TW201937900A - Method and system for establishing virtual backup network and virtual network card - Google Patents

Abstract

A method and a system for establishing virtual backup network and virtual network card are provided. In some embodiments, a network Orchestrator module generates a provision template for a virtual backup network, and a software-based network management module reserves resources for establishing the virtual backup network. Then, an IP assignment module, based on the provision template and the reserved resources, sets the IP address in a room to be only assigned to a virtual network card used in that room, so as to complete the establishment of virtual backup network. Therefore, a safe and reliable backup network would be established quickly.

Description

Method and system for building a virtual backup network and a virtual network card

The present invention relates to a technology for building a virtual backup network and a virtual network card, in particular, a virtual network card for building a large Layer 2 (L2) virtual backup network and a large second layer. Method and system.

Traditionally, when the network path in the network environment is damaged, the other network paths are opened (that is, the communication with the backup network), and the original network path is switched to the backup network. . However, such a passive mode of opening often requires extra time to switch the network path in order to restore network communication. In this way, users who want to connect to the Internet will have great troubles and inconveniences.

In addition, to set up a virtual and/or physical backup network in a network environment (such as a large Layer 2 network environment, cross-machine network environment, etc.), it is often necessary for the network and system administrator to manually set each link. . However, such a manual setting method is not only practically expensive, but also requires a lot of time and a lot of labor costs, which becomes unrealistic.

Furthermore, in addition to the need to quickly set up a backup network, it is also necessary to ensure the security and reliability of the backup network. In this way, users can use the backup network without worrying that the data is accessed by other non-backup networks or third parties in different network segments, and there is data leakage.

In view of the foregoing problems, it is necessary to provide a method for effectively setting up a backup network and using a backup network to quickly set up a secure and reliable backup network.

Based on the problems of the prior art, the present invention discloses a method and system for building a virtual backup network and a virtual network card. Compared with the prior art, an embodiment of the present invention discloses that a backup network is set up by using a collaboration of an Internet coordinator (Orchestrator) module, a software network management module, and an IP dispatching module to enhance a backup network. The efficiency of setting the road.

An embodiment of the present invention provides a system for establishing a virtual backup network, comprising: a virtual backup network operation and presentation module, which receives a setup request for the virtual backup network; The network coordinator module analyzes the configuration request to confirm whether the network device resources in the current equipment room are sufficient for establishing the virtual backup network, and the network coordinator module generates the virtual backup a network-related provisioning template; a software network management module that reserves resources required to establish the virtual backup network in the network device resource; and an IP dispatch module, according to the The provisioning template and the reserved resource set the IP address in the equipment room to be bound only to the virtual network card of a virtual machine in the equipment room to complete the virtual backup network.

A further embodiment of the present invention provides a method for establishing a virtual backup network, comprising the steps of: (1) receiving a setup request for the virtual backup network; and (2) confirming that the current room is in the room. Whether the network device resource is sufficient to establish the virtual backup network; (3) generating a provisioning template related to the virtual backup network; and (4) according to the provisioning template, in the network device resource Retaining the resources required to establish the virtual backup network; and (5) setting the IP address in the equipment room to be only compatible with a virtual machine in the equipment room according to the provisioning template and the reserved resource The virtual network card is bound to complete the establishment of the virtual backup network.

In another embodiment, after the completion of the establishment of the virtual backup network, setting the firewall rule of the virtual backup network to use the virtual backup network can only use the virtual machine. Other virtual machines on the virtual backup network communicate.

In another embodiment, the network device resources comprise at least one of the following: a heterogeneous SDN controller, a homogeneous SDN controller, an SDN virtual switch, an SDN physical switch, and an available IP address.

In another embodiment, the provisioning template describes at least one of a network ID, a network name, an IP network segment, and a gateway IP required to build the virtual backup network.

In another embodiment, the supplied template conforms to a supply template of the Open Stack Heat format or the TOSCA format.

An embodiment of the present invention provides a system for building a virtual network card, comprising: a virtual machine network card operation and presentation module, which receives a request for establishing a virtual network card; Coordinator module based on The configuration request generates a virtual network card installation template; a virtual basic resource management module, which supplies the virtual network card according to the virtual network card provisioning template; and an IP distribution module And binding the MAC address of the virtual network card to an IP address in a virtual backup network.

A further embodiment of the present invention provides a method for constructing a virtual network card, comprising the steps of: (1) receiving a request for establishing a virtual network card; and (2) generating a request based on the configuration request. a virtual network card is provided with a template; (3) supplying the virtual network card according to the virtual network card provisioning template; and (4) the virtual network card's MAC address and a virtual standby An IP address binding in the network.

In another embodiment, the step (1) includes providing a user interface for the user to input the request for the virtual network card in the user interface, and querying which virtual backup network is currently available. .

In another embodiment, the step (2) includes configuring a resource for the setup request based on the build request to generate the virtual network card provisioning template describing the resource.

In another embodiment, the resources include one or more of the following: an identifier of the virtual backup network, a name of the virtual backup network, and the MAC address of the virtual network card.

In another embodiment, the virtual network card is loaded with a template that conforms to the Open Stack Heat format or the TOSCA format.

In another embodiment, the method further includes the following steps: (5) analyzing related parameters of the configuration request to generate a cross-device virtual network card connection and installation template.

In another embodiment, the related parameters include at least one of the following The name of the virtual backup network, the physical network device identifier associated with the virtual backup network, the IP address bound to the virtual network card, and the MAC address of the virtual network card Address and inter-machine connectivity requirements for the virtual network card.

In another embodiment, the method further comprises: using a software-defined network controller module to set the virtual network card to be connected across the computer room based on the cross-device virtual network card connection installation template.

It should be understood that the subject matter described above can be implemented as a computer-controlled device, computer program, computing system, or as an article of manufacture, such as a computer readable storage medium.

The above described features and advantages of the invention will be apparent from the description and appended claims. The additional features and advantages of the invention will be set forth in part in the description in the description. The features and advantages of the present invention are realized and attained by the <RTIgt; It is to be understood that both the foregoing general description

200‧‧‧Dynamicly open the system of L2 backup network to multi-room through the controller

210‧‧‧Virtual backup network construction subsystem across the computer room

211‧‧‧Virtual Backup Network Operation and Presentation Module

212‧‧‧Reserving network resources and topology dependencies database

213‧‧‧Network Coordinator (Orchestrator) Module

214‧‧‧Software Network Management Module

215‧‧‧Virtual Network Function Management Module

216‧‧‧Virtual Basic Resource Management Module

217‧‧‧Software Defined Network Controller Module

218‧‧‧IP dispatch module

219‧‧‧Virtual Firewall Module

220‧‧‧Virtual Machine Network Card Connectivity and IP Acquisition Mechanism Subsystem

221‧‧‧Virtual Machine Network Card Operation and Rendering Module

222‧‧‧Virtual Machine Virtual Network Card Resource Database

S310-S390‧‧‧Steps

S361-S369‧‧‧Steps

S381-S384‧‧‧Steps

S391-S394‧‧‧Steps

S401-S410‧‧‧Steps

S501-S507‧‧‧Steps

Figure 1 is a system architecture diagram of dynamically opening a second-level backup network to a multi-machine room through a controller according to the present invention; Figure 2 is a virtual backup network building device for the cross-machine room of the present invention. The system architecture diagram of the system; Figure 3 shows the virtual machine network card connectivity and IP acquisition of the present invention. System architecture diagram of the mechanism subsystem; FIG. 4 is a flowchart of a method for establishing a virtual backup network across the equipment room according to an embodiment of the present invention; FIG. 5 is a diagram according to the present invention. Embodiments, a flowchart of a method for using a network coordinator module for virtual backup network provisioning; and FIG. 6 is a diagram showing the use of a network coordinator module to initiate IP assignment according to an embodiment of the present invention A flowchart of a method for setting a module; FIG. 7 is a flowchart of a method for setting a virtual firewall using a network coordinator module according to an embodiment of the present invention; FIG. 8 is a diagram of a method according to the present invention. One embodiment, a flowchart of a method for virtual machine network card connectivity and IP acquisition mechanism; and FIG. 9 is a diagram of using a network coordinator module to perform virtual network card connectivity across a computer room according to an embodiment of the present invention. Flow chart of the method of loading.

The following implementations are directed to the concepts and techniques for building virtual backup networks and virtual network cards. In accordance with the concepts and techniques described herein, a computing device can execute algorithms, steps, and processes for building a virtual backup network and a virtual network card.

Although the subject matter described herein is presented in the general context of execution with an operating system and an application on a computer system, those skilled in the art will appreciate that other embodiments can be performed in other manners. In general, modules may be implemented in software, hardware, and firmware, including but not limited to systems, devices, routines, programs, components, data structures, and others that perform particular tasks or implement specific types of abstract data. Type of knot Structure.

In the following embodiments, the drawings are a part of the embodiments, and the specific embodiments or examples are illustrated in the drawings. Referring now to the drawings in which like reference numerals refer to the same elements throughout the drawings, the embodiments of the method and system for the construction of the virtual backup network and the virtual network card are presented.

Referring now to Figure 1, the system architecture diagram of the present invention dynamically opens a large Layer 2 backup network to a multi-machine room through a controller. The system 200 for dynamically opening a large Layer 2 backup network to a multi-machine room through a controller includes a virtual backup network establishment subsystem 210 and a virtual machine network card connection and IP acquisition mechanism subsystem 220 across the equipment room.

The virtual backup network construction subsystem 210 across the computer room can be used to establish a virtual backup network spanning multiple computer rooms to dynamically establish and manage a virtual backup network (hereinafter referred to as a "backup network"). Technical effects. In addition, the virtual backup network deployment subsystem 210 across the computer room can prepare and reserve the resources required to establish a virtual backup network before generating the virtual machine.

In an embodiment, the virtual backup network construction subsystem 210 across the computer room can also use the IP assignment and firewall setting mechanism to improve the security of the backup network.

In addition, the virtual machine network card connectivity and IP acquisition mechanism subsystem 220 can perform network IP acquisition for the virtual network card of the virtual machine and network device setting of Software Defined Networking (SDN) across the computer room. The virtual machine's virtual network card can use the backup network to connect with the network across multiple computer rooms, and achieve the built-in backup network function.

In an embodiment, the virtual machine network card connectivity and IP acquisition mechanism subsystem 220 can use the network coordinator (Orchestrator) module to perform SDN network device connectivity settings for the virtual machine virtual network card, and the virtual machine The virtual network card's MAC Address is bound to the dedicated IP address in the backup network, and the virtual machine's network connectivity function is enabled.

In an embodiment, the virtual backup network establishment subsystem 210 of the cross-machine room may first establish a virtual backup network for each computer room, and prepare and provide resources required for the virtual backup network establishment process. Reserved. Then, the virtual machine network card connection and IP acquisition mechanism subsystem 220 binds the virtual network card of the virtual machine to the IP address in the backup network, so that the virtual network card of the virtual machine can use the virtual backup network. Road resources.

Please refer to FIG. 2, which is a system architecture diagram of the virtual backup network construction subsystem of the cross-machine room of the present invention.

The virtual backup network operation and presentation module 211 can provide a user interface to the user, so that the user can view the current status of the virtual backup network of each computer room in the user interface, and query and control. Virtual backup network.

In an embodiment, the virtual backup network operation and the user interface provided by the presentation module 211 can display the connection with the computer room where each backup network is located, such as an option, an icon, or the like. When the user selects an option or clicks an icon, the virtual backup network operation and presentation module 211 can present a screen of related information of the corresponding backup network in the computer room to the user for browsing.

