[go: up one dir, main page]

CN106844111A - The access method of cloud storage NFS - Google Patents

The access method of cloud storage NFS Download PDF

Info

Publication number
CN106844111A
CN106844111A CN201611215226.9A CN201611215226A CN106844111A CN 106844111 A CN106844111 A CN 106844111A CN 201611215226 A CN201611215226 A CN 201611215226A CN 106844111 A CN106844111 A CN 106844111A
Authority
CN
China
Prior art keywords
ftp
server node
access
file
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201611215226.9A
Other languages
Chinese (zh)
Other versions
CN106844111B (en
Inventor
饶运用
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Innovation And Technology Storage Technology Co Ltd
UIT STORAGE TECHNOLOGY (SHENZHEN) Co Ltd
Original Assignee
Innovation And Technology Storage Technology Co Ltd
UIT STORAGE TECHNOLOGY (SHENZHEN) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Innovation And Technology Storage Technology Co Ltd, UIT STORAGE TECHNOLOGY (SHENZHEN) Co Ltd filed Critical Innovation And Technology Storage Technology Co Ltd
Priority to CN201611215226.9A priority Critical patent/CN106844111B/en
Publication of CN106844111A publication Critical patent/CN106844111A/en
Application granted granted Critical
Publication of CN106844111B publication Critical patent/CN106844111B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/16Error detection or correction of the data by redundancy in hardware
    • G06F11/20Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements
    • G06F11/2053Error detection or correction of the data by redundancy in hardware using active fault-masking, e.g. by switching out faulty elements or by switching in spare elements where persistent mass storage functionality or persistent mass storage control functionality is redundant
    • G06F11/2089Redundant storage control functionality
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5083Techniques for rebalancing the load in a distributed system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Quality & Reliability (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

本申请公开了一种云存储网络文件系统的访问方法,包括:FTP主控服务器预先将系统的用户信息和共享文件的访问权限配置信息保存在数据库中;当FTP客户端需要访问网络文件系统时,触发FTP主控服务器为其分配FTP服务器节点;客户端登录所述FTP服务器节点,FTP服务器节点触发根据预先保存的所述用户信息对所述FTP客户端进行用户身份验证的过程;在验证成功时向客户端返回该客户端可访问的共享文件根目录;当客户端进入共享文件根目录并提交文件访问请求时,所述FTP服务器节点触发根据所述用户信息和所述访问权限配置信息执行或拒绝执行所请求的文件访问操作的处理过程。采用本发明,可以使FTP Server提供的文件访问服务具有容灾功能。

This application discloses a method for accessing a cloud storage network file system, including: the FTP master server pre-saves the system user information and the access authority configuration information of the shared files in the database; when the FTP client needs to access the network file system , triggering the FTP master control server to allocate an FTP server node for it; the client logs in to the FTP server node, and the FTP server node triggers the process of performing user identity verification on the FTP client according to the pre-saved user information; Return the shared file root directory accessible to the client to the client; when the client enters the shared file root directory and submits a file access request, the FTP server node triggers execution according to the user information and the access rights configuration information Or the process of denying the requested file access operation. By adopting the invention, the file access service provided by the FTP server can have a disaster recovery function.

Description

云存储网络文件系统的访问方法Access method of cloud storage network file system

技术领域technical field

本发明涉及计算机存储技术领域,特别是涉及一种云存储网络文件系统的访问方法。The invention relates to the technical field of computer storage, in particular to a method for accessing a cloud storage network file system.

背景技术Background technique

在TCP/IP网络中,客户端可以通过文件传输协议(File Transport Protocol,FTP)下载或加载文件服务器上的文件,以实现资源共享,用户可以通过它把自己的PC机与世界各地所有运行FTP协议的服务器相连,访问服务器上的大量程序和信息。FTP Server已成为互联网上的一种重要资源。In the TCP/IP network, the client can download or load the files on the file server through the File Transport Protocol (FTP) to realize resource sharing, and users can use it to connect their PCs with all FTP servers around the world. The protocol server is connected to access a large number of programs and information on the server. FTP Server has become an important resource on the Internet.

传统的FTP Server方案利用单台服务器为FTP客户端提供服务,同时,用户的管理和用户共享目录的权限配置也在该单台服务器上,这样,一旦机器出现异常,FTP Server就不能提供服务。The traditional FTP Server solution uses a single server to provide services for FTP clients. At the same time, user management and user shared directory permission configuration are also on this single server. In this way, once the machine is abnormal, the FTP Server cannot provide services.

由此可见,现有的利用单台FTP Server服务器为FTP客户端提供文件访问服务的技术方案,不具有容灾功能。Thus, it can be seen that the existing technical solution of using a single FTP server server to provide file access services for FTP clients does not have a disaster recovery function.

发明内容Contents of the invention

有鉴于此,本发明的主要目的在于提供一种云存储网络文件系统的访问方法,可以使FTP Server设备提供的文件访问服务具有容灾功能。In view of this, the main purpose of the present invention is to provide a cloud storage network file system access method, which can enable the file access service provided by the FTP Server device to have a disaster recovery function.

为了达到上述目的,本发明提出的技术方案为:In order to achieve the above object, the technical scheme proposed by the present invention is:

一种云存储网络文件系统的访问方法,包括:A method for accessing a cloud storage network file system, comprising:

FTP主控服务器预先将系统的用户信息和共享文件的访问权限配置信息保存在数据库中;所述用户信息包括:FTP用户名、文件访问用户标识uid、访问密码、用户所属的用户组标识gid和FTP客户端可访问的共享文件根目录;The FTP master control server stores the user information of the system and the access authority configuration information of the shared file in the database in advance; the user information includes: FTP user name, file access user identification uid, access password, user group identification gid to which the user belongs, and The root directory of shared files accessible by FTP clients;

当FTP客户端需要访问所述网络文件系统时,触发所述FTP主控服务器为其分配提供文件访问服务的FTP服务器节点;When the FTP client needs to access the network file system, the FTP master control server is triggered to allocate an FTP server node that provides file access services;

所述FTP客户端登录所述FTP服务器节点,所述FTP服务器节点触发根据预先保存的所述用户信息对所述FTP客户端进行用户身份验证的过程;在所述验证成功时,向所述FTP客户端返回该FTP客户端可访问的共享文件根目录;The FTP client logs in to the FTP server node, and the FTP server node triggers a process of performing user identity verification on the FTP client according to the pre-saved user information; when the verification is successful, the FTP The client returns the root directory of the shared file accessible to the FTP client;

当所述FTP客户端进入所述共享文件根目录并提交文件访问请求时,所述FTP服务器节点触发根据所述用户信息和所述访问权限配置信息执行或拒绝执行所请求的文件访问操作的处理过程。When the FTP client enters the root directory of the shared file and submits a file access request, the FTP server node triggers the process of executing or refusing to execute the requested file access operation according to the user information and the access rights configuration information process.

综上所述,本发明提出的云存储网络文件系统的访问方法,利用FTP主控服务器和FTP服务器节点,为FTP客户端提供文件访问服务,可以使FTP Server提供的文件访问服务具有容灾功能。In summary, the method for accessing the cloud storage network file system proposed by the present invention uses the FTP master control server and the FTP server node to provide file access services for the FTP client, and can make the file access services provided by the FTP Server have a disaster recovery function .

附图说明Description of drawings

图1为本发明实施例的方法流程示意图。Fig. 1 is a schematic flow chart of the method of the embodiment of the present invention.

具体实施方式detailed description

为使本发明的目的、技术方案和优点更加清楚,下面将结合附图及具体实施例对本发明作进一步地详细描述。In order to make the purpose, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

本发明的核心思想是:引入FTP Server服务器集群技术为FTP客户端提供网络文件访问管理的服务,如此,可以使FTP Server提供的文件访问服务具有容灾功能。The core idea of the present invention is to introduce FTP Server server cluster technology to provide FTP client with network file access management service, so that the file access service provided by FTP Server can have a disaster recovery function.

