CN114024799B - Method and device for interconnecting bare metal server and virtualization network - Google Patents
Method and device for interconnecting bare metal server and virtualization network Download PDFInfo
- Publication number
- CN114024799B CN114024799B CN202210009640.3A CN202210009640A CN114024799B CN 114024799 B CN114024799 B CN 114024799B CN 202210009640 A CN202210009640 A CN 202210009640A CN 114024799 B CN114024799 B CN 114024799B
- Authority
- CN
- China
- Prior art keywords
- network
- bare metal
- gateway
- virtual
- mac address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 239000002184 metal Substances 0.000 title claims abstract description 246
- 229910052751 metal Inorganic materials 0.000 title claims abstract description 246
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000004891 communication Methods 0.000 claims abstract description 49
- 238000013507 mapping Methods 0.000 claims abstract description 22
- 238000006243 chemical reaction Methods 0.000 claims abstract description 14
- 238000007726 management method Methods 0.000 claims description 11
- 238000004458 analytical method Methods 0.000 claims description 4
- 238000005516 engineering process Methods 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 claims description 3
- 230000005641 tunneling Effects 0.000 claims 1
- 238000002955 isolation Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000013519 translation Methods 0.000 description 5
- 238000013459 approach Methods 0.000 description 3
- 230000006855 networking Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 150000002739 metals Chemical class 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000013468 resource allocation Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method for interconnecting a bare metal server and a virtualization network, which is applied to a cloud computing network and comprises the following steps: the cloud control platform registers all bare metal instance network communication interface MAC addresses to be allocated, allocates a virtual ID capable of communicating with a virtualization network for each MAC address, and establishes a mapping relation between the MAC addresses and the virtual IDs; a bare metal gateway is deployed, and network two-layer interconnection between the bare metal gateway and a virtual network is realized through two interface groups; when a bare metal example is created, the cloud control platform issues the mapping relation to a bare metal gateway, the bare metal gateway initializes the bare metal example, and a network forwarding table item is established based on the mapping relation; based on the existing two-layer network communication protocol, the bare metal gateway monitors the interface group message and carries out the conversion between the virtual ID and the destination MAC address based on the network forwarding table entry, thereby realizing the interconnection between the bare metal server and the virtual network.
Description
Technical Field
The invention relates to the technical field of network communication, in particular to a method and a device for interconnecting a bare metal server and a virtual network.
Background
The BMS (bare metal server) is a real physical server, and after the bare metal server is added into a cloud platform resource pool, the physical servers can be managed by the cloud platform like virtual machines, and meanwhile, users can apply, deploy and use the bare metal server like using the virtual machines.
The bare metal server in the cloud platform resource pool has independent computing resources such as a CPU (central processing unit), a memory and the like, has obvious performance advantages compared with a common virtual machine, and is particularly suitable for running software such as databases and the like with higher requirements on computing response of corresponding applications.
The bare metal server is physically and safely isolated, can be virtualized again, supports isomerism, supports a container, has high stability and high controllability, and enables the cloud platform to share resources and also take into account application scenarios with high requirements on safety guarantee.
Although bare metal servers have many product advantages, most virtualization platforms cannot support access and management of bare metal servers because bare metal servers are independent of the virtualization operating system.
On one hand, many computing tasks with high performance and high safety requirements need to be installed on independent bare metal servers (such as databases, image computing and the like), and on the other hand, the networks between the virtual machines and the bare metals cannot be communicated with each other, so that computing resources cannot be normally used.
In order to solve the interconnection problem between the bare metal device and the virtualized network, a general solution in the industry is to deploy a programmable physical device as an access gateway between the bare metal device and the virtualized network, or to use SDN bridging between the virtualized network and the bare metal device. Both of these approaches have some drawbacks.
In the first mode, a virtualized network and a bare metal server network are interconnected in a bridging manner through a programmable network device (hereinafter referred to as a network switching device), the virtualized network is responsible for communicating all virtualized cloud instances in a cloud platform, and the bare metal network is responsible for communicating all bare metal servers in the cloud platform. When the virtual host needs to communicate with the bare metal example, the virtual machine forwards the message to the gateway device according to the network routing information pre-configured in the virtual network, and further, the gateway device forwards the message to the bare metal network according to the next hop path information of the bare metal network, so that the interconnection between the virtual machine example and the bare metal example is realized. The disadvantages of this approach are:
1) the network switching equipment belongs to hardware resources, and has poor expandability; 2) the switch produced by each manufacturer has the same realization method and instruction, different manufacturers use respective controllers to manage, and the compatibility between the devices is poor; 3) all the traffic of the cross-network needs to be forwarded through the gateway proxy, and the centralized forwarding mode causes that the network switching equipment may have a risk of resource preemption, and especially when a plurality of virtual machines simultaneously need to communicate with bare metal equipment, the competition of resources may finally cause that the gateway equipment cannot normally provide service to the outside; 4) the bare metal physical machine network and the cloud host network are isolated from each other, so that the cloud management platform cannot manage bare metal equipment as flexibly as scheduling a cloud host.
In the second way, the virtualized network and the bare metal server network are interconnected through a software defined network (hereinafter referred to as SDN). A physical server is used as an SDN deployment environment, and the physical server and a virtualization network are interconnected by using a two-layer switch. The SDN software comprises three virtual switches, wherein the first virtual switch is interconnected with a bare metal server through a Vlan, the third virtual switch is interconnected with a virtualization network through a VxLan, and the second virtual switch is responsible for completing message forwarding between the Vlan corresponding to the first virtual machine and the VxLan corresponding to the third virtual machine. The disadvantages of this approach are:
the SDN and the virtualized network are interconnected by adopting a custom protocol, the original virtualized network needs to be upgraded and modified for ensuring the interconnection of the network, and the network compatibility is poor. In addition, the SDN increases the forwarding times of the service packet, thereby causing the service quality of the bare metal network to be reduced.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides a method and a device for realizing interconnection between a bare metal network and a virtualized network by using an MAC address conversion method, which can realize safe and reliable access of a bare metal server under the condition of ensuring that the original virtualized network is not changed.
The invention provides a method for interconnecting a bare metal server and a virtualization network, which is applied to a cloud computing network and comprises the following steps:
the cloud control platform registers all bare metal instance network communication interface MAC addresses to be allocated, allocates a virtual ID capable of communicating with a virtualization network for each MAC address, and establishes a mapping relation between the MAC addresses and the virtual IDs;
deploying bare metal gateways, and grouping the bare metal gateway network interfaces into a first network interface group and a second network interface group, wherein the first network interface group is used for realizing network two-layer interconnection between the bare metal gateway and a virtualization network, and the second network interface group is used for realizing network two-layer interconnection between the bare metal gateway and the bare metal network;
when a bare metal example is created, the cloud control platform issues the mapping relation to a bare metal gateway, the bare metal gateway initializes the bare metal example, and a network forwarding table item is established based on the mapping relation;
based on the existing two-layer network communication protocol, the bare metal gateway converts the monitored MAC address from the second network interface group into a virtual ID based on a network forwarding table item, and sends the virtual ID to a corresponding virtual host in a virtualized network through the first network interface group; or converting the monitored virtual ID of the first interface group and the monitored virtual ID of the first interface group into a destination MAC address based on a network forwarding table entry, and sending the destination MAC address to the corresponding bare metal server through the second interface group.
Further, the method further comprises:
when the bare metal network cluster is subjected to capacity expansion, or the bare metal server is on-line, off-line or maintained, the cloud management and control platform updates the mapping relation between the network communication interface MAC address of the bare metal server and the virtual ID.
Further, the bare metal gateway converts the monitored MAC address from the second network interface group into a virtual ID based on the network forwarding table entry, and sends the virtual ID to the corresponding virtual host in the virtualized network through the first network interface group includes:
the bare metal gateway monitors the second network interface group, receives and analyzes a message from the bare metal network, and the message is sent to the bare metal gateway by a bare metal example through a two-layer interconnection network or a tunnel network;
the bare metal gateway obtains a virtual ID for virtualized network communication according to the mapping relation based on the message source MAC address obtained by analysis;
and the bare metal gateway modifies the network communication identifier into the virtual ID based on the acquired virtual ID, and forwards the virtual ID to the target virtual machine through the first network interface group.
Further, the bare metal gateway converts the monitored virtual ID from the first interface group into a destination MAC address based on the network forwarding table entry, and sends the destination MAC address to the corresponding bare metal server through the second interface group, including:
monitoring a first network interface group in the bare metal gateway, receiving and analyzing a message from a virtualization network, wherein the message is sent to the bare metal gateway by a virtual machine through a two-layer interconnection network or a tunnel network;
the bare metal gateway obtains a real communication MAC address of the bare metal instance according to the mapping relation based on the virtual ID obtained by analysis;
and the bare metal gateway modifies the destination MAC address of the message into the MAC value based on the acquired real MAC address of the bare metal instance, and forwards the MAC value to the target bare metal instance through the second network interface group of the bare metal network.
Further, the virtual ID includes a MAC address, an IP address, or other identifiers for identifying a network packet forwarding path.
A second aspect of the present invention provides an apparatus for interconnecting a bare metal server and a virtualization network, comprising:
the cloud control platform is used for registering all bare metal instance network communication interface MAC addresses to be distributed, distributing a virtual ID capable of communicating with a virtualization network for each MAC address, and establishing a mapping relation between the MAC addresses and the virtual IDs;
the system comprises a bare metal gateway, wherein the bare metal gateway is a physical server comprising at least two network interfaces, the network interfaces are grouped into a first network interface group and a second network interface group, the first network interface group is used for realizing network two-layer interconnection between the bare metal gateway and a virtualization network, and the second network interface group is used for realizing network two-layer interconnection between the bare metal gateway and the bare metal network.
The MAC address conversion module is configured on the bare metal gateway and is used for maintaining a second network interface group communication MAC address pool and a first network interface group virtualization network ID pool, establishing a network forwarding table item between the communication MAC address pool and the virtualization network ID pool based on the mapping relation, and realizing the mapping conversion between the MAC address and the virtualization network ID;
and the network auxiliary module is configured on the bare metal gateway and used for realizing two-layer interconnection between the bare metal gateway and the virtualization network and two-layer interconnection between the bare metal gateway and the bare metal network, receiving a message from the bare metal network or the virtualization network through a two-layer network, or sending message data to the virtualization network or the bare metal network through the two-layer network.
Further, the cloud management and control platform is further used for creating, using and destroying the bare metal instance, and updating the mapping relation between the network communication interface MAC address of the bare metal server and the virtual ID when expanding and shrinking the capacity of the bare metal network cluster or when the bare metal server is online, offline or maintained.
Further, an operating system installed on the network node of the bare metal gateway is Linux, a working mode of the first network interface group is Access, and a working mode of the second network interface group is Trunk.
Further, the two-layer interconnection mode of the bare metal gateway and the virtualization network comprises the interconnection between physical servers through network switching equipment, or the interconnection between a network auxiliary program and the virtualization network through a network tunnel technology; the two-layer interconnection mode between the bare metal gateway and the bare metal device comprises the direct interconnection of the switches or the forwarding of a multi-layer two-layer network.
Further, after interconnection is completed, the bare metal gateway and the bare metal device are in a local area network, and all bare metal instances in the local area network are isolated from each other through the network.
The invention has the following beneficial effects:
1) by the method and the device, the bare metal server can be managed and scheduled by the cloud platform like virtual machine resources, so that the requirement of a user on high-performance service is met, the virtualization capability of the cloud platform is more comprehensive, and the supported application scene is more perfect.
2) By adopting the method and the device, the cloud platform not only can virtualize the traditional server, but also can support the virtualization of other internet components (network cards, single-chip microcomputers and the like) which use independent MAC addresses for communication.
3) By adopting the method and the device, the bare metal server supports multi-node distributed deployment and has good network expansibility.
4) By adopting the method and the device, the bare metal cluster network and the virtual network are physically isolated, the mutual influence between service networks is reduced from the source, and the method and the device have better safety isolation.
5) By adopting the method and the device, the bare metal cluster can be deployed independently of a virtualized network, and can better adapt to some complex network topological structures.
6) By adopting the method and the device, the original virtual network does not need to be deeply reformed and customized in the bare metal cluster deployment implementation process, and the method and the device have stronger cross-cloud platform adaptability.
Drawings
Fig. 1 is a schematic diagram of physical resource allocation in an illustrative embodiment of the invention.
FIG. 2 is a system architecture diagram of an illustrative embodiment of the invention.
FIG. 3 is a data execution flow diagram in an illustrative embodiment of the invention.
Detailed Description
For a further understanding of the invention, reference will now be made to the preferred embodiments of the invention by way of example, and it is to be understood that the description is intended to further illustrate features and advantages of the invention, and not to limit the scope of the claims.
First, some terms relating to the technical solution of the present invention will be explained below.
Bare Metal Server (BMS): the cloud computing provides a dedicated physical server for tenants, has excellent computing performance, and can meet the requirements of a core application scene on high performance and stability. The bare metal server is a computing service with both the elasticity of the virtual machine and the performance of the physical machine, provides a dedicated physical server on the cloud for enterprises, and provides excellent computing performance and data security for services such as a core database, a key application system, high-performance computing, big data and the like. The tenants can flexibly apply for the application and use the application as required.
VPC (virtual Private cloud): the network space is a logic isolation network space customized on a public cloud and is a network space capable of being customized.
Gw (gateway): refers to a gateway, a node used for protocol conversion and network access in a network topology.
Sdn (software Defined network): software defined networking, an implementation of network virtualization. By separating the control plane and the data plane of the network equipment, the flexible control of the network flow is realized, and the network as a pipeline becomes more intelligent.
MAC Address (Media Access Control Address): a network identifier is used to represent each device in a network.
Vlan (virtual Local Area network): the virtual local area network is a group of logical devices and users, which are not limited by physical location and can be organized according to factors such as function, department and application, so that the communication between them is as if they are in the same network segment, hence the name of virtual local area network.
VxLan: a network virtualization counting can improve the expansion problem of large cloud computing during deployment, and is an expansion of a Vlan.
The embodiment of the invention provides a method and a device for interconnecting a bare metal server and a virtualized network based on MAC address conversion, so as to realize interconnection between the bare metal server and the virtualized network.
In an illustrative embodiment of the present invention, a network communication module and an MAC address translation module are deployed on a bare metal gateway device, the device is interconnected with a virtual machine instance through a virtualized network, and is interconnected with bare metal servers through a two-layer switch, and network isolation is implemented between the bare metal servers through a two-layer port isolation technology. When a bare metal example needs to send a message to a virtual machine, a bare metal server sets a destination MAC address of the message as a virtual machine MAC address, a source MAC is a bare metal example communication network card MAC address, the message is proxied through a bare metal gateway, the MAC address is converted into a communication ID which can be reached by a virtualization network, and the message is forwarded through the virtualization network to reach a designated virtual machine; when the virtual machine instance needs to send the message to the bare metal server, the virtual machine sends the message to the bare metal gateway by using the virtualized network communication ID, further, the bare metal gateway obtains an MAC address according to ID inquiry, replaces the MAC of the message, and then sends the message to the bare metal instance through a two-layer network.
In order to implement the solution of the present invention, as shown in fig. 1, the physical resources involved in the present illustrative embodiment include: the system comprises a cloud management and control platform, a two-layer exchanger, a virtualization host machine, a physical server X type and a physical server Y type. The cloud management and control platform is responsible for instruction triggering operations such as creation, use and destruction of bare metal instances; the two-layer switch is used for constructing network topology, and network equipment interconnected with the switch can construct a two-layer interconnection network by forwarding of the two-layer switch; the virtualization host machines are used for deploying virtualization service software, and a plurality of virtualization host machines are interconnected through a two-layer switch to form a virtualization network; the physical server X type is used for deploying a bare metal network, supports the running of a Linux operating system and is at least provided with 2 or more network communication interfaces; the physical server Y type is deployed as a bare metal instance object (the object related to the physical server Y type in the invention is not limited to a traditional server which can be provided with an operating system, but also covers other Internet components which can use independent MAC address communication, such as a single chip microcomputer, a network interface, forwarding equipment and the like).
In order to implement the solution of the present invention, as shown in fig. 2, the networking unit in the present illustrative embodiment includes: host machine 1, bare metal gateway X1, two-layer switch 1, bare metal server Y1, bare metal server Y2, two-layer switch 2. According to the system architecture diagram, a host machine 1 and a bare metal gateway X1 are interconnected through a two-layer switch 1, and a bare metal gateway X1, a bare metal server Y1 and a bare metal server Y2 are interconnected through a two-layer switch 2. Further, the host 1 and the bare metal gateway X1 realize two-layer interconnection through an interface E1, and the bare metal server Y1, the bare metal server Y2 and the bare metal gateway X1 realize two-layer interconnection through an interface E2. Further, host machine 1 and bare metal gateway X1 are in a lan, and bare metal instance Y1, bare metal instance Y2 and bare metal gateway X1 are in a lan.
In the present illustrative embodiment, two-tier isolation between bare metal instance Y1 and bare metal instance Y2 is achieved by port isolation techniques in two-tier switch 2 when bare metal servers are deployed.
To implement the solution of the present invention, as shown in fig. 2, the network communication component in the present illustrative embodiment includes: the system comprises a virtual machine A, a virtual machine B, a network auxiliary module, an MAC address conversion module, a bare metal instance C and a bare metal instance B.
According to the system architecture diagram shown in FIG. 2: the virtual machine A and the virtual machine B belong to a host machine 1, are created by virtualization software installed on the host machine 1, and are managed and scheduled by a cloud management and control platform; the network auxiliary module and the MAC address conversion module are deployed on a bare metal gateway X1 and are realized through software engineering coding, the network auxiliary module is responsible for monitoring an E1 network port and an E2 network port on the bare metal gateway X1 and completing receiving and sending of network data messages, and the MAC address conversion module is responsible for the relationship between network communication MAC addresses and virtual network communication IDs (namely virtual IDs) of a bare metal instance Y1 and a bare metal instance Y2. Bare metal instance Y1 and bare metal instance Y2 are two network components that communicate with independent MAC addresses. Further, virtual machine a and virtual machine B may use the virtualized network ID to implement network communication, and bare metal instance Y1 and bare metal instance Y2 may implement network communication via the MAC address.
After the network deployment is completed, the cloud management and control platform registers the bare metal instance object and allocates a virtualized network communication ID to the bare metal instance object. In this example, the virtualized network communication ID (i.e., virtual ID) of virtual machine A is 00001, the virtualized network communication ID of virtual machine B is 0002, the virtualized network communication ID of bare metal instance Y1 is 0003, the two-layer interconnect MAC address is 04:04:04:04, the virtualized network communication ID of bare metal instance Y2 is 0004, and the two-layer interconnect MAC address is 05:05:05: 05.
Further, when the user needs to create a bare metal instance, the cloud management and control platform notifies bare metal gateway X1 to create and initialize bare metal instance Y1.
Specifically, the initialization process of the bare metal instance Y1 includes:
if the bare metal instance Y1 is a traditional server, the bare metal server is installed with an operating system specified by a user in a PXE mode, and further, an internet interface is initialized after the server is started, so that Y1 and the bare metal gateway are in a two-layer internet.
Further, when the network auxiliary module detects that the bare metal instance Y1 is created and initialized, the module adds the virtualized network communication ID0003 to the virtualized network communication list of the module, and the network auxiliary module can use the ID0003 to interconnect with the virtual machine a.
Further, the network auxiliary module will add the MAC address of Y1 to the MAC address snoop list of the module, and the network auxiliary module will receive the network packet from the corresponding MAC address.
Further, when the MAC address translation module detects that the initialization of bare metal instance Y1 is complete, the module will update the MAC address relationship of ID0003 and Y1 into the MAC address translation table.
When virtual machine a needs to communicate with bare metal instance Y1, virtual machine a sends a message to ID0003 based on the virtualized network link, as shown in fig. 3.
The network data in the virtualized network will be routed and forwarded according to the destination network communication ID in the message, and through forwarding, the message with the destination ID0003 will be forwarded to the bare metal gateway X1.
Further, after the network auxiliary module on the bare metal network X1 resolves the message with the destination of ID0003, the MAC address of the bare metal instance Y1 is obtained according to the mapping relationship maintained by the MAC address translation module.
Further, as shown in the MAC address translation process in fig. 3, the network auxiliary module modifies the destination MAC address of the packet to be the MAC of the bare metal instance Y1, and sends the modified destination MAC address to the bare metal network through an E2 interface interconnected with the bare metal network.
Further, because the bare metal instance Y1 and the virtualization gateway belong to the same two-layer network, the bare metal instance Y1 receives the message with the source MAC address of 01:01:01:01:01:01, and the communication message of the virtual machine a reaches the bare metal instance Y1.
When the bare metal instance Y1 needs to send a message to the virtual machine a, as shown in fig. 3, based on the two-layer interconnection network, the destination MAC address of the bare metal Y1 sending the message is 01:01:01:01:01: 01.
Further, since the bare metal gateway and the bare metal instance Y1 are in the same lan, the network auxiliary module on the bare metal gateway may receive the data packet sent by Y1.
Further, the network auxiliary module analyzes the source MAC address and the destination MAC address of the data packet, and queries the virtualized network communication ID maintained in the MAC address conversion module.
Further, as illustrated in the MAC address inversion flow process in fig. 3, when the MAC address conversion module successfully matches the MAC address, the MAC address conversion module returns the virtualized network communication ID0001 of the virtual machine a and the virtualized network communication ID0003 of the bare metal Y1.
Further, the network auxiliary module sends the message to ID0001 through an E1 interface via a virtualized network link;
further, the virtual machine a receives a message with the purpose of ID0001, and then the communication message of the bare metal Y1 reaches the virtual machine a.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (10)
1. A method for interconnecting a bare metal server and a virtualization network is applied to a cloud computing network and comprises the following steps:
the cloud control platform registers all bare metal instance network communication interface MAC addresses to be allocated, allocates a virtual ID capable of communicating with a virtualization network for each MAC address, and establishes a mapping relation between the MAC addresses and the virtual IDs;
deploying bare metal gateways, and grouping the bare metal gateway network interfaces into a first network interface group and a second network interface group, wherein the first network interface group is used for realizing network two-layer interconnection between the bare metal gateway and a virtualization network, and the second network interface group is used for realizing network two-layer interconnection between the bare metal gateway and the bare metal network;
when a bare metal example is created, the cloud control platform issues the mapping relation to a bare metal gateway, the bare metal gateway initializes the bare metal example, and a network forwarding table item is established based on the mapping relation;
based on the existing two-layer network communication protocol, the bare metal gateway converts the monitored MAC address from the second network interface group into a virtual ID based on a network forwarding table item, and sends the virtual ID to a corresponding virtual host in a virtualized network through the first network interface group; or converting the monitored virtual ID from the first interface group into a destination MAC address based on the network forwarding table entry, and sending the destination MAC address to the corresponding bare metal server through the second interface group.
2. The bare metal server and virtualized network interconnection method of claim 1, further comprising:
when the bare metal network cluster is subjected to capacity expansion, or the bare metal server is on-line, off-line or maintained, the cloud management and control platform updates the mapping relation between the network communication interface MAC address of the bare metal server and the virtual ID.
3. The bare metal server and method of interconnecting virtualized networks according to claim 1, wherein the bare metal gateway converting the monitored MAC address from the second network interface group to a virtual ID based on a network forwarding entry and sending to a corresponding virtual host in the virtualized network through the first network interface group comprises:
the bare metal gateway monitors the second network interface group, receives and analyzes a message from the bare metal network, and the message is sent to the bare metal gateway by a bare metal example through a two-layer interconnection network or a tunnel network;
the bare metal gateway obtains a virtual ID for virtualized network communication according to a network forwarding table item based on the message source MAC address obtained by analysis;
and the bare metal gateway modifies the network communication identifier into the virtual ID based on the acquired virtual ID, and forwards the virtual ID to the target virtual machine through the first network interface group.
4. The method of interconnecting a bare metal server and a virtualized network according to claim 1, wherein the bare metal gateway converts the monitored virtual ID of the first interface group into a destination MAC address based on a network forwarding table entry, and transmits the destination MAC address to the corresponding bare metal server through the second interface group, comprising:
monitoring a first network interface group in the bare metal gateway, receiving and analyzing a message from a virtualization network, wherein the message is sent to the bare metal gateway by a virtual machine through a two-layer interconnection network or a tunnel network;
the bare metal gateway obtains a real communication MAC address of the bare metal instance according to the network forwarding table entry based on the virtual ID obtained by analysis;
and the bare metal gateway modifies the destination MAC address of the message into the real MAC address based on the acquired real MAC address of the bare metal instance, and forwards the real MAC address to the target bare metal instance through the second network interface group of the bare metal network.
5. The bare metal server and virtualized network interconnection method according to claim 1, wherein the virtual ID comprises a MAC address, an IP address, or other identifier used to identify a network packet forwarding path.
6. An apparatus for interconnecting a bare metal server and a virtualization network, comprising:
the cloud control platform is used for registering all bare metal instance network communication interface MAC addresses to be distributed, distributing a virtual ID capable of communicating with a virtualization network for each MAC address, and establishing a mapping relation between the MAC addresses and the virtual IDs;
the system comprises a bare metal gateway, a virtual network and a virtual network, wherein the bare metal gateway is a physical server comprising at least two network interfaces, the network interfaces are grouped into a first network interface group and a second network interface group, the first network interface group is used for realizing network two-layer interconnection between the bare metal gateway and the virtual network, and the second network interface group is used for realizing network two-layer interconnection between the bare metal gateway and the bare metal network;
the MAC address conversion module is configured on the bare metal gateway and is used for maintaining a second network interface group communication MAC address pool and a first network interface group virtualization network ID pool, establishing a network forwarding table item between the communication MAC address pool and the virtualization network ID pool based on the mapping relation, and realizing the mapping conversion between the MAC address and the virtualization network ID;
and the network auxiliary module is configured on the bare metal gateway and used for realizing two-layer interconnection between the bare metal gateway and the virtualization network and two-layer interconnection between the bare metal gateway and the bare metal network, receiving a message from the bare metal network or the virtualization network through a two-layer network, or sending message data to the virtualization network or the bare metal network through the two-layer network.
7. The interconnected device of bare metal server and virtualization network according to claim 6, wherein the cloud management and control platform is further configured to create, use and destroy bare metal instances, and update the mapping relationship between the network communication interface MAC address of the bare metal server and the virtual ID when expanding the capacity of the bare metal network cluster, or when the bare metal server is online, offline or maintained.
8. The interconnected device of bare metal server and virtualization network of claim 6, wherein the operating system installed on the network node of the bare metal gateway is Linux, the working mode of the first network interface group is Access, and the working mode of the second network interface group is Trunk.
9. The apparatus for interconnecting a bare metal server and a virtualized network according to claim 6, wherein the manner deployed in the two-layer interconnection between the bare metal gateway and the virtualized network comprises the interconnection between physical servers through a network switch device, or the interconnection between a network auxiliary program and the virtualized network through a network tunneling technology; the two-layer interconnection mode between the bare metal gateway and the bare metal device comprises the direct interconnection of the switches or the forwarding of a multi-layer two-layer network.
10. The apparatus for interconnection of bare metal servers and virtualized networks as in claim 9, wherein the bare metal gateway and the bare metal device are in a local area network after the interconnection is completed, and all bare metal instances in the local area network are isolated from each other.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210009640.3A CN114024799B (en) | 2022-01-06 | 2022-01-06 | Method and device for interconnecting bare metal server and virtualization network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210009640.3A CN114024799B (en) | 2022-01-06 | 2022-01-06 | Method and device for interconnecting bare metal server and virtualization network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114024799A CN114024799A (en) | 2022-02-08 |
| CN114024799B true CN114024799B (en) | 2022-04-01 |
Family
ID=80069537
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210009640.3A Active CN114024799B (en) | 2022-01-06 | 2022-01-06 | Method and device for interconnecting bare metal server and virtualization network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114024799B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114553637B (en) * | 2022-02-25 | 2024-03-19 | 华云数据控股集团有限公司 | Method for accessing distributed bare metal server to network and application |
| CN115189987A (en) * | 2022-06-22 | 2022-10-14 | 北京百度网讯科技有限公司 | Method, system, device and program product for implementing network virtualization |
| CN115134194A (en) * | 2022-06-22 | 2022-09-30 | 北京百度网讯科技有限公司 | Method, system, device and program product for implementing network virtualization |
| CN115567522A (en) * | 2022-09-05 | 2023-01-03 | 中电信数智科技有限公司 | A method, device, system and storage medium for managing a physical server |
| CN115442316B (en) * | 2022-09-06 | 2024-02-23 | 南京信易达计算技术有限公司 | Full stack type high-performance computing bare metal management service system and method |
| CN115720181B (en) * | 2022-11-18 | 2024-09-24 | 济南浪潮数据技术有限公司 | Bare metal node control method, system, electronic equipment and readable storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107135134A (en) * | 2017-03-29 | 2017-09-05 | 广东网金控股股份有限公司 | Private network cut-in method and system based on virtual switch and SDN technologies |
| CN109495405A (en) * | 2018-12-12 | 2019-03-19 | 平安科技(深圳)有限公司 | A kind of method and interchanger of bare metal server and cloud mainframe network intercommunication |
| CN110088732A (en) * | 2016-12-19 | 2019-08-02 | 华为技术有限公司 | A data packet processing method, host and system |
| CN110708393A (en) * | 2019-10-21 | 2020-01-17 | 北京百度网讯科技有限公司 | Method, device and system for transmitting data |
| CN111585917A (en) * | 2020-06-10 | 2020-08-25 | 广州市品高软件股份有限公司 | Bare metal server network system and implementation method thereof |
| CN112737860A (en) * | 2021-01-06 | 2021-04-30 | 浪潮云信息技术股份公司 | Method for bare metal server VXLAN access and computer readable medium |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10432466B2 (en) * | 2017-06-22 | 2019-10-01 | Nicira, Inc. | Translating PAAS/CAAS abstractions to logical network topologies |
| US11503121B2 (en) * | 2019-11-08 | 2022-11-15 | Johnson Controls Tyco IP Holdings LLP | Universal gateway devices, systems and methods for integrating proprietary protocols with BMS system |
| US11606369B2 (en) * | 2020-03-20 | 2023-03-14 | Cisco Technology, Inc. | Intelligent quarantine on switch fabric for physical and virtualized infrastructure |
| US11677583B2 (en) * | 2020-04-06 | 2023-06-13 | Cisco Technology, Inc. | Dynamic cellular connectivity between the hypervisors and virtual machines |
| US10999142B1 (en) * | 2020-06-30 | 2021-05-04 | Juniper Networks, Inc. | Correlation of virtual network traffic across bare metal servers |
| CN113783765B (en) * | 2021-08-10 | 2023-01-06 | 济南浪潮数据技术有限公司 | Method, system, equipment and medium for realizing intercommunication between cloud internal network and cloud external network |
-
2022
- 2022-01-06 CN CN202210009640.3A patent/CN114024799B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110088732A (en) * | 2016-12-19 | 2019-08-02 | 华为技术有限公司 | A data packet processing method, host and system |
| CN107135134A (en) * | 2017-03-29 | 2017-09-05 | 广东网金控股股份有限公司 | Private network cut-in method and system based on virtual switch and SDN technologies |
| CN109495405A (en) * | 2018-12-12 | 2019-03-19 | 平安科技(深圳)有限公司 | A kind of method and interchanger of bare metal server and cloud mainframe network intercommunication |
| CN110708393A (en) * | 2019-10-21 | 2020-01-17 | 北京百度网讯科技有限公司 | Method, device and system for transmitting data |
| CN111585917A (en) * | 2020-06-10 | 2020-08-25 | 广州市品高软件股份有限公司 | Bare metal server network system and implementation method thereof |
| CN112737860A (en) * | 2021-01-06 | 2021-04-30 | 浪潮云信息技术股份公司 | Method for bare metal server VXLAN access and computer readable medium |
Non-Patent Citations (1)
| Title |
|---|
| 云计算平台中裸金属物理服务器自动化批量部署方法研究;陈英达等;《科技创新与应用》;20171028(第30期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114024799A (en) | 2022-02-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114024799B (en) | Method and device for interconnecting bare metal server and virtualization network | |
| US10693678B2 (en) | Data center networks | |
| US9800496B2 (en) | Data center networks | |
| CN104639372B (en) | The correlating method and system of overlay network and physical network based on SDN | |
| CN114070723B (en) | Virtual network configuration method and system of bare metal server and intelligent network card | |
| CN112187517B (en) | Configuration method, platform and controller for SDN virtual routing of data center | |
| EP3022888B1 (en) | Network element and method of running applications in a cloud computing system | |
| TW201904234A (en) | Method and device for virtual network link detection | |
| CN101129032A (en) | Hardware abstraction layer | |
| US9584340B2 (en) | Data center networks | |
| CN114640556A (en) | Cross-cluster network communication system and method | |
| CN114553707B (en) | Method and device for generating topology information of network and delimiting network faults | |
| CN116132542B (en) | Container network management method, container network plug-in and related equipment | |
| US9686210B2 (en) | Controller based fibre channel over ethernet (FCoE) fabric | |
| CN119211022A (en) | DPU-based k8s cluster deployment method, device, equipment and storage medium | |
| CN119254753A (en) | Computing task network access method and related equipment of intelligent computing center | |
| CN110505095B (en) | Method for building large-scale virtual data center by using small number of servers | |
| CN117793000A (en) | Traffic unloading method and device, electronic equipment and storage medium | |
| CN117792830A (en) | Gateway unloading method and device based on DPU network card, electronic equipment and storage medium | |
| CN115865601A (en) | SDN network communication system of cross-cloud data center | |
| KR102567139B1 (en) | Management apparatus for edge platform, and control method thereof | |
| CN115550316B (en) | Containerized network system, containerized IPV6 communication method and device, medium and equipment | |
| US20240205184A1 (en) | MEDIA ACCESS CONTROL (MAC) ADDRESS ASSIGNMENT FOR VIRTUAL NETWORK INTERFACE CARDS (VNICs) | |
| CN117579428A (en) | Method and device for interconnection and interworking of cloud network cross-technology stacks | |
| CN115134232A (en) | Virtual router management method, equipment, system and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 310000 room 611-612, Zhuoxin building, No. 3820, South Ring Road, Puyan street, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: Hangzhou Youyun Technology Co.,Ltd. Country or region after: China Address before: 310000 room 611-612, Zhuoxin building, No. 3820, South Ring Road, Puyan street, Binjiang District, Hangzhou City, Zhejiang Province Patentee before: Hangzhou Youyun Technology Co.,Ltd. Country or region before: China |