The network coordinator module 213 can collect the software and hardware resources of each computer room in advance. (such as: heterogeneous, homogeneous SDN controller, SDN virtual switch, SDN entity switch, available IP address, and network topology relationship, etc.), in order to uniformly allocate and manage the resources of each computer room to establish a leap The backup network of different computer rooms achieves the effect of providing a virtual machine backup network.

In an embodiment, the network coordinator module 213 can analyze the input requirements of the system administrator, the system maintainer, and the user to establish a backup network for the demand, and generate a description of the relevant supply parameters. Install the template. Then, the generated template is transmitted to the software network management module 214, the virtual network function management module 215, and the virtual basic resource management module 216.

The software network management module 214 can perform network device resources by managing different software defined network controller modules 217 (eg, homogeneous software defined network controllers, heterogeneous software defined network controllers). Control.

The virtual network function management module 215 is used to manage components of Network Functions Virtualization (NFV). In one embodiment, the virtual network function management module 215 processes the provisioning process using meta-data to manage various NFV network elements.

In addition, the virtual network function management module 215 can invoke the IP dispatch module 218 and the virtual firewall module 219 to perform subsequent IP assignment tasks and firewall setting functions.

In one embodiment, the IP dispatch module 218 uses the Dynamic Host Configuration Protocol (DHCP) for IP assignment, and the virtual firewall module 219 can be used to set firewalls specific to each backup network. In this way, the virtual network function management module 215 For the call of the IP dispatch module 218 and the virtual firewall module 219, a backup network with communication security and structural flexibility can be provided.

Please refer to FIG. 3, which is a system architecture diagram of the virtual machine network card connectivity and IP acquisition mechanism subsystem of the present invention.

As shown in FIG. 3, the virtual machine network card operation and presentation module 221 can provide a user interface to the user, so that the user can establish a virtual network card of the virtual machine through the interface operation, and let the user select the desired Backup network. The virtual machine virtual network card resource database 222 stores data related to the relationship between the virtual network card and the virtual backup network.

In one embodiment, the network coordinator (Orchestrator) module 213 is provided with a virtual machine network card generation management function, which can perform program management of the process supply. The network coordinator module 213 analyzes the input requirements of the system administrator, the system maintainer, and the user, and refers to the relationship between the virtual network card recorded in the virtual machine virtual network card resource database 222 and the virtual backup network. To initiate the installation step planning and supply parameter generation operation, and generate a virtual template for the virtual machine virtual network card to use the backup network in the process.

In an embodiment, the software network management module 214 provides a connectivity function of the Spine-Leaf physical device, which uses the software to define the physical network device management function of the network controller module 217 to The MAC address message is transmitted across the machine room, so that the virtual machine's virtual network card information can be transmitted to other computer rooms through the backup network.

In addition, the virtual network function management module 215 can set the IP dispatch module 218 in each computer room.

In an embodiment, the virtual network function management module 215 can divide the IP into IP points. The dispatch module 218 is configured to only bind the IP in the equipment room to the virtual network card of the virtual machine in the same equipment room, and ignore the IP binding request of the virtual machine virtual network card from the other equipment room. In this way, the IP distribution module 218 in each equipment room can be independent of the IP binding system, but the virtual machine network of different machine rooms is connected to the flexible architecture to reduce the impact of using the broadcast packet in different machine rooms. .

Referring to FIG. 4, a flow chart of a method for establishing a virtual backup network across a computer room according to an embodiment of the present invention.

First, in step S310, the user can query the virtual private cloud and the virtual backup network topology composed of the virtual backup network in the user interface provided by the virtual machine network card operation and presentation module 221. Information. At this time, the virtual network and the virtual backup network can be known by querying the backup network resource and the topology dependency database 212.

In step S320, the user can input the requirement of establishing a virtual backup network across the computer room in the user interface provided by the virtual machine network card operation and presentation module 221 .

