Nothing Special   »   [go: up one dir, main page]

CN113452806A - Container adaptation SDN network management method and system based on Kubernetes system - Google Patents

Container adaptation SDN network management method and system based on Kubernetes system Download PDF

Info

Publication number
CN113452806A
CN113452806A CN202110704321.XA CN202110704321A CN113452806A CN 113452806 A CN113452806 A CN 113452806A CN 202110704321 A CN202110704321 A CN 202110704321A CN 113452806 A CN113452806 A CN 113452806A
Authority
CN
China
Prior art keywords
host
container
cni
container group
network card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110704321.XA
Other languages
Chinese (zh)
Other versions
CN113452806B (en
Inventor
戴秋萍
蓝维洲
吴必强
翟怀楼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Daoke Network Technology Co ltd
Original Assignee
Shanghai Daoke Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Daoke Network Technology Co ltd filed Critical Shanghai Daoke Network Technology Co ltd
Priority to CN202110704321.XA priority Critical patent/CN113452806B/en
Publication of CN113452806A publication Critical patent/CN113452806A/en
Application granted granted Critical
Publication of CN113452806B publication Critical patent/CN113452806B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides a Kubernetes system-based container adaptation SDN network management method and system. The Kubernetes system is used for managing a host machine, a container group runs on the host machine, and the method comprises the following steps: binding the IP used for container group distribution with the network card of the host machine in a Kubernetes system so as to establish the mapping relation between the IP used for container group distribution and the host machine; the host machine receives an ARP request packet in the SDN, and after the ARP agent deployed on the host machine confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host machine is used as a response of the ARP request packet. Therefore, the data packets can be normally transmitted and routed when the container group running on the host machine uses real IP for communication in the SDN network.

Description

Container adaptation SDN network management method and system based on Kubernetes system
Technical Field
The application relates to the technical field of container cloud, in particular to a Kubernetes system-based container adaptation SDN network management method and system.
Background
The container cloud platform has gradually become an important ring in digital transformation of many enterprises, and has become an important choice for realizing micro-servitization, unification, standardization and high business elasticity of business applications. When a container cloud platform is built by a plurality of enterprises, multi-cloud scene planning exists, the container cloud platform is required to be deployed on a private cloud, and meanwhile, the container cloud platform is required to be built on a private cloud or a public cloud built in an IT system.
At present, public clouds are Network architectures based on a Soft Defined Network (SDN), most SDN networks check source IP/MAC and destination IP/MAC in data packets according to security policies, and a Kubernets container group deployed on the SDN Network must meet registered IP/MAC correspondence in the SDN Network, so that the data packets can be routed correctly. However, in the existing Underlay (infrastructure layer) scheme, the container group IP/MAC allocated by the container platform cannot be identified as a legitimate IP/MAC by the SDN network, and therefore, the SDN network cannot pass such container group communication data packets, so that the container group cannot communicate using a real IP.
Therefore, there is a need to provide an improved solution to the above-mentioned deficiencies of the prior art.
Disclosure of Invention
The present application aims to provide a container adaptation SDN network management method and system based on a Kubernetes system, so as to solve or alleviate the above problems in the prior art.
In order to achieve the above purpose, the present application provides the following technical solutions:
the application provides a container adaptation SDN network management method based on a Kubernetes system, wherein the Kubernetes system is used for managing a host machine, a container group runs on the host machine, and the method comprises the following steps: step S101, binding the IP used for container group distribution and the network card of the host machine in the Kubernetes system, thereby establishing the mapping relation between the IP used for container group distribution and the host machine; step S102, the host receives an ARP request packet in an SDN network, and after an ARP agent deployed on the host confirms that a target IP in the ARP request packet is contained in the IP used for container group distribution, the MAC address of a network card of the host is used as a response of the ARP request packet.
Preferably, the Kubernetes system runs on an IaaS platform, the Kubernetes system is deployed with an IP configuration controller and an ETCD, in step S101, the IP configuration controller binds the IP for container group allocation and the network card of the host, writes a mapping relationship between the IP for container group allocation and the host into the ETCD, and synchronizes the mapping relationship to the IaaS platform.
Preferably, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, and the method for managing a container-adaptive SDN network based on the kubernets system further includes: step S201, the CNI Agent collects configuration information of a network card of the host machine and writes the configuration information of the network card of the host machine into the ETCD; step S202, the CNI Server creates a container subnet according to the configuration information of the network card of the host in the ETCD, and allocates an available IP range for a container group corresponding to the business application when a user creates the business application.
Preferably, the kubernets system includes a CNI scheduler, and after the step S202, the kubernets system further includes: step S203, the CNI dispatcher acquires the available IP range from the CNI Server, and acquires the mapping relation between the IP for container group distribution and the host from the ETCD; screening host machines in the Kubernetes system through comparison, and determining schedulable host machines according to the state of the host machines in the Kubernetes system; wherein, the state of the host in the Kubernetes system includes: CPU computing power and memory utilization rate of the host machine; the schedulable host is used for deploying the container group corresponding to the service application.
Preferably, in the step S203, the CNI scheduler filters the hosts in the kubernets system according to the CPU computing power and the memory usage rate of the hosts in the kubernets system, and a preset CPU computing power threshold and a preset memory usage rate threshold, and determines a plurality of hosts to be selected; and scoring the multiple hosts to be selected, and determining the schedulable host.
Preferably, in the step S202, the CNI Server matches the available IP range from the configuration information of the host network card in the ETCD according to the container subnet information corresponding to the service application.
Preferably, the host is deployed with a network bridge, the network card of the host is a part of the network bridge, in step S102, the host receives an ARP request packet in the SDN network, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP for container group allocation, the ARP proxy forwards the ARP request packet to the network card of the host according to the MAC address of the network card of the host, so as to ensure that the ARP request packet can be routed correctly.
The embodiment of the present application further provides a container adaptation SDN network management system based on a Kubernetes system, where the Kubernetes system is configured to manage a host, a container group runs on the host, and the container adaptation SDN network management system based on the Kubernetes system includes: an IP binding unit configured to bind, in the kubernets system, the IP used for container group allocation with the web class of the host, thereby establishing a mapping relationship between the IP used for container group allocation and the host; a feedback unit configured to configure that the host receives an ARP request packet in an SDN network, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP for container group allocation, use the MAC address of the network card of the host as a response of the ARP request packet.
Preferably, the kubernets system runs on an IaaS platform, the kubernets system is deployed with an IP configuration controller and an ETCD, and the IP binding unit is further configured to bind, by the IP configuration controller, the IP used for container group allocation and the network card of the host, write a mapping relationship between the IP used for container group allocation and the host into the ETCD, and synchronize the mapping relationship to the IaaS platform.
Preferably, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, and the container adaptation SDN network management system based on the kubernets system further includes: the information collection unit is configured to collect the configuration information of the network card of the host machine by the CNI Agent and write the configuration information of the network card of the host machine into the ETCD; and the subnet application unit is configured to create a container subnet by the CNI Server according to the configuration information of the network card of the host in the ETCD, and allocate an available IP range for a container group corresponding to the business application when the user creates the business application.
Compared with the closest prior art, the technical scheme of the embodiment of the application has the following beneficial effects:
in the technical scheme provided by the embodiment of the application, the IP used for container group allocation and the network card of the host are bound in the Kubernets system, so that the mapping relation between the IP used for container group allocation and the host is established. The host machine receives an ARP request packet in the SDN, and after the ARP agent deployed on the host machine confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host machine is used as a response of the ARP request packet. Because the IP allocated to the container group on the host is bound with the network card of the host, the corresponding relation of the target IP/MAC in the ARP request packet can accord with the safety rule of the SDN network, and when the container group running on the host uses the IP for communication, the data packet can be normally transmitted and routed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the application and, together with the description, serve to explain the application and are not intended to limit the application. Wherein:
fig. 1 is a schematic flow chart of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application;
fig. 2 is an architecture diagram of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application;
fig. 3 is a schematic routing diagram of ARP request packets in an SDN network provided according to some embodiments of the present application;
fig. 4 is a schematic structural diagram of a host network card and a network bridge according to some embodiments of the present application;
FIG. 5 is a schematic illustration of a scheduling of a group of containers provided according to some embodiments of the present application;
fig. 6 is a schematic diagram of an example of a container adaptation SDN network management method based on a Kubernetes system according to an embodiment of the present application;
fig. 7 is a schematic diagram of a container SDN network management system based on a kubernets system according to some embodiments of the present application.
Detailed Description
The present application will be described in detail below with reference to the embodiments with reference to the attached drawings. The various examples are provided by way of explanation of the application and are not limiting of the application. In fact, it will be apparent to those skilled in the art that modifications and variations can be made in the present application without departing from the scope or spirit of the application. For instance, features illustrated or described as part of one embodiment, can be used with another embodiment to yield a still further embodiment. It is therefore intended that the present application cover the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents.
Fig. 1 is a schematic flow chart of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application; fig. 2 is an architecture diagram of a container adaptation SDN network management method based on a Kubernetes system according to some embodiments of the present application; as shown in fig. 1 and fig. 2, the kubernets system is a container cluster management system of google provenance, and is composed of an etc (highly available distributed key value storage component for storing the state of the whole kubernets system), a control Node, and a service Node (Node). The container adaptation SDN network management method based on the Kubernetes system comprises the following steps:
step S101, binding the IP used for container group distribution and the network card of the host machine in a Kubernetes system, thereby establishing the mapping relation between the IP used for container group distribution and the host machine.
Specifically, cloud service models are generally of three types: the system comprises a Kubernetes system, a Software as a Service (SaaS), a Platform as a Service (PaaS) and an Infrastructure as a Service (IaaS), wherein the Kubernetes system runs on the IaaS, provides a PaaS cloud Service Platform for users, is provided with an IP configuration controller and an Electronic Toll Collection (ETCD), binds an IP (Internet protocol) used for container group allocation and a network card of a host, writes a mapping relation between the IP used for container group allocation and the host into the ETCD, and synchronizes the mapping relation to the IaaS Platform.
Based on the foregoing description, in order to solve the problem that a data packet in an SDN network cannot be routed correctly in the prior art, the embodiment of the present application introduces a new component, which is an IP configuration controller, to bind an IP used for container group allocation and a network card of a host, and increases a storage data type in the ETCD, that is, a mapping relationship between the IP used for container group allocation and the host, specifically, stores the IP in a key-value form.
It should be noted that each host runs a plurality of container groups, and the IP used for container group allocation in the embodiment of the present application is pre-allocated by a container cloud platform administrator, that is, the container cloud platform administrator manually allocates a plurality of IP addresses to the network card of the host, and the IP is used for container group allocation running on the host.
Specifically, when the container cloud platform administrator binds the IP used for container group allocation to the network card of the host, the IP configuration controller may implement the binding, and then the IP configuration controller binds the IP used for container group allocation to the network card of the host.
In the embodiment of the present application, the kubernets system includes a plurality of hosts, each host runs a plurality of container groups, and in order to ensure that a container group has legal IP and MAC addresses, a plurality of IPs are bound to a network card of each host for the container group running on the host to use.
It should be noted that, in the embodiment of the present application, the IP configuration controller also writes the mapping relationship between the IP for container group allocation and the host into the ETCD, and the ETCD serves as a storage component of the kubernets system and is used for storing the state of the entire kubernets system. And writing the mapping relation into the ETCD, namely, the Kubernets system acquires the IP bound to the host network card and used for container group allocation, and can uniformly manage and control all IP allocation in the system. In addition, the IP configuration controller in the embodiment of the present application further synchronizes the mapping relationship to the IaaS platform, so that the IP information synchronization between the Kubernetes system and the IaaS platform is realized, and the IaaS platform performs resource scheduling.
Step S102, the host receives an ARP request packet in the SDN, and after the ARP agent deployed on the host confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host is used as a response of the ARP request packet.
In the embodiment of the application, an ARP proxy is deployed on each host, and after receiving an ARP request packet in an SDN network, the host is handed over to an ARP (Address Resolution Protocol) proxy deployed on the host for processing, and the ARP proxy analyzes the ARP request packet, mainly to detect destination IP information in the ARP request packet.
It should be understood that, in the SDN network, when the IP/MAC correspondence in the ARP request packet is registered in the SDN network in advance, that is, the IP and the MAC address are bound, the ARP request packet is a valid communication packet and can be normally transmitted and routed, otherwise, the ARP request packet is an invalid packet and will be discarded.
Fig. 3 is a schematic routing diagram of ARP request packets in an SDN network according to some embodiments of the present application. As shown in fig. 3, in step S101, a plurality of IPs and network cards of the hosts are bound, that is, a plurality of IP/MAC correspondences formed by the IPs and the network card MAC addresses of the hosts are registered in the SDN network. The ARP agent detects that the destination IP in the ARP request packet is one of the IPs, i.e. the ARP request packet is identified as a legal communication data packet of the host, and the ARP request packet is not discarded but transmitted and routed.
In summary, the embodiment of the present application provides a container adaptation SDN network management method and system based on a Kubernetes system. The method comprises the following steps: binding the IP used for container group distribution with the network card of the host machine in a Kubernetes system so as to establish the mapping relation between the IP used for container group distribution and the host machine; the host machine receives an ARP request packet in the SDN, and after the ARP agent deployed on the host machine confirms that a target IP in the ARP request packet is contained in the IP used for container group allocation, the MAC address of a network card of the host machine is used as a response of the ARP request packet. Therefore, the data packets can be normally transmitted and routed when the container group running on the host machine uses real IP for communication in the SDN network.
It should be further explained that fig. 4 is a schematic structural diagram of a host network card and a network bridge according to some embodiments of the present application. As shown in fig. 4, in the embodiment of the present application, a bridge is deployed in a host, a network card of the host is a part of the bridge, and in step S102, the host receives an ARP request packet in an SDN network, and after an ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in an IP used for container group allocation, the ARP request packet is forwarded to the network card of the host according to an MAC address of the network card of the host, so as to ensure that the ARP request packet can be routed correctly.
It should be understood that, the ARP proxy in the embodiment of the present application is used as a network packet access entry of a host, and is configured to filter a communication packet accessing the host, and if an IP/MAC correspondence of an ARP request packet conforms to a security rule of an SDN network, forward the ARP request packet to a network card of the host, and forward the ARP request packet to a destination container group through the network card of the host.
In addition, the network card is used as a part of the network bridge in the embodiment of the application, so that the network structure can be integrated, and the transmission of the data packet is more efficient and safer.
In some optional embodiments, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on a host, and the method for managing a container adaptation SDN network based on the kubernets system further includes:
step S201, the CNI Agent collects configuration information of the network card of the host machine and writes the configuration information of the network card of the host machine into the ETCD.
It should be noted that, in the embodiment of the present application, a container cloud platform administrator binds an IP used for container group allocation with a network card of a host through an IP configuration controller, but there may be an error between the binding information and an actual situation. For example, the binding of part of the IP and the network card of the host fails, so that the IP actually bound does not conform to the setting of the container cloud platform administrator in the IP configuration controller.
Based on this, the embodiment of the application deploys the CNI Agent on each host machine, and is used for collecting the configuration information of the network card of the host machine, so as to obtain the real situation that the IP for container group allocation and the network card of the host machine are bound, write the configuration information of the network card of the host machine into the etc, and update and perfect the mapping relation between the IP for container group allocation and the host machine recorded by the etc.
Step S202, the CNI Server creates a container subnet according to the configuration information of the network card of the host in the ETCD, and allocates an available IP range for a container group corresponding to the business application when the user creates the business application.
Specifically, the configuration information of the network card of the host machine records the IP bound with the network card of the host machine and used for container group allocation, and the CNI Server needs to know the IP to be used on the host machine when creating the container subnet.
In addition, in step S202, the CNI Server matches the available IP range from the configuration information of the host network card in the ETCD according to the container subnet information corresponding to the service application. Specifically, when a user creates a service application in the Kubernets system, the network type and the specific container subnet information are added under the "annotation" item in the deployed yaml file (application orchestration file, used to define resources), such as:
annotations:
dce, duo, io, excel, net, type sdn-adapted-network # defines a network type
And 2, dacyloud, io/parcel, net, value, wherein the ' subnet, vlan110-default # specifies subnet information CNI Server, inquires ETCD according to the container subnet information ' vlan110-default ' specified under the ' indication ' item and the subnet where the IP to be used is located, and matches the available IP range.
In a specific example, the kubernets system includes a CNI scheduler, and after step S202, the method for SDN network management based on container adaptation of the kubernets system further includes:
step S203, the CNI dispatcher acquires an available IP range from the CNI Server and acquires a mapping relation between an IP used for container group distribution and a host from the ETCD; screening host machines in the Kubernetes system through comparison, and determining schedulable host machines according to the state of the host machines in the Kubernetes system; the state of the host in the Kubernetes system comprises: CPU computing power and memory utilization rate of the host machine; the schedulable host is used for deploying the container group corresponding to the service application.
Specifically, the CNI scheduler filters the hosts in the kubernets system according to the CPU computing power and the memory usage rate of the hosts in the kubernets system, and a preset CPU computing power threshold and a preset memory usage rate threshold, and determines a plurality of hosts to be selected; and scoring the multiple hosts to be selected to determine the dispatchable host.
In the embodiment of the present application, the CNI scheduler is based on a Kubernets scheduler extension, and when implementing the deployment of the container group, because the Kubernets platform includes a plurality of hosts, and each host runs a plurality of container groups, on one hand, whether there are IP addresses available for allocation on a host needs to be considered, and on the other hand, the use condition of hardware resources by the deployed container groups on the hosts needs to be considered. Therefore, as shown in fig. 5, the CNI scheduler compares the available IP range acquired from the CNI Server with the mapping relationship in the ETCD, and filters the multiple hosts in combination with the CPU computing power, the memory usage rate, and other conditions of the hosts to obtain multiple hosts to be selected that meet the requirements, and then scores the multiple hosts to be selected, determines a schedulable host, and invokes the schedulable host to deploy the container group corresponding to the service application, thereby implementing automatic scheduling of the container group.
Specifically, when multiple hosts are filtered in combination with the conditions of CPU computing power, memory usage rate, and the like of the hosts, the required hardware resources can be determined according to the types and scenes of the service applications, a preset CPU computing power threshold value, a preset memory usage rate threshold value, and the like are set, and only hosts meeting the threshold value requirements can serve as hosts to be selected, so that the container group deployed on the hosts to be selected can meet the hardware resource requirements of the service applications.
Further, among the screened multiple hosts to be selected, a schedulable host for deploying the container group needs to be finally determined, and a scoring mode can be adopted. The scoring method includes various ways, such as performing weighted scoring on different indexes of each host to be selected from multiple dimensions, calculating a matching degree score of the service application and the operation state of each host to be selected, calculating a score according to the operation condition of the service application running on each host to be selected, and determining a schedulable host from the multiple hosts to be selected according to a scoring result.
In order to more clearly illustrate the container adaptation SDN network management method based on the Kubernetes system in the embodiment of the present application, the following description is made by way of example.
Fig. 6 is a schematic diagram of an example of a container adaptation SDN network management method based on a Kubernetes system according to an embodiment of the present application. A host machine (virtual machine) is established on the IaaS platform, a Kubernetes system is operated to manage the host machine, a container cloud platform administrator starts an ARP agent on the host machine to provide ARP agent service, a CNI service module collects configuration information of a network card of the host machine, container subnets 10.6.0.1/16 and 10.7.0.1/16 are established according to the configuration information of the network card of the host machine, and an IP configuration controller distributes IP addresses and synchronizes to the IaaS platform.
When a user creates a service application, the user specifies container subnet information, and a host can be scheduled to deploy a container group to run the service application by a Kubernetes system.
Figure 7 is a schematic diagram of a kubernets system based container SDN network management system provided in accordance with some embodiments of the present application; as shown in fig. 7, in the container SDN network management system based on the Kubernetes system, the Kubernetes system is used for managing a host, on which a container group runs, and the container SDN network management system based on the Kubernetes system includes: an IP binding unit 701 and a feedback unit 702. The IP binding unit 701 is configured to bind the IP for container group allocation and the network class of the host in the Kubernetes system, thereby establishing a mapping relationship between the IP for container group allocation and the host; the feedback unit 702 is configured to receive an ARP request packet in the SDN network by a host, and after an ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP used for container group allocation, use the MAC address of the network card of the host as a response of the ARP request packet.
In this embodiment of the application, the Kubernetes system runs on the IaaS platform, the Kubernetes system is deployed with an IP configuration controller and an etc d, and the IP binding unit 701 is further configured to bind the IP used for container group allocation and the network card of the host, write the mapping relationship between the IP used for container group allocation and the host into the etc d, and synchronize the mapping relationship to the IaaS platform.
In this embodiment of the present application, the kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on a host, and the container SDN network management system based on the kubernets system further includes: the information collection unit is configured to collect the configuration information of the network card of the host machine by the CNI Agent and write the configuration information of the network card of the host machine into the ETCD; and the subnet application unit is configured to create a container subnet by the CNI Server according to configuration information of a network card of a host in the ETCD, and allocate an available IP range for a container group corresponding to the service application when a user creates the service application.
The container adaptation SDN network management system based on the kubernets system provided in the embodiment of the present application can achieve the beneficial effects of any of the above embodiments of the container adaptation SDN network management method based on the kubernets system, which are not described in detail herein.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims (10)