图1为本发明实施例的方法流程示意图,如图1所示,该实施例实现的云存储网络文件系统的访问方法主要包括:Fig. 1 is a schematic flow diagram of the method of the embodiment of the present invention, as shown in Fig. 1, the access method of the cloud storage network file system realized by this embodiment mainly includes:

步骤101、FTP主控服务器预先将系统的用户信息和共享文件的访问权限配置信息保存在数据库中;所述用户信息包括:FTP用户名、文件访问用户标识uid、访问密码、用户所属的用户组标识gid和FTP客户端可访问的共享文件根目录。Step 101, the FTP master control server saves the user information of the system and the access authority configuration information of the shared file in the database in advance; the user information includes: FTP user name, file access user identification uid, access password, user group to which the user belongs Identifies the shared file root directory accessible by gid and FTP clients.

本步骤中,FTP主控服务器需要预先将云存储网络文件系统的用户信息和共享文件的访问权限配置信息保存在数据库中,以便此后由FTP主控服务器根据这些信息,对云存储网络文件系统的用户进行统一管理以及对访问权限进行统一设置。In this step, the FTP master control server needs to save the user information of the cloud storage network file system and the access permission configuration information of the shared files in the database in advance, so that the FTP master server can then use these information to control the cloud storage network file system. Unified management of users and unified setting of access rights.

这里,用户信息和共享文件的访问权限配置信息将统一保存在数据库中,而不是保存在具体提供文件访问服务的FTP服务器节点中,这样,当某个FTP服务器节点出现故障时,仍可由其他可用的FTP服务器节点提供文件访问服务,从而可以为FTP客户端提供具有容灾功能的文件访问服务。Here, user information and access rights configuration information for shared files will be uniformly stored in the database, rather than in the FTP server node that specifically provides file access services. In this way, when a certain FTP server node fails, other available The FTP server node provides file access services, thereby providing file access services with disaster recovery functions for FTP clients.

步骤102、当FTP客户端需要访问所述网络文件系统时,触发所述FTP主控服务器为其分配提供文件访问服务的FTP服务器节点。Step 102, when the FTP client needs to access the network file system, trigger the FTP master control server to assign it an FTP server node that provides file access services.

本步骤中,当FTP客户端需要访问所述网络文件系统时,将触发FTP主控服务器在可用的FTP服务器节点中选择出一个FTP服务器节点分配给FTP客户端,用于为FTP客户端提供文件访问服务。In this step, when the FTP client needs to access the network file system, the FTP master control server will be triggered to select an FTP server node from the available FTP server nodes and assign it to the FTP client to provide files for the FTP client Access services.

较佳地,可以采用下述方法触发所述FTP主控服务器为其分配FTP服务器节点:Preferably, the following method can be used to trigger the FTP master control server to allocate an FTP server node for it:

所述FTP客户端通过云存储网络文件系统的域名连接所述FTP主控服务器,所述FTP主控服务器按照预设的负载均衡策略,从当前可用的FTP服务器节点中,选择出为所述FTP客户端提供服务的FTP服务器节点,将所选择出的FTP服务器节点的IP地址通知给所述FTP客户端。The FTP client connects to the FTP master control server through the domain name of the cloud storage network file system, and the FTP master control server selects the FTP server node from currently available FTP server nodes according to a preset load balancing strategy. The FTP server node serving the client notifies the FTP client of the IP address of the selected FTP server node.

需要说明的是,在实际应用中,各FTP服务器节点的IP地址将由FTP主控服务器预先保存在数据库中,在上述分配FTP服务器节点过程中,FTP主控服务器从数据库中取出所选择出的FTP服务器节点的IP地址通知给FTP客户端即可。It should be noted that, in practical applications, the IP address of each FTP server node will be stored in the database in advance by the FTP master control server. Just notify the FTP client of the IP address of the server node.

上述分配方法中,通过采用负载均衡策略选择FTP服务器节点,可以确保各FTP服务器节点的负载平衡。具体地负载均衡策略可由本领域技术人员根据实际需要进行设置,例如,为了方便实现该负载均衡策略可以为:选择当前负载最小的FTP服务器节点。In the above distribution method, by using a load balancing strategy to select FTP server nodes, load balancing of each FTP server node can be ensured. Specifically, the load balancing strategy can be set by those skilled in the art according to actual needs. For example, for the convenience of implementing the load balancing strategy, the load balancing strategy can be: select the FTP server node with the smallest current load.

步骤103、所述FTP客户端登录所述FTP服务器节点,所述FTP服务器节点触发根据预先保存的所述用户信息对所述FTP客户端进行用户身份验证的过程;在所述验证成功时,向所述FTP客户端返回云存储网络文件系统中该FTP客户端可访问的共享文件根目录。Step 103, the FTP client logs in to the FTP server node, and the FTP server node triggers a process of performing user identity verification on the FTP client according to the pre-saved user information; The FTP client returns the root directory of the shared file accessible to the FTP client in the cloud storage network file system.

本步骤中,FTP服务器节点在FTP客户端登录时,将通过FTP主控服务器获取系统的用户信息,然后据此对FTP客户端的用户身份进行验证,只有其验证通过后,才可以允许其进入可访问的共享文件根目录。这样,FTP客户端才可以进一步在其可访问的权限范围内进行文件访问操作。In this step, when the FTP server node logs in to the FTP client, it will obtain the user information of the system through the FTP master server, and then verify the user identity of the FTP client accordingly. The root directory of the shared file to be accessed. In this way, the FTP client can further perform file access operations within its accessible authority range.

较佳地,可以采用下述方法登录所述FTP服务器节点:Preferably, the following method can be used to log in to the FTP server node:

所述FTP客户端连接所述FTP服务器节点,并在所述连接成功后,所述FTP客户端向所述FTP服务器节点提交用户输入的登录信息,所述登录信息包括FTP用户名和访问密码。The FTP client connects to the FTP server node, and after the connection is successful, the FTP client submits login information input by the user to the FTP server node, and the login information includes an FTP user name and an access password.

较佳地,所述触发根据预先保存的所述用户信息对所述FTP客户端进行用户身份验证的过程,可以采用下述步骤实现:Preferably, the process of triggering the user identity verification of the FTP client according to the pre-saved user information can be realized by the following steps:

所述FTP服务器节点从所述FTP主控服务器获取所述FTP用户名对应的用户信息,并判断所述登录信息是否与所获取的用户信息是否匹配,如果是,则验证成功,否则验证失败。The FTP server node obtains the user information corresponding to the FTP user name from the FTP master control server, and judges whether the login information matches the obtained user information, if yes, the verification is successful, otherwise the verification fails.

上述方法中,由FTP服务器节点进行用户身份的验证,在实际应用中,FTP服务器节点也可将用户的登录信息发送给FTP主控服务器,由FTP主控服务器根据预先保存的用户信息进行身份验证,在此不再赘述。In the above method, the user identity is verified by the FTP server node. In practical applications, the FTP server node can also send the user's login information to the FTP master control server, and the FTP master control server performs identity verification according to the pre-saved user information. , which will not be repeated here.

步骤104、当所述FTP客户端进入所述共享文件根目录并提交文件访问请求时,所述FTP服务器节点触发根据所述用户信息和所述访问权限配置信息执行或拒绝执行所请求的文件访问操作的处理过程。Step 104, when the FTP client enters the root directory of the shared file and submits a file access request, the FTP server node triggers to execute or refuse to execute the requested file access according to the user information and the access rights configuration information The processing of the operation.

本步骤中,当所述FTP客户端进入所述共享文件根目录并提交文件访问请求时,FTP服务器节点将触发根据FTP主控服务器预先保存的文件系统的用户信息和访问权限配置信息,判断是否允许所请求的文件访问操作的执行。如此,则可以实现在预设的访问权限范围内对用户的文件访问控制。In this step, when the FTP client enters the root directory of the shared file and submits a file access request, the FTP server node will trigger the user information and access rights configuration information of the file system pre-saved by the FTP master server to determine whether Execution of the requested file access operation is permitted. In this way, the user's file access control within the preset access authority range can be realized.

较佳地,所述触发根据所述用户信息和所述访问权限配置信息执行或拒绝执行所请求的文件访问操作的处理过程,具体可以采用下述方法实现:Preferably, the process of triggering the execution or refusal of the requested file access operation according to the user information and the access rights configuration information can be specifically implemented by the following method:

所述FTP服务器节点根据所述文件访问请求生成相应的文件访问消息,所述文件访问消息包括文件访问用户标识uid、用户所属的用户组标识gid、操作指令以及文件名;The FTP server node generates a corresponding file access message according to the file access request, and the file access message includes a file access user identification uid, a user group identification gid to which the user belongs, an operation instruction and a file name;

所述FTP服务器节点向所述FTP主控服务器发送所述文件访问消息;The FTP server node sends the file access message to the FTP master server;

所述FTP主控服务器根据预先保存的所述用户信息和所述共享文件的访问权限配置信息,判断所述文件访问消息指示的文件访问操作是否合法,如果是,则触发执行所述文件访问操作,否则,拒绝执行所述文件访问操作。The FTP main control server judges whether the file access operation indicated by the file access message is legal according to the pre-saved user information and the access authority configuration information of the shared file, and if so, triggers the execution of the file access operation , otherwise, deny the file access operation.

上述方法中,是由FTP主控服务器判断是否允许所请求的文件访问操作的执行,在实际应用中,也可由FTP服务器节点根据从FTP主控服务器获得的上述用户信息和共享文件的访问权限配置信息,判断是否允许所请求的文件访问操作的执行,在此不再赘述。In the above method, it is judged by the FTP master control server whether to allow the execution of the requested file access operation. In practical applications, the FTP server node can also be configured according to the above-mentioned user information obtained from the FTP master control server and the access authority of the shared file. information to determine whether to allow the execution of the requested file access operation, which will not be repeated here.

在实际应用中,当FTP客户端所连接的FTP服务器节点出现异常时,可以重新触发FTP主控服务器为其分配新的FTP服务器节点,然后由新分配的FTP服务器节点继续为其提供文件访问服务,具体地,可以采用下述方法实现这一目的:In practical applications, when the FTP server node connected to the FTP client is abnormal, the FTP master server can be re-triggered to allocate a new FTP server node for it, and then the newly allocated FTP server node will continue to provide file access services for it , specifically, the following methods can be used to achieve this goal:

当所述FTP客户端监测到当前所连接的FTP服务器节点异常时,重新触发所述FTP主控服务器为其分配新的FTP服务器节点,并利用所述新的FTP服务器节点访问所述云存储网络文件系统。When the FTP client detects that the currently connected FTP server node is abnormal, re-trigger the FTP master control server to assign a new FTP server node to it, and use the new FTP server node to access the cloud storage network File system.

较佳地,为了进一步提高文件访问服务的容灾能力,可以为云存储网络文件系统的上述FTP主控服务器配置FTP备份控制服务器,在FTP主控服务器启用后,该FTP备份控制服务器将与FTP主控服务器保持数据同步,当所述FTP主控服务器发生故障时,可以将所述FTP备份控制服务器作为当前的FTP主控服务器。Preferably, in order to further improve the disaster recovery capability of the file access service, an FTP backup control server can be configured for the above-mentioned FTP master control server of the cloud storage network file system. After the FTP master control server is enabled, the FTP backup control server will communicate with the FTP The main control server maintains data synchronization, and when the FTP main control server fails, the FTP backup control server can be used as the current FTP main control server.

通过上述实施例,可以看出本发明通过在云存储网络文件系统中引入FTP Server服务器集群技术,利用由FTP主控服务器和若干FTP服务器节点组成的FTP Server服务器集群,可以为FTP客户端提供具有容灾功能的文件访问服务。Through the foregoing embodiments, it can be seen that the present invention introduces FTP Server server cluster technology into the cloud storage network file system, and utilizes an FTP Server server cluster composed of an FTP master server and several FTP server nodes to provide FTP clients with File access service for disaster recovery function.

综上所述,以上仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。To sum up, the above are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.

Claims (8)

1. a kind of access method of cloud storage NFS, it is characterised in that including:
FTP FTP main control servers are in advance by the user profile and the access rights configuration information of shared file of system It is stored in database;The user profile includes:FTP user's name, file access ID uid, access password, Yong Husuo User's group mark gid and the addressable shared file root of ftp client of category;
When ftp client needs to access the NFS, the FTP main control servers are triggered for its distribution provides text The ftp server node of part access service;
The ftp client logs in the ftp server node, and the ftp server node triggering is according to the institute for pre-saving Stating user profile carries out the process of subscriber authentication to the ftp client;In described being proved to be successful, to FTP visitors Family end returns to the addressable shared file root of the ftp client;
When the ftp client into the shared file root and present a paper access request when, the ftp server section Point triggering is performed according to the user profile and the access rights configuration information or refusal performs asked file access behaviour The processing procedure of work.
2. method according to claim 1, it is characterised in that the triggering FTP main control servers are its distribution FTP Server node includes:
The ftp client connects the FTP main control servers, the FTP master by the domain name of cloud storage NFS According to default load balancing, from currently available ftp server node, it is FTP visitors to select to control server Family end provide service ftp server node, by it is selected go out ftp server node IP address notify visitor to the FTP Family end.
3. method according to claim 1, it is characterised in that the login ftp server node includes:
The ftp client connects the ftp server node, and to the ftp server node after the successful connection Submitting the log-on message of user input, the log-on message to includes FTP user's name and accesses password.
4. method according to claim 3, it is characterised in that the triggering is according to the user profile pair for pre-saving The process that the ftp client carries out subscriber authentication includes:
The ftp server node obtains the corresponding user profile of FTP user's name from the FTP main control servers, and sentences Whether whether the log-on message of breaking match with acquired user profile, if it is, be proved to be successful, otherwise authentication failed.
5. method according to claim 1, it is characterised in that the triggering is according to the user profile and the access right Limit configuration information is performed or the processing procedure of the asked file access operation of refusal execution includes:
The ftp server node generates corresponding file access message, the file access according to the file access request Message includes the user's group mark gid belonging to file access ID uid, user, operational order and filename;
The ftp server node sends the file access message to the FTP main control servers;
The FTP main control servers match somebody with somebody confidence according to the user profile and the access rights of the shared file for pre-saving Breath, judges whether the file access operation that the file access message is indicated is legal, if it is, triggering performs the file visiting Operation is asked, otherwise, refusal performs the file access operation.
6. access method according to claim 1, it is characterised in that the load balancing includes:Selection is current negative Carry minimum ftp server node.
7. method according to claim 1, it is characterised in that methods described is further included:
When the ftp client monitors that current connected ftp server node is abnormal, FTP master controls described in retriggered Server is the new ftp server node of its distribution, and using cloud storage network described in the new ftp server node visit File system.
8. method according to claim 1, it is characterised in that methods described is further included:
When the FTP main control servers break down, using the Standby control server of the FTP main control servers as current FTP main control servers.
CN201611215226.9A 2016-12-26 2016-12-26 Access method of cloud storage network file system Active CN106844111B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611215226.9A CN106844111B (en) 2016-12-26 2016-12-26 Access method of cloud storage network file system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611215226.9A CN106844111B (en) 2016-12-26 2016-12-26 Access method of cloud storage network file system

Publications (2)

Publication Number Publication Date
CN106844111A true CN106844111A (en) 2017-06-13
CN106844111B CN106844111B (en) 2021-01-08

Family

ID=59136369

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611215226.9A Active CN106844111B (en) 2016-12-26 2016-12-26 Access method of cloud storage network file system

Country Status (1)

Country Link
CN (1) CN106844111B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108833369A (en) * 2018-05-28 2018-11-16 郑州云海信息技术有限公司 Method, device and equipment for accessing file system
CN108897880A (en) * 2018-07-05 2018-11-27 南方电网科学研究院有限责任公司 A method and system for sharing electric energy data
CN109992976A (en) * 2019-02-27 2019-07-09 平安科技(深圳)有限公司 Access credentials verification method, device, computer equipment and storage medium
CN110389938A (en) * 2019-06-20 2019-10-29 北京四方继保自动化股份有限公司 A method of improving relay protection device safety
CN110650214A (en) * 2019-10-21 2020-01-03 北京知道创宇信息技术股份有限公司 Agent method, device, electronic equipment and storage medium
CN111126940A (en) * 2019-11-22 2020-05-08 泰康保险集团股份有限公司 Service application processing method, device, equipment and computer readable storage medium
CN112951385A (en) * 2021-03-16 2021-06-11 上海市胸科医院 Data access method and equipment for PACS image storage system
CN113810484A (en) * 2021-09-10 2021-12-17 深圳云之家网络有限公司 File request processing method and device, computer equipment and storage medium
CN114879908A (en) * 2022-04-29 2022-08-09 济南浪潮数据技术有限公司 Quota management method for shared directory and related components
CN115051982A (en) * 2022-06-14 2022-09-13 北京天融信网络安全技术有限公司 Information processing method, system and storage medium based on FTP protocol
CN115499308A (en) * 2022-08-15 2022-12-20 鹏城实验室 A distributed FTP container deployment method, device, terminal and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072163A (en) * 2007-03-31 2007-11-14 腾讯科技(深圳)有限公司 Network file automatic dump method and system
CN101841537A (en) * 2010-04-13 2010-09-22 北京时代亿信科技有限公司 Method and system for realizing file sharing access control based on protocol proxy
CN102170460A (en) * 2011-03-10 2011-08-31 浪潮(北京)电子信息产业有限公司 Cluster storage system and data storage method thereof
CN102752399A (en) * 2012-07-19 2012-10-24 南京邮电大学 Peer-to-peer security file sharing method based on cloud storage
CN103152377A (en) * 2012-12-13 2013-06-12 中国科学院深圳先进技术研究院 Data access method capable of facing file transfer protocol (ftp) service
CN103607462A (en) * 2013-11-22 2014-02-26 曙光信息产业股份有限公司 Cluster NAS deployment system and deployment method thereof
CN103812674A (en) * 2012-11-07 2014-05-21 北京信威通信技术股份有限公司 Method for main and standby server replacement
CN103986756A (en) * 2014-05-12 2014-08-13 浪潮电子信息产业股份有限公司 Method for solving Chinese messy code problem of FTP service access cluster storage system
CN104050248A (en) * 2014-06-05 2014-09-17 北京捷成世纪科技股份有限公司 File storage system and storage method
CN105812391A (en) * 2016-05-16 2016-07-27 广州鼎鼎信息科技有限公司 Safe cloud storage system

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072163A (en) * 2007-03-31 2007-11-14 腾讯科技(深圳)有限公司 Network file automatic dump method and system
CN101841537A (en) * 2010-04-13 2010-09-22 北京时代亿信科技有限公司 Method and system for realizing file sharing access control based on protocol proxy
CN102170460A (en) * 2011-03-10 2011-08-31 浪潮(北京)电子信息产业有限公司 Cluster storage system and data storage method thereof
CN102752399A (en) * 2012-07-19 2012-10-24 南京邮电大学 Peer-to-peer security file sharing method based on cloud storage
CN103812674A (en) * 2012-11-07 2014-05-21 北京信威通信技术股份有限公司 Method for main and standby server replacement
CN103152377A (en) * 2012-12-13 2013-06-12 中国科学院深圳先进技术研究院 Data access method capable of facing file transfer protocol (ftp) service
CN103607462A (en) * 2013-11-22 2014-02-26 曙光信息产业股份有限公司 Cluster NAS deployment system and deployment method thereof
CN103986756A (en) * 2014-05-12 2014-08-13 浪潮电子信息产业股份有限公司 Method for solving Chinese messy code problem of FTP service access cluster storage system
CN104050248A (en) * 2014-06-05 2014-09-17 北京捷成世纪科技股份有限公司 File storage system and storage method
CN105812391A (en) * 2016-05-16 2016-07-27 广州鼎鼎信息科技有限公司 Safe cloud storage system

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108833369A (en) * 2018-05-28 2018-11-16 郑州云海信息技术有限公司 Method, device and equipment for accessing file system
CN108897880A (en) * 2018-07-05 2018-11-27 南方电网科学研究院有限责任公司 A method and system for sharing electric energy data
CN109992976A (en) * 2019-02-27 2019-07-09 平安科技(深圳)有限公司 Access credentials verification method, device, computer equipment and storage medium
CN110389938B (en) * 2019-06-20 2022-02-22 北京四方继保自动化股份有限公司 Method for improving safety of relay protection equipment
CN110389938A (en) * 2019-06-20 2019-10-29 北京四方继保自动化股份有限公司 A method of improving relay protection device safety
CN110650214A (en) * 2019-10-21 2020-01-03 北京知道创宇信息技术股份有限公司 Agent method, device, electronic equipment and storage medium
CN110650214B (en) * 2019-10-21 2022-07-05 北京知道创宇信息技术股份有限公司 Agent method, device, electronic equipment and storage medium
CN111126940A (en) * 2019-11-22 2020-05-08 泰康保险集团股份有限公司 Service application processing method, device, equipment and computer readable storage medium
CN112951385A (en) * 2021-03-16 2021-06-11 上海市胸科医院 Data access method and equipment for PACS image storage system
CN112951385B (en) * 2021-03-16 2024-12-27 上海市胸科医院 Data access method and device for PACS image storage system
CN113810484A (en) * 2021-09-10 2021-12-17 深圳云之家网络有限公司 File request processing method and device, computer equipment and storage medium
CN114879908A (en) * 2022-04-29 2022-08-09 济南浪潮数据技术有限公司 Quota management method for shared directory and related components
CN115051982A (en) * 2022-06-14 2022-09-13 北京天融信网络安全技术有限公司 Information processing method, system and storage medium based on FTP protocol
CN115051982B (en) * 2022-06-14 2023-12-01 北京天融信网络安全技术有限公司 Information processing method, system and storage medium based on FTP protocol
CN115499308A (en) * 2022-08-15 2022-12-20 鹏城实验室 A distributed FTP container deployment method, device, terminal and storage medium
CN115499308B (en) * 2022-08-15 2025-04-08 鹏城实验室 Distributed FTP container deployment method, device, terminal and storage medium

Also Published As

Publication number Publication date
CN106844111B (en) 2021-01-08

Similar Documents

Publication Publication Date Title
CN106844111A (en) The access method of cloud storage NFS
US11902145B2 (en) Generating and deploying security policies for microsegmentation
CN107277049B (en) An access method and device for an application system
JP6263537B2 (en) LDAP-based multi-tenant in-cloud identity management system
US11856046B2 (en) Endpoint URL generation and management
CN102947797B (en) Online service access control using scale-out directory features
US8959613B2 (en) System and method for managing access to a plurality of servers in an organization
CN112261172B (en) Service addressing access method, device, system, equipment and medium
CN103795690B (en) A kind of method, proxy server and the system of cloud access control
CN110324338B (en) Data interaction method, device, bastion host, and computer-readable storage medium
WO2018095416A1 (en) Information processing method, device and system
WO2021115231A1 (en) Authentication method and related device
CN106714075A (en) Authorization processing method and equipment
US8117254B2 (en) User name mapping in a heterogeneous network
CN106411857A (en) Private cloud GIS service access control method based on virtual isolation mechanism
CN106612290A (en) Cross-domain single sign-on method for system integration
CN110968848B (en) User-based rights management method, device and computing device
CN116566656B (en) Resource access methods, devices, equipment and computer storage media
CN108881309A (en) Access method, device, electronic equipment and the readable storage medium storing program for executing of big data platform
CN106656514A (en) kerberos authentication cluster access method, SparkStandalone cluster, and driving node of SparkStandalone cluster
CN105656949A (en) Access control method and system of network file system
CN107172061A (en) It is a kind of to realize shared method and system
CN105262800B (en) A kind of authority control method and system applied to cluster NAS file system
CN101917438A (en) Access control method and system in network communication system
CN114884728B (en) Security access method based on role access control token

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 518057 Shenzhen Software Park, No. 9, 501, 502, Science and Technology Middle Road, Nanshan District, Shenzhen City, Guangdong Province

Applicant after: Shenzhen Innovation Technology Co.,Ltd.

Applicant after: Innovation Technology Co.,Ltd.

Address before: 518057 Shenzhen Software Park, No. 9, 501, 502, Science and Technology Middle Road, Nanshan District, Shenzhen City, Guangdong Province

Applicant before: UITSTOR (USA) Inc.

Applicant before: United Information Technology Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant
PP01 Preservation of patent right

Effective date of registration: 20250430

Granted publication date: 20210108

PP01 Preservation of patent right