CN107580083A - A kind of method and system of container IP address distribution - Google Patents
A kind of method and system of container IP address distribution Download PDFInfo
- Publication number
- CN107580083A CN107580083A CN201710854707.2A CN201710854707A CN107580083A CN 107580083 A CN107580083 A CN 107580083A CN 201710854707 A CN201710854707 A CN 201710854707A CN 107580083 A CN107580083 A CN 107580083A
- Authority
- CN
- China
- Prior art keywords
- address
- container
- pool
- allocated
- total
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
技术领域technical field
本发明涉及计算机技术领域,尤其涉及一种容器IP地址分配的方 法和系统。The present invention relates to the field of computer technology, in particular to a method and system for allocating container IP addresses.
背景技术Background technique
容器是与系统其他部分隔离开的一系列进程,从一个模版镜像运 行,并由该镜像提供支持进程所需的全部文件。其中,Docker是一个 开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一 个可移植的容器中,然后发布到任何运行的Linux机器上,也可以实 现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。现 如今,Docker的应用也越来越广泛,无论是从github上的代码活跃度, 还是Redhat在RHEL6.5中集成对Docker的支持,就连Google的ompute Engine也支持Docker在其之上运行。Kubernetes是Google开源的容 器集群管理系统,是Docker生态圈中重要一员,其提供应用部署、维 护、扩展机制等功能,利用Kubernetes能方便地管理跨机器运行容器 化的应用。而Kubernetes如何灵活的配置容器的IP地址无疑是构建网 络的重要问题。A container is a series of processes isolated from the rest of the system, running from a template image that provides all the files needed to support the process. Among them, Docker is an open source application container engine that allows developers to package their applications and dependent packages into a portable container, and then publish it to any running Linux machine, and can also realize virtualization. Containers use a sandbox mechanism completely, and there will be no interfaces between them. Nowadays, the application of Docker is becoming more and more extensive, whether it is from the code activity on github, or Redhat's support for Docker integrated in RHEL6.5, and even Google's omput Engine also supports Docker to run on it. Kubernetes is Google's open source container cluster management system and an important member of the Docker ecosystem. It provides functions such as application deployment, maintenance, and expansion mechanisms. Kubernetes can easily manage containerized applications running across machines. And how Kubernetes flexibly configures the IP address of the container is undoubtedly an important issue in building a network.
目前有Flannel、Calico-cni等方法用于Kubernetes的网络管理。 Flannel配合Docker,让集群中的所有节点重新规划IP地址的使用规则, 从而使得不同节点上的容器能够获得“同属一个内网”且“不重复的” IP地址,并让属于不同节点上的容器能够直接通过内网IP通信。但是 在设计网络时,如果需要规定每台物理机或者某几台物理机上的容器IP范围需要对etcd服务器进行配置。而且,Flannel将TCP数据包装在 另一种网络包里面进行路由转发和通信,默认的节点间数据通信方式 是UDP转发。这就会使网络性能会有损耗并且在分析网络故障时较复 杂。Currently, methods such as Flannel and Calico-cni are used for Kubernetes network management. Flannel cooperates with Docker to allow all nodes in the cluster to re-plan the rules for using IP addresses, so that containers on different nodes can obtain IP addresses that "belong to the same intranet" and "non-duplicate", and let containers on different nodes Able to communicate directly through intranet IP. However, when designing the network, if you need to specify the container IP range on each physical machine or certain physical machines, you need to configure the etcd server. Moreover, Flannel packs TCP data in another network packet for routing, forwarding and communication. The default data communication method between nodes is UDP forwarding. This results in loss of network performance and complicates the analysis of network failures.
Calico-cni是一种CNI即网络插件模式,需要calico和calico-ipam 两个可执行文件和配置文件的组合起来使用。直接与kubelet集成,运 行在每节点从而发现被创建的容器,从配置的地址段中随机分配一个 子网给该物理节点,并从该子网中分配一个地址给容器。在这种方法 中同一物理机上的容器共享同一个子网,不同物理机上的容器无法共享同一个子网。Calico-cni is a CNI or network plug-in mode, which requires the combination of two executable files and configuration files, calico and calico-ipam. It directly integrates with kubelet, runs on each node to discover the created container, randomly assigns a subnet from the configured address segment to the physical node, and assigns an address from the subnet to the container. In this method, containers on the same physical machine share the same subnet, and containers on different physical machines cannot share the same subnet.
以上方法都无法实现容器和IP地址的绑定,当容器在同一个物理 机上重启或者迁移到别的物理机上时,IP地址将发生变化。这样对于 监听固定IP地址的服务将无法正常运行。None of the above methods can realize the binding between the container and the IP address. When the container is restarted on the same physical machine or migrated to another physical machine, the IP address will change. In this way, services that listen to fixed IP addresses will not work properly.
发明内容Contents of the invention
有鉴于此,本发明实施例提供一种容器IP地址分配的方法和系统, 能够通过配置的总地址池为所有节点进行分配IP地址,并且还可以根 据需求将总地址池中的部分IP地址与容器进行绑定,保证了容器重启 或者迁移时IP地址不变,确保服务不中断。In view of this, the embodiments of the present invention provide a method and system for allocating container IP addresses, which can allocate IP addresses for all nodes through the configured total address pool, and can also allocate part of the IP addresses in the total address pool with The container is bound to ensure that the IP address remains unchanged when the container is restarted or migrated, ensuring that the service is not interrupted.
为实现上述目的,根据本发明实施例的一个方面,提供了一种容 器IP地址分配的方法。To achieve the above object, according to an aspect of the embodiments of the present invention, a method for allocating container IP addresses is provided.
本发明实施例的容器IP地址分配的方法包括:根据第一分配需求 将总地址池中的部分IP地址与对应的容器建立一一对应的绑定关系; 接收到分配IP地址的请求的情况下,判断待分配IP地址的容器是否与 IP地址有绑定关系;如果有,则将所述待分配IP地址的容器所绑定的 IP地址分配给该容器;否则,将所述总地址池中未绑定的IP地址分配 给所述待分配IP地址的容器。The method for allocating container IP addresses according to the embodiment of the present invention includes: establishing a one-to-one binding relationship between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement; when a request for allocating an IP address is received , judging whether the container to be assigned an IP address has a binding relationship with the IP address; if so, assign the IP address bound to the container to be assigned an IP address to the container; otherwise, assign the IP address bound to the container to be assigned an IP address; The unbound IP address is allocated to the container to which the IP address is to be allocated.
可选地,所述根据第一分配需求将总地址池中的部分IP地址与对 应的容器建立一一对应的绑定关系的步骤包括:根据第一分配需求从 总地址池中读取出部分IP地址,并且根据第一分配需求确定出待绑定 IP地址的容器的绑定标签;将所述绑定标签与读取出的IP地址建立一 对一的对应关系;将所述对应关系记录在静态分配列表中;所述判断 待分配IP地址的容器是否与IP地址有绑定关系的步骤包括:判断待分 配IP地址的容器是否具有绑定标签;所述将所述待分配IP地址的容器 所绑定的IP地址分配给该容器的步骤包括:获取待分配IP地址的容器 的绑定标签;根据所述绑定标签在所述静态分配列表中查找出对应的 IP地址;将所述IP地址分配给所述待分配IP地址的容器。Optionally, the step of establishing a one-to-one binding relationship between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement includes: reading out some IP addresses from the total address pool according to the first allocation requirement IP address, and determine the binding label of the container to be bound to the IP address according to the first allocation requirement; establish a one-to-one correspondence between the binding label and the read IP address; record the correspondence In the static allocation list; the step of judging whether the container with the IP address to be assigned has a binding relationship with the IP address includes: judging whether the container with the IP address to be assigned has a binding label; The step of assigning the IP address bound to the container to the container includes: obtaining the binding label of the container to be allocated the IP address; finding the corresponding IP address in the static allocation list according to the binding label; The IP address is allocated to the container to which the IP address is to be allocated.
可选地,所述根据第一分配需求将总地址池中的部分IP地址与对 应的容器建立一一对应的绑定关系的步骤之前,还包括:根据预先确 定的IP地址数量配置总地址池;然后将所述总地址池存储在etcd的数 据库中。Optionally, before the step of establishing a one-to-one binding relationship between some of the IP addresses in the total address pool and corresponding containers according to the first allocation requirement, it further includes: configuring the total address pool according to a predetermined number of IP addresses ; Then store the total address pool in the database of etcd.
可选地,所述根据第一分配需求将总地址池中的部分IP地址与对 应的容器建立一一对应的绑定关系的步骤之前,还包括:根据第二分 配需求为指定的物理机通过配置文件配置指定地址池,并且所述指定 地址池中的IP地址全部包含在所述总地址池中;Optionally, before the step of establishing a one-to-one binding relationship between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement, it also includes: according to the second allocation requirement, for the specified physical machine through The configuration file configures a specified address pool, and all IP addresses in the specified address pool are included in the total address pool;
所述将所述总地址池中未绑定的IP地址分配给所述待分配IP地址 的容器的步骤包括:判断所述待分配IP地址的容器所在的物理机是否 配置了指定地址池;如果没有,则将所述总地址池中未绑定的IP地址 分配给所述待分配IP地址的容器;否则,将所述指定地址池中未绑定 的IP地址分配给所述待分配IP地址的容器。The step of allocating the unbound IP address in the total address pool to the container with the IP address to be allocated includes: judging whether the physical machine where the container with the IP address to be allocated is configured with a specified address pool; if If not, allocate the unbound IP address in the total address pool to the container of the IP address to be allocated; otherwise, allocate the unbound IP address in the specified address pool to the IP address to be allocated container.
可选地,所述将所述总地址池中未绑定的IP地址分配给所述待分 配IP地址的容器的步骤还包括:判断所述指定地址池与其他物理机的 指定地址池是否有交集;如果有交集,则输出报错信息;否则,将所 述指定地址池中未分配列表中的IP地址分配给所述待分配IP地址的容 器,并且将所述IP地址从未分配列表中移除,以及将所述IP地址与获 取所述IP地址的容器对应地记录在已分配列表中。Optionally, the step of allocating unbound IP addresses in the total address pool to the containers to be allocated IP addresses further includes: judging whether the specified address pool is compatible with specified address pools of other physical machines intersection; if there is an intersection, then output an error message; otherwise, assign the IP address in the unassigned list in the specified address pool to the container of the IP address to be assigned, and move the IP address from the unassigned list and correspondingly record the IP address and the container from which the IP address is obtained in the assigned list.
可选地,所述将所述待分配IP地址的容器所绑定的IP地址分配给 该容器的步骤包括:根据当前绑定的IP地址的顺序确定位于第一位的 IP地址,然后将该IP地址分配给该容器;所述将所述总地址池中未绑 定的IP地址分配给所述待分配IP地址的容器的步骤包括:根据总地址 池中未绑定的IP地址的顺序确定位于第一位的IP地址,然后将该IP 地址分配给该容器。Optionally, the step of allocating the IP address bound to the container to which the IP address is to be allocated to the container includes: determining the first IP address according to the order of the currently bound IP addresses, and then assigning the The IP address is assigned to the container; the step of assigning the unbound IP address in the total address pool to the container to be assigned an IP address includes: determining according to the order of the unbound IP addresses in the total address pool The IP address in the first place, and then assign that IP address to the container.
可选地,将IP地址分配给容器之后,还包括:根据已分配的IP地 址,为获取该IP地址的容器创建一对veth-pair。Optionally, after assigning the IP address to the container, it also includes: according to the assigned IP address, creating a pair of veth-pairs for the container obtaining the IP address.
本发明实施例的容器IP地址分配的系统包括:配置模块,用于根 据第一分配需求将总地址池中的部分IP地址与对应的容器建立一一对 应的绑定关系;判断模块,用于在接收到分配IP地址的请求的情况下, 判断待分配IP地址的容器是否与IP地址有绑定关系;静态分配模块, 用于在所述判断模块判断出所述待分配IP地址的容器与IP地址有绑定 关系后,将所述待分配IP地址的容器所绑定的IP地址分配给该容器; 动态分配模块,用于在所述判断模块判断出所述待分配IP地址的容器 与IP地址没有绑定关系后,将所述总地址池中未绑定的IP地址分配给 所述待分配IP地址的容器。The container IP address allocation system in the embodiment of the present invention includes: a configuration module, configured to establish a one-to-one binding relationship between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement; a judging module, configured to In the case of receiving a request to allocate an IP address, determine whether the container to be allocated an IP address has a binding relationship with the IP address; the static allocation module is used to determine whether the container to be allocated an IP address is related to After the IP address has a binding relationship, assign the IP address bound to the container with the IP address to be assigned to the container; the dynamic allocation module is used to determine the relationship between the container with the IP address to be assigned in the judgment module After the IP address has no binding relationship, allocate the unbound IP address in the total address pool to the container with the IP address to be allocated.
可选地,所述配置模块还用于,根据第一分配需求从总地址池中 读取出部分IP地址,并且根据第一分配需求确定出待绑定IP地址的容 器的绑定标签;将所述绑定标签与读取出的IP地址建立一对一的对应 关系;将所述对应关系记录在静态分配列表中;所述判断模块还用于, 判断待分配IP地址的容器是否具有绑定标签。Optionally, the configuration module is further configured to read part of the IP addresses from the total address pool according to the first distribution requirement, and determine the binding label of the container to be bound to the IP address according to the first distribution requirement; The binding label establishes a one-to-one correspondence with the read IP address; the correspondence is recorded in the static distribution list; the judging module is also used to judge whether the container to be assigned the IP address has a binding set the label.
可选地,所述静态分配模块包括:获取单元,用于获取待分配IP 地址的容器的绑定标签;查找单元,用于根据所述绑定标签在所述静 态分配列表中查找出对应的IP地址;分配单元,用于将所述IP地址分 配给所述待分配IP地址的容器。Optionally, the static allocation module includes: an acquisition unit, configured to acquire a binding label of a container to be allocated an IP address; a search unit, configured to find the corresponding IP address in the static allocation list according to the binding label IP address; an allocation unit, configured to allocate the IP address to the container to be allocated an IP address.
可选地,所述配置模块还用于,在根据第一分配需求将总地址池 中的部分IP地址与对应的容器建立一一对应的绑定关系的步骤之前, 根据预先确定的IP地址数量配置总地址池;然后将所述总地址池存储 在etcd的数据库中。Optionally, the configuration module is further configured to, before the step of establishing a one-to-one binding relationship between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement, according to the predetermined number of IP addresses Configure the total address pool; then store the total address pool in the database of etcd.
可选地,所述配置模块还用于,根据第一分配需求将总地址池中 的部分IP地址与对应的容器建立一一对应的绑定关系的步骤之前,根 据第二分配需求为指定的物理机通过配置文件配置指定地址池,并且 所述指定地址池中的IP地址全部包含在所述总地址池中;以及Optionally, the configuration module is further configured to, before the step of establishing a one-to-one correspondence binding relationship between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement, assign the specified IP addresses according to the second allocation requirement The physical machine configures a specified address pool through a configuration file, and all IP addresses in the specified address pool are included in the total address pool; and
所述动态分配模型还用于,判断所述待分配IP地址的容器所在的 物理机是否配置了指定地址池;如果没有,则将所述总地址池中未绑 定的IP地址分配给所述待分配IP地址的容器;否则,将所述指定地址 池中未绑定的IP地址分配给所述待分配IP地址的容器。The dynamic allocation model is also used to determine whether the physical machine where the container to be allocated an IP address is located is configured with a specified address pool; if not, then allocate the unbound IP address in the total address pool to the A container with an IP address to be allocated; otherwise, assign an unbound IP address in the specified address pool to the container with an IP address to be allocated.
可选地,所述动态分配模块还用于,判断所述指定地址池与其他 物理机的指定地址池是否有交集;如果有交集,则输出报错信息;否 则,将所述指定地址池中未分配列表中的IP地址分配给所述待分配IP 地址的容器,并且将所述IP地址从未分配列表中移除,以及将所述IP 地址与获取所述IP地址的容器对应地记录在已分配列表中。Optionally, the dynamic allocation module is also used to determine whether there is an intersection between the specified address pool and specified address pools of other physical machines; if there is an intersection, output an error message; The IP address in the allocation list is allocated to the container of the IP address to be allocated, and the IP address is removed from the unallocated list, and the IP address is correspondingly recorded in the container for obtaining the IP address. assignment list.
可选地,所述静态分配模块还用于,根据当前绑定的IP地址的顺 序确定位于第一位的IP地址,然后将该IP地址分配给该容器;Optionally, the static assignment module is also used to determine the first IP address according to the order of the currently bound IP addresses, and then assign the IP address to the container;
所述动态分配模块还用于,根据总地址池中未绑定的IP地址的顺 序确定位于第一位的IP地址,然后将该IP地址分配给该容器。The dynamic allocation module is also used to determine the first IP address according to the order of unbound IP addresses in the total address pool, and then assign the IP address to the container.
可选地,还包括:创建模块,用于将IP地址分配给容器之后,根 据已分配的IP地址,为获取该IP地址的容器创建一对veth-pair。Optionally, it also includes: a creation module, configured to create a pair of veth-pairs for the container that obtains the IP address according to the allocated IP address after the IP address is allocated to the container.
为实现上述目的,根据本发明实施例的一个方面,提供了一种容 器IP地址分配的装置。In order to achieve the above purpose, according to an aspect of the embodiments of the present invention, a device for allocating container IP addresses is provided.
本发明实施例的容器IP地址分配的装置包括:一个或多个处理器; 存储装置,用于存储一个或多个程序,当所述一个或多个程序被所述 一个或多个处理器执行,使得所述一个或多个处理器实现上述容器IP 地址分配的方法。The device for allocating container IP addresses in the embodiment of the present invention includes: one or more processors; a storage device for storing one or more programs, when the one or more programs are executed by the one or more processors , enabling the one or more processors to implement the above method for allocating container IP addresses.
为实现上述目的,根据本发明实施例的一个方面,提供了一种计 算机可读介质,其上存储有计算机程序,其特征在于,所述程序被处 理器执行时实现上述容器IP地址分配的方法。In order to achieve the above object, according to an aspect of the embodiment of the present invention, a computer-readable medium is provided, on which a computer program is stored, and it is characterized in that, when the program is executed by a processor, the above-mentioned container IP address allocation method is realized .
上述发明中的一个实施例具有如下优点或有益效果:在配置总地 址池之后,根据第一分配需求将所述总地址池中的部分IP地址与对应 的容器建立一一对应的绑定关系,使得在分配IP地址时根据该绑定关 系进行分配。在接收到分配IP地址的请求后,并且判断出待分配IP地 址的容器已经绑定IP地址,则进行静态分配,将该绑定的IP地址分配 给容器。进而,容器在同一个物理机上重启或者迁移到别的物理机上 时,IP地址不发生不变,确保服务不中断。解决了现有技术中在为容 器分配IP地址时,无法实现容器和IP地址绑定的问题。并且,本发明 配置的总地址池可以给集群内的所有容器使用,而且在分配IP地址的过程中,可直接获取该总地址池中的IP地址分配给容器,不仅保证了 任何一个IP地址可以在所有节点使用,提高了集群的灵活性,同时也 简化了容器IP地址分配的方法。An embodiment of the above invention has the following advantages or beneficial effects: after configuring the general address pool, a one-to-one binding relationship is established between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement, This makes it possible to allocate IP addresses according to the binding relationship when allocating them. After receiving the request for assigning an IP address, and judging that the container to which the IP address is to be assigned has been bound to an IP address, static allocation is performed, and the bound IP address is assigned to the container. Furthermore, when the container is restarted on the same physical machine or migrated to another physical machine, the IP address will not change, ensuring uninterrupted services. It solves the problem that the binding between the container and the IP address cannot be realized when the IP address is allocated to the container in the prior art. Moreover, the total address pool configured in the present invention can be used by all containers in the cluster, and in the process of assigning IP addresses, the IP addresses in the total address pool can be directly obtained and assigned to the container, which not only ensures that any IP address can Used on all nodes, it improves the flexibility of the cluster and simplifies the method of container IP address allocation.
上述的非惯用的可选方式所具有的进一步效果将在下文中结合具 体实施方式加以说明。The further effects of the above-mentioned non-conventional alternatives will be described below in conjunction with specific embodiments.
附图说明Description of drawings
附图用于更好地理解本发明,不构成对本发明的不当限定。其中:The accompanying drawings are used to better understand the present invention, and do not constitute improper limitations to the present invention. in:
图1是根据本发明实施例的容器IP地址分配的方法的主要流程的 示意图;Fig. 1 is a schematic diagram of the main flow of the method for container IP address allocation according to an embodiment of the present invention;
图2是根据本发明实施例的动态分配的示意图;Fig. 2 is a schematic diagram of dynamic allocation according to an embodiment of the present invention;
图3是根据本发明实施例的静态分配的示意图;Fig. 3 is a schematic diagram of static allocation according to an embodiment of the present invention;
图4是根据本发明实施例的容器IP地址分配的系统的主要模块的 示意图;Fig. 4 is a schematic diagram of the main modules of the system for container IP address distribution according to an embodiment of the present invention;
图5是本发明实施例可以应用于其中的示例性系统架构图;FIG. 5 is an exemplary system architecture diagram to which the embodiment of the present invention can be applied;
图6是适于用来实现本发明实施例的终端设备或服务器的计算机 系统的结构示意图。Fig. 6 is a schematic structural diagram of a computer system suitable for implementing a terminal device or a server according to an embodiment of the present invention.
具体实施方式detailed description
以下结合附图对本发明的示范性实施例做出说明,其中包括本发 明实施例的各种细节以助于理解,应当将它们认为仅仅是示范性的。 因此,本领域普通技术人员应当认识到,可以对这里描述的实施例做 出各种改变和修改,而不会背离本发明的范围和精神。同样,为了清 楚和简明,以下的描述中省略了对公知功能和结构的描述。The exemplary embodiments of the present invention are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present invention to facilitate understanding, and they should be considered as exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
对本发明实施例中涉及的技术术语进行如下解释:The technical terms involved in the embodiments of the present invention are explained as follows:
Kubernetes:Kubernetes是Google开源的容器集群管理系统,其提 供应用部署、维护、扩展机制等功能,利用Kubernetes能方便地管理 跨机器运行容器化的应用;Kubernetes: Kubernetes is Google's open-source container cluster management system, which provides functions such as application deployment, maintenance, and expansion mechanisms. Using Kubernetes can easily manage containerized applications running across machines;
Kubelet:在Kubernetes集群中,每个Node节点(又称Minion) 上都会启动一个Kubelet服务进行。该进程用于处理Master节点下发 到本节点的任务,管理Pod及Pod中的容器。每个Kubelet进程会在 API Server上注册节点自身信息,定期向Master节点汇报节点资源的 使用情况,并通过cAdvise监控容器和节点资源;Kubelet: In a Kubernetes cluster, a Kubelet service is started on each Node node (also known as Minion). This process is used to process tasks sent by the Master node to the local node, and manage Pods and containers in Pods. Each Kubelet process will register the node's own information on the API Server, regularly report the usage of node resources to the Master node, and monitor the container and node resources through cAdvise;
Docker:Docker是一个开源的应用容器引擎,让开发者可以打包 他们的应用以及依赖包到一个可移植的容器中,然后发布到任何运行 的Linux机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相 互之间不会有任何接口;Docker: Docker is an open source application container engine that allows developers to package their applications and dependencies into a portable container, and then publish it to any running Linux machine, and can also implement virtualization. Containers use the sandbox mechanism completely, and there will be no interfaces between them;
Flannel:Flannel是CoreOS团队针对Kubernetes设计的一个网络 规划服务;简单来说,它的功能是让集群中的不同节点主机创建的 Docker容器都具有全集群唯一的虚拟IP地址,并使Docker容器可以 互连;Flannel: Flannel is a network planning service designed by the CoreOS team for Kubernetes; in simple terms, its function is to allow Docker containers created by different node hosts in the cluster to have unique virtual IP addresses for the entire cluster, and to enable Docker containers to communicate with each other. even;
CNI:CNI(容器网络接口)是一种操作容器网络规范,包含方法 规范,参数规范等。CNI只关心容器的网络连接,在容器创建时分配 网络资源,并在删除容器时删除分配的资源。因为这个原因,CNI有 广泛的支持,规格易于实现。CNI接口只需要实现两个方法,一个创 建容器时调用,一个删除容器时调用;CNI: CNI (Container Network Interface) is an operation container network specification, including method specification, parameter specification, etc. CNI only cares about the network connection of the container, allocates network resources when the container is created, and deletes the allocated resources when the container is deleted. For this reason, CNI has wide support and the specification is easy to implement. The CNI interface only needs to implement two methods, one is called when the container is created, and the other is called when the container is deleted;
Pod:一个Pod对应于由若干容器组成的一个容器组,同个组内的 容器共享一个网络命名空间和IP地址。Pod主要是在容器化环境中建 立了一个面向应用的“逻辑主机”模型,它可以包含一个或多个相互 间紧密联系的容器。Pod由replication controller负责创建新的Pod来替 代旧的;Pod: A Pod corresponds to a container group consisting of several containers, and the containers in the same group share a network namespace and IP address. Pod mainly establishes an application-oriented "logical host" model in a containerized environment, which can contain one or more containers that are closely related to each other. Pod is responsible for creating new Pods by the replication controller to replace the old ones;
label:一个label是attach到Pod的一对键/值对,用来传递用户定 义的属性。比如,你可能创建了一个"staticIP"标签,通过label (staticIP=domain1ServerIP)来标记Pod容器使用的IP名称;label: A label is a pair of key/value pairs attached to the Pod, which is used to pass user-defined attributes. For example, you may create a "staticIP" label to mark the IP name used by the Pod container through label (staticIP=domain1ServerIP);
Overlay:Overlay是在传统网络上虚拟出一个虚拟网络来,传统网 络不需要在做任何适配,这样物理层网络只对应物理层的计算(物理 机、虚拟化层管理网)。Overlay通过控制协议对边缘的网络设备进行 网络构建和扩展,具体的实现技术有EVI、TRILL、VPLS、LISP、VXLAN 等等;Overlay: Overlay is to create a virtual network on the traditional network. The traditional network does not need any adaptation, so the physical layer network only corresponds to the calculation of the physical layer (physical machine, virtualization layer management network). Overlay implements network construction and expansion for edge network devices through control protocols. The specific implementation technologies include EVI, TRILL, VPLS, LISP, VXLAN, etc.;
etcd:etcd是一个应用在分布式环境下的key/value存储服务。利 用etcd的特性,应用程序可以在集群中共享信息、配置或作服务发现, etcd会在集群的各个节点中复制这些数据并保证这些数据始终正确。 etcd无论是在CoreOS还是Kubernetes体系中都是不可或缺的一环;etcd: etcd is a key/value storage service applied in a distributed environment. Utilizing the features of etcd, applications can share information, configure, or perform service discovery in the cluster, and etcd will replicate the data in each node of the cluster and ensure that the data is always correct. etcd is an indispensable part of both CoreOS and Kubernetes systems;
veth-pair:Virtual Ethernet Pair简称veth-pair,是一对虚拟网卡,两 者之间存在着虚拟链路。所有从这对端口一端进入的数据包都将从另 一端出来,反之亦然。veth-pair: Virtual Ethernet Pair, veth-pair for short, is a pair of virtual network cards with a virtual link between them. All packets that come in on one end of the pair will come out the other, and vice versa.
图1是根据本发明实施例的容器IP地址分配的方法的主要流程的 示意图。Fig. 1 is a schematic diagram of the main flow of a method for container IP address allocation according to an embodiment of the present invention.
如图1所示,本发明实施例的容器IP地址分配的方法主要包括:As shown in Figure 1, the method for container IP address allocation in the embodiment of the present invention mainly includes:
S101:根据第一分配需求将总地址池中的部分IP地址与对应的容 器建立一一对应的绑定关系。在建立绑定关系之前,根据预先确定的 IP地址数量配置总地址池,并将总地址池存储在etcd的数据库中,实 现分布式存储。总地址池不仅可以存储在etcd中,还可以存储在其他 服务器中,只要可实现分布式存储即可。其中,etcd是一个应用在分布 式环境下的key/value存储服务。利用etcd的特性,应用程序可以在集 群中共享信息、配置或作服务发现,etcd会在集群的各个节点中复制这 些数据并保证这些数据始终正确。其中,预先确定的IP地址数量可根 据网络规划,即对IP地址数量的需求进行设置。S101: Establish a one-to-one binding relationship between some IP addresses in the total address pool and corresponding containers according to the first allocation requirement. Before establishing the binding relationship, configure the total address pool according to the predetermined number of IP addresses, and store the total address pool in the etcd database to realize distributed storage. The total address pool can be stored not only in etcd, but also in other servers, as long as distributed storage can be realized. Among them, etcd is a key/value storage service applied in a distributed environment. Utilizing the features of etcd, applications can share information, configure or perform service discovery in the cluster, and etcd will replicate the data in each node of the cluster and ensure that the data is always correct. Wherein, the predetermined number of IP addresses may be set according to network planning, that is, the requirement for the number of IP addresses.
建立绑定关系就是把某个容器和总地址池中的某个IP地址一一对 应,记录在etcd服务器上。当分配地址时,检查这个容器是否和某个 IP地址是一一对应的关系,如果是就把该IP地址分配给这个容器,否 则就用总地址池中的未绑定的IP地址分配给容器。其中,根据第一分 配需求从总地址池中读取出部分IP地址,并且根据第一分配需求确定 出待绑定IP地址的容器的绑定标签(label);将绑定标签与读取出的 IP地址建立一对一的对应关系;将对应关系记录在静态分配列表中。 在该静态分配列表中,可查找到已绑定的所有IP地址,并且该静态分 配列表也可分布式存储在etcd中。判断待分配IP地址的容器是否与IP 地址有绑定关系的步骤包括:判断待分配IP地址的容器是否具有绑定 标签。并且,将待分配IP地址的容器所绑定的IP地址分配给该容器的 步骤包括:获取待分配IP地址的容器的绑定标签;根据绑定标签在静 态分配列表中查找出对应的IP地址;将IP地址分配给待分配IP地址 的容器。通过label与IP地址建立绑定关系,能便于用户的调用,因为 在多次访问中不同的容器的MAC(Media Access Control媒体介入控 制层)地址不相同,但label可保持相同。所以如果是基于IP对外服务, 通过label与IP地址的绑定的话,可保证用户在多次访问中获取的IP 地址保持不变,进而更便于用户调用。Establishing a binding relationship is to make a one-to-one correspondence between a certain container and a certain IP address in the total address pool, and record it on the etcd server. When assigning an address, check whether the container has a one-to-one correspondence with an IP address, if so, assign the IP address to the container, otherwise use the unbound IP address in the total address pool to assign the container . Wherein, according to the first distribution requirement, read out part of the IP addresses from the total address pool, and determine the binding label (label) of the container to be bound to the IP address according to the first distribution requirement; combine the binding label with the read out Establish a one-to-one correspondence with the IP address; record the correspondence in the static allocation list. In the static allocation list, all bound IP addresses can be found, and the static allocation list can also be distributed and stored in etcd. The step of judging whether the container to be assigned the IP address has a binding relationship with the IP address includes: judging whether the container to be assigned the IP address has a binding label. In addition, the step of assigning the IP address bound to the container to be assigned the IP address to the container includes: obtaining the binding label of the container to be assigned the IP address; finding the corresponding IP address in the static allocation list according to the binding label ; Assign an IP address to the container to be assigned an IP address. Establishing a binding relationship between the label and the IP address is convenient for the user to call, because the MAC (Media Access Control) addresses of different containers are different during multiple visits, but the label can remain the same. Therefore, if the external service is based on IP, through the binding of label and IP address, it can ensure that the IP address obtained by the user in multiple visits remains unchanged, which is more convenient for the user to call.
S102:接收到分配IP地址的请求的情况下,判断待分配IP地址的 容器是否与IP地址有绑定关系。如果通过label将IP地址与对应的容 器进行绑定的话,则接收到分配IP地址的请求后,判断待分配IP地址 的容器是否存在label,如果存在,则可判断出该待分配IP地址的容器 与总地址池中的某个IP地址存在绑定关系,进一步执行S103,即进行 静态分配。如果待分配IP地址的容器不存在label,则判断出该待分配 IP地址的容器并没有绑定IP地址,进一步执行S104,即进行动态分配。S102: When receiving a request for assigning an IP address, determine whether the container to which the IP address is to be assigned has a binding relationship with the IP address. If the IP address is bound to the corresponding container through the label, after receiving the request for assigning the IP address, it is judged whether the container to be assigned the IP address has a label, and if so, the container to be assigned the IP address can be judged There is a binding relationship with an IP address in the total address pool, and S103 is further executed, that is, static allocation is performed. If the container to be assigned an IP address does not have a label, it is determined that the container to be assigned an IP address is not bound to an IP address, and S104 is further executed, that is, dynamic allocation is performed.
S103:将待分配IP地址的容器所绑定的IP地址分配给该容器。在 静态分配的过程中,根据接收到的分配IP地址的请求,获取待分配IP 地址的容器的绑定标签,并且根据绑定标签在静态分配列表中查找出 对应的IP地址,将IP地址分配给待分配IP地址的容器。S103: Assign the IP address bound to the container to which the IP address is to be assigned to the container. In the process of static allocation, according to the received request for IP address allocation, the binding label of the container to be allocated IP address is obtained, and the corresponding IP address is found in the static allocation list according to the binding label, and the IP address is allocated For the container to be assigned an IP address.
S104:将总地址池中未绑定的IP地址分配给待分配IP地址的容器。 在配置总地址池的过程中,可根据第二分配需求为指定的物理机通过 配置文件配置指定地址池,并且指定地址池中的IP地址全部包含在总 地址池中,即指定地址池隶属于总地址池。因为在实际应用,可能会 存在需要针对某个物理机特定设置一个指定地址池,在为该物理机分 配IP地址时,从该指定地址池中获取IP地址进行分配。如果不存在配 置指定地址池的需求,在分配IP地址时,可直接在总地址池中获取IP 地址进行分配。S104: Allocate unbound IP addresses in the total address pool to containers to be allocated IP addresses. In the process of configuring the total address pool, the specified address pool can be configured for the specified physical machine through the configuration file according to the second allocation requirement, and all IP addresses in the specified address pool are included in the total address pool, that is, the specified address pool belongs to Total address pool. Because in practical applications, there may be a need to specifically set a designated address pool for a certain physical machine, and when assigning an IP address to the physical machine, obtain an IP address from the designated address pool for allocation. If there is no need to configure a specified address pool, when allocating IP addresses, you can directly obtain IP addresses from the general address pool for allocation.
因此,动态分配还包括:判断待分配IP地址的容器所在的物理机 是否配置了指定地址池。如果没有,则将总地址池中未绑定的IP地址 分配给待分配IP地址的容器;否则,将指定地址池中未绑定的IP地址 分配给待分配IP地址的容器。通过该过程,可更能满足用户在分配IP 地址中存在为特定物理机设置相应指定地址池的需求。同时,动态分 配还包括:判断指定地址池与其他物理机的指定地址池是否有交集; 如果有交集,则输出报错信息;否则,将指定地址池中未分配列表中 的IP地址分配给待分配IP地址的容器,并且将IP地址从未分配列表 中移除,以及将IP地址与获取IP地址的容器对应地记录在已分配列表 中。通过判断指定地址池与其他物理机的指定地址池是否有交集,可 保证IP地址可唯一标识容器。Therefore, dynamic allocation also includes: judging whether the physical machine where the container to be allocated an IP address is located is configured with a specified address pool. If not, assign the unbound IP address in the total address pool to the container to be assigned an IP address; otherwise, assign the unbound IP address in the specified address pool to the container to be assigned an IP address. Through this process, the user's requirement of setting a corresponding designated address pool for a specific physical machine in the allocation of IP addresses can be better met. At the same time, the dynamic allocation also includes: judging whether the specified address pool overlaps with the specified address pools of other physical machines; if there is an intersection, output an error message; otherwise, assign the IP address in the unallocated list in the specified address pool to the IP address to be allocated The container of the IP address, and the IP address is removed from the unassigned list, and the IP address is correspondingly recorded in the allocated list with the container from which the IP address was obtained. By judging whether the specified address pool overlaps with the specified address pools of other physical machines, it can be ensured that the IP address can uniquely identify the container.
在配置总地址池或者配置指定地址池之后,创建未分配列表和已 分配列表,并将未分配列表初始化为总地址池或者指定地址池(总地 址池或者指定地址池中的IP地址都在未分配列表中),将已分配列表 初始化为空。而且,将未分配列表中的IP地址是按照IP地址的大小进 行排序存储的。在分配IP地址的过程中,从未分配列表中取出表头上 的IP地址,并将该IP地址移到已分配列表中。同时,在已分配列表中 记录分配出的IP地址与获取该IP地址的容器的对应关系,使得删除某 个容器时,可通过该对应关系,查找出删除的容器的IP地址。将该IP 地址收回,即将该IP地址从已分配列表中移到未分配列表中,并将已分配列表中存储的对应关系和该IP地址的信息都删除。并且,将该IP 地址添加到未分配列表的最后,不破坏原有的顺序。上述分配的过程 即出队入队的方式。为按照该出队入队的方式将总地址池中IP地址分 配给待分配IP地址的容器,可便于用于预见容器分配到的IP地址,解 决了现有技术Calico-cni为每一个物理机上随机分配子网导致用户无法 预见的问题。After configuring the total address pool or the specified address pool, create an unassigned list and an allocated list, and initialize the unassigned list as the total address pool or the specified address pool (the IP addresses in the total address pool or the specified address pool are all in the unassigned allocated list), initializes the allocated list to empty. Moreover, the IP addresses in the unallocated list are sorted and stored according to the size of the IP addresses. In the process of allocating IP addresses, take out the IP address on the header from the unallocated list, and move the IP address to the allocated list. At the same time, the corresponding relationship between the allocated IP address and the container that obtained the IP address is recorded in the allocated list, so that when a certain container is deleted, the IP address of the deleted container can be found through the corresponding relationship. Reclaiming the IP address means moving the IP address from the assigned list to the unassigned list, and deleting the corresponding relationship stored in the assigned list and the information of the IP address. And, add this IP address to the end of the unassigned list without breaking the original order. The above allocation process is the way of dequeue and enqueue. In order to assign the IP address in the total address pool to the container to be assigned an IP address according to the method of dequeueing and entering the queue, it can be used to predict the IP address allocated to the container, and solve the problem of the prior art Calico-cni for each physical machine Assigning subnets randomly causes problems that users cannot foresee.
本发明实施例的容器IP地址分配的方法还包括:在进行静态分配 或动态分配之后,即待分配IP地址的容器分配到IP地址之后,根据已 分配的IP地址,为获取该IP地址的容器创建一对veth-pair(Virtual Ethernet Pair)。创建一对veth-pair,一端发送到容器内部,一端在容 器外部以网卡的形式存在。不需要使用桥接接口,网络包从网卡直接 转发到容器内部。利用本发明实施例的容器IP地址分配的方法分配的 地址就是配置给容器内部的网卡,需要配合使用路由才能保证网路的 通畅。本发明实施例的容器IP地址分配的方法是基于传统网络的IP地 址没有使用overlay或者桥接,简化了网络架构,确保网络性能最大化。The method for allocating container IP addresses according to the embodiment of the present invention further includes: after performing static allocation or dynamic allocation, that is, after the container to be allocated an IP address is allocated an IP address, according to the allocated IP address, for the container to obtain the IP address Create a veth-pair (Virtual Ethernet Pair). Create a pair of veth-pairs, one end is sent to the inside of the container, and the other end exists in the form of a network card outside the container. There is no need to use a bridge interface, and the network packet is directly forwarded from the network card to the inside of the container. The address allocated by the container IP address allocation method of the embodiment of the present invention is configured to the network card inside the container, and routing is needed to ensure smooth network. The container IP address allocation method of the embodiment of the present invention is based on the IP address of the traditional network without using overlay or bridging, which simplifies the network architecture and ensures maximum network performance.
图2是根据本发明实施例的动态分配的示意图。Fig. 2 is a schematic diagram of dynamic allocation according to an embodiment of the present invention.
接收到分配IP地址的请求的情况下,判断进行动态分配后,如图 2所示,判断待分配IP地址的容器所属的物理机是否配置了指定地址 池。如果没有配置指定地址池,则从总地址中获取IP地址分配给该待 分配IP地址的容器。在分配的过程中,为便于区分分配出的IP地址和 未分配出的IP地址,可创建未分配列表(unsignedIPs队列)和已分配 列表(signedIPs队列)。如果已经创建,则不需要再次创建。创建未 分配列表和已分配列表后,取出未分配列表中的第一个IP地址分配给 该容器,将该IP地址在未分配列表中删除,同时将该IP地址添加到已 分配列表。例如,IP地址队列初始化时按照从小到大的顺序排列的,但是当某个地址被释放后会添加在队列的尾部,然后按照队列的顺序 从头到尾分配IP地址。例如:IP地址的初始队列为172.30.1.1, 172.30.1.2,172.30.1.3,172.30.1.4。当有三个容器申请地址时,会分 别分配172.30.1.1,172.30.1.2,172.30.1.3给这三个容器,那么unsignedIPs队列中就只剩172.30.1.4这一个地址。当拿到172.30.1.2的 容器被销毁并释放地址后,释放的地址会添加到unsignedIPs队列的尾 部,即172.30.1.4,172.30.1.2。如果再有容器申请分配IP地址时,会 按照当前unsignedIPs队列的IP地址的顺序进行分配,进而把172.30.1.4 这个地址分配给容器而不是172.30.1.2。When a request for IP address allocation is received, after the dynamic allocation is determined, as shown in Figure 2, it is determined whether the physical machine to which the container to be allocated an IP address belongs is configured with a specified address pool. If the specified address pool is not configured, the IP address is obtained from the total address and assigned to the container to be assigned the IP address. In the process of allocation, in order to distinguish allocated IP addresses from unallocated IP addresses, an unallocated list (unsignedIPs queue) and an allocated list (signedIPs queue) can be created. If it has already been created, it does not need to be created again. After creating the unassigned list and the assigned list, take out the first IP address in the unassigned list and assign it to the container, delete the IP address from the unassigned list, and add the IP address to the assigned list at the same time. For example, the IP address queue is initially arranged in ascending order, but when an address is released, it will be added to the tail of the queue, and then IP addresses will be allocated from the beginning to the end according to the order of the queue. For example: the initial queue of IP addresses is 172.30.1.1, 172.30.1.2, 172.30.1.3, 172.30.1.4. When there are three containers applying for addresses, 172.30.1.1, 172.30.1.2, and 172.30.1.3 will be assigned to the three containers respectively, so only the address 172.30.1.4 remains in the unsignedIPs queue. When the container with 172.30.1.2 is destroyed and the address is released, the released address will be added to the tail of the unsignedIPs queue, namely 172.30.1.4 and 172.30.1.2. If another container applies for IP address allocation, it will be allocated according to the order of the IP addresses in the current unsignedIPs queue, and then the address 172.30.1.4 will be allocated to the container instead of 172.30.1.2.
如果待分配IP地址的容器所属的物理机配置了指定地址池,则判 断该指定地址池是否属于总地址池,如果不属于,则提示错误。因为, 在本发明实施例中设置的总地址池可以全局使用,配置的每个指定地 址池都应该属于总地址池。判断出指定地址池属于总地址池后,为保 证容器IP地址的唯一性,继续判断该指定地址池是否与其他物理机的 指定地址池存在交集,如果有交集,同样提示错误。因为为物理机配 置指定地址池是通过配置文件实现的,判断出该指定地址池与其他物 理机的指定地址池不存在交集,将该指定地址池记录在etcd的数据库 中,进而实现配置文件与etcd的同步。如果该指定地址池已经记录在 etcd上,则不需要再次记录。If the physical machine to which the container to be assigned an IP address belongs is configured with a specified address pool, it will be judged whether the specified address pool belongs to the total address pool, and if not, an error will be prompted. Because the total address pool set in the embodiment of the present invention can be used globally, each specified address pool configured should belong to the total address pool. After judging that the specified address pool belongs to the general address pool, in order to ensure the uniqueness of the container IP address, continue to judge whether the specified address pool overlaps with the specified address pools of other physical machines. If there is an intersection, an error is also displayed. Because the configuration of the specified address pool for the physical machine is realized through the configuration file, it is judged that there is no intersection between the specified address pool and the specified address pool of other physical machines, and the specified address pool is recorded in the etcd database. Synchronization of etcd. If the specified address pool has already been recorded on etcd, there is no need to record it again.
如图2所示,在将该指定地址池记录在etcd上之后,为指定地址 池创建unsignedIPs队列和signedIPs队列,并将unsignedIPs队列初始 为指定地址池,即指定地址池中的IP地址都在unsignedIPs队列中。同 时,将signedIPs队列初始化为空。如果已经为该指定地址池的物理机 分配IP地址,则不需要进行创建unsignedIPs队列和signedIPs队列, 也不需要进行初始化的操作。经过上述步骤之后,分配IP地址的过程 仍然按照出队入对的方式进行,即取出当前unsignedIPs队列中的第一 个IP地址,如果存在容器删除,则将该容器的IP地址添加到unsignedIPs 队列的最后。As shown in Figure 2, after recording the specified address pool on etcd, create an unsignedIPs queue and a signedIPs queue for the specified address pool, and initialize the unsignedIPs queue to the specified address pool, that is, the IP addresses in the specified address pool are all in unsignedIPs in queue. At the same time, initialize the signedIPs queue to be empty. If IP addresses have been allocated for the physical machines in the specified address pool, there is no need to create unsignedIPs queues and signedIPs queues, nor to perform initialization operations. After the above steps, the process of allocating IP addresses is still carried out in the way of dequeueing and entering pairs, that is, the first IP address in the current unsignedIPs queue is taken out, and if there is a container to be deleted, the IP address of the container is added to the unsignedIPs queue. At last.
取出unsignedIPs队列中的第一个IP地址后,判断该IP地址是否 属于静态分配列表中,如果存在,则将该IP地址移到静态分配列表中, 并再从当前unsignedIPs队列中的第一个IP地址继续进行判断。如果取 出的IP地址不属于静态分配列表,则将该IP地址从unsignedIPs队列 中移到signedIPs队列。进而,unsignedIPs队列中存储的都是未分配出的IP地址,signedIPs队列中记录中分配出的IP地址以及获取该IP地 址的容器信息。After taking out the first IP address in the unsignedIPs queue, judge whether the IP address belongs to the static allocation list. The address continues to be judged. If the IP address taken out does not belong to the static allocation list, the IP address is moved from the unsignedIPs queue to the signedIPs queue. Furthermore, the unsignedIPs queue stores unassigned IP addresses, the IP addresses allocated in the records in the signedIPs queue and the container information for obtaining the IP addresses.
图3是根据本发明实施例的静态分配的示意图。Fig. 3 is a schematic diagram of static allocation according to an embodiment of the present invention.
根据待分配IP地址的容器的label判定出进行静态分配后,如图3 所示,根据label判断该容器绑定的IP地址是否属于总地址池中,因为 总地址池是全局使用,则如果不属于提示错误。该容器绑定的IP地址 属于总地址池的话,则将绑定的IP地址对应的容器修改为当前容器, 并记录在静态分配列表中。在静态分配的过程中,一个IP地址可以重 复使用,通过修改绑定关系使得IP地址分配给不同的容器。进而根据 对这一次绑定关系的判断,以及判断出通过该绑定关系查找出的IP地 址分配给了哪个容器,确定IP地址与容器的绑定关系是否发生变化。 如果绑定关系发生了变化,需要记录这个地址当前是被哪个容器所使 用的。如果绑定关系没有发生变化,则不需要再次进行记录。After the static allocation is determined according to the label of the container to be assigned an IP address, as shown in Figure 3, judge whether the IP address bound to the container belongs to the total address pool according to the label, because the total address pool is used globally, if not It is a prompt error. If the IP address bound to the container belongs to the general address pool, modify the container corresponding to the bound IP address to the current container, and record it in the static allocation list. In the process of static allocation, an IP address can be reused, and the IP address can be allocated to different containers by modifying the binding relationship. Then according to the judgment to this binding relationship, and judge which container is assigned to the IP address found by the binding relationship, determine whether the binding relationship between the IP address and the container changes. If the binding relationship has changed, it is necessary to record which container this address is currently using. If the binding relationship has not changed, there is no need to record it again.
在上述过程的基础上,容器删除时IP地址的收回则会比较简单。 先通过容器和IP地址的对应关系找到IP地址,把IP地址从signedIPs 队列中移到unsignedIPs队列中,并清除该IP地址和容器的对应关系。 而如果IP地址在静态绑定列表中,则只需要把该IP地址和容器的对应 关系删除即可。On the basis of the above process, it will be relatively simple to recover the IP address when the container is deleted. First find the IP address through the correspondence between the container and the IP address, move the IP address from the signedIPs queue to the unsignedIPs queue, and clear the correspondence between the IP address and the container. And if the IP address is in the static binding list, you only need to delete the corresponding relationship between the IP address and the container.
现有技术中通过flannel分配IP地址的过程中,需用用户在etcd服 务器上设一个属于同一个内网IP段内的flannel覆盖网络。当物理节点 上的Docker启动时,如果使用flannel网络模型,那么flannel会从覆 盖网络中分配一个小范围的子网给这个节点。这样该物理节点上的容 器都会使用这个子网中的IP地址。其具体过程包括:首先要在etcd服务器上设定一个{"Network":"10.1.0.0/16"}覆盖网络,之后物理机上 的docker进程启动时使用了flannel的参数,flannel分配子网,如以下 两个物理机,一个分配了10.1.15.1/24,一个分配了10.1.20.1/24.那么 这两个物理机上的容器将会分别使用这两个子网中的IP地址。本发明 实施例通过设置地址池,将分配IP地址的过程进行了简化,类似于直 接从10.1.0.0/16网络中拿地址,而不用再为每个物理机分配子网。In the process of assigning IP addresses by flannel in the prior art, users need to set up a flannel overlay network belonging to the same intranet IP segment on the etcd server. When Docker on a physical node starts, flannel will allocate a small range of subnets from the overlay network to this node if the flannel network model is used. In this way, the containers on the physical node will use the IP addresses in this subnet. The specific process includes: first set a {"Network":"10.1.0.0/16"} overlay network on the etcd server, and then use flannel parameters when the docker process on the physical machine starts, and flannel allocates subnets, such as For the following two physical machines, one is assigned 10.1.15.1/24 and the other is assigned 10.1.20.1/24. Then the containers on these two physical machines will use the IP addresses in the two subnets respectively. The embodiment of the present invention simplifies the process of allocating IP addresses by setting an address pool, which is similar to directly obtaining addresses from the 10.1.0.0/16 network without allocating subnets for each physical machine.
而且,在设计网络时,如果需要规定每台物理机或者某几台物理 机上的容器IP范围,flannel需要配置etcd服务器,而本发明实施例的 容器IP地址分配的方法只需要修改配置文件即可。本发明实施例的容 器IP地址分配的方法为一种KubernetesCNI方法,可通过一个二进制 文件sDHClient和一个配置文件配合使用。该配置文件由kubelet启动 时装载,配置了本节点上容器使用的IP地址即指定地址池(subnet), 另外还在etcd上配置指定容器和IP地址绑定的静态分配列表。该静态 分配列表中记录的是容器pod的label字段和IP地址的对应关系。CNI 一般需要实现两个接口cmdAdd和cmdDel,cmdAdd用于给容器一个地址,cmdDel用于收回一个地址。其中,cmdAdd、cmdDel是CNI插 件中的一个函数接口,本发明实施例都是CNI插件实现的。Moreover, when designing a network, if it is necessary to specify the container IP range on each physical machine or certain physical machines, flannel needs to configure an etcd server, while the container IP address allocation method in the embodiment of the present invention only needs to modify the configuration file . The container IP address allocation method of the embodiment of the present invention is a KubernetesCNI method, which can be used in conjunction with a binary file sDHClient and a configuration file. The configuration file is loaded when the kubelet starts, and configures the IP address used by the container on this node, that is, the specified address pool (subnet). In addition, it also configures the static allocation list of the specified container and IP address binding on etcd. The static allocation list records the correspondence between the label field of the container pod and the IP address. CNI generally needs to implement two interfaces cmdAdd and cmdDel, cmdAdd is used to give a container an address, and cmdDel is used to take back an address. Wherein, cmdAdd, cmdDel are a function interface in the CNI plug-in, and the embodiment of the present invention is all realized by the CNI plug-in.
首先,查看cmdAdd的参数(容器名或者容器ID)中是否有label, 如果有进行静态分配,反之进行动态分配。First, check whether there is a label in the parameter (container name or container ID) of cmdAdd. If there is a label, it will be allocated statically, otherwise it will be allocated dynamically.
对于动态分配IP地址,首先需要在etcd的数据库中设定的一个总 地址池(defaultPool)。每个kubelet节点上的配置文件中的subnet必 须属于这个地址池。如果没有配置subnet,则默认使用defaultPool。 sDHClient还要在etcd上查看是否存在和subnet有交集的指定地址池, 如果有则会报错,并且提示用户修改配置,防止分配出相同的IP地址。For dynamically assigning IP addresses, a total address pool (defaultPool) set in the etcd database is first required. The subnet in the configuration file on each kubelet node must belong to this address pool. If no subnet is configured, defaultPool is used by default. sDHClient also needs to check on etcd whether there is a specified address pool that intersects with the subnet. If there is, an error will be reported and the user will be prompted to modify the configuration to prevent the same IP address from being allocated.
sDHClient会按照地出队入对的方式分别给容器pod分配IP地址。 并在etcd中记录unsignedIPs队列和已经分配出去的signedIPs队列, 确保不会分配重复的IP地址。另外还要在etcd上记录该物理机配置的 subnet,防止与其他节点重合。并且,在etcd上记录容器和分配出的IP 地址的对应关系,以便删除容器时正确回收IP地址。同时,在将IP地 址分配给容器前,还需要检查该IP地址是否在静态地址绑定列表中, 如果在列表中则需要跳过该地址,并把该地址从unsignedIPs列表中移 除,防止sDHClient把该IP地址分配给非绑定的容器。sDHClient will allocate IP addresses to container pods in a way of dequeueing and entering pairs. And record the unsignedIPs queue and the assigned signedIPs queue in etcd to ensure that no duplicate IP addresses will be assigned. In addition, the subnet configured by the physical machine should be recorded on etcd to prevent overlapping with other nodes. Also, record the correspondence between the container and the allocated IP address on etcd, so that the IP address can be correctly reclaimed when the container is deleted. At the same time, before assigning the IP address to the container, it is also necessary to check whether the IP address is in the static address binding list. If it is in the list, the address needs to be skipped and removed from the unsignedIPs list to prevent sDHClient Assign this IP address to the unbound container.
图4是根据本发明实施例的容器IP地址分配的系统的主要模块的 示意图。如图4所示,本发明实施例的容器IP地址分配的系统400主 要包括:配置模块401、判断模块402、静态分配模块403和动态分配 模块404。Fig. 4 is a schematic diagram of main modules of a system for container IP address allocation according to an embodiment of the present invention. As shown in Figure 4, the container IP address allocation system 400 of the embodiment of the present invention mainly includes: a configuration module 401, a judgment module 402, a static allocation module 403 and a dynamic allocation module 404.
配置模块401用于配置总地址池之后,根据第一分配需求将总地 址池中的部分IP地址与对应的容器建立一一对应的绑定关系;After the configuration module 401 is used to configure the total address pool, according to the first allocation requirement, a part of the IP addresses in the total address pool and the corresponding container are set up a one-to-one binding relationship;
判断模块402用于接收到分配IP地址的请求的情况下,判断待分 配IP地址的容器是否与总地址池中的IP地址建立绑定关系;Judgment module 402 is used for under the situation that receives the request of assigning IP address, judges whether the container of IP address to be assigned establishes binding relationship with the IP address in the total address pool;
静态分配模块403用于在判断模块判断出待分配IP地址的容器与 总地址池中的IP地址建立绑定关系后,进行静态分配,静态分配包括: 将待分配IP地址的容器在总地址池中绑定的IP地址分配给待分配IP 地址的容器;The static allocation module 403 is used to perform static allocation after the judging module determines that the container to be allocated an IP address has a binding relationship with the IP address in the total address pool. The static allocation includes: placing the container to be allocated an IP address in the total address pool Assign the bound IP address to the container to be assigned the IP address;
动态分配模块404用于在判断模块判断出待分配IP地址的容器与 总地址池中的IP地址没有建立绑定关系后,进行动态分配,动态分配 包括:将总地址池中未绑定的IP地址分配给待分配IP地址的容器。The dynamic allocation module 404 is used to perform dynamic allocation after the judging module judges that the container to be allocated an IP address does not establish a binding relationship with the IP address in the total address pool. The dynamic allocation includes: unbound IP addresses in the total address pool The address is assigned to the container whose IP address is to be assigned.
其中,配置模块401根据第一分配需求确定出待绑定IP地址的容 器的绑定标签;将绑定标签与总地址池中的IP地址建立一对一的对应 关系;将对应关系记录在静态分配列表中。而且,静态分配模块403 包括:获取单元,用于根据接收到的分配IP地址的请求,获取待分配 IP地址的容器的绑定标签;查找单元,用于根据绑定标签在静态分配 列表中查找出对应的IP地址;分配单元,用于将IP地址分配给待分配 IP地址的容器。Wherein, the configuration module 401 determines the binding label of the container to be bound to the IP address according to the first allocation requirement; establishes a one-to-one correspondence between the binding label and the IP address in the total address pool; records the correspondence in the static assignment list. Moreover, the static allocation module 403 includes: an acquisition unit, configured to obtain the binding label of the container to be allocated an IP address according to the received request for allocation of the IP address; a search unit, configured to search the static allocation list according to the binding label output the corresponding IP address; the allocation unit is used to allocate the IP address to the container to be allocated the IP address.
配置模块401还用于根据网络规划配置总地址池,以及将总地址 池分布式存储在etcd的数据库中。并且,根据第二分配需求为指定的 物理机通过配置文件配置指定地址池,并且指定地址池中的IP地址全 部包含在总地址池中。The configuration module 401 is also used to configure the total address pool according to network planning, and store the total address pool in a distributed manner in the etcd database. And, according to the second allocation requirement, the specified address pool is configured for the specified physical machine through the configuration file, and the IP addresses in the specified address pool are all included in the total address pool.
动态分配模块404还用于,判断待分配IP地址的容器所在的物理 机是否配置了指定地址池;如果没有,则动态分配模块将总地址池中 未绑定的IP地址分配给待分配IP地址的容器;否则,动态分配模块将 指定地址池中未绑定的IP地址分配给待分配IP地址的容器。动态分配 模块还用于,判断指定地址池与其他物理机的指定地址池是否有交集; 如果有交集,则输出报错信息;否则,将指定地址池中未分配列表中 的IP地址分配给待分配IP地址的容器,并且将IP地址从未分配列表 中移除,以及将IP地址与获取IP地址的容器对应地记录在已分配列表 中。The dynamic allocation module 404 is also used to determine whether the physical machine where the container of the IP address to be allocated is located is configured with a specified address pool; if not, the dynamic allocation module allocates the unbound IP address in the total address pool to the IP address to be allocated Otherwise, the dynamic allocation module allocates the unbound IP address in the specified address pool to the container to be allocated the IP address. The dynamic allocation module is also used to judge whether there is an intersection between the specified address pool and the specified address pool of other physical machines; if there is an intersection, output an error message; otherwise, assign the IP address in the unallocated list in the specified address pool to the IP address to be allocated The container of the IP address, and the IP address is removed from the unassigned list, and the IP address is correspondingly recorded in the allocated list with the container from which the IP address was obtained.
在分配IP地址的过程中,静态分配模块和动态分配模块按照出队 入队的方式将总地址池中IP地址分配给待分配IP地址的容器。并且本 发明实施例的容器IP地址分配的系统还包括创建模块,用于进行静态 分配或动态分配之后,根据已分配的IP地址,为待分配IP地址的容器 创建一对veth-pair。In the process of allocating IP addresses, the static allocation module and the dynamic allocation module allocate the IP addresses in the total address pool to the containers to be allocated IP addresses according to the mode of going out and entering the team. And the container IP address allocation system of the embodiment of the present invention also includes a creation module, which is used to create a pair of veth-pairs for the container to be allocated an IP address according to the allocated IP address after static allocation or dynamic allocation.
本发明实施例的容器IP地址分配的系统通过预先在etcd的数据库 写入一个总地址池,各个kubelet节点可以根据需要自由分享这个总地 址池。每个kubelet节点还可以根据需求,通过配置文件中为该kubelet 节点配置指定地址池,但是指定地址池都属于etcd中预先写入的总地 址池。如果没有配置指定地址池,在分配IP地址的过程中,默认使用etcd中预设的总地址池。同时,本发明实施例的容器IP地址分配的系 统还提供了容器和IP地址绑定的功能,不像DHCP(Dynamic Host Configuration Protocol,动态主机配置协议)中通过MAC地址和IP地 址进行绑定,本发明实施例的容器IP地址分配的系统中的绑定是将容 器label和IP地址进行绑定。本发明实施例的容器IP地址分配的系统 还会创建一个veth-pair,一端发送到容器内部,一端在容器外部以网卡 的形式存在。不需要使用桥接接口,网络包从网卡直接转发到容器内 部。通过本发明实施例的容器IP地址分配的系统分配的地址就是配置 给容器内部的网卡,需要配合使用路由才能保证网路的通畅。The container IP address allocation system of the embodiment of the present invention writes a total address pool in the etcd database in advance, and each kubelet node can freely share this total address pool as required. Each kubelet node can also configure a specified address pool for the kubelet node through the configuration file according to requirements, but the specified address pool belongs to the pre-written total address pool in etcd. If no specified address pool is configured, the preset total address pool in etcd will be used by default during the process of allocating IP addresses. At the same time, the container IP address allocation system in the embodiment of the present invention also provides the function of binding the container and the IP address, unlike DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol, dynamic host configuration protocol) through MAC address and IP address binding, The binding in the container IP address allocation system of the embodiment of the present invention is to bind the container label and the IP address. The container IP address allocation system of the embodiment of the present invention will also create a veth-pair, one end is sent to the inside of the container, and the other end exists in the form of a network card outside the container. There is no need to use a bridge interface, and the network packet is directly forwarded from the network card to the inside of the container. The address allocated by the container IP address allocation system in the embodiment of the present invention is configured to the network card inside the container, and routing is required to ensure the smooth flow of the network.
图5示出了可以应用本发明实施例的容器IP地址分配的方法或容 器IP地址分配的系统的示例性系统架构500。Fig. 5 shows an exemplary system architecture 500 to which the method for allocating container IP addresses or the system for allocating container IP addresses according to the embodiments of the present invention can be applied.
如图5所示,系统架构500可以包括终端设备501、502、503,网 络504和服务器505。网络504用以在终端设备501、502、503和服务 器505之间提供通信链路的介质。网络504可以包括各种连接类型, 例如有线、无线通信链路或者光纤电缆等等。As shown in FIG. 5 , the system architecture 500 may include terminal devices 501, 502, 503, a network 504 and a server 505. The network 504 serves as a medium for providing communication links between the terminal devices 501, 502, 503 and the server 505. Network 504 may include various connection types, such as wires, wireless communication links, or fiber optic cables, among others.
用户可以使用终端设备501、502、503通过网络504与服务器505 交互,以接收或发送消息等。终端设备501、502、503上可以安装有 各种通讯客户端应用,例如购物类应用、网页浏览器应用、搜索类应 用、即时通信工具、邮箱客户端、社交平台软件等。Users can use terminal devices 501 , 502 , 503 to interact with server 505 via network 504 to receive or send messages and the like. Various communication client applications can be installed on the terminal devices 501, 502, and 503, such as shopping applications, web browser applications, search applications, instant messaging tools, email clients, social platform software, and the like.
终端设备501、502、503可以是具有显示屏并且支持网页浏览的 各种电子设备,包括但不限于智能手机、平板电脑、膝上型便携计算 机和台式计算机等等。Terminal devices 501, 502, 503 may be various electronic devices with display screens and supporting web browsing, including but not limited to smart phones, tablet computers, laptop computers and desktop computers, and the like.
服务器505可以是提供各种服务的服务器,例如对用户利用终端 设备501、502、503所浏览的购物类网站提供支持的后台管理服务器。 后台管理服务器可以对接收到的产品信息查询请求等数据进行分析等 处理,并将处理结果反馈给终端设备。The server 505 may be a server that provides various services, such as a background management server that provides support for shopping websites browsed by users using the terminal devices 501, 502, and 503. The background management server can analyze and process the received data such as product information query requests, and feed back the processing results to the terminal device.
需要说明的是,本发明实施例所提供的容器IP地址分配的方法一 般由服务器505执行,相应地,容器IP地址分配的系统一般设置于服 务器505中。It should be noted that the container IP address allocation method provided by the embodiment of the present invention is generally executed by the server 505, and correspondingly, the container IP address allocation system is generally set in the server 505.
应该理解,图5中的终端设备、网络和服务器的数目仅仅是示意 性的。根据实现需要,可以具有任意数目的终端设备、网络和服务器。It should be understood that the numbers of terminal devices, networks and servers in Figure 5 are only illustrative. According to the implementation needs, there can be any number of terminal devices, networks and servers.
下面参考图6,其示出了适于用来实现本发明实施例的终端设备的 计算机系统600的结构示意图。图6示出的终端设备仅仅是一个示例, 不应对本发明实施例的功能和使用范围带来任何限制。Referring to Fig. 6, it shows a schematic structural diagram of a computer system 600 suitable for implementing a terminal device according to an embodiment of the present invention. The terminal device shown in FIG. 6 is only an example, and should not limit the functions and scope of use of this embodiment of the present invention.