Then, in step S330, the network coordinator module 213 can query the backup network resource and the topology dependency database 212 according to the requirement, so as to confirm whether the network resources of the network device that needs to be traversed are sufficient. .

If the result of the confirmation is that the network resources of the network device that needs to be traversed are insufficient, the process proceeds to step S350, where the network coordinator module 213 returns the message that the backup network is currently unavailable. Give the user and end the supply process.

On the other hand, if you need to span the network resources of the computer room equipment in the computer room, If yes, the process proceeds to step S340. At this time, the network coordinator module 213 analyzes the user's needs and configures the network ID, network name, IP network segment, and gateway required for the virtual backup network. Parameters such as IP to create the required supply model (eg Open Stack Heat supply model, TOSCA supply template).

Thereafter, the process proceeds to step S370, which is for the supply operation of a single machine room. Step S370 can be subdivided into three steps: step S360, step S380, and step S390.

In step S360, the network coordinator module 213 performs virtual backup network provisioning. The network coordinator module 213 reserves dedicated network resources in the network equipment of the equipment room and sets the network equipment of the equipment room.

In one embodiment, the network coordinator module 213 can communicate the provisioning template to the virtual base resource management module 216 for use in virtual backup networks, gateways, and IP network segments. In addition, the network coordinator module 213 can transmit the supplied template to the software network management module 214 to perform pre-reserved operations on the backup network resources of the physical network device.

In one embodiment, the software network management module 214 can manage a heterogeneous software-defined network controller module 217. The software network management module 214 can configure the SDN network device and virtual network parameters required by the software definition network controller module 217, and can call the software definition network controller module 217 to perform the physical network. The establishment of a backup network on the road device.

In step S380, the network coordinator module 213 starts the setting of the IP dispatch module 218. The network coordinator module 213 can call the virtual network function management module 215, and then the virtual network function management module 215. The IP dispatch module 218 is invoked for IP assignment.

In an embodiment, when the virtual network function management module 215 invokes the IP dispatch module 218, the IP dispatch module 218 can be set to only the IP address in the equipment room and the virtual network card of the virtual machine in the same equipment room. Bind and ignore IP binding requests from virtual machine virtual network cards in other equipment rooms.

In step S390, the network coordinator module 213 performs virtual firewall setting. The network coordinator module 213 can call the virtual network function management module 215, and then the virtual network function management module 215 calls the virtual firewall module 219 to set the firewall.

In an embodiment, the virtual network function management module 215 can set the firewall to: only the virtual machine (virtual network card) using the same backup network can communicate with the network, and reject virtual machines from different backup networks. The connection (virtual network card) is used to enhance the security of the data in the backup network (eg, backup data).

In an embodiment, the steps S360 to S380 are sequentially performed in each computer room. After the backup network related functions of all the equipment rooms are installed, the network coordinator module 213 will provide backup. The network provisioning message writes back the backup network resource and topology dependency database 212.

The detailed step contents of the foregoing steps S360, S380, and S390 can be referred to the fifth to seventh figures.

Referring to FIG. 5, a flow chart of a method for using a network coordinator module to perform virtual backup network provisioning according to an embodiment of the present invention.

First, in step S361, the network coordinator module 213 sends the virtual backup network provisioning template to the virtual basic resource management module 216.

Then, in step S362, the virtual basic resource management module 216 evaluates whether the network resources of the computer room are sufficient for establishing a new virtual backup network. If the resources are insufficient, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated.

If the resource is sufficient, the process proceeds to step S363. At this time, the virtual basic resource management module 216 supplies the backup network, the subnet, and the virtual network card of the gateway, and monitors the state of the installation.

Then, proceeding to step S364, it is determined whether the supply of the virtual basic resource management module 216 is successful. If not, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated.

If the supply of the virtual basic resource management module 216 is successful, the process proceeds to step S365. In step S365, the network coordinator module 213 calls the software network management module 214 to analyze the supply requirements, perform resource integration with the physical network device, and specify backup through the physical network device. Network category.