1. A Kubernetes system-based container adaptation SDN network management method is characterized in that the Kubernetes system is used for managing a host machine, a container group runs on the host machine, and the method comprises the following steps:
step S101, binding the IP used for container group distribution and the network card of the host machine in the Kubernetes system, thereby establishing the mapping relation between the IP used for container group distribution and the host machine;
step S102, the host receives an ARP request packet in an SDN network, and after an ARP agent deployed on the host confirms that a target IP in the ARP request packet is contained in the IP used for container group distribution, the MAC address of a network card of the host is used as a response of the ARP request packet.
2. The Kubernetes system-based container adaptation SDN network management method according to claim 1, wherein the Kubernetes system runs on an IaaS platform, and is deployed with an IP configuration controller and an ETCD,
in step S101, the IP configuration controller binds the IP for container group allocation and the network card of the host, writes a mapping relationship between the IP for container group allocation and the host into the ETCD, and synchronizes the mapping relationship to the IaaS platform.
3. The Kubernets system-based container adaptation SDN network management method according to claim 2, wherein the Kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, and the Kubernets system-based container adaptation SDN network management method further includes:
step S201, the CNI Agent collects configuration information of a network card of the host machine and writes the configuration information of the network card of the host machine into the ETCD;
step S202, the CNI Server creates a container subnet according to the configuration information of the network card of the host in the ETCD, and allocates an available IP range for a container group corresponding to the business application when a user creates the business application.
4. The Kubernets system-based container adaptation SDN network management method according to claim 3, wherein the Kubernets system includes a CNI scheduler,
after the step S202, the method further includes:
step S203, the CNI dispatcher acquires the available IP range from the CNI Server, and acquires the mapping relation between the IP for container group distribution and the host from the ETCD; screening host machines in the Kubernetes system through comparison, and determining schedulable host machines according to the state of the host machines in the Kubernetes system; wherein, the state of the host in the Kubernetes system includes: CPU computing power and memory utilization rate of the host machine; the schedulable host is used for deploying the container group corresponding to the service application.
5. The Kubernetes system-based container adaptation SDN network management method according to claim 4,
in step S203, the CNI scheduler filters the hosts in the kubernets system according to the CPU computing power and the memory usage of the hosts in the kubernets system, and a preset CPU computing power threshold and a preset memory usage threshold, and determines a plurality of hosts to be selected; and scoring the multiple hosts to be selected, and determining the schedulable host.
6. The Kubernetes system-based container adaptation SDN network management method according to claim 3, wherein in the step S202, the CNI Server matches the available IP range from configuration information of the host network card in the ETCD according to container subnet information corresponding to the service application.
7. The Kubernetes system-based container adaptation SDN network management method according to any one of claims 1-5, wherein a bridge is deployed on the host, a network card of the host is a part of the bridge,
in step S102, the host receives an ARP request packet in the SDN network, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP used for container group allocation, the ARP request packet is forwarded to the network card of the host according to the MAC address of the network card of the host, so as to ensure that the ARP request packet can be routed correctly.
8. A Kubernetes system-based container adaptation SDN network management system is characterized in that the Kubernetes system is used for managing a host machine, a container group runs on the host machine, and the Kubernetes system-based container adaptation SDN network management system comprises:
an IP binding unit configured to bind, in the kubernets system, the IP used for container group allocation and the network card of the host, thereby establishing a mapping relationship between the IP used for container group allocation and the host;
a feedback unit configured to configure that the host receives an ARP request packet in an SDN network, and after the ARP proxy deployed on the host confirms that a destination IP in the ARP request packet is included in the IP for container group allocation, use the MAC address of the network card of the host as a response of the ARP request packet.
9. The Kubernets system-based container SDN network management system according to claim 8, wherein the Kubernets system runs on an IaaS platform, the Kubernets system is deployed with an IP configuration controller and ETCD,
the IP binding unit is further configured to bind the IP for container group allocation and the network card of the host, write a mapping relationship between the IP for container group allocation and the host into the ETCD, and synchronize the mapping relationship to the IaaS platform by the IP configuration controller.
10. The Kubernets system-based container adaptation SDN network management system of claim 9, wherein the Kubernets system includes a CNI service module, the CNI service module includes a CNI Agent and a CNI Server, the CNI Agent is deployed on the host, the Kubernets system-based container adaptation SDN network management system further includes:
the information collection unit is configured to collect the configuration information of the network card of the host machine by the CNI Agent and write the configuration information of the network card of the host machine into the ETCD;
and the subnet application unit is configured to create a container subnet by the CNI Server according to the configuration information of the network card of the host in the ETCD, and allocate an available IP range for a container group corresponding to the business application when the user creates the business application.
CN202110704321.XA 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system Active CN113452806B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110704321.XA CN113452806B (en) 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110704321.XA CN113452806B (en) 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system

Publications (2)

Publication Number Publication Date
CN113452806A true CN113452806A (en) 2021-09-28
CN113452806B CN113452806B (en) 2022-10-04

Family

ID=77812506

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110704321.XA Active CN113452806B (en) 2021-06-24 2021-06-24 Container adaptation SDN network management method and system based on Kubernets system

Country Status (1)

Country Link
CN (1) CN113452806B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113835846A (en) * 2021-11-26 2021-12-24 深圳市明源云科技有限公司 Method and device for creating k8s cluster and computer-readable storage medium
CN114338594A (en) * 2022-03-14 2022-04-12 江苏博云科技股份有限公司 ARP (Address resolution protocol) response-substituting method, device, equipment and storage medium in Kubernetes environment
CN114461382A (en) * 2021-12-27 2022-05-10 天翼云科技有限公司 Flexibly configurable computing power scheduling implementation method and device and storage medium
WO2023134066A1 (en) * 2022-01-14 2023-07-20 平安科技(深圳)有限公司 Virtual private cloud service access method, apparatus and device, and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104639372A (en) * 2015-02-13 2015-05-20 中国联合网络通信集团有限公司 Correlation method and system for overlay network based on SDN (Software Defined Network) and physical network
CN105099779A (en) * 2015-07-29 2015-11-25 北京京东尚科信息技术有限公司 Multi-tenant cloud platform architecture
CN105763670A (en) * 2016-04-08 2016-07-13 北京搜狐新媒体信息技术有限公司 Method and device for allocating IP address to container
CN107070691A (en) * 2017-01-12 2017-08-18 阿里巴巴集团控股有限公司 Docker containers across host communication method and system
CN108574705A (en) * 2017-03-09 2018-09-25 中国移动通信集团湖北有限公司 Communication means, apparatus and system between a kind of container
US20190213349A1 (en) * 2018-01-05 2019-07-11 Nicira, Inc. Filter-based control information query in software-defined networking (sdn) environments
CN110138606A (en) * 2019-05-06 2019-08-16 携程旅游信息技术(上海)有限公司 Capacitor network configuration method and system
CN110858821A (en) * 2018-08-23 2020-03-03 阿里巴巴集团控股有限公司 Container communication method and device
CN111654559A (en) * 2020-05-29 2020-09-11 深圳前海微众银行股份有限公司 Container data transmission method and device
CN112202615A (en) * 2020-09-30 2021-01-08 上海道客网络科技有限公司 Multi-CNI cooperative work system and method

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104639372A (en) * 2015-02-13 2015-05-20 中国联合网络通信集团有限公司 Correlation method and system for overlay network based on SDN (Software Defined Network) and physical network
CN105099779A (en) * 2015-07-29 2015-11-25 北京京东尚科信息技术有限公司 Multi-tenant cloud platform architecture
CN105763670A (en) * 2016-04-08 2016-07-13 北京搜狐新媒体信息技术有限公司 Method and device for allocating IP address to container
CN107070691A (en) * 2017-01-12 2017-08-18 阿里巴巴集团控股有限公司 Docker containers across host communication method and system
CN108574705A (en) * 2017-03-09 2018-09-25 中国移动通信集团湖北有限公司 Communication means, apparatus and system between a kind of container
US20190213349A1 (en) * 2018-01-05 2019-07-11 Nicira, Inc. Filter-based control information query in software-defined networking (sdn) environments
CN110858821A (en) * 2018-08-23 2020-03-03 阿里巴巴集团控股有限公司 Container communication method and device
CN110138606A (en) * 2019-05-06 2019-08-16 携程旅游信息技术(上海)有限公司 Capacitor network configuration method and system
CN111654559A (en) * 2020-05-29 2020-09-11 深圳前海微众银行股份有限公司 Container data transmission method and device
CN112202615A (en) * 2020-09-30 2021-01-08 上海道客网络科技有限公司 Multi-CNI cooperative work system and method

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113835846A (en) * 2021-11-26 2021-12-24 深圳市明源云科技有限公司 Method and device for creating k8s cluster and computer-readable storage medium
CN113835846B (en) * 2021-11-26 2022-04-08 深圳市明源云科技有限公司 Method and device for creating k8s cluster and computer-readable storage medium
CN114461382A (en) * 2021-12-27 2022-05-10 天翼云科技有限公司 Flexibly configurable computing power scheduling implementation method and device and storage medium
WO2023134066A1 (en) * 2022-01-14 2023-07-20 平安科技(深圳)有限公司 Virtual private cloud service access method, apparatus and device, and storage medium
CN114338594A (en) * 2022-03-14 2022-04-12 江苏博云科技股份有限公司 ARP (Address resolution protocol) response-substituting method, device, equipment and storage medium in Kubernetes environment
CN114338594B (en) * 2022-03-14 2022-05-17 江苏博云科技股份有限公司 ARP (Address resolution protocol) response-substituting method, device, equipment and storage medium in Kubernetes environment

Also Published As

Publication number Publication date
CN113452806B (en) 2022-10-04

Similar Documents

Publication Publication Date Title
CN113452806B (en) Container adaptation SDN network management method and system based on Kubernets system
CN108924268B (en) Container cloud service system and pod creation method and device
CN107547596B (en) Cloud platform control method and device based on Docker
US8417929B2 (en) System for selecting a server from a plurality of server groups to provide a service to a user terminal based on a boot mode indicated in a boot information from the user terminal
EP3664420A1 (en) Managing address spaces across network elements
CN113641311B (en) Method and system for dynamically allocating container storage resources based on local disk
WO2012122812A1 (en) Resource management method and system, and resource manager
CN111585887A (en) Communication method and device based on multiple networks, electronic equipment and storage medium
CN111404753A (en) Flat network configuration method, computer equipment and storage medium
CN110912827B (en) Route updating method and user cluster
EP4068725B1 (en) Topology-based load balancing for task allocation
CN110798507B (en) Method and system for DHCP address allocation memory
US20110302265A1 (en) Leader arbitration for provisioning services
CN115604120B (en) Multi-cloud cluster resource sharing method, device, equipment and storage medium
CN105704042A (en) Message processing method, BNG and BNG cluster system
CN102148715A (en) Method and device for virtual network configuration migration
WO2015192583A1 (en) Internet protocol (ip) address allocation method and apparatus, server and terminal
CN117319212B (en) Multi-tenant isolated password resource automatic scheduling system and method in cloud environment
CN112995349B (en) Address management method, server, and computer-readable storage medium
CN110958326B (en) Load balancing method, device, system, equipment and medium
CN109005071B (en) Decision deployment method and scheduling equipment
CN103841200A (en) Method and device for controlling software licensing
WO2009155463A2 (en) Management layer method and apparatus for dynamic assignment of users to computer resources
CN112468458B (en) Scheduling method based on neutron layering mechanism
CN111988446B (en) Message processing method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder

Address after: 200433 floor 7, building 6, No. 99, jiangwancheng Road, Yangpu District, Shanghai

Patentee after: Shanghai Daoke Network Technology Co.,Ltd.

Address before: Room 1305-12, No.6 Weide Road, Yangpu District, Shanghai 200433

Patentee before: Shanghai Daoke Network Technology Co.,Ltd.

CP02 Change in the address of a patent holder