如图6所示,计算机系统600包括中央处理单元(CPU)601,其 可以根据存储在只读存储器(ROM)602中的程序或者从存储部分608 加载到随机访问存储器(RAM)603中的程序而执行各种适当的动作 和处理。在RAM 603中,还存储有系统600操作所需的各种程序和数据。CPU 601、ROM 602以及RAM 603通过总线604彼此相连。输入/ 输出(I/O)接口605也连接至总线604。As shown in FIG. 6 , a computer system 600 includes a central processing unit (CPU) 601 that can be programmed according to a program stored in a read-only memory (ROM) 602 or a program loaded from a storage section 608 into a random-access memory (RAM) 603 Instead, various appropriate actions and processes are performed. In the RAM 603, various programs and data necessary for the operation of the system 600 are also stored. The CPU 601 , ROM 602 , and RAM 603 are connected to each other through a bus 604 . An input/output (I/O) interface 605 is also connected to the bus 604 .
以下部件连接至I/O接口605:包括键盘、鼠标等的输入部分606; 包括诸如阴极射线管(CRT)、液晶显示器(LCD)等以及扬声器等的 输出部分607;包括硬盘等的存储部分608;以及包括诸如LAN卡、 调制解调器等的网络接口卡的通信部分609。通信部分609经由诸如因 特网的网络执行通信处理。驱动器610也根据需要连接至I/O接口605。 可拆卸介质611,诸如磁盘、光盘、磁光盘、半导体存储器等等,根据 需要安装在驱动器610上,以便于从其上读出的计算机程序根据需要 被安装入存储部分608。The following components are connected to the I/O interface 605: an input section 606 including a keyboard, a mouse, etc.; an output section 607 including a cathode ray tube (CRT), a liquid crystal display (LCD), etc., and a speaker; a storage section 608 including a hard disk, etc. and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the Internet. A drive 610 is also connected to the I/O interface 605 as needed. A removable medium 611, such as a magnetic disk, optical disk, magneto-optical disk, semiconductor memory, etc., is mounted on the drive 610 as necessary so that a computer program read therefrom is installed into the storage section 608 as necessary.
特别地,根据本发明公开的实施例,上文参考流程图描述的过程 可以被实现为计算机软件程序。例如,本发明公开的实施例包括一种 计算机程序产品,其包括承载在计算机可读介质上的计算机程序,该 计算机程序包含用于执行流程图所示的方法的程序代码。在这样的实 施例中,该计算机程序可以通过通信部分609从网络上被下载和安装, 和/或从可拆卸介质611被安装。在该计算机程序被中央处理单元 (CPU)601执行时,执行本发明的系统中限定的上述功能。In particular, according to the disclosed embodiments of the present invention, the processes described above with reference to the flowcharts can be implemented as computer software programs. For example, the disclosed embodiments of the present invention include a computer program product, which includes a computer program carried on a computer-readable medium, and the computer program includes program codes for executing the methods shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via communication portion 609, and/or installed from removable media 611. When this computer program is executed by a central processing unit (CPU) 601, the above-mentioned functions defined in the system of the present invention are performed.
需要说明的是,本发明所示的计算机可读介质可以是计算机可读 信号介质或者计算机可读存储介质或者是上述两者的任意组合。计算 机可读存储介质例如可以是——但不限于——电、磁、光、电磁、红 外线、或半导体的系统、装置或器件,或者任意以上的组合。计算机 可读存储介质的更具体的例子可以包括但不限于:具有一个或多个导 线的电连接、便携式计算机磁盘、硬盘、随机访问存储器(RAM)、 只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、 光纤、便携式紧凑磁盘只读存储器(CD-ROM)、光存储器件、磁存 储器件、或者上述的任意合适的组合。在本发明中,计算机可读存储 介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行 系统、装置或者器件使用或者与其结合使用。而在本发明中,计算机 可读的信号介质可以包括在基带中或者作为载波一部分传播的数据信 号,其中承载了计算机可读的程序代码。这种传播的数据信号可以采 用多种形式,包括但不限于电磁信号、光信号或上述的任意合适的组 合。计算机可读的信号介质还可以是计算机可读存储介质以外的任何 计算机可读介质,该计算机可读介质可以发送、传播或者传输用于由 指令执行系统、装置或者器件使用或者与其结合使用的程序。计算机可读介质上包含的程序代码可以用任何适当的介质传输,包括但不限 于:无线、电线、光缆、RF等等,或者上述的任意合适的组合。It should be noted that the computer-readable medium shown in the present invention may be a computer-readable signal medium or a computer-readable storage medium or any combination of the above two. A computer readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of computer readable storage media may include, but are not limited to, electrical connections with one or more wires, portable computer diskettes, hard disks, random access memory (RAM), read only memory (ROM), erasable Programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above. In the present invention, a computer-readable storage medium may be any tangible medium that contains or stores a program that can be used by or in conjunction with an instruction execution system, apparatus, or device. In the present invention, however, a computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, carrying computer-readable program code therein. Such propagated data signals may take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing. A computer-readable signal medium may also be any computer-readable medium other than a computer-readable storage medium, which can send, propagate, or transmit a program for use by or in conjunction with an instruction execution system, apparatus, or device. . Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
附图中的流程图和框图,图示了按照本发明各种实施例的系统、 方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点 上,流程图或框图中的每个方框可以代表一个模块、程序段、或代码 的一部分,上述模块、程序段、或代码的一部分包含一个或多个用于 实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的 实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发 生。例如,两个接连地表示的方框实际上可以基本并行地执行,它们 有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的 是,框图或流程图中的每个方框、以及框图或流程图中的方框的组合, 可以用执行规定的功能或操作的专用的基于硬件的系统来实现,或者 可以用专用硬件与计算机指令的组合来实现。The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in a flowchart or block diagram may represent a module, program segment, or portion of code that includes one or more logical functions for implementing specified executable instructions. It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or they may sometimes be executed in the reverse order, depending upon the functionality involved. It should also be noted that each block in the block diagrams or flowchart illustrations, and combinations of blocks in the block diagrams or flowchart illustrations, can be implemented by a dedicated hardware-based system that performs the specified function or operation, or can be implemented by a A combination of dedicated hardware and computer instructions.
描述于本发明实施例中所涉及到的模块可以通过软件的方式实 现,也可以通过硬件的方式来实现。所描述的模块也可以设置在处理 器中,例如,可以描述为:一种处理器包括配置模块、判断模块、静 态分配模块和动态分配模块。其中,这些模块的名称在某种情况下并 不构成对该模块本身的限定,例如,配置模块还可以被描述为“配置 总地址池之后,根据第一分配需求将所述总地址池中的部分IP地址与 对应的容器建立一一对应的绑定关系的模块”。The modules involved in the embodiments of the present invention can be realized by software or by hardware. The described modules can also be set in a processor, for example, it can be described as: a processor includes a configuration module, a judging module, a static allocation module and a dynamic allocation module. Wherein, the names of these modules do not constitute a limitation on the module itself under certain circumstances. For example, the configuration module can also be described as "after the general address pool is configured, the A module that establishes a one-to-one binding relationship between some IP addresses and corresponding containers."
作为另一方面,本发明还提供了一种计算机可读介质,该计算机 可读介质可以是上述实施例中描述的设备中所包含的;也可以是单独 存在,而未装配入该设备中。上述计算机可读介质承载有一个或者多 个程序,当上述一个或者多个程序被一个该设备执行时,使得该设备 包括:配置总地址池之后,根据第一分配需求将所述总地址池中的部 分IP地址与对应的容器建立一一对应的绑定关系;接收到分配IP地址 的请求的情况下,判断待分配IP地址的容器是否与所述总地址池中的 IP地址建立绑定关系;如果是,则进行静态分配,所述静态分配包括: 将所述待分配IP地址的容器在所述总地址池中绑定的IP地址分配给所 述待分配IP地址的容器;否则,进行动态分配,所述动态分配包括: 将所述总地址池中未绑定的IP地址分配给所述待分配IP地址的容器。As another aspect, the present invention also provides a computer-readable medium. The computer-readable medium may be included in the device described in the above embodiments, or it may exist independently without being assembled into the device. The above-mentioned computer-readable medium carries one or more programs, and when the above-mentioned one or more programs are executed by one device, the device includes: after the general address pool is configured, according to the first allocation requirement, the Part of the IP address of the corresponding container establishes a one-to-one correspondence binding relationship; in the case of receiving a request for assigning an IP address, determine whether the container to be assigned an IP address establishes a binding relationship with the IP address in the total address pool ; If yes, perform static allocation, the static allocation includes: assigning the IP address bound to the container with the IP address to be allocated in the total address pool to the container with the IP address to be allocated; otherwise, perform Dynamic allocation, the dynamic allocation includes: allocating unbound IP addresses in the total address pool to the container of the to-be-allocated IP address.
根据本发明实施例的技术方案,配置了一个总地址池给集群内的 所有容器使用,并保证任何一个地址可以在所有节点使用。并且通过 容器label和IP地址建立绑定关系,实现了容器重启或者迁移时IP地 址不变。通过整合动态IP地址分配和静态IP地址分配绑定于一体,更 方便网络布局。According to the technical solution of the embodiment of the present invention, a total address pool is configured for use by all containers in the cluster, and it is guaranteed that any address can be used by all nodes. And through the establishment of a binding relationship between the container label and the IP address, the IP address does not change when the container is restarted or migrated. By integrating dynamic IP address allocation and static IP address allocation into one, it is more convenient for network layout.
上述具体实施方式,并不构成对本发明保护范围的限制。本领域 技术人员应该明白的是,取决于设计要求和其他因素,可以发生各种 各样的修改、组合、子组合和替代。任何在本发明的精神和原则之内 所作的修改、等同替换和改进等,均应包含在本发明保护范围之内。The above specific implementation methods do not constitute a limitation to the protection scope of the present invention. Those skilled in the art should understand that various modifications, combinations, sub-combinations and substitutions may occur depending on design requirements and other factors. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.
Claims (17)
- A kind of 1. method of container IP address distribution, it is characterised in that including:The part IP address in total address pool is established into one-to-one binding with corresponding container according to the first distribution requirements to close System;In the case of the request for receiving distribution IP address, judge whether the container of IP address to be allocated has to bind with IP address and close System;If so, the IP address bound in the container of the IP address to be allocated is then distributed into the container;Otherwise, IP address unbound in total address pool is distributed to the container of the IP address to be allocated.
- 2. according to the method for claim 1, it is characterised in thatDescribed established the part IP address in total address pool with corresponding container according to the first distribution requirements is tied up correspondingly The step of determining relation includes:Part IP address is read out from total address pool according to the first distribution requirements, and according to first point Determine to treat the binding tab of the container of binding IP address with demand;The binding tab and the IP address read out are established one To one corresponding relation;The corresponding relation is recorded in static allocation list;Whether the container for judging IP address to be allocated with IP address has the step of binding relationship to include:With judging IP to be allocated Whether the container of location has binding tab;The step of IP address by bound in the container of the IP address to be allocated distributes to the container includes:Obtain and treat point The binding tab of container with IP address;IP corresponding to being found out according to the binding tab in the static allocation list Location;The IP address is distributed to the container of the IP address to be allocated.
- 3. according to the method for claim 1, it is characterised in that it is described according to the first distribution requirements by the portion in total address pool Before the step of point IP address establishes one-to-one binding relationship with corresponding container, in addition to:According to predetermined IP Number of addresses configures total address pool;Then total address pool is stored in etcd database.
- 4. according to the method for claim 1, it is characterised in thatDescribed established the part IP address in total address pool with corresponding container according to the first distribution requirements is tied up correspondingly Before the step of determining relation, in addition to:It is that the physical machine specified configures specified ground by configuration file according to the second distribution requirements Location pond, and the IP address in the given pool is integrally incorporated in total address pool;Described the step of IP address unbound in total address pool is distributed into the container of the IP address to be allocated, includes: Whether the physical machine where judging the container of the IP address to be allocated is configured with given pool;If it is not, by described in Unbound IP address distributes to the container of the IP address to be allocated in total address pool;Otherwise, by the given pool Unbound IP address distributes to the container of the IP address to be allocated.
- 5. according to the method for claim 4, it is characterised in that described by IP address point unbound in total address pool Also include the step of the container of IP address to be allocated described in dispensing:Judge whether the given pool and the given pool of other physical machines have common factor;If occuring simultaneously, then error information is exported;Otherwise, the IP address in unallocated list in the given pool is distributed To the container of the IP address to be allocated, and will be removed in the IP address never distribution list, and by the IP address Container with obtaining the IP address is accordingly recorded in distribution list.
- 6. according to the method for claim 1, it is characterised in thatThe step of IP address by bound in the container of the IP address to be allocated distributes to the container includes:According to current The order determination of the IP address of binding is located at primary IP address, and the IP address then is distributed into the container;Described the step of IP address unbound in total address pool is distributed into the container of the IP address to be allocated, includes: Determined to be located at primary IP address according to the order of IP address unbound in total address pool, then distribute to the IP address The container.
- 7. according to the method for claim 1, it is characterised in that after IP address is distributed into container, in addition to:According to allocated IP address, a pair of veth-pair are created to obtain the container of the IP address.
- A kind of 8. system of container IP address distribution, it is characterised in that including:Configuration module, for being established the part IP address in total address pool one by one with corresponding container according to the first distribution requirements Corresponding binding relationship;Judge module, for receive distribution IP address request in the case of, judge IP address to be allocated container whether There is binding relationship with IP address;Static allocation module, for judging that the container of the IP address to be allocated has binding with IP address in the judge module After relation, the IP address bound in the container of the IP address to be allocated is distributed into the container;Dynamically distributes module, for judging that the container of the IP address to be allocated is not tied up with IP address in the judge module After determining relation, IP address unbound in total address pool is distributed to the container of the IP address to be allocated.
- 9. system according to claim 8, it is characterised in thatThe configuration module is additionally operable to, and part IP address is read out from total address pool according to the first distribution requirements, and according to First distribution requirements are determined to treat the binding tab of the container of binding IP address;By the binding tab and the IP address read out Establish man-to-man corresponding relation;The corresponding relation is recorded in static allocation list;The judge module is additionally operable to, and judges the container of IP address to be allocated and whether has binding tab.
- 10. system according to claim 9, it is characterised in that the static allocation module includes:Acquiring unit, the binding tab of the container for obtaining IP address to be allocated;Searching unit, for finding out corresponding IP address in the static allocation list according to the binding tab;Allocation unit, for the IP address to be distributed to the container of the IP address to be allocated.
- 11. system according to claim 8, it is characterised in that the configuration module is additionally operable to, according to the first distribution need Before asking the step of part IP address in total address pool is established into one-to-one binding relationship with corresponding container, according to pre- The total address pool of IP address quantity configuration first determined;Then total address pool is stored in etcd database.
- 12. system according to claim 8, it is characterised in that the configuration module is additionally operable to, according to the first distribution requirements Before the step of part IP address in total address pool is established into one-to-one binding relationship with corresponding container, according to second Distribution requirements are that the physical machine specified configures given pool, and the IP address in the given pool by configuration file It is integrally incorporated in total address pool;AndThe dynamically distributes model is additionally operable to, and whether the physical machine where judging the container of the IP address to be allocated is configured with finger Determine address pool;If it is not, IP address unbound in total address pool is distributed to the appearance of the IP address to be allocated Device;Otherwise, IP address unbound in the given pool is distributed to the container of the IP address to be allocated.
- 13. system according to claim 12, it is characterised in that the dynamically distributes module is additionally operable to, and judges the finger Whether the given pool for determining address pool and other physical machines has common factor;If occuring simultaneously, then error information is exported;Otherwise, will IP address in the given pool in unallocated list distributes to the container of the IP address to be allocated, and by the IP Removed in the never distribution list of address, and the IP address has been divided with obtaining the container of the IP address and being accordingly recorded in With in list.
- 14. system according to claim 8, it is characterised in thatThe static allocation module is additionally operable to, and is determined to be located at primary IP address according to the order of the IP address of current bindings, Then the IP address is distributed into the container;The dynamically distributes module is additionally operable to, and is determined according to the order of IP address unbound in total address pool positioned at primary IP address, the IP address is then distributed into the container.
- 15. system according to claim 8, it is characterised in that also include:Creation module, after IP address is distributed into container, according to allocated IP address, to obtain the appearance of the IP address Device creates a pair of veth-pair.
- A kind of 16. container IP address assigned unit, it is characterised in that including:One or more processors;Storage device, for storing one or more programs,When one or more of programs are by one or more of computing devices so that one or more of processors are real The now method as described in any in claim 1-7.
- 17. a kind of computer-readable medium, is stored thereon with computer program, it is characterised in that described program is held by processor The method as described in any in claim 1-7 is realized during row.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710854707.2A CN107580083B (en) | 2017-09-20 | 2017-09-20 | Method and system for allocating container IP addresses |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710854707.2A CN107580083B (en) | 2017-09-20 | 2017-09-20 | Method and system for allocating container IP addresses |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107580083A true CN107580083A (en) | 2018-01-12 |
| CN107580083B CN107580083B (en) | 2020-11-03 |
Family
ID=61036356
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710854707.2A Active CN107580083B (en) | 2017-09-20 | 2017-09-20 | Method and system for allocating container IP addresses |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107580083B (en) |
Cited By (45)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108494880A (en) * | 2018-04-18 | 2018-09-04 | 云家园网络技术有限公司 | Communication means based on large-scale data centre management and system |
| CN108810192A (en) * | 2018-07-20 | 2018-11-13 | 郑州云海信息技术有限公司 | A kind of static IP configuration method, device, equipment and readable storage medium storing program for executing |
| CN108881455A (en) * | 2018-06-28 | 2018-11-23 | 西北工业大学 | Data encapsulation and transmission method in the isomery cloud storage system of low capacity memory node |
| CN109462511A (en) * | 2018-12-11 | 2019-03-12 | 中科曙光国际信息产业有限公司 | The method for building up and device of network |
| CN110138606A (en) * | 2019-05-06 | 2019-08-16 | 携程旅游信息技术(上海)有限公司 | Capacitor network configuration method and system |
| CN110149422A (en) * | 2019-06-25 | 2019-08-20 | 苏州梦嘉信息技术有限公司 | A kind of domain name management method and system |
| CN110445884A (en) * | 2018-05-04 | 2019-11-12 | 中国移动通信集团浙江有限公司 | A kind of container IP address management method and device |
| CN110716787A (en) * | 2018-07-13 | 2020-01-21 | 中兴通讯股份有限公司 | Container address setting method, apparatus, and computer-readable storage medium |
| CN110750332A (en) * | 2019-10-23 | 2020-02-04 | 广西梯度科技有限公司 | Method for setting static IP (Internet protocol) in Pod in Kubernetes |
| CN110769075A (en) * | 2018-07-25 | 2020-02-07 | 中国电信股份有限公司 | Container communication method, system, controller and computer readable storage medium |
| CN111124604A (en) * | 2019-12-05 | 2020-05-08 | 北京金山云网络技术有限公司 | Method, apparatus, device and storage medium for allocating pod IP addresses of container groups |
| CN111147297A (en) * | 2019-12-23 | 2020-05-12 | 广东省新一代通信与网络创新研究院 | A multi-layer network plane construction method for kubernetes |
| CN111193783A (en) * | 2019-12-19 | 2020-05-22 | 新浪网技术(中国)有限公司 | Service access processing method and device |
| CN111352689A (en) * | 2018-12-21 | 2020-06-30 | 中国电信股份有限公司 | Method and device for realizing seamless migration of application containerized deployment |
| CN111491040A (en) * | 2020-04-09 | 2020-08-04 | 北京城市网邻信息技术有限公司 | IP distribution method and IP distribution device |
| CN111736944A (en) * | 2019-03-25 | 2020-10-02 | 北京奇虎科技有限公司 | Docker container positioning method and device based on Kubernetes |
| CN111835880A (en) * | 2020-06-23 | 2020-10-27 | 新浪网技术(中国)有限公司 | IP address allocation method and system |
| WO2020232887A1 (en) * | 2019-05-17 | 2020-11-26 | 平安科技(深圳)有限公司 | Configuration modification method and apparatus for container application, and computer device and storage medium |
| CN112153167A (en) * | 2020-08-06 | 2020-12-29 | 北京百度网讯科技有限公司 | Internet protocol management method, device, electronic device and storage medium |
| CN112243044A (en) * | 2019-07-16 | 2021-01-19 | 广州虎牙科技有限公司 | Container address allocation method and device |
| CN112565475A (en) * | 2020-12-01 | 2021-03-26 | 成都精灵云科技有限公司 | IP address allocation method for adding new node to container cluster service layer |
| CN112769965A (en) * | 2019-10-21 | 2021-05-07 | 中盈优创资讯科技有限公司 | IP address management and distribution method, device and system |
| CN113037522A (en) * | 2019-12-24 | 2021-06-25 | 华为数字技术(苏州)有限公司 | Container unit management method and related equipment |
| CN113055500A (en) * | 2019-12-26 | 2021-06-29 | 中国电信股份有限公司 | Address request method, device and computer readable storage medium |
| CN113766042A (en) * | 2021-01-20 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Container address configuration method, system, device, equipment and medium |
| CN114070822A (en) * | 2021-11-17 | 2022-02-18 | 苏州博纳讯动软件有限公司 | Kubernetes Overlay IP address management method |
| CN114124905A (en) * | 2021-11-03 | 2022-03-01 | 中盈优创资讯科技有限公司 | Method and device for judging static address pool address occupation condition statistics |
| CN114328330A (en) * | 2021-11-22 | 2022-04-12 | 广州极飞科技股份有限公司 | Address assignment method, device management and irrigation systems, slaves and input devices |
| CN114371914A (en) * | 2022-01-10 | 2022-04-19 | 杭州博盾习言科技有限公司 | Container IP address configuration method, device, storage medium and electronic device |
| CN114448937A (en) * | 2022-01-28 | 2022-05-06 | 浙江大华技术股份有限公司 | Method and device for responding to access request, and storage medium |
| CN114500523A (en) * | 2021-11-29 | 2022-05-13 | 上海浦东发展银行股份有限公司 | Fixed IP application release method based on container cloud platform |
| CN114567617A (en) * | 2022-02-25 | 2022-05-31 | 苏州浪潮智能科技有限公司 | IP address allocation method, system, electronic device and storage medium |
| CN114640652A (en) * | 2022-02-24 | 2022-06-17 | 联想(北京)有限公司 | Information processing method and device |
| CN114827017A (en) * | 2022-03-31 | 2022-07-29 | 北京声智科技有限公司 | Kafka cluster communication method and device, electronic equipment and storage medium |
| CN115174529A (en) * | 2021-03-18 | 2022-10-11 | 北京金山云网络技术有限公司 | Network processing method and device, electronic equipment and storage medium |
| CN115361359A (en) * | 2022-08-18 | 2022-11-18 | 中电云数智科技有限公司 | A kubernetes-based IP address management device and method |
| CN115668166A (en) * | 2020-03-30 | 2023-01-31 | 净睿存储股份有限公司 | File system composed of block objects |
| CN115801733A (en) * | 2023-02-02 | 2023-03-14 | 天翼云科技有限公司 | Network address allocation method and device, electronic equipment and readable medium |
| CN116010084A (en) * | 2022-12-15 | 2023-04-25 | 北京金山云网络技术有限公司 | Task processing method, device and electronic device |
| CN116016438A (en) * | 2022-12-12 | 2023-04-25 | 上海道客网络科技有限公司 | Method and system for uniformly distributing IP addresses by multiple subnets based on container cloud platform |
| CN116016449A (en) * | 2022-12-12 | 2023-04-25 | 上海道客网络科技有限公司 | Method and system for uniformly distributing IP addresses based on container cloud platform |
| US11671401B2 (en) | 2021-03-25 | 2023-06-06 | Cisco Technology, Inc. | Providing persistent external internet protocol address for extra-cluster services |
| CN116366606A (en) * | 2023-03-31 | 2023-06-30 | 北京奇艺世纪科技有限公司 | Method, device, electronic device and storage medium for allocating IP addresses |
| US12028314B2 (en) | 2021-03-25 | 2024-07-02 | Cisco Technology, Inc. | Providing persistent external internet protocol address for extra-cluster services |
| CN119172361A (en) * | 2024-11-07 | 2024-12-20 | 中国建设银行股份有限公司 | A container IP address allocation method and device for container cloud platform |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104951360A (en) * | 2015-06-30 | 2015-09-30 | 北京奇虎科技有限公司 | Configuration management mode and device based on Docker |
| CN105491123A (en) * | 2015-12-04 | 2016-04-13 | 北京航空航天大学 | Communication method and device among containers |
| CN105635336A (en) * | 2015-12-31 | 2016-06-01 | 北京轻元科技有限公司 | A Dynamic Adaptive Hybrid Cloud Network Management Method |
| CN105763670A (en) * | 2016-04-08 | 2016-07-13 | 北京搜狐新媒体信息技术有限公司 | Method and device for allocating IP address to container |
| CN105893133A (en) * | 2016-03-31 | 2016-08-24 | 乐视控股(北京)有限公司 | Application service seamless migration method and system based on container technology |
| CN105897946A (en) * | 2016-04-08 | 2016-08-24 | 北京搜狐新媒体信息技术有限公司 | Obtaining method and system of access address |
| CN105978781A (en) * | 2016-06-28 | 2016-09-28 | 浪潮电子信息产业股份有限公司 | Method and system for establishing network connection of Docker container, and client side |
| CN106686088A (en) * | 2016-12-30 | 2017-05-17 | 广东浪潮大数据研究有限公司 | Management method supporting multi-network mode of Docker environment |
| CN106878484A (en) * | 2017-02-27 | 2017-06-20 | 郑州云海信息技术有限公司 | A method of configuring the external IP of a Docker cluster container |
| CN106953943A (en) * | 2017-04-25 | 2017-07-14 | 中国联合网络通信集团有限公司 | Method and device suitable for exchange communication |
| US9934073B2 (en) * | 2015-10-23 | 2018-04-03 | Futurewei Technologies, Inc. | Extension of resource constraints for service-defined containers |
-
2017
