched to other gateway nodes which back up the service data, the service of a user is not interrupted, the stability of the service is improved, and the user experience is improved.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the program is executed. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).

All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.

The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, and these are all within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims

1. A configuration method of a network node based on a virtual private cloud is characterized in that the configuration method is based on a gateway cluster comprising a plurality of gateway nodes; the virtual private cloud comprises a plurality of VPC networks, wherein each gateway node serves a group of VPC networks, each group of VPC networks comprising at least one VPC network;

the method comprises the following steps:

the method comprises the steps that a main gateway node corresponding to each VPC network synchronizes resource data of network access service to at least one backup gateway node corresponding to the VPC network in real time, the resource data of the network access service are session control session objects, and the session objects store attributes and configuration information required by specific user sessions.

2. The method of claim 1, wherein the routing priority of the primary gateway node is higher than the routing priority corresponding to the backup gateway node.

3. The method according to claim 2, wherein the providing network access service for each VPC network based on a main gateway node and at least one backup gateway node corresponding to the VPC network and according to the routing priority further comprises:

For each VPC network:

and providing network access service for users in the VPC network through the service gateway node.

4. The method according to claim 3, wherein the determining a gateway node with the highest routing priority as a serving gateway node among a primary gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority further comprises:

judging whether the gateway node with the highest determined routing priority has a fault or not;

if the gateway node with the highest determined routing priority has a fault, selecting other gateway nodes except the gateway node with the highest determined routing priority from the main gateway node and the at least one backup gateway node according to the routing priority, and determining the service gateway node from the other gateway nodes.

5. The method for configuration of a virtual private cloud-based gateway node according to claim 1, further comprising:

And aiming at each gateway node, establishing an internal BFD session link between the gateway node and a router of the underlay network through the underlay network, and establishing an external BFD session link between the gateway node and an external router.

6. The method of claim 5, wherein the providing network access services to users in the VPC network based on a master gateway node and at least one backup gateway node corresponding to the VPC network according to the routing priority comprises:

and aiming at the VPC network served by the failed gateway node, determining at least one target gateway node corresponding to the VPC network, and providing network access service for users in the VPC network through the determined target gateway node.

7. The method according to claim 6, wherein said determining that the gateway node has failed in case of disconnection of the internal BFD session link and/or the external BFD session link further comprises:

When the gateway node with the fault recovers from the fault, synchronizing the resource data corresponding to the gateway node through the gateway cluster;

8. A network node configuration device based on a virtual private cloud is characterized by being based on a gateway cluster comprising a plurality of gateway nodes; the virtual private cloud comprises a plurality of VPC networks, wherein each gateway node serves a group of VPC networks, each group of VPC networks comprising at least one VPC network;

the device comprises:

And the data synchronization module is used for synchronizing the resource data of the network access service of the main gateway node corresponding to each VPC network to at least one backup gateway node corresponding to the VPC network in real time, the resource data of the network access service is a session control session object, and the session object stores the attribute and the configuration information required by a specific user session.

9. A terminal, characterized in that it comprises a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to carry out the steps of the method of configuration of a virtual private cloud-based mesh node according to any one of claims 1 to 7.

10. A computer-readable storage medium, characterized in that a computer program is stored which, when being executed by a processor, causes the processor to carry out the steps of the method of configuration of a virtual private cloud-based mesh node according to any one of claims 1 to 7.