Tenant network isolation method based on kubernetes network, storage medium, and electronic device

A network isolation and tenant technology, applied in the field of cloud computing, can solve the problems of no network policy, limited isolation, etc.

Active Publication Date: 2018-12-11
杭州才云科技有限公司
View PDF5 Cites 49 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Native Kubernetes can implement network isolation through namespace and network policy, but this isolation is limited. Tenants cannot set up the network individually but adopt a unified configuration of the system, resulting in all tenants sharing the same IP segment, DNS, routing, etc.
In addition, native Kubernetes only provides network policy rules, but does not implement network policy. Therefore, there is an urgent need for a tenant network isolation method that can achieve complete network isolation between tenants and allow each tenant to independently plan and configure the network.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Tenant network isolation method based on kubernetes network, storage medium, and electronic device
  • Tenant network isolation method based on kubernetes network, storage medium, and electronic device
  • Tenant network isolation method based on kubernetes network, storage medium, and electronic device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] Below, the present invention will be further described in conjunction with the accompanying drawings and specific implementation methods. It should be noted that, under the premise of not conflicting, the various embodiments described below or the technical features can be combined arbitrarily to form new embodiments. .

[0031] Tenant network isolation method based on Kubernetes network, such as figure 1 shown, including the following steps:

[0032]To create a tenant, the administrator of the container cloud platform selects an Openstack tenant, and creates a container tenant corresponding to the Openstack tenant in the Kubernetes cluster of the container cloud platform.

[0033] like figure 2 As shown, a container tenant of the container cloud platform corresponds to a tenant of Openstack, the tenant of Openstack is specifically project, and the container tenant is figure 2 Medium Tenant; preferably, in creating a tenant, create a Namespace in the container tena...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a tenant network isolation method based on a Kubernetes network, comprising the following steps: selecting an Openstack tenant and creates a corresponding container tenant in aKubernetes cluster by a container cloud platform administrator; monitoring events that create container tenants in the cluster and sends requests to create privileged users; creating CRD object; translating Kubernetes network model into Openstack Neutron network model to generate Neutron information, and sending Neutron information to CNI Driver for pod binding. By interfacing with an Openstack tenant, container tenants in Kubernetes cluster implement complete network isolation among tenants, and each container tenant makes use of Openstack Neutron's powerful SDN network function to plan and configure the network, so as to realize mutual access between tenant's inner container service and virtual machine service.

Description

technical field [0001] The invention relates to the technical field of cloud computing, and in particular to a tenant network isolation method, a storage medium, and an electronic device based on a Kubernetes network. Background technique [0002] Kubernetes is Google's open source container cluster management system. It provides functions such as application deployment, maintenance, and expansion mechanisms. Using Kubernetes can easily manage cross-machine running containerized applications. Its main functions include using Docker to package, instantiate, and Run; run in a cluster and manage cross-machine containers; solve the communication problem between Docker cross-machine containers; Kubernetes' self-healing mechanism makes the container cluster always run in the state expected by the user. Native Kubernetes can implement network isolation through namespace and network policy, but this isolation is limited. Tenants cannot set up the network individually but adopt a uni...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/08
CPCH04L41/0803H04L41/0893H04L67/10
Inventor 唐继元邓德源张鑫
Owner 杭州才云科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap