Disclosure of Invention
The embodiment of the application provides a configuration issuing verification method, device and medium for an SDN controller, which are used for solving the problem that the accuracy of configuration issuing of the SDN controller needs to be effectively ensured.
The embodiment of the application adopts the following technical scheme:
On one hand, the embodiment of the application provides a configuration issuing verification method for an SDN controller, which comprises the steps that the SDN controller extracts service types and equipment types from service data, converts the service data according to the service types and the equipment types to generate identifiable command lines, matches the service types and the equipment types in a command template database to obtain a target command template, performs configuration integrity verification on the identifiable command lines according to the target command template, performs data correctness verification on the identifiable command lines according to the service data, performs configuration conflict verification on the identifiable command lines according to historical configuration content, and performs configuration issuing on the identifiable command lines when the configuration integrity verification and the data correctness verification and the configuration conflict verification pass.
In one example, the configuration integrity check of the identifiable command line according to the target command template specifically includes determining whether the total line number of the identifiable command line is consistent with the total line number of the target command template, if so, sequentially determining whether the line number of each line in the identifiable command line is consistent with the line number of each line in the target command template, and if so, determining that the configuration integrity check of the identifiable command line is passed.
In one example, the checking the correctness of the data of the identifiable command line according to the service data specifically includes determining whether the key parameter content in the identifiable command line is consistent with the service content in the service data, and if so, determining that the data correctness of the identifiable command line passes.
In one example, the performing configuration conflict verification on the identifiable command line according to the historical configuration content specifically includes searching whether the configuration record of the service type and the equipment type exists in the historical configuration content, and if not, determining that the configuration conflict verification of the identifiable command line passes.
In one example, the method further comprises the steps of generating a verification result of configuration integrity check, data correctness check and configuration conflict check, calling a nanotube device topological graph of the SDN controller, and displaying the verification result in the nanotube device topological graph in a graphical mode.
In one example, the method further comprises the steps of determining a nanotube equipment model position corresponding to the equipment type in the nanotube equipment topological graph when the verification fails, and displaying the reason for the failure in a preset display area of the nanotube equipment model position.
In one example, before the service type and the device type are matched in a command template database to obtain a target command template, the method further comprises the steps of obtaining a sample service type and a sample device type, constructing a sample command template of the sample service type and the sample device type, establishing a mapping relation between the sample service type and the sample device type and the sample command template, outputting the sample command template to a command template database, and associating the mapping relation with the sample command template in the command template database.
In one example, the SDN controller extracts service types and equipment types from service data, and specifically comprises the steps that the SDN controller acquires the service data through a display interface, extracts the service types in data positions of the service types according to preset writing rules of the service data, and extracts the equipment types in data positions of the equipment types.
In another aspect, an embodiment of the present application provides a configuration issuing verification device for an SDN controller, including at least one processor, and a memory communicatively connected to the at least one processor, where the memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor, so that the at least one processor can execute a configuration issuing verification method for an SDN controller according to any one of the foregoing embodiments.
On the other hand, the embodiment of the application provides a configuration issuing verification non-volatile computer storage medium aiming at an SDN controller, wherein computer executable instructions are stored, and the computer executable instructions can execute the configuration issuing verification method aiming at the SDN controller.
The above at least one technical scheme adopted by the embodiment of the application can achieve the following beneficial effects:
Before service configuration is issued, the service configuration can be subjected to configuration integrity verification through the constructed command template, and incomplete identifiable command lines can be identified in advance. In addition, by combining the service data and carrying out data correctness checking on the identifiable command, the identifiable command line with a conversion error can be identified in advance. In addition, by combining historical configuration content, the configuration conflict verification is performed on the identifiable command line, so that whether the service configuration is repeatedly issued is recognized in advance, the configuration to be issued is comprehensively and early verified through three dimensions of configuration integrity, configuration data correctness and existing configuration conflict, the service configuration can be effectively ensured to be correctly issued to hardware equipment, the configuration issuing effectiveness is improved, network interruption caused by configuration abnormality can be avoided to the greatest extent, and the configuration pre-verification result is intuitively, quickly and comprehensively provided, so that configuration errors or configuration conflicts are prevented from influencing the stability of the network.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be clearly and completely described below with reference to specific embodiments and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Some embodiments of the present application are described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic flow chart of a configuration issuing verification method for an SDN controller according to an embodiment of the present application. The method can be applied to different business fields, such as the internet financial business field, the electric business field, the instant messaging business field, the game business field, the public business field and the like. The process may be performed by computing devices in the respective areas, with some input parameters or intermediate results in the process allowing manual intervention adjustments to help improve accuracy.
The implementation of the analysis method according to the embodiment of the present application may be a terminal device or a server, which is not particularly limited in the present application. For ease of understanding and description, the following embodiments are described in detail with reference to a server.
It should be noted that the server may be a single device, or may be a system formed by a plurality of devices, that is, a distributed server, which is not particularly limited in the present application.
The flow in fig. 1 includes the following steps:
s101, the SDN controller extracts service types and device types from service data.
In some embodiments of the present application, the SDN controller obtains service data through a display interface. For example, a user inputs service data on a display interface of the SDN controller.
Then, according to a preset writing rule of the service data, the service type is extracted in a data position of the service type, and the device type is extracted in a data position of the device type.
For example, the device type is a type a switch, and the service type is an ACL policy.
S102, converting the service data according to the service type and the equipment type to generate an identifiable command line.
And searching the service type and the equipment type in the command line format mapping relation table to obtain a target command line format, so that relevant parameters of service data are converted according to the target command line format to obtain an identifiable command line.
S103, matching the service type and the equipment type in a command template database to obtain a target command template.
In some embodiments of the present application, it is desirable to pre-build a command template database that includes a plurality of command templates.
Specifically, first, a sample service type and a sample device type are acquired, and a sample command template of the sample service type and the sample device type is constructed. Then, a mapping relation between the sample service type and the sample equipment type and the sample command template is established. And outputting the sample command template to a command template database, and associating the mapping relation with the sample command template in the command template database.
It should be noted that, for some service types and device types, a command line with a fixed configuration may be provided, so a command template may be provided, which is actually a command line that may have a configuration issued.
S104, carrying out configuration integrity check on the identifiable command line according to the target command template.
In some embodiments of the present application, the process of configuring integrity checks for recognizable command lines is as follows:
First, it is determined whether the total number of recognizable command lines is consistent with the total number of target command templates. If so, sequentially judging whether the line number of each line in the identifiable command line is consistent with the line number of each line in the target command template. If so, determining that the configuration integrity check of the identifiable command line passes.
It should be noted that, when the total number of lines of the identifiable command lines is inconsistent with the total number of lines of the target command template, it is determined that the configuration integrity check of the identifiable command lines is not passed, and the number of lines of each line is not judged any more. In addition, when the number of lines in each line in the identifiable command line is inconsistent with the number of lines in each line in the target command template, it is determined that the configuration integrity check of the identifiable command line is not passed.
For example, if the number of lines between line 3 of the identifiable command line and line 3 of the target command template is different, then it is determined that the configuration integrity check of the identifiable command line is not passed.
S105, according to the service data, checking the data correctness of the identifiable command.
In some embodiments of the present application, to prevent errors in the service data during the process of converting the service data into the recognizable command line, the service contents of a specific configuration are checked.
Specifically, first, it is determined whether the critical parameter content in the identifiable command line is consistent with the business content in the business data. If the data are consistent, determining that the data of the identifiable command data pass the correctness check.
It should be noted that, the key parameter content of the identifiable command line is obtained by converting the service content in the service data.
When the key parameter content in the identifiable command line is inconsistent with the service content in the service data, determining that the correctness check of the identifiable command line data is not passed.
S106, carrying out configuration conflict verification on the identifiable command line according to the historical configuration content.
In some embodiments of the present application, it is desirable to detect whether there is a conflict with an existing configuration, i.e., whether the configuration has been issued.
Specifically, in the history configuration content, it is retrieved whether there is a configuration record of the service type and the device type. If not, determining that the configuration conflict verification of the identifiable command line passes. If so, it is determined that the configuration conflict check of the identifiable command line fails.
And S107, when the configuration integrity check, the data correctness check and the configuration conflict check are all passed, the identifiable command line is configured and issued.
When any one of the configuration integrity check, the data correctness check and the configuration conflict check is not checked, the identifiable command line is not configured and issued any more, but configuration issuing failure notification information is generated, and the failure notification information is fed back to the user
In some embodiments of the present application, a nanotube device topology graph is constructed in order to visually demonstrate configuration pre-verification results using a graphical approach.
Specifically, a configuration integrity check, a data correctness check, and a configuration conflict check result are generated. Then, a nanotube device topology map of the SDN controller is invoked. And finally, displaying the verification result in a topological graph of the nanotube equipment in a graphical mode.
And when the verification fails, determining the position of the nanotube equipment model corresponding to the equipment type in the topological graph of the nanotube equipment. And displaying the reasons for the failed verification in a preset display area of the position of the nanotube equipment model. So that failure information can be presented at specific locations in the overall network topology.
Therefore, the position of the specific configuration conflict is displayed on the topological graph in a graphical mode, and if the pre-verification fails, the investigation is convenient.
Under the condition of SDN, when the configuration is issued to the hardware equipment through the SDN controller, the correctness of the configuration needs to be ensured, the problem that the service is on line due to the issue error of the new configuration is avoided, and the problem that the existing service is affected due to the conflict between the new configuration and the configuration of the existing service is avoided. Therefore, the SDN controller performs pre-verification on the new configuration before issuing, and the verification result is displayed in a graphical mode, so that problematic configuration is intuitively displayed, and the problem configuration is prevented from affecting the network stability.
It should be noted that, although the embodiment of the present application is described with reference to fig. 1 to sequentially describe steps S101 to S107, this does not represent that steps S101 to S107 must be performed in strict order. The steps S101 to S107 are sequentially described according to the sequence shown in fig. 1 in order to facilitate the understanding of the technical solution of the embodiment of the present application by those skilled in the art. In other words, in the embodiment of the present application, the sequence between the steps S101 to S107 may be appropriately adjusted according to the actual needs.
By the method of fig. 1, before service configuration is issued, the service configuration can be checked for configuration integrity through the constructed command template, and incomplete identifiable command lines can be identified in advance. In addition, by combining the service data and carrying out data correctness checking on the identifiable command, the identifiable command line with a conversion error can be identified in advance. In addition, by combining historical configuration content, the configuration conflict verification is performed on the identifiable command line, so that whether the service configuration is repeatedly issued is recognized in advance, the configuration to be issued is comprehensively and early verified through three dimensions of configuration integrity, configuration data correctness and existing configuration conflict, the service configuration can be effectively ensured to be correctly issued to hardware equipment, the configuration issuing effectiveness is improved, network interruption caused by configuration abnormality can be avoided to the greatest extent, and the configuration pre-verification result is intuitively, quickly and comprehensively provided, so that configuration errors or configuration conflicts are prevented from influencing the stability of the network.
Based on the same thought, some embodiments of the present application also provide a device and a non-volatile computer storage medium corresponding to the above method.
Fig. 2 is a schematic structural diagram of a configuration issuing verification device for an SDN controller according to an embodiment of the present application, where the configuration issuing verification device includes:
At least one processor, and
A memory communicatively coupled to the at least one processor, wherein,
The memory stores instructions executable by the at least one processor to enable the at least one processor to perform a configuration issuing verification method for an SDN controller as set forth in any one of the preceding claims.
Some embodiments of the present application provide a configuration issuing verification method for an SDN controller, where the configuration issuing verification method for an SDN controller is provided by the present application.
The embodiments of the present application are described in a progressive manner, and the same and similar parts of the embodiments are all referred to each other, and each embodiment is mainly described in the differences from the other embodiments. In particular, for the apparatus and medium embodiments, the description is relatively simple, as it is substantially similar to the method embodiments, with reference to the section of the method embodiments being relevant.
The devices and media provided in the embodiments of the present application are in one-to-one correspondence with the methods, so that the devices and media also have similar beneficial technical effects as the corresponding methods, and since the beneficial technical effects of the methods have been described in detail above, the beneficial technical effects of the devices and media are not repeated here.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and variations of the present application will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the technical principle of the present application should fall within the protection scope of the present application.