Unlock instant, AI-driven research and patent intelligence for your innovation.

Container operation and maintenance file transmission method based on operation and maintenance auditing system

A file transmission and container technology, applied in transmission systems, electrical components, platform integrity maintenance, etc., can solve problems such as security issues, cumbersome operations, and low efficiency, and achieve the effect of reducing steps, reducing unauthorized operations, and improving efficiency.

Pending Publication Date: 2022-01-11
CHENGDU DBAPP SECURITY
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] In the existing operation and maintenance audit system, the operation and maintenance container is the host machine that can only operate and maintain the managed container. When there is an operation and maintenance requirement for file transmission in the container, uploading and downloading files need to first transfer the file to the host machine , and then upload or download files through the SCP or SFTP protocol; it may cause the operation and maintenance personnel to operate beyond the authority, causing security problems, and the operation is too cumbersome and inefficient, and the host may generate residual files

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Container operation and maintenance file transmission method based on operation and maintenance auditing system
  • Container operation and maintenance file transmission method based on operation and maintenance auditing system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] A container operation and maintenance file transmission method based on the operation and maintenance audit system, the operation and maintenance audit system receives the SCP request initiated by the user to the target container, and then forwards the SCP request to the container proxy asset service, and the container proxy asset service parses the SCP protocol, Analyze the path of uploading and downloading files; the container agent asset service connects to the target asset in SSH mode through the docker client and connects to the dockerd service; when uploading files, upload the files or directories to be uploaded according to the upload path specified by the user Archive it into a tar file in the root directory and copy it to the container; when downloading the file, parse the file downloaded by the SCP command, copy the tar file from the container, and download it to the client through SCP after decompression.

[0032] The invention can realize safe duplication, op...

Embodiment 2

[0035] The present embodiment optimizes on the basis of embodiment 1, comprises the following steps:

[0036] Step S100: the operation and maintenance audit system receives the SCP request initiated by the client to the target container;

[0037] Step S200: The operation and maintenance audit system parses the SCP request, and judges whether the target container is authorized through the authorization information in the operation and maintenance audit system. If not authorized, it returns authentication failure. If authorized, the operation and maintenance design system forwards the SCP request to the container agency asset services;

[0038] Step S300: The container agent asset service parses the SSH remote straight-line command initiated by the SCP protocol, and if it conforms to the command of the SCP protocol, then parses the upload and download file paths through the command parameters;

[0039] Step S400: Connect to the target asset through the SSH protocol, open the do...

Embodiment 3

[0043] This embodiment is optimized on the basis of embodiment 1 or 2, as figure 1 As shown, uploading files to the target container includes the following steps:

[0044] Step S1: The container proxy asset service uses the docker client to connect to the dockerd service in step S400, and the container proxy asset service returns a connection success response, ready to transfer files;

[0045]Step S2: The client transfers the file, and the container proxy asset service parses the file stream, converts the file into a tar file according to the absolute path of the target path parsed in step S300, copies the tar file into the container, and decompresses it.

[0046] Further, in step S2, the container agent asset service receives the file data stream, accepts the file meta information in the order of file authority, size, and file name, replaces the file name with the absolute path parsed in step S300, and writes it together When writing the data stream in the copy container int...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a container operation and maintenance file transmission method based on an operation and maintenance auditing system, the operation and maintenance auditing system receives an SCP request initiated by a user to a target container and then forwards the SCP request to a container proxy asset service, and the container proxy asset service analyzes an SCP protocol and analyzes a path for uploading and downloading a file; the container proxy asset service is connected to a target asset through the docker client in an SSH mode and is in butt joint with the dockerd service; when a file is uploaded, the file is filed to be uploaded or the directory into a tar file under a root directory according to an uploading path specified by a user, and the tar file is copied into a container; and when the file is downloaded, the file downloaded according to the SCP command is analyzed, the Tar file is copied from the container, the Tar file is decompressed, and the Tar file is downloaded to the client through the SCP. The target container is directly appointed to complete transmission without logging in the host machine, so that the unauthorized operation caused by overlarge authority of the authorized host machine is reduced.

Description

technical field [0001] The invention belongs to the technical field of container operation and maintenance file transmission, and in particular relates to a container operation and maintenance file transmission method based on an operation and maintenance audit system. Background technique [0002] In the existing operation and maintenance audit system, the operation and maintenance container is the host machine that can only operate and maintain the managed container. When there is an operation and maintenance requirement for file transmission in the container, uploading and downloading files need to first transfer the file to the host machine , and then upload or download files through the SCP or SFTP protocol; it may cause the operation and maintenance personnel to perform unauthorized operations, causing security problems, and the operation is too cumbersome and inefficient, and the host may generate residual files. Contents of the invention [0003] The purpose of the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/10G06F21/53H04L67/06H04L67/56H04L67/01
CPCG06F21/10G06F21/53H04L67/06H04L69/26
Inventor 杨泽丰范渊吴永越郑学新刘韬
Owner CHENGDU DBAPP SECURITY