CN109213573A - The equipment blocking method and device of virtual desktop based on container - Google Patents
The equipment blocking method and device of virtual desktop based on container Download PDFInfo
- Publication number
- CN109213573A CN109213573A CN201811073054.5A CN201811073054A CN109213573A CN 109213573 A CN109213573 A CN 109213573A CN 201811073054 A CN201811073054 A CN 201811073054A CN 109213573 A CN109213573 A CN 109213573A
- Authority
- CN
- China
- Prior art keywords
- hardware resource
- container
- hardware
- resource
- pool
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
A kind of equipment blocking method of the virtual desktop based on container, comprising the following steps: for the hardware resource for being newly added to server, the Resource Properties of its at least one ability are identified for the hardware resource;Identified Resource Properties are utilized, the hardware resource is associated with a hardware resource pool in multiple hardware resource pools, so that each of hardware resource pool hardware resource is associated with one in multiple Resource Properties;Each of respectively multiple hardware resource pools hardware resource distributes the ID of a unique identification;By container engine, hardware resource in hardware resource pool is assigned to cell therefor and from cell therefor recycling hardware resource into hardware resource pool by the ID according to each hardware resource.Disclosed herein as well is a kind of corresponding equipment blocking devices for the virtual desktop based on container.
Description
Technical field
The present invention relates to field of computer technology more particularly to a kind of equipment blocking methods of the virtual desktop based on container
And device.
Background technique
Operating system virtualization distinguishes several users by simulating to true computer hardware equipment
Hardware resource is used by the way that the operating system after virtualization is shared, so as to high efficiency utilization of hardware resources.Simultaneously as
Operating system virtualizes so that each application program and its relevance are isolated, so that every user as grasped on a personal computer
Make independent operating system.
For example, the typical example as operating system virtualization, it is hard that virtual machine is normally operated in the bottoms such as server
On the host equipment of part, and by the hardware resources to more virtual machines such as virtual machine management program storage allocation and CPU.Cause
This, can dynamically be allocated according to the current each requested computer hardware resource of virtual machine.However, in order to each
Position user provides a complete independent application program running environment, and virtual machine needs while including complete virtual hardware storehouse
(including virtual network adapter, storage and CPU etc.).This means that its own also possesses complete operating system, and needle
To hardware resource abstract and be isolated, thus need by part by the shared resource that host equipment provides occupy for itself
Private resource and the overall performance for reducing host equipment.
On the contrary, another example as operating system virtualization, container is a kind of operating system virtualization of lightweight
Technology.Each container realizes the lightweight of itself by the system kernel on shared host equipment, and utilizes process access control
Respective user's space is isolated in the modes such as isolation technology and process group management control technique processed, so that more sleeve containes can be simultaneously
It is operated on same host equipment capablely.But in existing technical solution, due to sharing same set of system between multiple containers
System kernel allows to by the system by the related driver programs installation of hardware resource on the host device, thus easily
It is used for each container.Therefore, the isolation between container is simply by modes such as the conversion in path or access privilege control strategies
It realizes, it is veritably not mutually isolated, so that mutually isolated very weak between container.This to deposit between container
In apparent security breaches and biggish attack face.In extreme situations, the user with high permission even can be to system
Kernel issues system and calls, break through hardware resource that the isolation and arbitrarily calling between container is assigned in other containers (such as
It accesses the camera of other containers and is shot).
Summary of the invention
The purpose of the application is to solve the deficiencies in the prior art, provides a kind of equipment for the virtual desktop based on container
Partition method and device, by that can obtain and realize container itself using to the ID for identifying unique identification on each hardware resource
Lightweight simultaneously, the effect for avoiding the hardware resource between different vessels from maliciously being called.
To achieve the goals above, the following technical solution is employed by the application.
Firstly, the application proposes a kind of equipment blocking method for the virtual desktop based on container.The equipment blocking side
Method is suitable for the multiple containers being isolated from each other established in server.Wherein, each of multiple containers are respectively created one
A independent virtual desktop example, and be that corresponding container configures independent file pipe by the virtual desktop example of each container
Manage structure.Above equipment partition method the following steps are included:
S100) for the hardware resource for being newly added to server, its at least one ability is identified for the hardware resource
Resource Properties;
S200 identified Resource Properties) are utilized, by a hardware in the hardware resource and multiple hardware resource pools
Resource pool is associated, so that each of hardware resource pool hardware resource is associated with one in multiple Resource Properties;
S300) be respectively each of multiple hardware resource pools hardware resource distribute a unique identification ID;And
S400) by container engine, hardware resource in hardware resource pool is assigned to by the ID according to each hardware resource
Cell therefor and from cell therefor recycling hardware resource into hardware resource pool.
Further, in the above method of the application, step S400 further includes following sub-step:
S401 corresponding hardware resource) is assigned to cell therefor according to the ID of hardware resource;
S402) the hardware resource locked according to the ID of hardware resource to distribute, so that other containers be forbidden to access corresponding ID
Hardware resource;
S403) from container recycling hardware resource into hardware resource pool, and it is corresponding by being unlocked according to the ID of hardware resource
Hardware resource.
Alternatively, in the above method of the application, step S400) may include following sub-step:
S404 associated trigger event) is set for each hardware resource pool;
S405) hardware resource pool corresponding to the hardware resource of each container is distributed in confirmation, to be based on the hardware
The trigger event of resource pool monitors the correspondence hardware resource in each container;
S406) when detecting that trigger event occurs, corresponding hardware resource is recycled from container and is provided to corresponding hardware
In the pond of source.
Still further, the trigger event is the frequency of use of hardware resource lower than pre- in the above method of the application
If threshold value, wherein the threshold value is initialised when trigger event is arranged, and according to the average frequency of use of hardware resource
And/or the frequency of use upper limit is adaptively adjusted.
Alternatively, in the above method of the application, the trigger event be apply hardware resource application program into
Journey terminates.
Further, in the above method of the application, the application program run in a reservoir is by distributing to the container
The ID of hardware resource access the hardware resource.
Still further, the application program run in a reservoir is by distributing to the appearance in the above method of the application
It includes following sub-step that the ID of the hardware resource of device, which accesses the hardware resource:
S601 it) is recorded in from hardware resource pool distribution hardware resource to cell therefor, and by the ID of the hardware resource
In the hardware resource table of container;
S602 hardware resource table) is searched for, when there are applications when respective resources attribute, run in container in hardware resource table
Program accesses corresponding hardware resource according to the ID of hardware resource, otherwise by container engine to associated with the Resource Properties
Hardware resource pool application;
S603 it) when hardware resource is recovered to corresponding hardware resource pool from container, deletes corresponding in hardware resource table
ID。
Further, further comprising the steps of in the above method of the application: S500) according to preset frequency periodic detection
Each hardware resource pool, and will test the hardware resource being removed from corresponding hardware resource pool and corresponding container
It removes.
Secondly, the application also proposes a kind of equipment blocking device for the virtual desktop based on container.The equipment blocking
Device is suitable for the multiple containers being isolated from each other established in server.Wherein, each of multiple containers are respectively created
One independent virtual desktop example, and be that corresponding container configures independent file by the virtual desktop example of each container
Manage structure.Above equipment isolating device comprises the following modules: mark module, for for the hardware money for being newly added to server
Source identifies the Resource Properties of its at least one ability for the hardware resource;Relating module, for utilizing identified resource category
Property, the hardware resource is associated with a hardware resource pool in multiple hardware resource pools, so that every in hardware resource pool
One hardware resource is associated with one in multiple Resource Properties;Distribution module, in respectively multiple hardware resource pools
Each hardware resource distribute a unique identification ID;And management module, for passing through container engine, according to each
Hardware resource in hardware resource pool is assigned to cell therefor and recycles hardware resource from cell therefor by the ID of hardware resource
Into hardware resource pool.
Further, in the above-mentioned apparatus of the application, management module further includes following submodule: resource module is used for
Corresponding hardware resource is assigned to cell therefor by the ID according to hardware resource;Module is locked, for according to hardware resource
The hardware resource that ID locks to distribute, so that other containers be forbidden to access the hardware resource for corresponding to ID;Unlocked state, for calm
Device recycles hardware resource into hardware resource pool, and will unlock corresponding hardware resource according to the ID of hardware resource.
Alternatively, in the above-mentioned apparatus of the application, management module further includes following submodule: setup module is used for
For each hardware resource pool, associated trigger event is set;Monitoring module, for confirming the hardware money for distributing to each container
Hardware resource pool corresponding to source, so that the trigger event based on the hardware resource pool monitors the money of the correspondence hardware in each container
Source;Recycling module, for recycling corresponding hardware resource from container to corresponding hardware when detecting that trigger event occurs
In resource pool.
Still further, the trigger event is the frequency of use of hardware resource lower than pre- in the above-mentioned apparatus of the application
If threshold value, wherein the threshold value is initialised when trigger event is arranged, and according to the average frequency of use of hardware resource
And/or the frequency of use upper limit is adaptively adjusted.
Alternatively, in the above-mentioned apparatus of the application, the trigger event be apply hardware resource application program into
Journey terminates.
Further, in the above-mentioned apparatus of the application, the application program run in a reservoir is by distributing to the container
The ID of hardware resource access the hardware resource.
Still further, the application program run in a reservoir is by distributing to the appearance in the above-mentioned apparatus of the application
It includes following submodule: logging modle that the ID of the hardware resource of device, which accesses the hardware resource, for hard from hardware resource pool distribution
Part resource is recorded in the hardware resource table of container to cell therefor, and by the ID of the hardware resource;Search module, for searching
Rope hardware resource table, when, there are when respective resources attribute, the application program run in container is provided according to hardware in hardware resource table
The ID in source accesses corresponding hardware resource, otherwise passes through container engine to hardware resource pool associated with Resource Properties Shen
Please;Removing module, it is corresponding in hardware resource table for deleting when hardware resource is recovered to corresponding hardware resource pool from container
ID.
Further, further include with lower module in the above-mentioned apparatus of the application: remove module, for according to preset frequency
The each hardware resource pool of periodic detection, and will test the hardware resource that has been removed from corresponding hardware resource pool and correspondence
Container in remove.
Finally, the application also proposes a kind of computer readable storage medium, it is stored thereon with computer instruction.The computer
The multiple containers being isolated from each other for instructing performed method to be suitable for establishing in server.Wherein, each in multiple containers
It is a that an independent virtual desktop example is respectively created, and be the configuration of corresponding container by the virtual desktop example of each container
Independent document structure management.The step of following methods are realized when the instruction is executed by processor:
S100) for the hardware resource for being newly added to server, its at least one ability is identified for the hardware resource
Resource Properties;
S200 identified Resource Properties) are utilized, by a hardware in the hardware resource and multiple hardware resource pools
Resource pool is associated, so that each of hardware resource pool hardware resource is associated with one in multiple Resource Properties;
S300) be respectively each of multiple hardware resource pools hardware resource distribute a unique identification ID;And
S400) by container engine, hardware resource in hardware resource pool is assigned to by the ID according to each hardware resource
Cell therefor and from cell therefor recycling hardware resource into hardware resource pool.
Further, during the above-metioned instruction of the application is executed by processor, step S400 further includes following son
Step:
S401 corresponding hardware resource) is assigned to cell therefor according to the ID of hardware resource;
S402) the hardware resource locked according to the ID of hardware resource to distribute, so that other containers be forbidden to access corresponding ID
Hardware resource;
S403) from container recycling hardware resource into hardware resource pool, and it is corresponding by being unlocked according to the ID of hardware resource
Hardware resource.
Alternatively, during the above-metioned instruction of the application is executed by processor, step S400) it may include following son
Step:
S404 associated trigger event) is set for each hardware resource pool;
S405) hardware resource pool corresponding to the hardware resource of each container is distributed in confirmation, to be based on the hardware
The trigger event of resource pool monitors the correspondence hardware resource in each container;
S406) when detecting that trigger event occurs, corresponding hardware resource is recycled from container and is provided to corresponding hardware
In the pond of source.
Still further, the trigger event is hardware money during the above-metioned instruction of the application is executed by processor
The frequency of use in source is lower than preset threshold value, and wherein the threshold value is initialised when trigger event is arranged, and according to hardware
The average frequency of use and/or the frequency of use upper limit of resource are adaptively adjusted.
Alternatively, during the above-metioned instruction of the application is executed by processor, which is application hardware
The process of the application program of resource terminates.
Further, during the above-metioned instruction of the application is executed by processor, the application journey that runs in a reservoir
Sequence accesses the hardware resource by distributing to the ID of the hardware resource of the container.
Still further, during the above-metioned instruction of the application is executed by processor, the application that runs in a reservoir
Program includes following sub-step by distributing to the ID of the hardware resource of the container to access the hardware resource:
S601 it) is recorded in from hardware resource pool distribution hardware resource to cell therefor, and by the ID of the hardware resource
In the hardware resource table of container;
S602 hardware resource table) is searched for, when there are applications when respective resources attribute, run in container in hardware resource table
Program accesses corresponding hardware resource according to the ID of hardware resource, otherwise by container engine to associated with the Resource Properties
Hardware resource pool application;
S603 it) when hardware resource is recovered to corresponding hardware resource pool from container, deletes corresponding in hardware resource table
ID。
Further, further comprising the steps of during the above-metioned instruction of the application is executed by processor: S500) to press
According to the preset each hardware resource pool of frequency periodic detection, and it will test the hardware resource being removed and provided from corresponding hardware
It is removed in source pond and corresponding container.
The application's has the beneficial effect that by that can obtain using to the ID for identifying unique identification on each hardware resource
The lightweight for realizing container itself simultaneously, ensures the effect of the hardware resource safety between different vessels.
Detailed description of the invention
Fig. 1 show existing virtual machine and structure of container schematic diagram;
The configuration diagram of the virtual desktop in embodiment based on container is disclosed for this application shown in Fig. 2;
The Use Case Map of the virtual desktop in embodiment based on container is disclosed for this application shown in Fig. 3;
Fig. 4 show the flow chart of the equipment blocking method disclosed in the present application for the virtual desktop based on container;
Fig. 5 show the submethod flow chart that hardware resource is accessed in first embodiment disclosed in the present application;
Fig. 6 show the schematic diagram that hardware resource process is accessed in embodiment illustrated in fig. 5;
Fig. 7 show the submethod flow chart that hardware resource is accessed in second embodiment disclosed in the present application;
Fig. 8 show the schematic diagram that hardware resource process is accessed in 3rd embodiment disclosed in the present application;
Fig. 9 show the submethod flow chart that hardware resource is accessed in embodiment illustrated in fig. 8;
Figure 10 show the structure chart of the equipment blocking device disclosed in the present application for the virtual desktop based on container.
Specific embodiment
It is carried out below with reference to technical effect of the embodiment and attached drawing to the design of the application, specific structure and generation clear
Chu, complete description, to be completely understood by the purpose, scheme and effect of the application.It should be noted that the case where not conflicting
Under, the features in the embodiments and the embodiments of the present application can be combined with each other.The identical attached drawing mark used everywhere in attached drawing
Note indicates the same or similar part.
With reference to existing virtual machine shown in FIG. 1 and structure of container schematic diagram.Two typical cases as virtualization technology
Son, virtual machine and container include application program and run the application program necessary component (such as system binary system text
Part and library), and respectively by operating in the monitor of virtual machine on physical computer (Hypervisor) and container engine
(Docker Engine) application is located at the computer hardware resource of system bottom.For virtual machine and container, the single meter of bottom
Calculation machine hardware resource (such as server, storage equipment, central processing unit, the port I/O and network port etc.) is due to being virtualized
And multiple logical resources being shared can be served as.Meanwhile host operating system (Operation System, OS) can also
It provides and advanced optimizes for the interaction of above-mentioned monitor of virtual machine and container engine and underlying computer hardware resource.For example, main
Machine OS can support multiple spatially mutually isolated users to share the computer hardware resource of bottom by virtual machine or container.Its
Some examples of middle host OS can beWithHowever, as noted previously, virtual machine
Since its own operating system needs specially to occupy more resources and includes more processing expenses, set to reduce host
Standby overall performance.Although container realizes itself lightweight by sharing the kernel of host OS, it is between container and
It is not carried out real isolation, to leave security risk for user.
Therefore, in order to make full use of the lightweight advantage of container, and the degree of isolation between hoisting container, different appearances are avoided
Hardware resource between device is by error calls, and present applicant proposes a kind of equipment blocking sides for the virtual desktop based on container
Method.This method is suitable for the virtual desktop based on container as shown in Figure 2.In the virtual desktop based on container, server
Multiple containers being isolated from each other of interior foundation.Wherein, an independent virtual desktop is respectively created in each of multiple containers
Example, and be that corresponding container configures independent document structure management by the virtual desktop example of each container.In each appearance
The application program run in device is obtained from computer hardware resource pond by container engine by the hardware resource management device of host
Corresponding computer hardware resource.When issuing file operation requests to corresponding container, application program passes through virtual desktop reality
The file that example calls document structure management to be related to this document operation requests operates.For every user of container, it is based on
Virtual desktop example provided by container is just as an independent personal operating system, rather than just from host operating system
It marks off, the operation performing environment isolated as host operating system a part.Further, referring to Fig. 3 institute
The Use Case Map shown, local server are that each container configures corresponding system environments, personal document and void by container engine
The configuration file at quasi- interface, and virtual desktop example is formed using the DockerClient of container.For every user of container,
Container is just as an independent personal operating system, rather than just what is marked off from host operating system, as host
The operation performing environment that operating system is a part of and isolates.Further, needle can be further arranged in above-mentioned configuration file
To the differential file of the kernel of host OS, and personalized virtual opetrating system environment is formed on each container, and realization pair
The kernel of host OS redirects.In addition, for the application program in container, when operation necessary computer hardware resource all
It is by container engine application.Therefore, private resource must on the one hand be occupied for virtual machine itself relative to virtual machine
Operating system, the container more light weight in above-mentioned technical proposal, so as on the same server be more users
Create container;On the other hand, since application program needs to share the computer hardware resource of bottom by container engine, and work as
When it issues file operation requests, it is necessary to call the document structure management of container by virtual desktop example to grasp to the file
Make the file that request is related to be operated, to ensure that degree of isolation between container, improves the level of security of container.Into one
Step ground, the client of container can be set in strange land.As shown in figure 3, being provided between the client and local server of user
Interchange box is provided with embedded system on the interchange box to execute relevant image and generate and File Transfer Protocol, thus with
Corresponding pattern manipulation interface is formed on the end of family.
Specifically, referring to method flow diagram shown in Fig. 4, above equipment partition method includes the following steps:
S100) for the hardware resource for being newly added to server, its at least one ability is identified for the hardware resource
Resource Properties;
S200 identified Resource Properties) are utilized, by a hardware in the hardware resource and multiple hardware resource pools
Resource pool is associated, so that each of hardware resource pool hardware resource is associated with one in multiple Resource Properties;
S300) be respectively each of multiple hardware resource pools hardware resource distribute a unique identification ID;And
S400) by container engine, hardware resource in hardware resource pool is assigned to by the ID according to each hardware resource
Cell therefor and from cell therefor recycling hardware resource into hardware resource pool.
Wherein, Resource Properties can be is divided according to the function of hardware resource, such as but is not limited to use in calculating
Computing hardware resource pool (such as CPU and GPU), storage hardware resource pool (such as caching at different levels and nonvolatile for storage
Property storage medium) and for communication network hardware resources pond (such as bandwidth).At this point, for the application program in container,
Necessary hardware resource is all by container engine application when its operation.Container engine provides hardware according to the ID of hardware resource
Hardware resource in the pond of source is filtered, it is ensured that each hardware resource is distributed only to multiple share the hardware at any time
One (such as the printer or scanner shared in office by multiple users) in the container of resource, or any
Moment can be only assigned to a specified container (such as camera on personal notebook).In addition, those skilled in the art
It can be obtained by customary technical means in the art and identification hardware Resource Properties (such as are associated in embodiment illustrated in fig. 2
CPU in computing hardware resource pool, disk or the I/O being associated in network hardware resources pond in storage hardware resource pool are associated with
Port etc.), and marker appropriate is arranged to the ID of hardware resource, with distinguish hardware resource Resource Properties and above-mentioned two class
(can be shared by multiple containers or can only be designated what container was shared) hardware resource.The application couple and the ID of hardware resource are specifically marked
The information that knowledge mode and mark are included not limits.In addition, it will be understood by those skilled in the art that shown element in attached drawing
Number and shape only as illustrative reference, not as the limitation to the application.
Submethod flow chart referring to Figure 5, in one or more embodiments of the application, step S400) also wrap
Include following sub-step:
S401 corresponding hardware resource) is assigned to cell therefor according to the ID of hardware resource;
S402) the hardware resource locked according to the ID of hardware resource to distribute, so that other containers be forbidden to access corresponding ID
Hardware resource;
S403) from container recycling hardware resource into hardware resource pool, and it is corresponding by being unlocked according to the ID of hardware resource
Hardware resource.
At this point, referring to the schematic diagram of access hardware resource process shown in fig. 6, for the user of container, related hardware money
Source is comprised in its container as the personal computer of user is a part of.It can lead in the application program of container internal operation
It crosses container engine and accesses the hardware resource.However for the application program of other containers, since the hardware resource is locked,
So its can not the ID based on hardware resource to the container engine application hardware resource, to improve hardware resource between container
Safety.
Referring to submethod flow chart shown in Fig. 7, in one or more embodiments of the application, step S400 further includes
Following sub-step:
S404 associated trigger event) is set for each hardware resource pool;
S405) hardware resource pool corresponding to the hardware resource of each container is distributed in confirmation, to be based on the hardware
The trigger event of resource pool monitors the correspondence hardware resource in each container;
S406) when detecting that trigger event occurs, corresponding hardware resource is recycled from container and is provided to corresponding hardware
In the pond of source.Specifically, trigger event is to apply for that the process of the application program of hardware resource terminates, i.e., when the process knot of application program
Shu Shi recycles relevant hardware resource immediately.Alternatively, in order to avoid continually distributing/recycle brought by hardware resource
Overhead, the trigger event can be the frequency of use of hardware resource lower than preset threshold value.The frequency of use is for example still
It is not limited to data processor utilization rate, memory utilization rate, data space utilisation and network utilization.Correspondingly, threshold value is
There is the value of same units with the frequency of use.Wherein, which be initialised when trigger event is arranged, and according to hardware
The average frequency of use and/or the frequency of use upper limit of resource are adaptively adjusted.For example, working as the average frequency of use of hardware resource
When being the 80% of the frequency of use upper limit, present threshold value is raised 10%.Those skilled in the art can provide according to specific hardware
The initialization value and the adaptive adjustment rule of the threshold value is arranged in source, and the application not limits this.
Referring to the configuration diagram and access hardware resource mistake shown in Fig. 8 of the virtual desktop shown in Fig. 2 based on container
The schematic diagram of journey, in one or more embodiments of the application, the application program run in a reservoir is by distributing to the appearance
The ID of the hardware resource of device accesses the hardware resource.Specifically, maintenance has portion hard in the virtual desktop example of each container
Part resource table, the application program (such as in the application program A1 and application program A2 of 1 internal operation of container in Fig. 2) in container are logical
The hardware resource table is crossed to the corresponding hardware resource of container engine application.Further, referring to submethod process shown in Fig. 9
Figure, in the said one or multiple embodiments of the application, the application program run in a reservoir is by distributing to the container
It includes following sub-step that the ID of hardware resource, which accesses the hardware resource:
S601 it) is recorded in from hardware resource pool distribution hardware resource to cell therefor, and by the ID of the hardware resource
In the hardware resource table of container;
S602 hardware resource table) is searched for, when there are applications when respective resources attribute, run in container in hardware resource table
Program accesses corresponding hardware resource according to the ID of hardware resource, otherwise by container engine to associated with the Resource Properties
Hardware resource pool application;
S603 it) when hardware resource is recovered to corresponding hardware resource pool from container, deletes corresponding in hardware resource table
ID.In one or more embodiments of the application, above equipment partition method is further comprising the steps of with the hardware that timely updates
Actually available hardware resource in resource pool:
S500) according to the preset each hardware resource pool of frequency periodic detection, and it will test the hardware money being removed
Source is removed from corresponding hardware resource pool and corresponding container.
Similarly, those skilled in the art can be according to specific hardware resource initial frequencies value and the setting frequency values
Adaptive adjustment rule, the application to this not limit.
Correspondingly, function structure chart shown in 0 referring to Fig.1, it is disclosed herein for the virtual desktop based on container
Equipment blocking device comprises the following modules: mark module, for being provided for the hardware for the hardware resource for being newly added to server
Source identifies the Resource Properties of its at least one ability;Relating module, for utilizing identified Resource Properties, by the hardware resource
It is associated with a hardware resource pool in multiple hardware resource pools, so that each of hardware resource pool hardware resource and more
One in a Resource Properties is associated;Distribution module, for each of respectively multiple hardware resource pools hardware resource
Distribute the ID of a unique identification;And management module, for by container engine, the ID according to each hardware resource will be hard
Hardware resource is assigned to cell therefor and from cell therefor recycling hardware resource into hardware resource pool in part resource pool.This
When, for the application program in container, necessary hardware resource is all by container engine application when running.Container engine
The hardware resource in hardware resource pool is filtered according to the ID of hardware resource, it is ensured that each hardware resource at any time
One be distributed only in multiple containers for sharing the hardware resource (such as is shared in office by multiple users
Printer or scanner), or can be only assigned to (such as the camera shooting on personal notebook of a specified container at any time
Head).In addition, those skilled in the art can by customary technical means in the art obtain and identification hardware Resource Properties (such as
The CPU that is associated in embodiment illustrated in fig. 2 in computing hardware resource pool, disk or association in storage hardware resource pool are associated with
To the port I/O etc. in network hardware resources pond), and marker appropriate is arranged to the ID of hardware resource, to distinguish hardware money
Hardware resource (can be shared by multiple containers or can only be designated what container was shared) to the Resource Properties in source and above-mentioned two class.This Shen
Please the information that mode and mark are included is specifically identified to the ID with hardware resource not to limit.In addition, those skilled in the art
It will be appreciated that the number and shape of shown element are only as illustrative reference in attached drawing, not as the limitation to the application.
In one or more embodiments of the application, management module further includes following submodule: resource module, for according to
Corresponding hardware resource is assigned to cell therefor according to the ID of hardware resource;Module is locked, for the ID according to hardware resource
The hardware resource locked to distribute, so that other containers be forbidden to access the hardware resource for corresponding to ID;Unlocked state is used for from container
Hardware resource is recycled into hardware resource pool, and corresponding hardware resource will be unlocked according to the ID of hardware resource.At this point, referring to figure
The schematic diagram that hardware resource process is accessed shown in 6, for the user of container, individual calculus of the associated hardware resource such as user
Machine is a part of and is comprised in its container.The hardware can be accessed by container engine in the application program of container internal operation
Resource.However for the application program of other containers, since the hardware resource is locked, so it can not be provided based on hardware
The ID in source is to the container engine application hardware resource, to improve the safety of hardware resource between container.
In one or more embodiments of the application, management module further includes following submodule: setup module, for for
Associated trigger event is arranged in each hardware resource pool;Monitoring module, for confirming the hardware resource for distributing to each container
Corresponding hardware resource pool, so that the trigger event based on the hardware resource pool monitors the money of the correspondence hardware in each container
Source;Recycling module, for recycling corresponding hardware resource from container to corresponding hardware when detecting that trigger event occurs
In resource pool.Specifically, trigger event is to apply for that the process of the application program of hardware resource terminates, i.e., when the process of application program
At the end of, relevant hardware resource is recycled immediately.Alternatively, it is brought in order to avoid continually distributing/recycling hardware resource
Overhead, which can be the frequency of use of hardware resource lower than preset threshold value.The frequency of use for example but
It is not limited to data processor utilization rate, memory utilization rate, data space utilisation and network utilization.Correspondingly, threshold value
It is the value that there are same units with the frequency of use.Wherein, which be initialised when trigger event is arranged, and according to hard
The average frequency of use and/or the frequency of use upper limit of part resource are adaptively adjusted.For example, when the average of hardware resource uses frequency
When rate is the 80% of the frequency of use upper limit, present threshold value is raised 10%.Those skilled in the art can be according to specific hardware
The initialization value and the adaptive adjustment rule of the threshold value is arranged in resource, and the application not limits this.
Referring to the configuration diagram and access hardware resource mistake shown in Fig. 8 of the virtual desktop shown in Fig. 2 based on container
The schematic diagram of journey, in one or more embodiments of the application, the application program run in a reservoir is by distributing to the appearance
The ID of the hardware resource of device accesses the hardware resource.Specifically, maintenance has portion hard in the virtual desktop example of each container
Part resource table, the application program (such as in the application program A1 and application program A2 of 1 internal operation of container in Fig. 2) in container are logical
The hardware resource table is crossed to the corresponding hardware resource of container engine application.Further, the application program run in a reservoir is logical
It crosses and distributes to the ID of the hardware resource of the container to access the hardware resource include following submodule: logging modle, for from hardware
Resource pool distribution hardware resource is recorded in the hardware resource table of container to cell therefor, and by the ID of the hardware resource;It searches
Rope module, for searching for hardware resource table, when there are application journeys when respective resources attribute, run in container in hardware resource table
Sequence accesses corresponding hardware resource according to the ID of hardware resource, otherwise by container engine to associated with the Resource Properties hard
Part resource pool application;Removing module, for when hardware resource is recovered to corresponding hardware resource pool from container, deleting hardware money
Corresponding ID in the table of source, to realize the hardware resource table for dynamically maintaining and updating in each container.
In one or more embodiments of the application, above equipment isolating device further include with lower module and when update
Actually available hardware resource in hardware resource pool: remove module, for being provided according to each hardware of preset frequency periodic detection
Source pond, and will test the hardware resource being removed and removed from corresponding hardware resource pool and corresponding container.It is similar
Ground, those skilled in the art can be according to the adaptive adjustment of specific hardware resource initial frequencies value and the setting frequency values
Rule, the application not limit this.
It should be appreciated that embodiments herein can be by computer hardware, the combination of hardware and software or by depositing
The computer instruction in non-transitory computer-readable memory is stored up to be effected or carried out.Standard program can be used in this method
Technology-include realized in computer program configured with the non-transitory computer-readable storage media of computer program, wherein
Configured in this way storage medium make computer operated in a manner of specific and is predefined-according in a particular embodiment describing
Method and attached drawing.Each program can be realized with the programming language of level process or object-oriented with logical with computer system
Letter.However, if desired, the program can be realized with compilation or machine language.Under any circumstance, the language can be compiling or
The language of explanation.In addition, the program can be run on the specific integrated circuit of programming for this purpose.
Further, this method can be realized in being operably coupled to suitable any kind of computing platform, wrap
Include but be not limited to PC, mini-computer, main frame, work station, network or distributed computing environment, individual or integrated
Computer platform or communicated with charged particle tool or other imaging devices etc..The various aspects of the application can be to deposit
The machine readable code on non-transitory storage medium or equipment is stored up to realize no matter be moveable or be integrated to calculating
Platform, such as hard disk, optical reading and/or write-in storage medium, RAM, ROM, so that it can be read by programmable calculator, when
Storage medium or equipment can be used for configuration and operation computer to execute process described herein when being read by computer.This
Outside, machine readable code, or part thereof can be transmitted by wired or wireless network.When such media include combining microprocessor
Or when other data processors realization instruction or program of the step above, application as described herein includes that these and other are different
The non-transitory computer-readable storage media of type.When being programmed according to methods and techniques described herein, the application is also
Including computer itself.
Computer program can be applied to input data to execute function as described herein, to convert input data with life
At storing to the output data of nonvolatile memory.Output information can also be applied to one or more output equipments as shown
Device.In the application preferred embodiment, the data of conversion indicate physics and tangible object, including the object generated on display
Reason and the particular visual of physical objects are described.
Therefore, should be with descriptive sense rather than restrictive sense understands the specification and drawings.However, by apparent
It is:, can be to the application in the case where not departing from the broader spirit and scope of the application as described in claims
Make various modifications and change.
Other modifications are in spirit herein.Therefore, although disclosed technology may be allowed various modifications and substitution structure
It makes, but has shown that in the accompanying drawings and its some embodiments shown in being described in detail above.It will be appreciated, however, that not
It is intended to for the application to be confined to disclosed one or more concrete forms;On the contrary, its intention covers such as the appended claims
Defined in fall in all modifications, alternative constructions and equivalent in spirit and scope.
Claims (10)
1. a kind of equipment blocking method for the virtual desktop based on container, suitable for established in server it is multiple each other
An independent virtual desktop example is respectively created in the container of isolation, each of plurality of described container, and by every
The virtual desktop example of a container is that corresponding container configures independent document structure management, be the described method comprises the following steps:
S100) for the hardware resource for being newly added to server, the resource of its at least one ability is identified for the hardware resource
Attribute;
S200 identified Resource Properties) are utilized, by a hardware resource in the hardware resource and multiple hardware resource pools
Pond is associated, so that each of hardware resource pool hardware resource is associated with one in multiple Resource Properties;
S300) be respectively each of multiple hardware resource pools hardware resource distribute a unique identification ID;And
S400) by container engine, hardware resource in hardware resource pool is assigned to accordingly by the ID according to each hardware resource
Container and from cell therefor recycling hardware resource into hardware resource pool.
2. equipment blocking method according to claim 1, which is characterized in that step S400 further includes following sub-step:
S401 corresponding hardware resource) is assigned to cell therefor according to the ID of hardware resource;
S402) the hardware resource locked according to the ID of hardware resource to distribute, so that other containers be forbidden to access the hard of corresponding ID
Part resource;
S403) from container recycling hardware resource into hardware resource pool, and corresponding hardware will be unlocked according to the ID of hardware resource
Resource.
3. equipment blocking method according to claim 1, which is characterized in that step S400 further includes following sub-step:
S404 associated trigger event) is set for each hardware resource pool;
S405) hardware resource pool corresponding to the hardware resource of each container is distributed in confirmation, to be based on the hardware resource
The trigger event in pond monitors the correspondence hardware resource in each container;
S406) when detecting that trigger event occurs, corresponding hardware resource is recycled from container to corresponding hardware resource pool
In.
4. equipment blocking method according to claim 3, which is characterized in that the trigger event is the use of hardware resource
Frequency is lower than preset threshold value, wherein the threshold value is initialised when trigger event is arranged, and according to hardware resource
Average frequency of use and/or the frequency of use upper limit are adaptively adjusted.
5. equipment blocking method according to claim 3, which is characterized in that the trigger event is application hardware resource
The process of application program terminates.
6. equipment blocking method according to claim 1, which is characterized in that the application program run in a reservoir is by dividing
The ID of the hardware resource of the dispensing container accesses the hardware resource.
7. equipment blocking method according to claim 6, which is characterized in that the application program run in a reservoir is by dividing
It includes following sub-step that the ID of the hardware resource of the dispensing container, which accesses the hardware resource:
S601) container is recorded in from hardware resource pool distribution hardware resource to cell therefor, and by the ID of the hardware resource
Hardware resource table in;
S602 hardware resource table) is searched for, when there are application programs when respective resources attribute, run in container in hardware resource table
Corresponding hardware resource is accessed according to the ID of hardware resource, otherwise passes through container engine to hardware associated with the Resource Properties
Resource pool application;
S603) when hardware resource is recovered to corresponding hardware resource pool from container, corresponding ID in hardware resource table is deleted.
8. equipment blocking method according to claim 1, which is characterized in that further comprising the steps of:
S500) according to the preset each hardware resource pool of frequency periodic detection, and will test the hardware resource that has been removed from
It is removed in corresponding hardware resource pool and corresponding container.
9. a kind of equipment blocking device for the virtual desktop based on container, suitable for established in server it is multiple each other
An independent virtual desktop example is respectively created in the container of isolation, each of plurality of described container, and by every
The virtual desktop example of a container is that corresponding container configures independent document structure management, and described device comprises the following modules:
Mark module, for identifying its at least one energy for the hardware resource for the hardware resource for being newly added to server
The Resource Properties of power;
Relating module, for utilizing identified Resource Properties, by one in the hardware resource and multiple hardware resource pools
Hardware resource pool is associated, so that each of hardware resource pool hardware resource is related to one in multiple Resource Properties
Connection;
Distribution module, for being respectively the ID of each of multiple hardware resource pools hardware resource one unique identification of distribution;
And
Management module, for by container engine, the ID according to each hardware resource to divide hardware resource in hardware resource pool
It is fitted on cell therefor and from cell therefor recycling hardware resource into hardware resource pool.
10. a kind of computer readable storage medium, is stored thereon with computer instruction, method performed by the instruction is suitable for taking
An independent void is respectively created in the multiple containers being isolated from each other established in business device, each of plurality of described container
Quasi- desktop example, and be that corresponding container configures independent document structure management by the virtual desktop example of each container,
It is characterized in that realizing when the instruction is executed by processor such as the step of method described in any item of the claim 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811073054.5A CN109213573A (en) | 2018-09-14 | 2018-09-14 | The equipment blocking method and device of virtual desktop based on container |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811073054.5A CN109213573A (en) | 2018-09-14 | 2018-09-14 | The equipment blocking method and device of virtual desktop based on container |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109213573A true CN109213573A (en) | 2019-01-15 |
Family
ID=64984387
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811073054.5A Pending CN109213573A (en) | 2018-09-14 | 2018-09-14 | The equipment blocking method and device of virtual desktop based on container |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109213573A (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110120940A (en) * | 2019-04-12 | 2019-08-13 | 华中科技大学 | A kind of file system resource partition method towards Docker container |
| CN112527513A (en) * | 2021-02-09 | 2021-03-19 | 南京飞灵智能科技有限公司 | Method and system for dynamically distributing multiple GPUs |
| US11354148B2 (en) | 2019-02-22 | 2022-06-07 | Vmware, Inc. | Using service data plane for service control plane messaging |
| US11368387B2 (en) | 2020-04-06 | 2022-06-21 | Vmware, Inc. | Using router as service node through logical service plane |
| US11405431B2 (en) | 2015-04-03 | 2022-08-02 | Nicira, Inc. | Method, apparatus, and system for implementing a content switch |
| US11438267B2 (en) | 2013-05-09 | 2022-09-06 | Nicira, Inc. | Method and system for service switching using service tags |
| US11496606B2 (en) | 2014-09-30 | 2022-11-08 | Nicira, Inc. | Sticky service sessions in a datacenter |
| WO2022252510A1 (en) * | 2021-06-04 | 2022-12-08 | 深圳前海微众银行股份有限公司 | Resource management method, apparatus and device |
| US11595250B2 (en) | 2018-09-02 | 2023-02-28 | Vmware, Inc. | Service insertion at logical network gateway |
| US11611625B2 (en) * | 2020-12-15 | 2023-03-21 | Vmware, Inc. | Providing stateful services in a scalable manner for machines executing on host computers |
| WO2023045467A1 (en) * | 2021-09-26 | 2023-03-30 | 中兴通讯股份有限公司 | Container cpu resource scheduling and isolation method and apparatus, and storage medium and electronic device |
| US11659061B2 (en) | 2020-01-20 | 2023-05-23 | Vmware, Inc. | Method of adjusting service function chains to improve network performance |
| US11722367B2 (en) | 2014-09-30 | 2023-08-08 | Nicira, Inc. | Method and apparatus for providing a service with a plurality of service nodes |
| US11722559B2 (en) | 2019-10-30 | 2023-08-08 | Vmware, Inc. | Distributed service chain across multiple clouds |
| US11734043B2 (en) | 2020-12-15 | 2023-08-22 | Vmware, Inc. | Providing stateful services in a scalable manner for machines executing on host computers |
| US11750476B2 (en) | 2017-10-29 | 2023-09-05 | Nicira, Inc. | Service operation chaining |
| US11805036B2 (en) | 2018-03-27 | 2023-10-31 | Nicira, Inc. | Detecting failure of layer 2 service using broadcast messages |
| CN117369950A (en) * | 2023-12-04 | 2024-01-09 | 上海凯翔信息科技有限公司 | Configuration system of docker container |
| US12068961B2 (en) | 2014-09-30 | 2024-08-20 | Nicira, Inc. | Inline load balancing |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015109593A1 (en) * | 2014-01-27 | 2015-07-30 | 华为技术有限公司 | Virtualization method and apparatus, and computer device |
| CN105824688A (en) * | 2016-03-16 | 2016-08-03 | 合网络技术(北京)有限公司 | Method for solving start concurrence bottleneck of docker container |
| CN107045530A (en) * | 2017-01-20 | 2017-08-15 | 华中科技大学 | A kind of method that object storage system is embodied as to local file system |
| CN107423108A (en) * | 2017-04-25 | 2017-12-01 | 华中科技大学 | A kind of ARM container running environment construction methods based on Android device |
| CN107632879A (en) * | 2017-10-31 | 2018-01-26 | 中国人民解放军国防科技大学 | Cloud simulation platform |
| US20180067682A1 (en) * | 2016-09-02 | 2018-03-08 | International Business Machines Corporation | Allocation of Hardware Resources to a Logical Grouping of Software Applications |
| CN107844539A (en) * | 2017-10-19 | 2018-03-27 | 广州阿里巴巴文学信息技术有限公司 | Isolated data management method, device, system, computing device and storage medium |
-
2018
- 2018-09-14 CN CN201811073054.5A patent/CN109213573A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015109593A1 (en) * | 2014-01-27 | 2015-07-30 | 华为技术有限公司 | Virtualization method and apparatus, and computer device |
| CN105824688A (en) * | 2016-03-16 | 2016-08-03 | 合网络技术(北京)有限公司 | Method for solving start concurrence bottleneck of docker container |
| US20180067682A1 (en) * | 2016-09-02 | 2018-03-08 | International Business Machines Corporation | Allocation of Hardware Resources to a Logical Grouping of Software Applications |
| CN107045530A (en) * | 2017-01-20 | 2017-08-15 | 华中科技大学 | A kind of method that object storage system is embodied as to local file system |
| CN107423108A (en) * | 2017-04-25 | 2017-12-01 | 华中科技大学 | A kind of ARM container running environment construction methods based on Android device |
| CN107844539A (en) * | 2017-10-19 | 2018-03-27 | 广州阿里巴巴文学信息技术有限公司 | Isolated data management method, device, system, computing device and storage medium |
| CN107632879A (en) * | 2017-10-31 | 2018-01-26 | 中国人民解放军国防科技大学 | Cloud simulation platform |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11805056B2 (en) | 2013-05-09 | 2023-10-31 | Nicira, Inc. | Method and system for service switching using service tags |
| US11438267B2 (en) | 2013-05-09 | 2022-09-06 | Nicira, Inc. | Method and system for service switching using service tags |
| US11496606B2 (en) | 2014-09-30 | 2022-11-08 | Nicira, Inc. | Sticky service sessions in a datacenter |
| US12068961B2 (en) | 2014-09-30 | 2024-08-20 | Nicira, Inc. | Inline load balancing |
| US11722367B2 (en) | 2014-09-30 | 2023-08-08 | Nicira, Inc. | Method and apparatus for providing a service with a plurality of service nodes |
| US11405431B2 (en) | 2015-04-03 | 2022-08-02 | Nicira, Inc. | Method, apparatus, and system for implementing a content switch |
| US11750476B2 (en) | 2017-10-29 | 2023-09-05 | Nicira, Inc. | Service operation chaining |
| US11805036B2 (en) | 2018-03-27 | 2023-10-31 | Nicira, Inc. | Detecting failure of layer 2 service using broadcast messages |
| US11595250B2 (en) | 2018-09-02 | 2023-02-28 | Vmware, Inc. | Service insertion at logical network gateway |
| US11467861B2 (en) | 2019-02-22 | 2022-10-11 | Vmware, Inc. | Configuring distributed forwarding for performing service chain operations |
| US11397604B2 (en) | 2019-02-22 | 2022-07-26 | Vmware, Inc. | Service path selection in load balanced manner |
| US11354148B2 (en) | 2019-02-22 | 2022-06-07 | Vmware, Inc. | Using service data plane for service control plane messaging |
| US11604666B2 (en) | 2019-02-22 | 2023-03-14 | Vmware, Inc. | Service path generation in load balanced manner |
| US11609781B2 (en) | 2019-02-22 | 2023-03-21 | Vmware, Inc. | Providing services with guest VM mobility |
| CN110120940A (en) * | 2019-04-12 | 2019-08-13 | 华中科技大学 | A kind of file system resource partition method towards Docker container |
| US11586468B2 (en) | 2019-04-12 | 2023-02-21 | Huazhong University Of Science And Technology | Docker-container-oriented method for isolation of file system resources |
| US12132780B2 (en) | 2019-10-30 | 2024-10-29 | VMware LLC | Distributed service chain across multiple clouds |
| US11722559B2 (en) | 2019-10-30 | 2023-08-08 | Vmware, Inc. | Distributed service chain across multiple clouds |
| US11659061B2 (en) | 2020-01-20 | 2023-05-23 | Vmware, Inc. | Method of adjusting service function chains to improve network performance |
| US11438257B2 (en) | 2020-04-06 | 2022-09-06 | Vmware, Inc. | Generating forward and reverse direction connection-tracking records for service paths at a network edge |
| US11743172B2 (en) | 2020-04-06 | 2023-08-29 | Vmware, Inc. | Using multiple transport mechanisms to provide services at the edge of a network |
| US11792112B2 (en) | 2020-04-06 | 2023-10-17 | Vmware, Inc. | Using service planes to perform services at the edge of a network |
| US11528219B2 (en) | 2020-04-06 | 2022-12-13 | Vmware, Inc. | Using applied-to field to identify connection-tracking records for different interfaces |
| US11368387B2 (en) | 2020-04-06 | 2022-06-21 | Vmware, Inc. | Using router as service node through logical service plane |
| US11734043B2 (en) | 2020-12-15 | 2023-08-22 | Vmware, Inc. | Providing stateful services in a scalable manner for machines executing on host computers |
| US11611625B2 (en) * | 2020-12-15 | 2023-03-21 | Vmware, Inc. | Providing stateful services in a scalable manner for machines executing on host computers |
| CN112527513A (en) * | 2021-02-09 | 2021-03-19 | 南京飞灵智能科技有限公司 | Method and system for dynamically distributing multiple GPUs |
| WO2022252510A1 (en) * | 2021-06-04 | 2022-12-08 | 深圳前海微众银行股份有限公司 | Resource management method, apparatus and device |
| WO2023045467A1 (en) * | 2021-09-26 | 2023-03-30 | 中兴通讯股份有限公司 | Container cpu resource scheduling and isolation method and apparatus, and storage medium and electronic device |
| CN117369950A (en) * | 2023-12-04 | 2024-01-09 | 上海凯翔信息科技有限公司 | Configuration system of docker container |
| CN117369950B (en) * | 2023-12-04 | 2024-02-20 | 上海凯翔信息科技有限公司 | Configuration system of docker container |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109213573A (en) | The equipment blocking method and device of virtual desktop based on container | |
| CN109388454A (en) | Virtual desktop method and system based on container | |
| CN103853596B (en) | For the method and system for migrating virtual machine between working group | |
| CN105978704B (en) | System and method for creating new cloud resource instruction set architecture | |
| CN104067288B (en) | Storage encryption method | |
| CN105359088B (en) | Use the method for the virtual disk content optimization supply time of dynamic generation | |
| CN100454278C (en) | Control method for accessing computer system and I/0 ports | |
| US20130283267A1 (en) | Virtual machine construction | |
| CN109614238A (en) | A kind of recongnition of objects method, apparatus, system and readable storage medium storing program for executing | |
| CN102981907A (en) | System and method for virtual machine allocation | |
| US9436601B2 (en) | Categorizing memory pages based on page residences | |
| WO2016047814A1 (en) | Resource allocation method using cloud api key, and apparatus therefor | |
| CN104731658A (en) | Method and system for optimally provisioning and merging shared resources to maximize resource availability | |
| CN107370835A (en) | A kind of cloud computing center network architecture based on SDN and NFV technologies | |
| CN114418828B (en) | Video memory management method, device, equipment, storage medium and program product | |
| CN104350486A (en) | Method and apparatus for virtual machine interoperability | |
| CN105683928A (en) | Data caching policy in multiple tenant enterprise resource planning system | |
| CN103262035A (en) | Device discovery and topology reporting in a combined CPU/GPU architecture system | |
| WO2014208909A1 (en) | Simulation device and distribution simulation system | |
| CN103843384B (en) | Load balance based on geo-location | |
| CN105957170A (en) | Intelligent work attendance management method and system based on cloud computing | |
| CN109343974A (en) | The inter-process communication methods and device of virtual desktop based on container | |
| US20150089062A1 (en) | Methods and systems for dynamically specializing and re-purposing computer servers in an elastically scaling cloud computing infrastructure | |
| CN109324873A (en) | The equipment and storage medium for virtualizing method for managing security, running kernel-driven | |
| US11625273B1 (en) | Changing throughput capacity to sustain throughput for accessing individual items in a database |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190115 |
|
| RJ01 | Rejection of invention patent application after publication |