- 2017-09-20 CN CN201710854707.2A patent/CN107580083B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104951360A (en) * | 2015-06-30 | 2015-09-30 | 北京奇虎科技有限公司 | Configuration management mode and device based on Docker |
| US9934073B2 (en) * | 2015-10-23 | 2018-04-03 | Futurewei Technologies, Inc. | Extension of resource constraints for service-defined containers |
| CN105491123A (en) * | 2015-12-04 | 2016-04-13 | 北京航空航天大学 | Communication method and device among containers |
| CN105635336A (en) * | 2015-12-31 | 2016-06-01 | 北京轻元科技有限公司 | A Dynamic Adaptive Hybrid Cloud Network Management Method |
| CN105893133A (en) * | 2016-03-31 | 2016-08-24 | 乐视控股(北京)有限公司 | Application service seamless migration method and system based on container technology |
| CN105763670A (en) * | 2016-04-08 | 2016-07-13 | 北京搜狐新媒体信息技术有限公司 | Method and device for allocating IP address to container |
| CN105897946A (en) * | 2016-04-08 | 2016-08-24 | 北京搜狐新媒体信息技术有限公司 | Obtaining method and system of access address |
| CN105978781A (en) * | 2016-06-28 | 2016-09-28 | 浪潮电子信息产业股份有限公司 | Method and system for establishing network connection of Docker container, and client side |
| CN106686088A (en) * | 2016-12-30 | 2017-05-17 | 广东浪潮大数据研究有限公司 | Management method supporting multi-network mode of Docker environment |
| CN106878484A (en) * | 2017-02-27 | 2017-06-20 | 郑州云海信息技术有限公司 | A method of configuring the external IP of a Docker cluster container |
| CN106953943A (en) * | 2017-04-25 | 2017-07-14 | 中国联合网络通信集团有限公司 | Method and device suitable for exchange communication |
Cited By (65)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108494880B (en) * | 2018-04-18 | 2021-04-27 | 云家园网络技术有限公司 | Communication method and system based on large-scale data center management |
| CN108494880A (en) * | 2018-04-18 | 2018-09-04 | 云家园网络技术有限公司 | Communication means based on large-scale data centre management and system |
| CN110445884A (en) * | 2018-05-04 | 2019-11-12 | 中国移动通信集团浙江有限公司 | A kind of container IP address management method and device |
| CN108881455B (en) * | 2018-06-28 | 2020-12-08 | 西北工业大学 | Data encapsulation and transmission method in heterogeneous cloud storage system with low-capacity storage nodes |
| CN108881455A (en) * | 2018-06-28 | 2018-11-23 | 西北工业大学 | Data encapsulation and transmission method in the isomery cloud storage system of low capacity memory node |
| CN110716787A (en) * | 2018-07-13 | 2020-01-21 | 中兴通讯股份有限公司 | Container address setting method, apparatus, and computer-readable storage medium |
| CN108810192A (en) * | 2018-07-20 | 2018-11-13 | 郑州云海信息技术有限公司 | A kind of static IP configuration method, device, equipment and readable storage medium storing program for executing |
| CN110769075A (en) * | 2018-07-25 | 2020-02-07 | 中国电信股份有限公司 | Container communication method, system, controller and computer readable storage medium |
| CN109462511A (en) * | 2018-12-11 | 2019-03-12 | 中科曙光国际信息产业有限公司 | The method for building up and device of network |
| CN109462511B (en) * | 2018-12-11 | 2021-12-24 | 中科曙光国际信息产业有限公司 | Network establishing method and device |
| CN111352689A (en) * | 2018-12-21 | 2020-06-30 | 中国电信股份有限公司 | Method and device for realizing seamless migration of application containerized deployment |
| CN111736944A (en) * | 2019-03-25 | 2020-10-02 | 北京奇虎科技有限公司 | Docker container positioning method and device based on Kubernetes |
| CN110138606A (en) * | 2019-05-06 | 2019-08-16 | 携程旅游信息技术(上海)有限公司 | Capacitor network configuration method and system |
| CN110138606B (en) * | 2019-05-06 | 2022-03-15 | 携程旅游信息技术(上海)有限公司 | Container network configuration method and system |
| WO2020232887A1 (en) * | 2019-05-17 | 2020-11-26 | 平安科技(深圳)有限公司 | Configuration modification method and apparatus for container application, and computer device and storage medium |
| CN110149422A (en) * | 2019-06-25 | 2019-08-20 | 苏州梦嘉信息技术有限公司 | A kind of domain name management method and system |
| CN112243044B (en) * | 2019-07-16 | 2023-05-19 | 广州虎牙科技有限公司 | Container address allocation method and device |
| CN112243044A (en) * | 2019-07-16 | 2021-01-19 | 广州虎牙科技有限公司 | Container address allocation method and device |
| CN112769965B (en) * | 2019-10-21 | 2023-02-07 | 中盈优创资讯科技有限公司 | IP address management and distribution method, device and system |
| CN112769965A (en) * | 2019-10-21 | 2021-05-07 | 中盈优创资讯科技有限公司 | IP address management and distribution method, device and system |
| CN110750332A (en) * | 2019-10-23 | 2020-02-04 | 广西梯度科技有限公司 | Method for setting static IP (Internet protocol) in Pod in Kubernetes |
| CN111124604B (en) * | 2019-12-05 | 2023-07-14 | 北京金山云网络技术有限公司 | Method, device, equipment and storage medium for allocating container group pod IP addresses |
| CN111124604A (en) * | 2019-12-05 | 2020-05-08 | 北京金山云网络技术有限公司 | Method, apparatus, device and storage medium for allocating pod IP addresses of container groups |
| CN111193783A (en) * | 2019-12-19 | 2020-05-22 | 新浪网技术(中国)有限公司 | Service access processing method and device |
| CN111147297A (en) * | 2019-12-23 | 2020-05-12 | 广东省新一代通信与网络创新研究院 | A multi-layer network plane construction method for kubernetes |
| CN111147297B (en) * | 2019-12-23 | 2022-07-15 | 广东省新一代通信与网络创新研究院 | Multi-layer network plane construction method of kubernets |
| CN113037522A (en) * | 2019-12-24 | 2021-06-25 | 华为数字技术(苏州)有限公司 | Container unit management method and related equipment |
| CN113055500A (en) * | 2019-12-26 | 2021-06-29 | 中国电信股份有限公司 | Address request method, device and computer readable storage medium |
| CN115668166A (en) * | 2020-03-30 | 2023-01-31 | 净睿存储股份有限公司 | File system composed of block objects |
| CN111491040B (en) * | 2020-04-09 | 2023-03-24 | 北京城市网邻信息技术有限公司 | IP distribution method and IP distribution device |
| CN111491040A (en) * | 2020-04-09 | 2020-08-04 | 北京城市网邻信息技术有限公司 | IP distribution method and IP distribution device |
| CN111835880A (en) * | 2020-06-23 | 2020-10-27 | 新浪网技术(中国)有限公司 | IP address allocation method and system |
| CN112153167B (en) * | 2020-08-06 | 2023-02-28 | 北京百度网讯科技有限公司 | Internet interconnection protocol management method, device, electronic equipment and storage medium |
| CN112153167A (en) * | 2020-08-06 | 2020-12-29 | 北京百度网讯科技有限公司 | Internet protocol management method, device, electronic device and storage medium |
| CN112565475A (en) * | 2020-12-01 | 2021-03-26 | 成都精灵云科技有限公司 | IP address allocation method for adding new node to container cluster service layer |
| CN113766042A (en) * | 2021-01-20 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Container address configuration method, system, device, equipment and medium |
| CN115174529B (en) * | 2021-03-18 | 2024-01-23 | 北京金山云网络技术有限公司 | Network processing method and device, electronic equipment and storage medium |
| CN115174529A (en) * | 2021-03-18 | 2022-10-11 | 北京金山云网络技术有限公司 | Network processing method and device, electronic equipment and storage medium |
| US12028314B2 (en) | 2021-03-25 | 2024-07-02 | Cisco Technology, Inc. | Providing persistent external internet protocol address for extra-cluster services |
| US11671401B2 (en) | 2021-03-25 | 2023-06-06 | Cisco Technology, Inc. | Providing persistent external internet protocol address for extra-cluster services |
| CN114124905A (en) * | 2021-11-03 | 2022-03-01 | 中盈优创资讯科技有限公司 | Method and device for judging static address pool address occupation condition statistics |
| CN114070822B (en) * | 2021-11-17 | 2022-10-14 | 江苏博云科技股份有限公司 | Kubernetes Overlay IP address management method |
| CN114070822A (en) * | 2021-11-17 | 2022-02-18 | 苏州博纳讯动软件有限公司 | Kubernetes Overlay IP address management method |
| CN114328330B (en) * | 2021-11-22 | 2024-06-07 | 广州极飞科技股份有限公司 | Address allocation method, device management and irrigation system, slave and input device |
| CN114328330A (en) * | 2021-11-22 | 2022-04-12 | 广州极飞科技股份有限公司 | Address assignment method, device management and irrigation systems, slaves and input devices |
| CN114500523B (en) * | 2021-11-29 | 2024-04-26 | 上海浦东发展银行股份有限公司 | Fixed IP application publishing method based on container cloud platform |
| CN114500523A (en) * | 2021-11-29 | 2022-05-13 | 上海浦东发展银行股份有限公司 | Fixed IP application release method based on container cloud platform |
| CN114371914A (en) * | 2022-01-10 | 2022-04-19 | 杭州博盾习言科技有限公司 | Container IP address configuration method, device, storage medium and electronic device |
| CN114448937B (en) * | 2022-01-28 | 2024-11-26 | 浙江大华技术股份有限公司 | Access request response method and device, storage medium |
| CN114448937A (en) * | 2022-01-28 | 2022-05-06 | 浙江大华技术股份有限公司 | Method and device for responding to access request, and storage medium |
| CN114640652B (en) * | 2022-02-24 | 2023-09-19 | 联想(北京)有限公司 | Information processing method and device |
| CN114640652A (en) * | 2022-02-24 | 2022-06-17 | 联想(北京)有限公司 | Information processing method and device |
| CN114567617A (en) * | 2022-02-25 | 2022-05-31 | 苏州浪潮智能科技有限公司 | IP address allocation method, system, electronic device and storage medium |
| CN114567617B (en) * | 2022-02-25 | 2023-08-04 | 苏州浪潮智能科技有限公司 | IP address allocation method, system, electronic equipment and storage medium |
| CN114827017A (en) * | 2022-03-31 | 2022-07-29 | 北京声智科技有限公司 | Kafka cluster communication method and device, electronic equipment and storage medium |
| CN114827017B (en) * | 2022-03-31 | 2024-01-30 | 北京声智科技有限公司 | Communication method and device of Kafka cluster, electronic equipment and storage medium |
| CN115361359A (en) * | 2022-08-18 | 2022-11-18 | 中电云数智科技有限公司 | A kubernetes-based IP address management device and method |
| CN116016438B (en) * | 2022-12-12 | 2023-08-15 | 上海道客网络科技有限公司 | Method and system for uniformly allocating IP addresses in multiple subnets based on container cloud platform |
| CN116016438A (en) * | 2022-12-12 | 2023-04-25 | 上海道客网络科技有限公司 | Method and system for uniformly distributing IP addresses by multiple subnets based on container cloud platform |
| CN116016449A (en) * | 2022-12-12 | 2023-04-25 | 上海道客网络科技有限公司 | Method and system for uniformly distributing IP addresses based on container cloud platform |
| CN116016449B (en) * | 2022-12-12 | 2025-08-19 | 上海道客网络科技有限公司 | Method and system for uniformly distributing IP addresses based on container cloud platform |
| CN116010084A (en) * | 2022-12-15 | 2023-04-25 | 北京金山云网络技术有限公司 | Task processing method, device and electronic device |
| CN115801733A (en) * | 2023-02-02 | 2023-03-14 | 天翼云科技有限公司 | Network address allocation method and device, electronic equipment and readable medium |
| CN116366606A (en) * | 2023-03-31 | 2023-06-30 | 北京奇艺世纪科技有限公司 | Method, device, electronic device and storage medium for allocating IP addresses |
| CN119172361A (en) * | 2024-11-07 | 2024-12-20 | 中国建设银行股份有限公司 | A container IP address allocation method and device for container cloud platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107580083B (en) | 2020-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107580083B (en) | Method and system for allocating container IP addresses | |
| US11425054B1 (en) | User-configured multi-location service deployment and scaling | |
| CN112099938B (en) | Determining resource allocation in distributed computing environments using multidimensional metadata tag sets | |
| CN107615716B (en) | Multi-tenant aware Dynamic Host Configuration Protocol (DHCP) mechanism for cloud networking | |
| CN111371579B (en) | Cloud platform deployment method, device, server and storage medium | |
| US11765244B1 (en) | Latency-based service discovery and routing for multi-location service-oriented applications | |
| CN117897691A (en) | Using Remote PODs in Kubernetes | |
| US10333901B1 (en) | Policy based data aggregation | |
| CN110881007B (en) | Container cluster network access method and device | |
| CN105052111B (en) | Service Migration Across Cluster Boundaries | |
| US20120180044A1 (en) | Communications Between Virtual Machines That Have Been Migrated | |
| JP2021504795A (en) | Methods, devices, and electronic devices for cloud service migration | |
| CN107566541A (en) | Capacitor network resource allocation methods, system, storage medium and electronic equipment | |
| JP2019528005A (en) | Method, apparatus, and system for a virtual machine to access a physical server in a cloud computing system | |
| CN109558212B (en) | A virtualization management method, system, physical equipment and medium of physical equipment | |
| WO2017012381A1 (en) | Life cycle management method and apparatus | |
| US11343141B2 (en) | Methods and apparatus to migrate physical server hosts between virtual standard switches and virtual distributed switches in a network | |
| CN108780410A (en) | The network virtualization of container in computing system | |
| CN118043784B (en) | Distributed data processing application services in a provider network | |
| JP2024501005A (en) | Management method and device for container clusters | |
| CN107637026A (en) | Order is performed in virtual machine instance in a distributed computing environment | |
| CN112202615B (en) | A multi-CNI cooperative work system and method | |
| CN105095317A (en) | Distributive database service management system | |
| CN110716787A (en) | Container address setting method, apparatus, and computer-readable storage medium | |
| CN104281484A (en) | VM (virtual machine) migration method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |