CN115185637A - Communication method and device for PaaS component management end and virtual machine agent - Google Patents

Abstract

The invention provides a communication method and a communication device for a PaaS component management end and a virtual machine agent, wherein the method comprises the following steps: a plurality of host ports are established in a private network corresponding to the PaaS component, and the number of the host ports is the same as that of the control nodes; establishing a virtual network card by using Open vSwitch on a br-int network bridge of each control node, wherein the information of the virtual network card is associated with the information of a corresponding host port; dynamically acquiring an IP address corresponding to the virtual network card from a DHCP service provided by the neutron; and creating a virtual IP of a private network plane based on keepalived for an agent inside the virtual machine to respond to the RPC request of the PaaS component management end. According to the application, the Open vSwich technology is utilized, the two-layer communication between the PaaS component management end and the virtual machine agent is realized, and the dependence of the PaaS component on the external network of the virtual machine and the network planning of the physical machine is broken through.

Description

Translated fromChinese

PaaS组件管理端和虚拟机代理的通信方法及装置Communication method and device between PaaS component management terminal and virtual machine agent

技术领域technical field

本发明涉及云计算技术领域，尤其涉及一种PaaS组件管理端和虚拟机代理的通信方法及装置。The invention relates to the technical field of cloud computing, in particular to a communication method and device between a PaaS component management terminal and a virtual machine agent.

背景技术Background technique

随着云计算技术的发展，云服务方式从基础的IaaS层虚拟化不断向上演进，出现多种的PaaS服务和SaaS服务。With the development of cloud computing technology, cloud service methods have been evolving from the basic IaaS layer virtualization, and a variety of PaaS services and SaaS services have emerged.

PaaS服务需要在IaaS层虚拟机内部继续封装软件，提供给用户可直接使用的软件产品，省略了用户部署维护的流程。PaaS组件的管理端需要管理并维护虚拟机内部软件的状态，因此需要管理端与虚拟机实现网络上的通信。虚拟机位于私有网络内部，需要将私有网络外接至特定的外部网络后，从业务网卡外出，经过三层交换机，才可实现虚拟机和管理节点的PaaS组件管理端通信，局限性较大且不可灵活选择上层网络。并且在一些环境下的网络规划中，业务网卡和管理网卡在不同的交换机，无法实现互通。PaaS services need to continue to encapsulate software inside the IaaS layer virtual machine to provide software products that users can use directly, omitting the process of user deployment and maintenance. The management end of the PaaS component needs to manage and maintain the state of the software inside the virtual machine, so the management end needs to communicate with the virtual machine on the network. The virtual machine is located inside the private network. After the private network is externally connected to a specific external network, it needs to go out from the service network card and pass through the three-layer switch to realize the communication between the virtual machine and the management side of the PaaS component of the management node, which is limited and impossible. Flexible choice of upper-layer network. In addition, in network planning in some environments, the service NIC and management NIC are on different switches and cannot communicate with each other.

发明内容SUMMARY OF THE INVENTION

针对现有技术存在的上述问题，本申请提供一种PaaS组件管理端和虚拟机代理的通信方法及装置。In view of the above problems existing in the prior art, the present application provides a communication method and device between a PaaS component management terminal and a virtual machine agent.

第一方面，本发明提供一种PaaS组件管理端和虚拟机代理的通信方法，包括：In a first aspect, the present invention provides a communication method between a PaaS component management terminal and a virtual machine agent, including:

在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；Create multiple host ports in the private network corresponding to the PaaS component, and the number of the host ports is the same as the number of control nodes;

在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；A virtual network card is constructed using Open vSwitch on the br-int bridge of each control node, and the information of the virtual network card is associated with the information of the corresponding host port;

从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；Dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;

基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。Create a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the proxy inside the virtual machine to respond to the communication request of the management end of the PaaS component.

可选地，所述方法还包括：Optionally, the method further includes:

在构建所述虚拟网卡时，指定所述虚拟网卡的信息，包括网卡类型、状态、端口ID、MAC地址和MTU值。When constructing the virtual network card, specify the information of the virtual network card, including the network card type, state, port ID, MAC address and MTU value.

可选地，所述虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。Optionally, the port ID, MAC address and MTU value of the virtual network card are respectively the same as the port ID, MAC address and MTU value of the corresponding host port.

可选地，所述虚拟网卡的网卡类型为Internal，所述虚拟网卡的状态为Active。Optionally, the network card type of the virtual network card is Internal, and the status of the virtual network card is Active.

可选地，所述从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址，包括：Optionally, dynamically obtaining the IP address corresponding to the virtual network card from the DHCP service provided by neutron includes:

通过dhclient命令从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。The IP address corresponding to the virtual network card is dynamically obtained from the DHCP service provided by neutron through the dhclient command.

可选地，所述方法还包括：Optionally, the method further includes:

调整所述PaaS组件所依赖管理服务的监听端口为全网段监听。Adjust the monitoring port of the management service on which the PaaS component depends to monitor the entire network segment.

第二方面，本申请还提供一种PaaS组件管理端和虚拟机代理的通信装置，包括：In a second aspect, the present application also provides a communication device between a PaaS component management terminal and a virtual machine agent, including:

主机端口创建模块，用于在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；a host port creation module for creating multiple host ports in the private network corresponding to the PaaS component, the number of the host ports being the same as the number of control nodes;

虚拟网卡构建模块，用于在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；A virtual network card building module, used to construct a virtual network card using Open vSwitch on the br-int bridge of each control node, the information of the virtual network card is associated with the information of the corresponding host port;

IP地址获取模块，用于从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；The IP address obtaining module is used to dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;

虚拟IP创建模块，用于基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。The virtual IP creation module is used for creating a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the agent inside the virtual machine to respond to the communication request of the management end of the PaaS component.