Next, in step S366, it is determined whether the supply demand analysis and the resource integration are successful. If not, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated.

On the other hand, if the supply demand analysis and the resource integration are successful, the process proceeds to step S367, where the software network management module 214 configures the SDN required by the software defined network controller module 217 in the local room. The network device and virtual network parameters are defined by the call software definition network controller module 217 for the backup network.

In step S368, the software-defined network controller module 217 establishes a backup network on the SDN network device and also monitors the network status.

Thereafter, in step S369, it is determined whether the backup network is successfully established on the SDN network device. If the software-defined network controller module 217 successfully establishes the backup network on the SDN network device, the network coordinator module 213 will report the success message. On the other hand, if the software-defined network controller module 217 cannot establish a backup network on the SDN network device, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user. End the supply process.

Please refer to FIG. 6, which is a flowchart of a method for starting an IP dispatch module setting using a network coordinator module according to an embodiment of the present invention.

In step S381, the network coordinator module 213 transmits the provisioning template of the backup network (particularly for the IP dispatched part) to the virtual network function management module 215.

Next, in step S382, the virtual network function management module 215 checks whether the IP dispatch module 218 is operating normally.

If the IP dispatch module 218 is abnormal, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated. Otherwise, the process proceeds to step S383. At this time, the virtual network function management module 215 analyzes the supply requirements to configure the setting of the exclusive dispatch function of the IP dispatch module 218 according to the supply requirements.

Then, in step S384, the virtual network function management module 215 calls the IP dispatching module 218 to perform the setting of the dedicated dispatching function. For example, the setting IP dispatching module 218 can only accept a specific virtual machine (virtual network card). IP binding requirements (ie, IP-specific assignments), regardless of IP binding requirements from other machine rooms and other virtual machines.

Referring to FIG. 7, a flowchart of a method for setting a virtual firewall using a network coordinator module according to an embodiment of the present invention.

In step S391, the network coordinator module 213 can transmit the template of the backup network (particularly for the firewall setting) to the virtual network function management module 215, and requires the virtual network function management module. Group 215 performs firewall settings for virtual firewall module 219.

In one embodiment, the virtual firewall module 219 is a gateway firewall used by the current backup network.

Next, in step S392, the virtual network function management module 215 confirms whether the virtual firewall module 219 is operating normally.

If the virtual firewall module 219 is abnormal, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated.

On the other hand, if the virtual firewall module 219 is working normally, the process proceeds to step S393. At this time, the virtual network function management module 215 analyzes the supply requirements and configures the firewall settings of the virtual firewall module 219 according to the installation requirements.

Next, in step S394, the virtual network function management module 215 calls the virtual firewall module 219 to perform firewall setting, for example, restricting the computer in a specific computer room or a specific domain from transmitting the packet to the backup network through routing. . In this way, the security of the backup network in communication can be enhanced.

Referring to FIG. 8, a flow chart of a method for virtual machine network card connectivity and IP acquisition mechanism according to an embodiment of the present invention.

In step S401, the user can query the backup network available in the current virtual private cloud in the user interface provided by the virtual machine network card operation and presentation module 221.

At this time, the backup network resource and the topology dependency database 212 can be queried to inform the user of the available backup network information in the current virtual private cloud.

In step S402, the user performs the opening or communication (ie, establishment) of the virtual network card across the computer room. At this time, the user will use the backup network established by the virtual backup network construction subsystem 210 across the equipment room to send the requirement for establishing the virtual network card to the network coordinator module 213.

Next, in step S404, the network coordinator module 213 confirms whether the backup network of each equipment room related to the establishment of the virtual network card requirement is normal.

If not all the backup networks of each equipment room are in normal operation, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated.

On the other hand, if the backup network of each equipment room is in normal operation, the analysis request and the configuration supply parameter action are started, and the process proceeds to step S405.

