Implementation method of bare metal security group

An implementation method and bare metal technology, which is applied in the field of telecommunications and can solve problems such as high operating costs

Pending Publication Date: 2021-12-28
UNICLOUD (NANJING) DIGITAL TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to provide a method for implementing a bare metal security group

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Implementation method of bare metal security group
  • Implementation method of bare metal security group
  • Implementation method of bare metal security group

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0036] Embodiment 1. The security group between the private cloud virtual machines in the two virtual private clouds is realized by the OVS on the physical server of the private cloud virtual machine through the OVS flow table, and the physical server of the private cloud virtual machine has a unique OVS, the two private cloud virtual machines share one OVS, when the two private cloud virtual machines communicate, the OVS realizes the function of the security group through the OVS flow table, and controls the private cloud virtual machine Forwarding of east-west traffic and north-south traffic; the Leaf switch acts as an OVS to implement security policies; the SDN controller uniformly issues the flow table rules on the Leaf switch; when the bare metal server wants to access the north-south During traffic:

[0037] S101. The dedicated cloud virtual machine sends a request message to the bare metal server;

[0038] S102. The request message arrives at the Leaf switch connected ...

Embodiment 2

[0043] Embodiment 2. Internal traffic of the same virtual private cloud communicates, that is, east-west traffic. When the same virtual private cloud virtual machine wants to communicate with the bare metal server:

[0044] S201. The private cloud virtual machine sends a request message;

[0045] S202. The request message passes through the OVS on the physical server of the private cloud virtual machine, and enters the Leaf switch after matching the OVS flow table rule;

[0046] S203. The SDN controller controls the flow table rules sent up and down in the outbound direction and inbound direction of the Leaf switch;

[0047] S204. The request message satisfies the flow table rule on the Leaf switch, and then enters the bare metal server, and the bare metal server parses the request message and gives a response;

[0048] S205. The return message passes through the leaf switch, and after matching the flow table rules in the outbound and inbound directions on the leaf switch, en...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of telecommunication, in particular to an implementation method of a bare metal security group, which comprises the following steps of: connecting a bare metal server with a management area and a Leaf switch; connecting the Leaf switch with a Border boundary switch and firewall equipment; deploying an SDN controller in the management area; and creating a security group in the bare metal server. According to the implementation method, the Leaf switch supports an OpenFlow flow table, the OpenFlow flow table is enabled to be configured to be in an open state, the management area performs mirror image management and basic configuration management on the bare metal server, the SDN controller integrally controls operation of a whole network, the SDN controller directly manages the Leaf switch, the Border boundary switch and the firewall equipment, configurations on the Leaf switch, the Border boundary switch and the firewall equipment are all issued by the SDN controller, and the problem that the operation cost of the implementation method of the bare metal security group is high is solved.

Description

technical field [0001] The present invention relates to the technical field of electric communication, in particular to a method for realizing a bare metal security group. Background technique [0002] A bare metal server is an upgraded version of a traditional physical server. It not only has the excellent performance of a traditional physical server, but also has a convenient management platform like a cloud host. It brings excellent computing performance to users and can meet the core application scenarios that require high performance and the need for stability; [0003] The existing bare metal security group implementation method requires the security group function to be completed by installing a smart network card; [0004] However, additional software needs to be installed, and the research and development cost of the smart network card is relatively high, thereby increasing the operating cost of the implementation method of the bare metal security group. Contents...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/24H04L29/06
CPCH04L41/0803H04L41/0886H04L63/0209
Inventor 范生越
Owner UNICLOUD (NANJING) DIGITAL TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap