[0029] In order to enable those skilled in the art to better understand the solution of the present invention, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.
[0030] The terms "first", "second", "third", "fourth", etc. in the description and claims of this application and the above-mentioned drawings are used to distinguish different objects, not to describe a specific sequence . In addition, the terms "including" and "having" and any variations of them are intended to cover non-exclusive inclusion. For example, a process, method, system, product, or device that includes a series of steps or units is not limited to the listed steps or units, but may include unlisted steps or units.
[0031] After introducing the technical solutions of the embodiments of the present invention, various non-limiting implementation manners of the present application will be described in detail below.
[0032] See first figure 1 , figure 1 This is a schematic flow diagram of a network interconnection method for a data center provided by an embodiment of the present invention. The embodiment of the present invention can be applied to x86 architecture hosts, and may specifically include the following content:
[0033] S101: Receive the user through the management port and use the pre-deployed service orchestration component to arrange the current network service information to generate a service model. The service model learns the host information discovered by the first port and the second port, and according to the The host information updates the forwarding control table of the flow forwarding control model.
[0034] The business orchestration component is a series of indivisible business activities and is a functional module for building a specialized enterprise. The service orchestration component is deployed in advance on the x86 architecture host with multiple network ports.
[0035] Network service information can include mac forwarding, routing forwarding, vxlan and vlan bridge mapping. That is, a user uses a pre-input service orchestration model to orchestrate mac forwarding, routing forwarding, vxlan and vlan bridge mapping through a port of the x86 architecture host.
[0036] The service model has a forwarding learning function, which can automatically learn the host information discovered by the first port and the second port, for example, learning the routing address and mac address in network forwarding. Among them, the first port may be a vxlan port, and the second port may be a vlan port. Update the host information learned by the vxlan port and the vlan port to the Layer 2 and Layer 3 forwarding control table for the purpose of realizing Layer 2 and Layer 3 network bridging. The flow forwarding control model includes multiple forwarding control tables.
[0037] Openvswitch is an open virtual standard. Openvswitch open source components are pre-deployed on the x86 architecture host. As a product-level open source project, openvswitch is easy to transplant, has good versatility, and is easy to deploy. Moreover, it can be deployed as a virtual machine when the network scale is small, which is very flexible. After the performance of network virtualization NFV is improved, it can directly exist as a virtual network element.
[0038] In order to improve the security of the network, a security control strategy can be added to the business orchestration, that is, when the business model is generated, the security control strategy and the current network business information are arranged together.
[0039] The x86 architecture host has multiple network ports, at least not less than 4 network ports. The arrangement of the ports can be: the first network port and the openvswitch tunnel VTEP form a tunnel endpoint for processing virtual network traffic such as vxlan and gre; The second network port is used to process VLAN network traffic; the third network port is used to interact with the external network, similar to the wan port of a router; the fourth network port is the management port, and the user manages the virtual gateway through the management port. Of course, other settings are also possible, and this application does not make any limitation on this.
[0040] S102: Convert the business model into a flow table identified by openvswitch, and write it into the openvswitch, where the open-source components of the openvswitch are pre-deployed on the x86 architecture host.
[0041] The business model is transformed into a flow table recognized by openvswitch, which can be written into the openvswitch bridge.
[0042] S103: Use the openvswitch to automatically perform traffic forwarding according to the flow forwarding control model.
[0043] Openvswitch's network traffic is automatically forwarded according to the user's business arrangement and the learned host information.
[0044] Openvswitch bridge as a traffic carrier realizes the conversion of a general x86 host into a network device, that is, a gateway. It not only has the functions of traditional gateway routing and security, but also supports virtual networks vxlan, gre, and can also realize virtual networks vxlan, gre and ordinary vlan networks Bridge.
[0045] The control structure of flow forwarding, including flow classification, vlan and vxlan mapping, two-layer forwarding, three-layer forwarding, security and other structures, realizes network functions through data flow between structures.