In an embodiment, the network coordinator module 213 analyzes the requirements and configures the backup network identifier (ID), the backup network name, the IP used by the virtual network card, and the virtual network required for the backup network. Software and hardware resources such as MAC Address used by the network card.

In step S405, the network coordinator module 213 will describe a virtual machine network card provisioning template for configuring the hardware and software resources (parameters) required for the backup network (eg, Open Stack Heat supply template, TOSCA supply template). The virtual basic resource management module 216 is requested to perform the virtual network card installation and bind the virtual network card to the backup network.

In step S406, the virtual basic resource management module 216 supplies the virtual network card of the backup network and monitors the state of the installation.

Then, in step 407, it is determined whether the virtual network card is successfully loaded. If the installation fails, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated. On the other hand, if the virtual network card is successfully installed, the success message is transmitted to the network coordinator module 213.

Thereafter, in step S408, the network coordinator module 213 analyzes the supply requirements to perform the provisioning configuration according to the supply requirements. The network coordinator module 213 calls the virtual network function management module 215 to invoke the IP dispatch module 218 by the virtual network function management module 215 to perform a dedicated virtual network card MAC Address setting. At this point, the IP dispatch module 218 assigns the IP location of the available backup network to the virtual network card (ie, binds the dedicated IP location to the virtual network card MAC address).

In step S409, the network coordinator module 213 analyzes related parameters in the supply requirement (construction requirement) (eg, the name of the backup network used by the virtual network card, the IP of the virtual network card, and the virtual network). MAC address of the road card, physical network device identification code (ID) related to the backup network, virtual network across the computer room Card connectivity requirements, etc., and for the single room to generate a cross-machine room virtual network card connectivity model. After that, physical network device settings are performed for other equipment rooms covered by the backup network, so that the MAC address of the virtual network card can be connected to other computer rooms covered by the backup network.

Next, the process proceeds to step S410, which is for the supply operation of a single machine room. The network coordinator module 213 calls the software network management module 214 to perform the process of connecting and installing the virtual network card across the computer room. At this time, the software network management module 214 configures the SDN network device and virtual network card parameters required by the software defined network controller module 217 in the local room. Then, the network controller module 217 is defined by the software to enable the communication of the virtual network card across the computer room. For details of the steps of step S410, refer to FIG. 9.

Referring to FIG. 9, a flow chart of a method for using a network coordinator module to connect and supply a virtual network card across a computer room according to an embodiment of the present invention. In step S501, a network coordinator module 213 will cross the machine room. The virtual network card connection and installation template is sent to the software network management module 214.

In step S502, the software network management module 214 analyzes the supply requirements and confirms whether the physical network device resources related to the supply requirements are sufficient.

In step S504, the software network management module 214 confirms whether the software-defined network controller module 217 is operating normally, and whether the resources used by the backup network are retained in the physical network device.

If the requirement analysis and the resource confirmation succeed, the process proceeds to step S505, where the software network management module 214 configures the local software definition network. The virtual network card related parameters required by the controller module 217 are used by the call software definition network controller module 217 to perform cross-device connectivity setting of the local entity software-defined network switch.

On the other hand, if the demand analysis and the resource confirmation fail, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated.

Next, in step S506, the software-defined network controller module 217 performs the establishment of the cross-system backup node for the local physical network device (for example, the entity software defines the network switch), and is on the network device. Establish settings for virtual network card connectivity and monitor network status.

Thereafter, in step S507, it is confirmed whether the cross-machine connectivity setting of the virtual network card is successful. If successful, the automatic supply is complete.

On the other hand, if the cross-machine connection setting of the virtual network card fails, the process proceeds to step S350, and the message that the backup network is currently unavailable cannot be returned to the user, and the supply process is terminated.

The above-described embodiments are merely illustrative of the principles, features, and effects of the present invention, and are not intended to limit the scope of the present invention. Any person skilled in the art can recite the above without departing from the spirit and scope of the present invention. The embodiment is modified and changed. Any equivalent changes and modifications made by the disclosure of the present invention should still be covered by the scope of the patent application. Therefore, the scope of protection of the present invention should be as set forth in the scope of the patent application.

Claims (15)

A system for establishing a virtual backup network includes: a virtual backup network operation and presentation module that receives a build request for the virtual backup network; and a network coordinator module Analyzing the configuration request to confirm whether the network device resource in the current equipment room is sufficient to establish the virtual backup network, and the network coordinator module generates a model for supplying the virtual backup network. a software network management module that reserves the resources required to establish the virtual backup network in the network device resource; and an IP dispatch module, according to the provisioning template and the reserved resource The IP address in the equipment room is set to be bound only to the virtual network card of a virtual machine in the equipment room to complete the virtual backup network. A method for establishing a virtual backup network includes the following steps: (1) receiving a configuration request for the virtual backup network; and (2) confirming whether the network device resources in the current equipment room are sufficient for establishing The virtual backup network; (3) generating a provisioning template related to the virtual backup network; (4) according to the provisioning template, reserving the virtual backup network in the network device resources The resource required for the road; and (5) according to the provisioning template and the reserved resource, the IP address in the equipment room is set to be bound only to the virtual network card of a virtual machine in the equipment room. Complete the establishment of the virtual backup network. The method of claim 2, further comprising setting the firewall rule of the virtual backup network to the virtual machine using the virtual backup network after completing the establishment of the virtual backup network. Only communicate with other virtual machines that use this virtual backup network. The method of claim 2, wherein the network device resources comprise at least one of the following: a heterogeneous SDN controller, a homogeneous SDN controller, an SDN virtual switch, an SDN entity switch, and an available IP. Address. The method of any one of claims 2 to 4, wherein the provisioning template describes a network ID, a network name, an IP network segment, and a gate required to construct the virtual backup network. At least one of the router IPs. The method of any one of claims 2 to 4, wherein the supplied template conforms to a supply template of the Open Stack Heat format or the TOSCA format. A system for building a virtual network card, comprising: a virtual machine network card operation and presentation module, receiving a request for establishing a virtual network card; and a network coordinator module based on the Establishing a request to generate a virtual network card installation template; a virtual basic resource management module, which supplies the virtual network card according to the virtual network card provisioning template; and an IP distribution module, Binding the MAC address of the virtual network card to an IP address in a virtual backup network. A method of constructing a virtual network card includes the following steps: (1) receiving a request for establishing a virtual network card; (2) generating a virtual network card installation template based on the configuration request; and (3) supplying the template according to the virtual network card; The virtual network card is installed; and (4) binding the MAC address of the virtual network card to an IP address in a virtual backup network. The method of claim 8, wherein the step (1) comprises providing a user interface for the user to input the request for the virtual network card at the user interface, and querying the current What are the virtual backup networks? The method of claim 8, wherein the step (2) comprises configuring a resource for the configuration request based on the configuration request to generate a virtual network card provisioning template describing the resource. . The method of claim 10, wherein the resource comprises one or more of the following: an identifier of the virtual backup network, a name of the virtual backup network, and a virtual network card. The MAC address. The method of claim 8, wherein the virtual network card supply model conforms to a supply template of the Open Stack Heat format or the TOSCA format. The method of any one of claims 8 to 12, after the step (4), further comprising the following steps: (5) analyzing relevant parameters of the configuration request to generate a virtual network card connection across the computer room. Supply model. The method of claim 13, wherein the related parameters include at least one of: a name of the virtual backup network, a physical network device identifier associated with the virtual backup network, The IP address bound to the virtual network card, the MAC address of the virtual network card, and the inter-machine connectivity requirement of the virtual network card. The method of claim 13, further comprising: using a software-defined network controller module to set the virtual network card to be connected across the computer room based on the cross-machine room virtual network card connection and installation template.