第三方面，本发明还提供一种电子设备，包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序，所述处理器执行所述程序时实现如上述第一方面所述任一种PaaS组件管理端和虚拟机代理的通信方法。In a third aspect, the present invention also provides an electronic device, comprising a memory, a processor, and a computer program stored in the memory and running on the processor, when the processor executes the program, the above-mentioned first aspect is implemented Describe any communication method between the PaaS component management terminal and the virtual machine agent.

第四方面，本发明还提供一种非暂态计算机可读存储介质，其上存储有计算机程序，该计算机程序被处理器执行时实现如上述第一方面所述任一种PaaS组件管理端和虚拟机代理的通信方法。In a fourth aspect, the present invention also provides a non-transitory computer-readable storage medium on which a computer program is stored, and when the computer program is executed by the processor, implements any of the PaaS component management terminals and The communication method of the virtual machine agent.

第五方面，本发明还提供一种计算机程序产品，包括计算机程序，所述计算机程序被处理器执行时实现如上述第一方面所述任一种PaaS组件管理端和虚拟机代理的通信方法。In a fifth aspect, the present invention also provides a computer program product, including a computer program, which, when executed by a processor, implements any of the communication methods between the PaaS component management terminal and the virtual machine agent as described in the first aspect above.

本发明提供的PaaS组件管理端和虚拟机代理的通信方法及装置，利用OpenvSwich技术，实现OpenStack PaaS组件管理端与虚拟机代理之间的二层通信，突破PaaS组件对虚拟机外部网络及物理机网络规划的依赖，提高了PaaS组件对不同物理网络架构的适配性。The communication method and device between the PaaS component management terminal and the virtual machine agent provided by the present invention utilize the OpenvSwich technology to realize the two-layer communication between the OpenStack PaaS component management terminal and the virtual machine agent, and break through the PaaS component to the external network of the virtual machine and the physical machine. Reliance on network planning improves the adaptability of PaaS components to different physical network architectures.

附图说明Description of drawings

为了更清楚地说明本发明或现有技术中的技术方案，下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍，显而易见地，下面描述中的附图是本发明的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。In order to explain the present invention or the technical solutions in the prior art more clearly, the following will briefly introduce the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are the For some embodiments of the invention, for those of ordinary skill in the art, other drawings can also be obtained according to these drawings without any creative effort.

图1是本申请实施例提供的PaaS组件管理端和虚拟机代理的通信方法的流程示意图；1 is a schematic flowchart of a communication method between a PaaS component management terminal and a virtual machine agent provided by an embodiment of the present application;

图2是本申请实施例提供的PaaS组件管理端和虚拟机代理的通信装置的结构示意图；2 is a schematic structural diagram of a communication device of a PaaS component management terminal and a virtual machine agent provided by an embodiment of the present application;

图3是本申请实施例提供的电子设备的结构示意图。FIG. 3 is a schematic structural diagram of an electronic device provided by an embodiment of the present application.

具体实施方式Detailed ways

为了更好地对本申请实施例中的技术方案进行描述，下面对相关知识进行介绍。In order to better describe the technical solutions in the embodiments of the present application, related knowledge is introduced below.

(1)云计算(1) Cloud computing

云计算根据所提供服务的类型，可以区分为以下三种落地方式：According to the type of services provided, cloud computing can be divided into the following three landing methods:

①IaaS：基础架构即服务，用户能从中申请到硬件或虚拟硬件，包括裸机和虚拟机，然后在上面安装操作系统或其它应用程序。①IaaS: Infrastructure as a Service, from which users can apply for hardware or virtual hardware, including bare metal and virtual machines, and then install operating systems or other applications on it.

②PaaS：平台即服务，用户从PaaS服务中可直接申请到软件并直接使用，对于PaaS服务申请到的软件，用户没有登录底层虚拟机的权限，也无法感知底层虚拟机，需要PaaS服务来维护软件状态。②PaaS: Platform as a service, users can directly apply for software from the PaaS service and use it directly. For the software applied for by the PaaS service, the user does not have the right to log in to the underlying virtual machine, nor can he perceive the underlying virtual machine. PaaS services are required to maintain the software state.

③SaaS：软件即服务，用户可以通过网络以租赁的方式来使用一些软件，而不是购买，常用的模式是提供一组账号密码。与PaaS的区别在于，PaaS的软件是面向开发者的，是整个应用程序(Application,APP)架构中的一部分，SaaS的软件是面向用户的整个APP软件。③SaaS: software as a service, users can use some software by leasing through the network instead of buying it. The common mode is to provide a set of account passwords. The difference from PaaS is that the software of PaaS is developer-oriented and is a part of the entire application (Application, APP) architecture, while the software of SaaS is the entire APP software oriented to users.

(2)OpenStack(2) OpenStack

OpenStack目前共涵盖了七个核心组件，分别是计算(Compute)、对象存储(ObjectStorage)、认证(Identity)、用户界面(Dashboard)、块存储(Block Storage)、网络(Network)和镜像服务(Image Service)。每个组件都是多个服务的集合，一个服务意味着运行着的一个进程。OpenStack currently covers seven core components, namely Compute, Object Storage, Identity, User Interface, Dashboard, Block Storage, Network, and Image Service. Service). Each component is a collection of multiple services, and a service means a running process.

Compute(Nova)：Compute的代号是Nova，它根据需求提供虚拟机服务，比如创建虚拟机或对虚拟机做热迁移等。Compute (Nova): The code name of Compute is Nova, which provides virtual machine services according to requirements, such as creating virtual machines or performing live migration of virtual machines.

Object Storage(Swift)：它允许存储或检索对象，也可以认为它允许存储或检索文件，它能以低成本的方式管理大量无结构数据。Object Storage (Swift): It allows storing or retrieving objects, it can also be considered to allow storing or retrieving files, it can manage large amounts of unstructured data in a low-cost way.

Identity(Keystone)：为所有OpenStack服务提供身份验证和授权，跟踪用户以及他们的权限，提供一个可用服务及应用程序编程接口(Application Program Interface,API)列表。Identity (Keystone): Provides authentication and authorization for all OpenStack services, tracks users and their permissions, and provides a list of available services and Application Program Interfaces (APIs).

Dash Board(Horizon)：它为所有OpenStack的服务提供一个模块化的基于Django的界面，通过这个界面，不论是最终用户还是运维人员都可以完成大多数的操作，比如启动虚拟机，分配网际互联协议(Internet Protocol,IP)地址，动态迁移等。Dash Board (Horizon): It provides a modular Django-based interface for all OpenStack services. Through this interface, both end users and operation and maintenance personnel can complete most operations, such as starting virtual machines and distributing Internet connections. Protocol (Internet Protocol, IP) address, dynamic migration, etc.

Block Storage(Cinder)：提供块存储服务。Block Storage (Cinder): Provides block storage services.

Network(Neutron)：用于提供网络连接服务，允许用户创建自己的虚拟网络并连接各种网络设备接口。Network(Neutron): Used to provide network connection services, allowing users to create their own virtual network and connect various network device interfaces.

Image Service(Glance)：提供一个虚拟机镜像的存储、查询和检索服务，通过提供一个虚拟磁盘映像的目录和存储库，为Nova虚拟机提供镜像服务。Image Service (Glance): Provides a virtual machine image storage, query and retrieval service, and provides image services for Nova virtual machines by providing a directory and repository of virtual disk images.

其中，Nova、Neutron和Cinder分管计算、网络和存储。Among them, Nova, Neutron and Cinder are in charge of computing, networking and storage.

PaaS组件的管理端需要管理并维护虚拟机内部软件的状态，因此需要管理端与虚拟机实现网络上的通信。虚拟机位于私有网络内部，需要将私有网络外接至特定的外部网络后，从业务网卡外出，经过三层交换机，才可实现虚拟机和管理节点的PaaS组件管理端通信，局限性较大且不可灵活选择上层网络。The management end of the PaaS component needs to manage and maintain the state of the software inside the virtual machine, so the management end needs to communicate with the virtual machine on the network. The virtual machine is located inside the private network. After the private network is externally connected to a specific external network, it needs to go out from the service network card and pass through the three-layer switch to realize the communication between the virtual machine and the management side of the PaaS component of the management node, which is limited and impossible. Flexible choice of upper-layer network.

在一些环境下的网络规划中，业务网卡和管理网卡在不同的交换机，无法实现互通。针对PaaS组件管理端与虚拟机代理(Agent)通信时需要外出跨三层通信，导致组件网络受制于外部网络配置和用户三层网络选择的问题，本申请提供了一种PaaS组件管理端和虚拟机代理的通信方法及装置，在二层网络上打通了OpenStack私有网络和管理节点服务，不再受制于外部网络配置和用户三层网络选择，具有高可用性和高可靠性。In network planning in some environments, service NICs and management NICs are on different switches and cannot communicate with each other. Aiming at the problem that the PaaS component management terminal needs to communicate with the virtual machine agent (Agent) through three-layer communication, so that the component network is subject to the external network configuration and the user's three-layer network selection, this application provides a PaaS component management terminal and virtual machine. The communication method and device of the machine agent can open up the OpenStack private network and management node services on the second-layer network, and is no longer subject to external network configuration and user three-layer network selection, and has high availability and high reliability.

为使本发明的目的、技术方案和优点更加清楚，下面将结合本发明中的附图，对本发明中的技术方案进行清楚、完整地描述，显然，所描述的实施例是本发明一部分实施例，而不是全部的实施例。基于本发明中的实施例，本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例，都属于本发明保护的范围。In order to make the objectives, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present invention. , not all examples. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

本申请所提供的PaaS组件管理端和虚拟机代理的通信方法及装置，适用于PaaS组件管理端和虚拟机有通信需求的场景，支持的PaaS服务包括但不限于数据库服务DBaaS(Trove组件)、均衡负载服务LBaaS(Octavia组件)。The communication method and device between the PaaS component management terminal and the virtual machine agent provided by this application are suitable for scenarios where the PaaS component management terminal and the virtual machine have communication requirements. The supported PaaS services include but are not limited to database services DBaaS (Trove component), Load balancing service LBaaS (Octavia component).

图1是本申请实施例提供的PaaS组件管理端和虚拟机代理的通信方法的流程示意图，如图1所示，该方法至少包括以下步骤：1 is a schematic flowchart of a communication method between a PaaS component management terminal and a virtual machine agent provided by an embodiment of the present application. As shown in FIG. 1 , the method at least includes the following steps:

步骤101、在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同。Step 101: Create multiple host ports in the private network corresponding to the PaaS component, where the number of the host ports is the same as the number of control nodes.

具体地，在PaaS组件对应的私有网络中创建多个主机端口(Host Port)，主机端口的数量和控制节点的数量相同，以保证每个控制节点都具有通信的能力，保证PaaS组件管理端和虚拟机代理的通信方法的高可用性和高可靠性。Specifically, create multiple host ports (Host Ports) in the private network corresponding to the PaaS component, and the number of host ports is the same as the number of control nodes, so as to ensure that each control node has the ability to communicate, and to ensure that the PaaS component management end and High availability and high reliability of the communication method of the virtual machine agent.

可选地，OpenStack PaaS组件对应的私有网络的网络模式，包括但不限于：虚拟局域网(Virtual Local Area Network,VLAN)、虚拟可扩展局域网(Virtual eXtensibleLocal Area Network,VXLAN)、扁平(Flat)、GRE。Optionally, the network mode of the private network corresponding to the OpenStack PaaS component, including but not limited to: virtual local area network (Virtual Local Area Network, VLAN), virtual extensible local area network (Virtual eXtensible Local Area Network, VXLAN), flat (Flat), GRE .

步骤102、在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联。Step 102: Use Open vSwitch on the br-int bridge of each control node to construct a virtual network card, where the information of the virtual network card is associated with the information of the corresponding host port.

具体地，Open vSwitch类似Linux bridge，它可以实现对二层网络的抽象，对虚拟网络提供分布式交换机功能，运行在云环境中各种或相同虚拟化平台上的多个vSwitch实现了分布式架构的虚拟交换机。Specifically, Open vSwitch is similar to Linux bridge. It can abstract the Layer 2 network and provide distributed switch functions for virtual networks. Multiple vSwitches running on various or the same virtualization platform in the cloud environment realize a distributed architecture. virtual switch.

使用Open vSwitch在各个控制节点的br-int网桥上构建虚拟网卡，虚拟网卡、控制节点和主机端口的数量均相同，以提高通信的可用性和灵活性。虚拟网卡的信息和对应的主机端口的信息关联，这里的信息可以包括端口标识、媒体存取控制地址等信息，两者的信息关联可以指两者的信息有相同的内容。Use Open vSwitch to build virtual network cards on the br-int bridges of each control node. The number of virtual network cards, control nodes and host ports are all the same to improve the availability and flexibility of communication. The information of the virtual network card is associated with the information of the corresponding host port. The information here may include information such as port identification, media access control address, etc. The information association of the two may refer to the same content of the information of the two.

OpenStack使用Open vSwitch作为网络插件时，可实现OpenStack私有网络与主机在二层网络平面互通。When OpenStack uses Open vSwitch as a network plug-in, the OpenStack private network and the host can communicate with each other on the Layer 2 network plane.

步骤103、从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。Step 103: Dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron.

具体地，从neutron提供的动态主机配置协议(Dynamic Host ConfigurationProtocol,DHCP)服务动态获取所述虚拟网卡对应的IP地址。Specifically, the IP address corresponding to the virtual network card is dynamically obtained from a Dynamic Host Configuration Protocol (Dynamic Host Configuration Protocol, DHCP) service provided by neutron.

OpenStack的实例在启动过程中能够从Neutron提供的DHCP服务自动获取虚拟网卡对应的IP地址。OpenStack虚拟机实例可以分配两类地址，一类是私有IP地址，这个地址可以用IP a命令查看；另一类是浮动IP地址，这是由Neutron组件提供的服务，不需要DHCP服务，直接在客户端静态设置即可。The instance of OpenStack can automatically obtain the IP address corresponding to the virtual network card from the DHCP service provided by Neutron during the startup process. An OpenStack virtual machine instance can be assigned two types of addresses, one is a private IP address, which can be viewed with the IP a command; the other is a floating IP address, which is a service provided by the Neutron component and does not require a DHCP service. The client can be set statically.

DHCP主要组件包括：The main components of DHCP include:

DHCP代理(neutron-dhcp-agent):为项目网络提供DHCP功能，提供元数据请求(Metadata Request)服务。DHCP agent (neutron-dhcp-agent): Provide DHCP function for the project network and provide metadata request (Metadata Request) service.

DHCP驱动：用于管理DHCP服务器，默认为DNSmasq,这是有1个提供DHCP和DNS服务的开源软件，提供DNS缓存和DHCP服务功能。DHCP driver: used to manage the DHCP server, the default is DNSmasq, which is an open source software that provides DHCP and DNS services, and provides DNS caching and DHCP service functions.

DHCP代理调度器(Agent Scheduler):负责DHCP代理与网络(Network)的调度。DHCP agent scheduler (Agent Scheduler): responsible for DHCP agent and network (Network) scheduling.

步骤104、基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。Step 104: Create a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the proxy inside the virtual machine to respond to the communication request of the PaaS component management end.

具体地，使用keepalived在主机上拉起虚拟IP(Virtual Internet Protocol,VIP)，创建PaaS组件私有网络平面的VIP，VIP用于实现虚拟机内部代理和PaaS组件管理端的通信。Specifically, use keepalived to pull up a virtual IP (Virtual Internet Protocol, VIP) on the host to create a VIP of the private network plane of the PaaS component, and the VIP is used to implement the communication between the internal agent of the virtual machine and the management end of the PaaS component.

虚拟机代理通过VIP来访问主机管理端服务，例如响应PaaS组件管理端的远程过程调用(Remote Procedure Call,RPC)请求，管理端服务可以直接访问虚拟机IP。The virtual machine agent accesses the host management side service through the VIP, for example, in response to the Remote Procedure Call (RPC) request of the PaaS component management side, the management side service can directly access the virtual machine IP.

本申请实施例提供的PaaS组件管理端和虚拟机代理的通信方法，利用OpenvSwich技术，实现OpenStack PaaS组件管理端与虚拟机代理之间的二层通信，突破PaaS组件对虚拟机外部网络及物理机网络规划的依赖，提高了PaaS组件对不同物理网络架构的适配性。The communication method between the PaaS component management terminal and the virtual machine agent provided by the embodiment of this application uses the OpenvSwich technology to realize the Layer 2 communication between the OpenStack PaaS component management terminal and the virtual machine agent, and breaks through the PaaS component to the external network of the virtual machine and the physical machine. Reliance on network planning improves the adaptability of PaaS components to different physical network architectures.

可选地，所述方法还包括：Optionally, the method further includes:

在构建所述虚拟网卡时，指定所述虚拟网卡的信息，包括网卡类型、状态、端口ID、MAC地址和MTU值。When constructing the virtual network card, specify the information of the virtual network card, including the network card type, state, port ID, MAC address and MTU value.

具体地，在步骤102：在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡时，需要指定虚拟网卡的网卡类型、状态、端口标识(Identity Document,ID)、媒体存取控制(Media Access Control Address,MAC)地址和最大数据包(Maximum TransmissionUnit,MTU)值等信息。Specifically, in step 102: when constructing a virtual network card using Open vSwitch on the br-int bridge of each control node, it is necessary to specify the network card type, status, port identification (Identity Document, ID), media access control ( Media Access Control Address, MAC) address and maximum packet (Maximum TransmissionUnit, MTU) value and other information.

可选地，所述虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。Optionally, the port ID, MAC address and MTU value of the virtual network card are respectively the same as the port ID, MAC address and MTU value of the corresponding host port.

具体地，在步骤102：在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡时，指定虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。Specifically, in step 102: when constructing a virtual network card using Open vSwitch on the br-int bridge of each control node, specify the port ID, MAC address and MTU value of the virtual network card and the port ID, MAC address and corresponding host port. The MTU values are the same respectively.

可选地，所述虚拟网卡的网卡类型为Internal，所述虚拟网卡的状态为Active。Optionally, the network card type of the virtual network card is Internal, and the status of the virtual network card is Active.

具体地，在步骤102：在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡时，虚拟网卡的网卡类型为Internal，状态为Active。Specifically, in step 102: when a virtual network card is constructed by using Open vSwitch on the br-int bridge of each control node, the network card type of the virtual network card is Internal and the state is Active.

可选地，所述从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址，包括：Optionally, dynamically obtaining the IP address corresponding to the virtual network card from the DHCP service provided by neutron includes:

通过dhclient命令从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。The IP address corresponding to the virtual network card is dynamically obtained from the DHCP service provided by neutron through the dhclient command.

具体地，虚拟网卡对应的IP地址的获取方式为dhclient动态获取。Specifically, the IP address corresponding to the virtual network card is obtained dynamically by dhclient.

dhclient命令的功能是用于动态获取或释放IP地址。使用dhclient命令前可以将网卡模式设置成DHCP自动获取，否则静态模式的网卡是不会主动向服务器获取如IP地址等网卡信息的。The function of the dhclient command is to dynamically obtain or release an IP address. Before using the dhclient command, you can set the network card mode to DHCP to obtain automatically, otherwise the network card in static mode will not actively obtain network card information such as IP address from the server.

可选地，所述方法还包括：Optionally, the method further includes:

调整所述PaaS组件所依赖管理服务的监听端口为全网段监听。Adjust the monitoring port of the management service on which the PaaS component depends to monitor the entire network segment.

具体地，在步骤101：在PaaS组件对应的私有网络中创建多个主机端口之前，还可以调整PaaS组件所依赖管理服务的监听端口为全网端监听，保证控制节点的所有网络平面都可以访问对应的服务。Specifically, in step 101: before multiple host ports are created in the private network corresponding to the PaaS component, the monitoring port of the management service on which the PaaS component depends can also be adjusted to be monitored by the whole network to ensure that all network planes of the control node can be accessed corresponding service.

可选地，在调整PaaS组件所依赖管理服务的监听端口为全网段监听之后，在PaaS组件对应的私有网络中创建多个主机端口之前，还可以在OpenStack内创建安全组，限制安全策略，以增强通信的安全性。Optionally, after adjusting the listening port of the management service on which the PaaS component depends to monitor the entire network segment, before creating multiple host ports in the private network corresponding to the PaaS component, you can also create a security group in OpenStack to restrict the security policy, to enhance the security of communication.

下面以一个具体的示例对本申请提供的技术方案进行说明。The technical solution provided by the present application is described below with a specific example.

本申请实施例提供一种PaaS组件管理端和虚拟机代理的通信方法，该方法包括：The embodiment of the present application provides a communication method between a PaaS component management terminal and a virtual machine agent, and the method includes:

步骤1、调整PaaS组件所依赖管理服务的监听端口为全网段监听，保证控制节点的所有网络平面均可访问到该服务。Step 1. Adjust the monitoring port of the management service on which the PaaS component depends to monitor the entire network segment to ensure that all network planes of the control node can access the service.

步骤2、OpenStack内创建安全组，限制安全策略。Step 2. Create a security group in OpenStack to restrict security policies.

步骤3、在PaaS组件对应的私有网络内创建多个主机端口，主机端口的数量等同于控制节点的个数。主机端口使用步骤2创建的安全组，且每个主机端口均放通相同IP的VIP地址，保证VIP地址的网络包可从该主机端口正常通过。Step 3. Create multiple host ports in the private network corresponding to the PaaS component, and the number of host ports is equal to the number of control nodes. The host port uses the security group created in step 2, and each host port allows the VIP address of the same IP address to ensure that the network packets of the VIP address can pass through the host port normally.

步骤4、查看步骤3中创建的主机端口的以下信息：端口ID、MAC地址、MTU值。Step 4. View the following information of the host port created in Step 3: port ID, MAC address, and MTU value.

步骤5、在各控制节点的br-int网桥上，创建虚拟网卡。网卡类型为internal，状态active，Port ID、MAC地址与MTU值使用步骤4查看到的主机端口的信息。Step 5. Create a virtual network card on the br-int bridge of each control node. The network card type is internal, the status is active, and the port ID, MAC address, and MTU value use the host port information viewed in step 4.

步骤6、控制节点设置链路测试端口，MAC地址同步骤5中主机端口的MAC地址。Step 6: The control node sets the link test port, and the MAC address is the same as the MAC address of the host port in step 5.

步骤7、使用dhclient命令从neutron dhcp agent中获取当前节点上网卡对应的IP信息。Step 7. Use the dhclient command to obtain the IP information corresponding to the network card of the current node from the neutron dhcp agent.

步骤8、所有控制节点都配置完端口后，使用keepalived拉起VIP，解决单点问题。Step 8. After all control nodes are configured with ports, use keepalived to pull up the VIP to solve the single-point problem.

步骤9、PaaS组件的虚拟机agent即可通过VIP与管理服务通信。Step 9. The virtual machine agent of the PaaS component can communicate with the management service through the VIP.

本申请实施例提供的PaaS组件管理端和虚拟机代理的通信方法，利用OpenvSwich技术，实现OpenStack PaaS组件管理端与虚拟机代理之间的二层通信，突破PaaS组件对虚拟机外部网络及物理机网络规划的依赖，提高了PaaS组件对不同物理网络架构的适配性。The communication method between the PaaS component management terminal and the virtual machine agent provided by the embodiment of this application uses the OpenvSwich technology to realize the Layer 2 communication between the OpenStack PaaS component management terminal and the virtual machine agent, and breaks through the PaaS component to the external network of the virtual machine and the physical machine. Reliance on network planning improves the adaptability of PaaS components to different physical network architectures.

下面对本发明提供的PaaS组件管理端和虚拟机代理的通信装置进行描述，下文描述的PaaS组件管理端和虚拟机代理的通信装置与上文描述的PaaS组件管理端和虚拟机代理的通信方法可相互对应参照。The communication device of the PaaS component management terminal and the virtual machine agent provided by the present invention is described below. The communication device of the PaaS component management terminal and the virtual machine agent described below and the communication method of the PaaS component management terminal and the virtual machine agent described above can be refer to each other.

图2是本申请实施例提供的PaaS组件管理端和虚拟机代理的通信装置的结构示意图，如图2所示，该装置至少包括：2 is a schematic structural diagram of a communication device between a PaaS component management end and a virtual machine agent provided by an embodiment of the present application. As shown in FIG. 2 , the device at least includes:

主机端口创建模块201，用于在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；The hostport creation module 201 is used to create a plurality of host ports in the private network corresponding to the PaaS component, and the number of the host ports is the same as the number of control nodes;

虚拟网卡构建模块202，用于在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；A virtual networkcard building module 202, configured to use Open vSwitch on the br-int bridge of each control node to build a virtual network card, where the information of the virtual network card is associated with the information of the corresponding host port;

IP地址获取模块203，用于从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；The IPaddress obtaining module 203 is configured to dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;

虚拟IP创建模块204，用于基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。The virtualIP creation module 204 is configured to create a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the agent inside the virtual machine to respond to the communication request of the management end of the PaaS component.

可选地，所述装置还包括：Optionally, the device further includes:

信息指定模块，用于在构建所述虚拟网卡时，指定所述虚拟网卡的信息，包括网卡类型、状态、端口ID、MAC地址和MTU值。The information specifying module is used for specifying the information of the virtual network card when constructing the virtual network card, including the network card type, status, port ID, MAC address and MTU value.

可选地，所述虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。Optionally, the port ID, MAC address and MTU value of the virtual network card are respectively the same as the port ID, MAC address and MTU value of the corresponding host port.

可选地，所述虚拟网卡的网卡类型为Internal，所述虚拟网卡的状态为Active。Optionally, the network card type of the virtual network card is Internal, and the status of the virtual network card is Active.

可选地，所述IP地址获取模块还用于：Optionally, the IP address obtaining module is also used for:

通过dhclient命令从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。The IP address corresponding to the virtual network card is dynamically obtained from the DHCP service provided by neutron through the dhclient command.

可选地，所述装置还包括：Optionally, the device further includes:

监听调整模块，用于调整所述PaaS组件所依赖管理服务的监听端口为全网段监听。The monitoring adjustment module is used to adjust the monitoring port of the management service on which the PaaS component depends to be monitoring on the entire network segment.

图3是本申请实施例提供的电子设备的结构示意图，如图3所示，该电子设备可以包括：处理器(processor)301、通信接口(Communications Interface)302、存储器(memory)303和通信总线304，其中，处理器301，通信接口302，存储器303通过通信总线304完成相互间的通信。FIG. 3 is a schematic structural diagram of an electronic device provided by an embodiment of the present application. As shown in FIG. 3 , the electronic device may include: a processor (processor) 301, a communications interface (Communications Interface) 302, a memory (memory) 303, and acommunication bus 304 , wherein, theprocessor 301 , thecommunication interface 302 , and thememory 303 complete the communication with each other through thecommunication bus 304 .

此外，上述的存储器303中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时，可以存储在一个计算机可读取存储介质中。基于这样的理解，本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来，该计算机软件产品存储在一个存储介质中，包括若干指令用以使得一台计算机设备(可以是个人计算机，服务器，或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括：U盘、移动硬盘、只读存储器(ROM，Read-Only Memory)、随机存取存储器(RAM，Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, the above-mentioned logic instructions in thememory 303 can be implemented in the form of software functional units and can be stored in a computer-readable storage medium when sold or used as an independent product. Based on such understanding, the technical solution of the present invention can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes: U disk, removable hard disk, Read-Only Memory (ROM, Read-Only Memory), Random Access Memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes .

处理器301可以调用存储器303中的逻辑指令，以执行PaaS组件管理端和虚拟机代理的通信方法，该方法包括：Theprocessor 301 can invoke the logic instructions in thememory 303 to execute the communication method between the PaaS component management terminal and the virtual machine agent, and the method includes:

在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；Create multiple host ports in the private network corresponding to the PaaS component, and the number of the host ports is the same as the number of control nodes;

在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；Using Open vSwitch on the br-int bridge of each control node to construct a virtual network card, the information of the virtual network card is associated with the information of the corresponding host port;

从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；Dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;

基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。Create a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the proxy inside the virtual machine to respond to the communication request of the management end of the PaaS component.

可选地，所述方法还包括：Optionally, the method further includes:

在构建所述虚拟网卡时，指定所述虚拟网卡的信息，包括网卡类型、状态、端口ID、MAC地址和MTU值。When constructing the virtual network card, specify the information of the virtual network card, including the network card type, state, port ID, MAC address and MTU value.

可选地，所述虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。Optionally, the port ID, MAC address and MTU value of the virtual network card are respectively the same as the port ID, MAC address and MTU value of the corresponding host port.

可选地，所述虚拟网卡的网卡类型为Internal，所述虚拟网卡的状态为Active。Optionally, the network card type of the virtual network card is Internal, and the status of the virtual network card is Active.

可选地，所述从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址，包括：Optionally, dynamically obtaining the IP address corresponding to the virtual network card from the DHCP service provided by neutron includes:

通过dhclient命令从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。The IP address corresponding to the virtual network card is dynamically obtained from the DHCP service provided by neutron through the dhclient command.

可选地，所述方法还包括：Optionally, the method further includes:

调整所述PaaS组件所依赖管理服务的监听端口为全网段监听。Adjust the monitoring port of the management service on which the PaaS component depends to monitor the entire network segment.

另一方面，本发明还提供一种计算机程序产品，所述计算机程序产品包括计算机程序，计算机程序可存储在非暂态计算机可读存储介质上，所述计算机程序被处理器执行时，计算机能够执行上述各方法所提供的PaaS组件管理端和虚拟机代理的通信方法，该方法包括：In another aspect, the present invention also provides a computer program product, the computer program product includes a computer program, the computer program can be stored on a non-transitory computer-readable storage medium, and when the computer program is executed by a processor, the computer can Execute the communication method between the PaaS component management terminal and the virtual machine agent provided by the above methods, and the method includes:

在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；Create multiple host ports in the private network corresponding to the PaaS component, and the number of the host ports is the same as the number of control nodes;

在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；A virtual network card is constructed using Open vSwitch on the br-int bridge of each control node, and the information of the virtual network card is associated with the information of the corresponding host port;

从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；Dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;

基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。Create a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the proxy inside the virtual machine to respond to the communication request of the management end of the PaaS component.

可选地，所述方法还包括：Optionally, the method further includes:

在构建所述虚拟网卡时，指定所述虚拟网卡的信息，包括网卡类型、状态、端口ID、MAC地址和MTU值。When constructing the virtual network card, specify the information of the virtual network card, including the network card type, state, port ID, MAC address and MTU value.

可选地，所述虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。Optionally, the port ID, MAC address and MTU value of the virtual network card are respectively the same as the port ID, MAC address and MTU value of the corresponding host port.

可选地，所述虚拟网卡的网卡类型为Internal，所述虚拟网卡的状态为Active。Optionally, the network card type of the virtual network card is Internal, and the status of the virtual network card is Active.

可选地，所述从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址，包括：Optionally, dynamically obtaining the IP address corresponding to the virtual network card from the DHCP service provided by neutron includes:

通过dhclient命令从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。The IP address corresponding to the virtual network card is dynamically obtained from the DHCP service provided by neutron through the dhclient command.

可选地，所述方法还包括：Optionally, the method further includes:

调整所述PaaS组件所依赖管理服务的监听端口为全网段监听。Adjust the monitoring port of the management service on which the PaaS component depends to monitor the entire network segment.

又一方面，本发明还提供一种非暂态计算机可读存储介质，其上存储有计算机程序，该计算机程序被处理器执行时实现以执行上述各方法提供的PaaS组件管理端和虚拟机代理的通信方法，该方法包括：In yet another aspect, the present invention also provides a non-transitory computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, it is implemented to execute the PaaS component management terminal and the virtual machine agent provided by the above methods communication method, the method includes:

在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；Create multiple host ports in the private network corresponding to the PaaS component, and the number of the host ports is the same as the number of control nodes;

在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；A virtual network card is constructed using Open vSwitch on the br-int bridge of each control node, and the information of the virtual network card is associated with the information of the corresponding host port;

从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；Dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;

基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。Create a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the proxy inside the virtual machine to respond to the communication request of the management end of the PaaS component.

可选地，所述方法还包括：Optionally, the method further includes:

在构建所述虚拟网卡时，指定所述虚拟网卡的信息，包括网卡类型、状态、端口ID、MAC地址和MTU值。When constructing the virtual network card, specify the information of the virtual network card, including the network card type, state, port ID, MAC address and MTU value.

可选地，所述虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。Optionally, the port ID, MAC address and MTU value of the virtual network card are respectively the same as the port ID, MAC address and MTU value of the corresponding host port.

可选地，所述虚拟网卡的网卡类型为Internal，所述虚拟网卡的状态为Active。Optionally, the network card type of the virtual network card is Internal, and the status of the virtual network card is Active.

可选地，所述从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址，包括：Optionally, dynamically obtaining the IP address corresponding to the virtual network card from the DHCP service provided by neutron includes:

通过dhclient命令从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。The IP address corresponding to the virtual network card is dynamically obtained from the DHCP service provided by neutron through the dhclient command.

可选地，所述方法还包括：Optionally, the method further includes:

调整所述PaaS组件所依赖管理服务的监听端口为全网段监听。Adjust the monitoring port of the management service on which the PaaS component depends to monitor the entire network segment.

以上所描述的装置实施例仅仅是示意性的，其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的，作为单元显示的部件可以是或者也可以不是物理单元，即可以位于一个地方，或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下，即可以理解并实施。The device embodiments described above are only illustrative, wherein the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed over multiple network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution in this embodiment. Those of ordinary skill in the art can understand and implement it without creative effort.

通过以上的实施方式的描述，本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现，当然也可以通过硬件。基于这样的理解，上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来，该计算机软件产品可以存储在计算机可读存储介质中，如ROM/RAM、磁碟、光盘等，包括若干指令用以使得一台计算机设备(可以是个人计算机，服务器，或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。From the description of the above embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus a necessary general hardware platform, and certainly can also be implemented by hardware. Based on this understanding, the above-mentioned technical solutions can be embodied in the form of software products in essence or the parts that make contributions to the prior art, and the computer software products can be stored in computer-readable storage media, such as ROM/RAM, magnetic A disc, an optical disc, etc., includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the methods described in various embodiments or some parts of the embodiments.

最后应说明的是：以上实施例仅用以说明本发明的技术方案，而非对其限制；尽管参照前述实施例对本发明进行了详细的说明，本领域的普通技术人员应当理解：其依然可以对前述各实施例所记载的技术方案进行修改，或者对其中部分技术特征进行等同替换；而这些修改或者替换，并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present invention, but not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand: it can still be Modifications are made to the technical solutions described in the foregoing embodiments, or some technical features thereof are equivalently replaced; and these modifications or replacements do not make the essence of the corresponding technical solutions depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (10)

Translated fromChinese

1.一种PaaS组件管理端和虚拟机代理的通信方法，其特征在于，包括：1. the communication method of a PaaS component management terminal and virtual machine agent, is characterized in that, comprises:在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；Create multiple host ports in the private network corresponding to the PaaS component, and the number of the host ports is the same as the number of control nodes;在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；A virtual network card is constructed using Open vSwitch on the br-int bridge of each control node, and the information of the virtual network card is associated with the information of the corresponding host port;从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；Dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。Create a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the proxy inside the virtual machine to respond to the communication request of the management end of the PaaS component.2.根据权利要求1所述的PaaS组件管理端和虚拟机代理的通信方法，其特征在于，所述方法还包括：2. The communication method of PaaS component management terminal and virtual machine agent according to claim 1, is characterized in that, described method also comprises:在构建所述虚拟网卡时，指定所述虚拟网卡的信息，包括网卡类型、状态、端口ID、MAC地址和MTU值。When constructing the virtual network card, specify the information of the virtual network card, including the network card type, state, port ID, MAC address and MTU value.3.根据权利要求2所述的PaaS组件管理端和虚拟机代理的通信方法，其特征在于，所述虚拟网卡的端口ID，MAC地址和MTU值与对应的主机端口的端口ID、MAC地址和MTU值分别相同。3. the communication method of PaaS component management terminal according to claim 2 and virtual machine agent, it is characterized in that, the port ID of described virtual network card, MAC address and MTU value and the port ID of corresponding host port, MAC address and The MTU values are the same respectively.4.根据权利要求2或3所述的PaaS组件管理端和虚拟机代理的通信方法，其特征在于，所述虚拟网卡的网卡类型为Internal，所述虚拟网卡的状态为Active。4. The communication method between the PaaS component management terminal and the virtual machine agent according to claim 2 or 3, wherein the network card type of the virtual network card is Internal, and the state of the virtual network card is Active.5.根据权利要求1所述的PaaS组件管理端和虚拟机代理的通信方法，其特征在于，所述从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址，包括：5. The communication method of the PaaS component management terminal and the virtual machine agent according to claim 1, wherein the dynamic acquisition of the IP address corresponding to the virtual network card from the DHCP service provided by neutron comprises:通过dhclient命令从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址。The IP address corresponding to the virtual network card is dynamically obtained from the DHCP service provided by neutron through the dhclient command.6.根据权利要求1所述的PaaS组件管理端和虚拟机代理的通信方法，其特征在于，所述方法还包括：6. The communication method of the PaaS component management terminal and the virtual machine agent according to claim 1, wherein the method further comprises:调整所述PaaS组件所依赖管理服务的监听端口为全网段监听。Adjust the monitoring port of the management service on which the PaaS component depends to monitor the entire network segment.7.一种PaaS组件管理端和虚拟机代理的通信装置，其特征在于，包括：7. A communication device of a PaaS component management terminal and a virtual machine agent, characterized in that, comprising:主机端口创建模块，用于在PaaS组件对应的私有网络中创建多个主机端口，所述主机端口的数量和控制节点的数量相同；a host port creation module for creating multiple host ports in the private network corresponding to the PaaS component, the number of the host ports being the same as the number of control nodes;虚拟网卡构建模块，用于在各个控制节点的br-int网桥上使用Open vSwitch构建虚拟网卡，所述虚拟网卡的信息和对应的主机端口的信息关联；A virtual network card building module, used to construct a virtual network card using Open vSwitch on the br-int bridge of each control node, the information of the virtual network card is associated with the information of the corresponding host port;IP地址获取模块，用于从neutron提供的DHCP服务动态获取所述虚拟网卡对应的IP地址；The IP address obtaining module is used to dynamically obtain the IP address corresponding to the virtual network card from the DHCP service provided by neutron;虚拟IP创建模块，用于基于keepalived创建私有网络平面的虚拟IP，所述虚拟IP用于虚拟机内部的代理响应PaaS组件管理端的通信请求。The virtual IP creation module is used for creating a virtual IP of the private network plane based on keepalived, where the virtual IP is used by the agent inside the virtual machine to respond to the communication request of the management end of the PaaS component.8.一种电子设备，包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序，其特征在于，所述处理器执行所述程序时实现如权利要求1至6任一项所述PaaS组件管理端和虚拟机代理的通信方法。8. An electronic device comprising a memory, a processor and a computer program stored on the memory and running on the processor, wherein the processor implements the program as claimed in claim 1 when executing the program The communication method between the PaaS component management terminal and the virtual machine agent described in any one of to 6.9.一种非暂态计算机可读存储介质，其上存储有计算机程序，其特征在于，所述计算机程序被处理器执行时实现如权利要求1至6任一项所述PaaS组件管理端和虚拟机代理的通信方法。9. A non-transitory computer-readable storage medium on which a computer program is stored, characterized in that, when the computer program is executed by the processor, the PaaS component management terminal and The communication method of the virtual machine agent.10.一种计算机程序产品，包括计算机程序，其特征在于，所述计算机程序被处理器执行时实现如权利要求1至6任一项所述PaaS组件管理端和虚拟机代理的通信方法。10. A computer program product, comprising a computer program, wherein when the computer program is executed by a processor, the communication method between the PaaS component management terminal and the virtual machine agent according to any one of claims 1 to 6 is implemented.

Images