[0046] The flow forwarding control model is combined with forwarding learning. After the model is orchestrated, automatic learning and forwarding can be realized, such as Layer 2 forwarding control, Layer 3 forwarding control, vxlan to vlan, vlan to vxlan, classification control, etc.
[0047] In the technical solution provided by the embodiment of the present invention, the openvswitch open source component is deployed on the x86 architecture host, and the service orchestration of the openvswitch processing logic realizes the interconnection of the second and third layers of each virtual network of the data center. Ordinary hosts have routing and forwarding functions, and openvswitch open source components are easy to transplant, have good versatility, and effectively solve the problems of single application scenarios and poor universality of existing virtual products, convenient operation, simple structure, strong applicability, and wide application range.
[0048] The embodiment of the present invention also provides a corresponding implementation device for the network interconnection method of the data center, which further makes the method more practical. The following describes the network interconnection device of the data center provided by the embodiment of the present invention. The network interconnection device of the data center described below and the network interconnection method of the data center described above can be referred to each other.
[0049] See figure 2 , figure 2 It is a structural diagram of a network interconnection device of a data center provided by an embodiment of the present invention in a specific implementation manner. The device may include:
[0050] The service orchestration module 201 is used to receive users through the management port and use pre-deployed service orchestration components to orchestrate current network service information to generate a service model that learns host information discovered by the first port and the second port , And update the forwarding control table of the flow forwarding control model according to the host information.
[0051] The flow table generating module 202 is configured to convert the business model into a flow table identified by openvswitch, and write it into the openvswitch. The open-source components of the openvswitch are pre-deployed on the x86 architecture host.
[0052] The traffic forwarding module 203 is configured to automatically perform traffic forwarding using the openvswitch according to the flow forwarding control model.
[0053] In some implementations of the embodiment of the present invention, the service orchestration module 201 may be a module that orchestrates current network service information and security control policies to generate a service model.
[0054] In other implementation manners, the service orchestration module 201 may also be a module for orchestrating mac forwarding, routing forwarding, vxlan and vlan bridging mapping to generate a service model.
[0055] The functions of each functional module of the network interconnection device of the data center in the embodiment of the present invention can be specifically implemented according to the method in the above method embodiment, and the specific implementation process can refer to the relevant description of the above method embodiment, and will not be repeated here.
[0056] It can be seen from the above that, in the embodiment of the present invention, the openvswitch open source component is deployed on the x86 architecture host, and through the business orchestration of the openvswitch processing logic, the two-layer and three-layer interconnection of each virtual network of the data center is realized. Ordinary hosts have routing and forwarding functions, and openvswitch open source components are easy to transplant, have good versatility, and effectively solve the problems of single application scenarios and poor universality of existing virtual products, convenient operation, simple structure, strong applicability, and wide application range.
[0057] The various embodiments in this specification are described in a progressive manner. Each embodiment focuses on the differences from other embodiments, and the same or similar parts between the various embodiments can be referred to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant parts can be referred to the description of the method part.
[0058] Professionals can further realize that the units and algorithm steps of the examples described in the embodiments disclosed in this article can be implemented by electronic hardware, computer software, or a combination of both, in order to clearly illustrate the possibilities of hardware and software. Interchangeability, in the above description, the composition and steps of each example have been described generally in terms of function. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Professionals and technicians can use different methods for each specific application to implement the described functions, but such implementation should not be considered as going beyond the scope of the present invention.
[0059] The steps of the method or algorithm described in combination with the embodiments disclosed herein can be directly implemented by hardware, a software module executed by a processor, or a combination of the two. The software module can be placed in random access memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disks, removable disks, CD-ROMs, or all areas in the technical field. Any other known storage media.
[0060] The method and device for network interconnection of a data center provided by the present invention are described in detail above. Specific examples are used in this article to describe the principle and implementation of the present invention. The description of the above examples is only used to help understand the method and core idea of the present invention. It should be pointed out that for those of ordinary skill in the art, without departing from the principle of the present invention, several improvements and modifications can be made to the present invention, and these improvements and modifications also fall within the protection scope of the claims of the present invention.
