CN113296894B

CN113296894B - Method and device for planning internal active detection path of cloud network virtual private network

Info

Publication number: CN113296894B
Application number: CN202110619375.6A
Authority: CN
Inventors: 王之梁; 程鑫; 杨家海
Original assignee: Tsinghua University
Current assignee: Tsinghua University
Priority date: 2021-06-03
Filing date: 2021-06-03
Publication date: 2022-03-04
Anticipated expiration: 2041-06-03
Also published as: CN113296894A

Abstract

The application provides a method and a device for planning an internal active detection path of a cloud network virtual private network, wherein the specific implementation scheme is as follows: determining identification information of a plurality of physical machines and all virtual machines deployed on each physical machine in a cloud network virtual private network; taking each physical machine as a node, and generating a first detection path among a plurality of physical machines in a full interconnection mode according to identification information of all virtual machines deployed on each physical machine; acquiring a residual virtual machine set of each physical machine according to the identification information of all the virtual machines deployed on each physical machine and the identification information of the first virtual machine participating in the first detection path; and generating a second detection path between each second virtual machine and the virtual switch by using a redundant detection path generation algorithm according to the residual virtual machine set of each physical machine. The method and the device achieve the effect that the fault place in the network can be covered by using the detection paths as few as possible.

Description

Method and device for planning internal active detection path of cloud network virtual private network

Technical Field

The application relates to the technical field of computers, in particular to the field of cloud computing, and particularly relates to a method and a device for planning an internal active detection path of a virtual private network of a cloud network.

Background

Cloud networks are composed of a large number of virtual network resources (e.g., virtual routers, virtual switches, etc.) that are located on top of a physical infrastructure network. After applying network virtualization technology, a cloud data center (originally composed of hundreds of thousands of physical servers and thousands of physical switches and routers) may generate millions of Virtual Machines (VMs) and Virtual NICs (network interface controllers), and a large number of Virtual switches and routers.

A Virtual Private network (VPC) is a customized Private network created by a user, two-layer logic isolation is performed between different Private networks, and the user can create and manage Cloud product instances in the Private network created by the user, such as a Cloud server, load balancing, and the like. In order to be able to perform fault diagnosis on the VPC, active detection needs to be initiated inside the VPC to obtain connectivity between virtual machines and possible fault locations, etc. However, a VPC may contain a large number of virtual machines, and initiating active probing between each virtual machine consumes a large amount of resources, which may affect the use of the original network.

Disclosure of Invention

The application provides a method and a device for planning an internal active detection path of a cloud network virtual private network in order to cover a link with a fault in the network by using detection as less as possible.

According to a first aspect of the present application, a method for planning an active detection path inside a cloud network virtual private network is provided, which includes:

determining identification information of a plurality of physical machines and all virtual machines deployed on each physical machine in the cloud network virtual private network;

taking each physical machine as a node, and generating a first detection path among the multiple physical machines in a full interconnection mode according to the identification information of all virtual machines deployed on each physical machine;

acquiring a residual virtual machine set of each physical machine according to the identification information of all the virtual machines deployed on each physical machine and the identification information of the first virtual machine participating in the first detection path; the remaining virtual machine set of each physical machine refers to a set of second virtual machines which do not participate in the first detection path in each physical machine;

and generating a second detection path between each second virtual machine and the virtual switch by using a redundant detection path generation algorithm according to the residual virtual machine set of each physical machine.

The implementation manner of generating the first detection path among the multiple physical machines in a full interconnect manner according to the identification information of all the virtual machines deployed on each physical machine, with each physical machine serving as a node, may include:

taking each physical machine as a node, and obtaining links among the nodes in a full interconnection mode;

according to the identification information of all the virtual machines deployed on each physical machine and the links between the nodes, respectively selecting the identification information of one virtual machine from the identification information of all the virtual machines deployed on the two physical machines corresponding to the link between each node;

and taking the virtual machine corresponding to the identification information of one of the virtual machines as a source end of the current inter-node detection, and taking the virtual machine corresponding to the identification information of the other virtual machine as a destination end of the current inter-node detection, so as to generate the first detection path.

In some embodiments of the present application, generating a second probe path between each of the second virtual machines and a virtual switch using a redundant probe path generation algorithm according to the remaining set of virtual machines of each of the physical machines comprises:

judging whether a target residual virtual machine set meeting preset conditions exists in the residual virtual machine sets or not;

if the target residual virtual machine set exists, putting the target residual virtual machine set into a source queue, and putting other residual virtual machine sets into a destination queue; wherein the other remaining virtual machine sets refer to remaining virtual machine sets except the target remaining virtual machine set among the plurality of remaining virtual machine sets.

If the target residual virtual machine set does not exist, sequentially placing a plurality of residual virtual machine sets into queues with lower queue heights in a source queue and a target queue according to the descending order of the number of elements in each set;

rearranging the order of the elements in the queue with lower height in the source queue and the destination queue according to the height of the source queue and the destination queue;

and sequentially taking out one virtual machine from the source queue and the target queue respectively, and taking the taken out virtual machines as a detection source end and a detection target end respectively to generate a second detection path.

The determining whether a target remaining virtual machine set meeting a preset condition exists in the plurality of remaining virtual machine sets includes:

acquiring the number of elements of each set in the plurality of residual virtual machine sets;

adding the number of elements in each residual virtual machine set to obtain the total number of the residual virtual machines;

subtracting the element number of each residual virtual machine set from the total number of the residual virtual machines to obtain the number of other virtual machines corresponding to each residual virtual machine set;

comparing the element number of the current residual virtual machine set with the number of other virtual machines corresponding to the current residual virtual machine set;

and if the number of elements of the current residual virtual machine set is greater than the number of other virtual machines corresponding to the current residual virtual machine set, taking the current residual virtual machine set as a target residual virtual machine set.

In some embodiments of the present application, said rearranging the order of elements in a higher-level queue of the source queue and the destination queue according to the heights of the source queue and the destination queue includes:

comparing the queue heights of the source queue and the destination queue to obtain a queue with a smaller queue height;

and sequencing the elements in the queue with the smaller queue height in an alternating mode according to different physical machines.

Optionally, in this embodiment of the present application, before the sequentially taking out the identification information of one virtual machine from the source queue and the destination queue, and respectively taking the virtual machine corresponding to the identification information of the virtual machine as a source end and a destination end of detection, the method further includes:

judging whether the absolute value of the height difference between the source queue and the destination queue is less than or equal to 1;

and if the absolute value of the height difference is not less than or equal to 1, putting the top element of the queue with higher height in the source queue and the destination queue into the bottom of the queue with lower height.

According to a second aspect of the present application, there is provided a device for planning an active detection path in a virtual private network of a cloud network, including:

the determining module is used for determining identification information of a plurality of physical machines and all virtual machines deployed on each physical machine in the cloud network virtual private network;

a first generation module, configured to use each physical machine as a node, and generate a first detection path among the multiple physical machines in a full interconnection manner according to identification information of all virtual machines deployed on each physical machine;

an obtaining module, configured to obtain a remaining virtual machine set of each physical machine according to identification information of all virtual machines deployed on each physical machine and identification information of a first virtual machine participating in the first detection path; the remaining virtual machine set of each physical machine refers to a set of second virtual machines which do not participate in the first detection path in each physical machine;

and the second generation module is used for generating a second detection path between each second virtual machine and the virtual switch by using a redundant detection path generation algorithm according to the residual virtual machine set of each physical machine.

In some embodiments of the present application, the first generating module is specifically configured to:

In an embodiment of the present application, the second generating module is specifically configured to:

In some embodiments of the present application, the second generating module is further configured to:

Further, in some embodiments of the present application, the second generating module is further configured to:

Optionally, in some embodiments of the present application, the device for planning an active detection path in a cloud network virtual private network further includes:

a judging module, configured to take out identification information of one virtual machine from each of the source queue and the destination queue in sequence, and judge whether an absolute value of a queue height difference between the source queue and the destination queue is less than or equal to 1 before a virtual machine corresponding to the identification information of the virtual machine is used as a source end and a destination end of detection;

and the adjusting module is used for placing the top element of the queue with higher height in the source queue and the destination queue into the bottom of the queue with lower height when the absolute value of the height difference is not less than or equal to 1.

According to a third aspect of the present application, there is provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the computer program to implement the method according to the first aspect of the present application.

According to a fourth aspect of the present application, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of the first aspect of the present application.

According to the technical scheme of the embodiment of the application, the active detection path planning inside the cloud network virtual private network is divided into two stages, the detection paths among the physical machines are generated in a full-interconnection mode, and then the detection paths between the virtual machines and the virtual switch are generated according to the redundant detection path generation algorithm, so that the effect that the fault place in the network can be covered by using the detection paths as few as possible is achieved, resources are saved, and the use of the network cannot be influenced. In addition, the introduction of the residual virtual machine set enables all the virtual machines to participate in detection at least once, so that the network fault link can be covered comprehensively, and the efficiency of detecting, positioning and diagnosing the network fault is further improved.

Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.

Drawings

The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:

fig. 1 is a schematic diagram of an internal fault of a cloud network virtual private network according to an embodiment of the present application;

fig. 2 is a flowchart of a method for planning an active detection path in a cloud network virtual private network according to an embodiment of the present application;

fig. 3 is a schematic diagram illustrating a first detection path between multiple physical machines generated in a fully interconnected manner according to an embodiment of the present disclosure;

fig. 4 is a flowchart of generating a second detection path according to an embodiment of the present application;

fig. 5 is a flowchart illustrating a method for determining whether a target remaining virtual machine set meeting a preset condition exists according to an embodiment of the present disclosure;

fig. 6 is a schematic diagram of generating a second detection path according to an embodiment of the present application;

fig. 7 is a flowchart of another method for generating a second detection path according to an embodiment of the present disclosure;

fig. 8 is a schematic diagram of another embodiment of the present application for generating a second detection path;

fig. 9 is a block diagram of a structure of an active detection path planning apparatus in a cloud network virtual private network according to an embodiment of the present application;

fig. 10 is a block diagram of a structure of another device for planning an active detection path in a virtual private network of a cloud network according to an embodiment of the present application;

FIG. 11 is a block diagram of a computer device provided by an embodiment of the present application;

Detailed Description

Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary and intended to be used for explaining the present application and should not be construed as limiting the present application.

With the rise of Cloud computing, Public Cloud (Public Cloud), which generally refers to a Cloud that can be used by a third party Cloud provider for a user, has been rapidly popularized and developed as a Cloud computing model that provides convenient and secure data sharing services. A Virtual Private network (VPC) is an isolated network environment constructed based on public Cloud, and enterprise users can plan and manage the network environment as needed, for example, select their own IP address ranges, partition network segments, configure routing tables and gateways, etc.

Inside one VPC, due to the adoption of virtualization technology, a plurality of virtual machines are virtualized on each physical machine, and the virtual machines communicate with the outside through the same virtual switch (vSwitch). Therefore, in the communication process between the VM and the VM, as shown in fig. 1, there are two places where there is a possibility of failure, namely, a link between the VM and the vSwitch and a link between a PM (Physical Machine) and the PM. In order to diagnose the VPC failure, active probing needs to be initiated inside the VPC to find connectivity between links and possible failure locations, etc. Since a large number of virtual machines may be included in a VPC, initiating active probing between each virtual machine consumes a large amount of resources, and even affects the use of the original network.

Based on the above problems, the application provides a method and a device for planning an internal active detection path of a cloud network virtual private network, which are used for covering a place where a fault possibly occurs by using as few detections as possible, so that on one hand, the link coverage between physical machines is ensured, and on the other hand, the link coverage between a virtual machine and a virtual switch is ensured.

Fig. 2 is a flowchart of a method for planning an active detection path in a cloud network virtual private network according to an embodiment of the present application. It should be noted that the method for planning the internal active detection path of the cloud network virtual private network according to the embodiment of the present application may be applied to a device for planning the internal active detection path of the cloud network virtual private network according to the embodiment of the present application, and the device may be configured in a computer device. As shown in fig. 2, the method for planning the active detection path in the cloud network virtual private network includes the following steps:

step 201, determining identification information of a plurality of physical machines and all virtual machines deployed on each physical machine in a cloud network virtual private network.

The method for planning the internal active detection path of the cloud network virtual private network is applied to a scene that a certain virtual private network in the cloud network has connectivity problems. That is to say, when a cloud network user reports that a certain virtual private network has connectivity problems, an administrator uses the cloud network virtual private network internal active detection path planning method provided by the present application for the virtual private network to generate a detection path set that needs to be actively detected.

In order to plan the probe path, it is necessary to determine which physical machines exist in the current virtual private network and which virtual machines are deployed in each physical machine. In the embodiment of the application, which virtual machines are deployed in each physical machine is determined by identification information of the virtual machines. The identification information of the virtual machine may be an ID (Identity Document) of the virtual machine, or other information that can uniquely identify each virtual machine, which will be described in this embodiment as an example.

Step 202, taking each physical machine as a node, and generating a first detection path among the multiple physical machines in a full-interconnection manner according to the identification information of all the virtual machines deployed on each physical machine.

That is, each physical machine is taken as a node, and the link detection between the multiple physical machines is realized in a full interconnection mode, so that the detection path is ensured to cover all links between the multiple physical machines.

Each active detection is sent from one virtual machine to another virtual machine, so that when each physical machine node participates in the detection, one virtual machine needs to be selected from each physical machine as a source end or a destination end of the detection, and a first detection path among a plurality of physical machines is generated.

In this embodiment of the present application, fig. 3 is a schematic diagram of generating a first detection path among multiple physical machines in a fully interconnected manner, and as shown in fig. 3, a specific implementation manner of generating the first detection path may be: taking each physical machine as a node, and obtaining links among the nodes in a full interconnection mode; respectively selecting identification information of one virtual machine from the identification information of all virtual machines deployed on two physical machines corresponding to the link between each node according to the identification information of all virtual machines deployed on each physical machine and the links between the nodes; and taking the virtual machine corresponding to the identification information of one virtual machine as a source end of the current inter-node detection, and taking the virtual machine corresponding to the identification information of the other virtual machine as a destination end of the current inter-node detection, so as to generate the first detection path.

As shown in fig. 3, according to the identification information of all the virtual machines deployed on each physical machine and the links between the nodes, a specific implementation manner of respectively selecting the identification information of one virtual machine from the identification information of all the virtual machines deployed on the two physical machines corresponding to the link between each node may be as follows: sequencing the identification information of all the virtual machines deployed on each physical machine, for example, sequencing the identification information from small to large according to the IDs of the virtual machines; and aiming at the physical machines corresponding to the links among the nodes, sequentially selecting the physical machines according to the virtual machine ID sequence when the virtual machines are selected on each physical machine. Therefore, all virtual machines in each physical machine participate in detection as much as possible to find out more potential faults.

Step 203, acquiring a remaining virtual machine set of each physical machine according to the identification information of all the virtual machines deployed on each physical machine and the identification information of the first virtual machine participating in the first detection path.

It should be noted that the remaining virtual machine set of each physical machine refers to a set of second virtual machines not participating in the first probe path among each physical machine. The first virtual machine is a virtual machine participating in the first detection path, that is, a virtual machine already participating in active detection. The second virtual machine is a virtual machine which does not participate in the first detection path, namely, a virtual machine which does not participate in active detection.

That is, before planning a probe path of a link between a virtual machine and a virtual switch, it needs to be determined which virtual machines have participated in active probing and which virtual machines have not participated in active probing among all the virtual machines deployed on each physical machine, and then it will only need to plan a probe path for the virtual machines not participated in active probing, so that the planning of the probe path covers each virtual machine.

In this embodiment of the present application, an implementation manner of obtaining the remaining virtual machine set of each physical machine may be: comparing the identification information of all the virtual machines deployed on each physical machine with the identification information of the first virtual machine participating in the first detection path; finding out virtual machine identification information which is the same as the identification information of the first virtual machine of the first detection path in the identification information of all the virtual machines deployed on each physical machine; removing the same virtual machine identification information from the identification information of all the virtual machines deployed on each physical machine; and taking the virtual machines corresponding to the identification information of the rest virtual machines in each physical machine as the rest virtual machine set of each physical machine.

And step 204, generating a second detection path between each second virtual machine and the virtual switch by using a redundant detection path generation algorithm according to the remaining virtual machine set of each physical machine.

That is, next, for the remaining virtual machines not participating in active probing in each physical machine, a probing path between the virtual machine and the virtual switch is planned.

It should be noted that, in the present application, it is assumed that there is no connectivity problem between the virtual machines of the same physical machine, and therefore the source-end virtual machine and the destination-end virtual machine of the second probe path generated according to the redundant probe path generation algorithm cannot be in the same physical machine.

In an embodiment of the present application, a redundant probe path generation algorithm is used to generate a second probe path between each second virtual machine and the virtual switch. Wherein, the redundant detection path generation algorithm aims at: enabling all remaining virtual machines to participate in the detection at least once; the detection paths are reduced as much as possible; probes are made to span as different physical machines as possible to discover more potential faults.

According to the method for planning the internal active detection path of the cloud network virtual private network, the internal active detection path of the cloud network virtual private network is planned into two stages, the detection paths among the physical machines are generated in a full-interconnection mode, the detection paths between the virtual machines and the virtual switch are generated according to the redundant detection path generation algorithm, the effect that the fault place in the network can be covered by using the detection paths as few as possible is achieved, resources are saved, and the use of the network cannot be influenced. In addition, the introduction of the residual virtual machine set enables all the virtual machines to participate in detection at least once, so that the network fault link can be covered comprehensively, and the efficiency of detecting, positioning and diagnosing the network fault is further improved.

In order to implement the detailed description of the method for planning the active detection path inside the cloud network virtual private network provided by the present application, a further embodiment is provided next for a method for generating a second detection path between each second virtual machine and the virtual switch.

Fig. 4 is a flowchart of generating a second probe path between each second virtual machine and the virtual switch according to an embodiment of the present application. As shown in fig. 4, generating the second detection path includes the following steps:

step 401, determining whether a target remaining virtual machine set meeting a preset condition exists in the plurality of remaining virtual machine sets.

It can be understood that if the number of elements in a certain remaining virtual machine set is large, that is, the number of virtual machines not participating in active detection in virtual machines deployed by a certain physical machine is large, so that it is necessary to perform active detection for fault diagnosis on virtual machines in the remaining virtual machine set corresponding to all other physical machines, in order to reduce the amount of computation, special processing is required for planning a detection path between a second virtual machine in the remaining virtual machine set and a virtual switch, and therefore, before generating a second planned path, it is first necessary to determine whether a remaining virtual machine set of the type exists.

As an example, fig. 5 is a flowchart for determining whether there is a target remaining virtual machine set that meets a preset condition according to an embodiment of the present application. As shown in fig. 5, an implementation of this determination may include:

step 501, obtaining the number of elements of each set in a plurality of remaining virtual machine sets.

Step 502, adding the number of elements in each remaining virtual machine set to obtain the total number of the remaining virtual machines.

Step 503, subtracting the total number of the remaining virtual machines from the number of elements of each remaining virtual machine set, respectively, to obtain the number of other virtual machines corresponding to each remaining virtual machine set.

That is, the total number of the remaining virtual machines is subtracted from the number of elements of each remaining virtual machine set, so that each remaining virtual machine set obtains the number of other virtual machines, which is the number of virtual machines that have not participated in active detection except the virtual machines in its own remaining virtual machine set.

Step 504, comparing the number of elements of the current remaining virtual machine set with the number of other virtual machines corresponding to the current remaining virtual machine set.

And 505, if the number of elements of the current remaining virtual machine set is greater than the number of other virtual machines corresponding to the current remaining virtual machine set, taking the current remaining virtual machine set as a target remaining virtual machine set.

It can be understood that, if the number of elements in the current remaining virtual machine set is greater than the number of other virtual machines corresponding to the current remaining virtual machine set, that is, if the number of virtual machines in the current remaining virtual machine set is greater than the sum of the numbers of all the remaining virtual machines that have not participated in active detection, the virtual machines in the current remaining virtual machine set need to perform active detection with each of the remaining virtual machines that have not participated in active detection, so as to meet the purpose that each virtual machine participates in detection at least once. At this time, the set of remaining virtual machines is set as a target set of remaining virtual machines.

Step 402, if the target residual virtual machine set exists, putting the target residual virtual machine set into a source queue, and putting other residual virtual machine sets into a destination queue.

The other remaining virtual machine set refers to a remaining virtual machine set except for the target remaining virtual machine set in the plurality of remaining virtual machine sets. Since the virtual machine in the target remaining virtual machine set needs to actively detect with the virtual machine in each other remaining virtual machine set, the target remaining virtual machine set can be directly placed in the source queue, and the other remaining virtual machine sets are placed in the destination queue, so that the three targets of the redundant detection path generation algorithm can be met.

And step 403, if the target remaining virtual machine set does not exist, sequentially placing a plurality of remaining virtual machine sets into queues with lower queue heights in the source queue and the destination queue according to the descending order of the number of elements in each set.

Fig. 6 is a schematic diagram of generating a second detection path according to an embodiment of the present application. As shown in fig. 6, in the embodiment of the present application, a plurality of remaining virtual machine sets are arranged in a descending order according to the number of elements in each set, and the virtual machines in the corresponding remaining virtual machine sets are sequentially taken out according to the sorting and put into the queues with lower queue heights in the source queue and the destination queue, so as to reduce the queue height difference between the source queue and the destination queue, thereby reducing the number of detection paths as much as possible.

Step 404, rearranging the order of the elements in the lower-level queues of the source queue and the destination queue according to the heights of the source queue and the destination queue.

In order to avoid the situation that multiple detections are concentrated between a certain pair of physical machines when the detection paths generated by the virtual machines in the source queue and the destination queue are in one-to-one correspondence, as shown in fig. 6, in the embodiment of the present application, the order of the elements in the queues with lower heights in the source queue and the destination queue is rearranged, so that the detection paths span different physical machines as much as possible, thereby facilitating to discover more potential faults. In addition, the low-height queues are rearranged, so that the adjustment range can be reduced, the calculation amount required by rearrangement is reduced, and the path planning efficiency is improved.

As an example, the implementation of rearranging the order of elements in a lower-level queue in the source queue and the destination queue may be: comparing the queue heights of the source queue and the destination queue to obtain a queue with a smaller queue height; and sequencing the elements in the queue with the smaller queue height in an alternating mode according to different physical machines. The sorting according to the alternative manner of the different physical machines may be understood as alternately arranging the virtual machines of the different physical machines in the queue, so that the adjacent elements in the queue are not the virtual machines of the same physical machine as much as possible.

Step 405, sequentially taking out one virtual machine from the source queue and the destination queue, and generating a second detection path by taking each taken out virtual machine as a source end and a destination end of detection.

As shown in fig. 6, the virtual machines in the source queue and the destination queue are directly paired in sequence according to the sequence in the current queue, one of the paired virtual machines serves as a source end of detection, and the other serves as a destination end of detection, so as to implement a detection path of a link between each second virtual machine and the virtual switch. It should be noted that, if the heights of the source queue and the destination queue are not consistent, where the queues with higher heights are paired in sequence, an unpaired virtual machine may exist, and at this time, a virtual machine may be randomly selected from the queues with lower heights to be paired with the virtual machine.

According to the method for planning the active detection path in the cloud network virtual private network, whether a target residual virtual machine set exists in all residual virtual machine sets or not is judged, and the planning of the second detection path is executed according to the judgment result, so that the resource waste caused by unnecessary calculation during path division is reduced. In addition, all the remaining virtual machine sets are sequentially placed into queues with lower queue heights in the source queue and the destination queue according to the descending order of the number of elements in each set, so that the number of detection paths can be effectively reduced, and the consumption of resources is saved. In addition, the sequence of the elements in the lower-level queues in the source queue and the destination queue is rearranged, so that the detection can span different physical machines as much as possible, the situation that multiple detections are concentrated between a certain pair of physical machines is avoided, and more potential faults are found.

In order to further optimize path planning and minimize the number of detection paths, the present application provides another method for planning an active detection path in a cloud network virtual private network based on the above embodiments, and fig. 7 is a flowchart for generating a second detection path according to a redundant detection path generation algorithm in the method provided by the embodiments of the present application. As shown in fig. 7, an implementation of generating the second detection path according to the redundant detection path generation algorithm further includes:

step 705, determine whether the absolute value of the queue height difference between the source queue and the destination queue is less than or equal to 1.

It can be understood that, for the case that the target remaining virtual machine set does not exist in the remaining virtual machine set, the smaller the queue height difference between the source queue and the destination queue, the smaller the number of corresponding detection paths will be.

In this embodiment of the present application, in order to reduce the number of probe paths as much as possible, it is first required to determine whether a queue height difference between a source queue and a destination queue is already minimum, that is, whether an absolute value of the queue height difference between the source queue and the destination queue is less than or equal to 1. If the absolute value of the height difference between the two queues is less than or equal to 1, then the step 707 is executed directly without continuing optimization; if the absolute value of the height difference between the two queues is greater than 1, it indicates that the height difference between the current source queue and the current destination queue is not the minimum, and there is an optimized space, and step 706 needs to be performed to reduce the height difference of the queues.

In step 706, if the absolute value of the height difference is not less than or equal to 1, the top element of the higher queue in the source queue and the destination queue is placed at the bottom of the lower queue.

It is understood that, when the absolute value of the height difference between the source queue and the destination queue is not less than or equal to 1, the neck element of the higher queue of the original queue and the destination queue is placed at the bottom of the lower queue, so that the height of the higher queue is reduced by 1 and the height of the lower queue is increased by 1, thereby reducing the height difference. In addition, the neck elements of the queue with higher height are placed at the bottom of the queue with lower height, so that the situation that different virtual machines of the same physical machine perform detection is avoided, and the detection can span more physical machines.

In this embodiment of the present application, a specific implementation manner of placing the top element of the higher queue in the source queue and the destination queue into the bottom of the lower queue may be: comparing the heights of the source and destination queues, the top element of the higher-height queue is moved to the bottom of the lower-height queue, and then all elements of the lower queue are moved up by one element position. It should be noted that, if the absolute value of the height difference between the two queues is greater than 2, the two queues need to move many times to satisfy the condition of the minimum height difference, in this embodiment of the present application, after the step 706 is completed, the step 705 is continuously executed, and until the absolute value of the height difference between the two queues is less than or equal to 1, the step 707 is executed again.

To make the above implementation more intuitive, fig. 8 will be described as an example. As shown in fig. 8, the original number of probing paths is 8, the height difference between the two queues is 2, the number of probing paths obtained by moving the top element of the queue with the higher height to the bottom of the queue with the lower height and moving all the elements of the queue with the lower height one element bit upwards is reduced to 7, and the height difference between the two queues is reduced to 0.

And 707, sequentially fetching a virtual machine from the source queue and the destination queue, and generating a second detection path by using the fetched virtual machines as a source end and a destination end of detection.

It should be noted that, in the embodiment of the present application, the implementation manners of steps 701 to 704 in fig. 7 are consistent with the implementation manners of steps 401 to 404 in fig. 4, and the implementation manner of step 707 in fig. 7 is consistent with the implementation manner of step 405 in fig. 4, which is not described herein again.

According to the method for planning the active detection path in the cloud network virtual private network, before the second detection path is generated, the judgment of the height difference between the source queue and the destination queue is increased aiming at the condition that the target residual virtual machine set does not exist in the residual virtual machine set. And if the absolute value of the height difference is greater than 1, putting the top element of the queue with higher height in the source queue and the destination queue into the bottom of the queue with lower height, and generating a second detection path until the absolute value of the height difference of the two queues is less than or equal to 1. Through the adjustment of the queue height, the number of detection paths is further reduced, and meanwhile, the consumption of resources can be saved. In addition, the top element of the queue with higher height in the source queue and the destination queue is placed at the bottom of the queue with lower height, so that detection can further span different physical machines, more potential faults can be found, and the fault diagnosis efficiency of active detection is improved.

In order to implement the above embodiments, the present application provides a device for planning an active detection path in a virtual private network of a cloud network.

Fig. 9 is a block diagram of a structure of an active detection path planning apparatus in a cloud network virtual private network according to an embodiment of the present application. As shown in fig. 9, the apparatus includes:

a determining module 910, configured to determine identification information of a plurality of physical machines and all virtual machines deployed on each physical machine in a cloud network virtual private network;

a first generating module 920, configured to use each physical machine as a node, and generate a first detection path among multiple physical machines in a full interconnection manner according to identification information of all virtual machines deployed on each physical machine;

an obtaining module 930, configured to obtain a remaining virtual machine set of each physical machine according to the identification information of all the virtual machines deployed on each physical machine and the identification information of the first virtual machine participating in the first detection path; the remaining virtual machine set of each physical machine refers to a set of second virtual machines which do not participate in the first detection path in each physical machine;

a second generating module 940, configured to generate a second probe path between each second virtual machine and the virtual switch by using a redundant probe path generation algorithm according to the remaining virtual machine set of each physical machine.

In some embodiments of the present application, the first generating module 920 is specifically configured to:

respectively selecting identification information of one virtual machine from the identification information of all virtual machines deployed on two physical machines corresponding to the link between each node according to the identification information of all virtual machines deployed on each physical machine and the links between the nodes;

and taking the virtual machine corresponding to the identification information of one virtual machine as a source end of the current inter-node detection, and taking the virtual machine corresponding to the identification information of the other virtual machine as a destination end of the current inter-node detection, so as to generate a first detection path.

In this embodiment of the application, the second generating module 940 is specifically configured to:

judging whether a target residual virtual machine set meeting preset conditions exists in the residual virtual machine sets;

if the target residual virtual machine set exists, putting the target residual virtual machine set into a source queue, and putting other residual virtual machine sets into a target queue; the other remaining virtual machine set refers to a remaining virtual machine set except for the target remaining virtual machine set in the plurality of remaining virtual machine sets.

If the target residual virtual machine set does not exist, sequentially placing a plurality of residual virtual machine sets into queues with lower queue heights in the source queue and the target queue according to the descending order of the number of elements in each set;

rearranging the sequence of the elements in the queues with lower heights in the source queue and the destination queue according to the heights of the source queue and the destination queue;

and sequentially taking out one virtual machine from the source queue and the destination queue respectively, and taking the virtual machine taken out as a detection source end and a detection destination end respectively to generate a second detection path.

In some embodiments of the present application, the second generation module 940 is further configured to:

acquiring the number of elements of each set in a plurality of residual virtual machine sets;

and if the number of elements of the current residual virtual machine set is larger than the number of other virtual machines corresponding to the current residual virtual machine set, taking the current residual virtual machine set as a target residual virtual machine set.

Furthermore, in some embodiments of the present application, the second generating module 940 is further configured to:

According to the cloud network virtual private network internal active detection path planning device provided by the embodiment of the application, the cloud network virtual private network internal active detection path planning is divided into two stages, detection paths among a plurality of physical machines are generated in a full-interconnection mode, and then the detection paths between the virtual machines and the virtual switch are generated according to a redundant detection path generation algorithm, so that the effect that a fault place in a network can be covered by using as few detection paths as possible is achieved, resources are saved, and the use of the network cannot be influenced. In addition, the introduction of the residual virtual machine set enables all the virtual machines to participate in detection at least once, so that the network fault link can be covered comprehensively, and the efficiency of detecting, positioning and diagnosing the network fault is further improved.

In order to reduce the number of detection paths as much as possible, the application provides another active detection path planning device in a cloud network virtual private network.

Fig. 10 is a block diagram of a structure of another device for planning an active detection path in a cloud network virtual private network according to an embodiment of the present application. As shown in fig. 10, the apparatus further includes:

a determining module 1050, configured to sequentially take out identification information of one virtual machine from each of the source queue and the destination queue, and determine whether an absolute value of a queue height difference between the source queue and the destination queue is less than or equal to 1 before the virtual machine corresponding to the identification information of the virtual machine is used as the source end and the destination end of the detection;

the adjusting module 1060 is configured to, when the absolute value of the height difference is not less than or equal to 1, place the top element of the higher queue in the source queue and the destination queue into the bottom of the lower queue.

It should be noted that 1010-1040 in fig. 10 have the same functional structures as 910-940 in fig. 9, and the description thereof is omitted.

According to the device for planning the active detection path in the cloud network virtual private network, a judgment module and an adjustment module are added, and the judgment module and the adjustment module are used for judging the height difference between a source queue and a destination queue according to the condition that a target residual virtual machine set does not exist in the residual virtual machine set before a second detection path is generated. And if the absolute value of the height difference is greater than 1, putting the top element of the queue with higher height in the source queue and the destination queue into the bottom of the queue with lower height, and generating a second detection path until the absolute value of the height difference of the two queues is less than or equal to 1. Through the adjustment of the queue height, the number of detection paths is further reduced, and meanwhile, the consumption of resources can be saved. In addition, the top element of the queue with higher height in the source queue and the destination queue is placed at the bottom of the queue with lower height, so that detection can further span different physical machines, more potential faults can be found, and the fault diagnosis efficiency of active detection is improved.

It should be noted that, regarding the apparatus in the above embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated herein.

To implement the above embodiments, the present application also provides a computer device and a computer-readable storage medium.

Fig. 11 is a block diagram of a computer device for implementing active probe path planning inside a cloud network virtual private network according to an embodiment of the present application. Computer devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.

As shown in fig. 11, the computer apparatus includes: memory 1110, processor 1120, and computer programs 1130 stored on the memory and executable on the processor. The various components are interconnected using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions for execution within the electronic device, including instructions stored in or on the memory to display graphical information of a GUI on an external input/output apparatus (such as a display device coupled to the interface). In other embodiments, multiple processors and/or multiple buses may be used, along with multiple memories and multiple memories, as desired. Also, multiple electronic devices may be connected, with each device providing portions of the necessary operations (e.g., as a server array, a group of blade servers, or a multi-processor system).

Memory 1110 is a non-transitory computer readable storage medium as provided herein. The memory stores instructions executable by at least one processor to cause the at least one processor to execute the method for planning the active probing path inside the cloud network virtual private network provided by the application. A non-transitory computer readable storage medium of the present application stores computer instructions for causing a computer to perform the cloud network virtual private network internal active probe path planning method provided herein.

The memory 1110 is a non-transitory computer-readable storage medium, and can be used to store non-transitory software programs, non-transitory computer-executable programs, and modules, such as program instructions/modules corresponding to the method for planning a path for active probing inside a cloud network virtual private network in the embodiment of the present application (for example, the determining module 910, the first generating module 920, the obtaining module 930, and the second generating module 940 shown in fig. 9). The processor 1120 executes non-transitory software programs, instructions and modules stored in the memory 1120, so as to execute various functional applications and data processing of the server, that is, implement the method for planning active detection paths inside the cloud network virtual private network in the above method embodiment.

The memory 1110 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of a computer device used in the cloud network virtual private network internal active probe path planning method, and the like. Further, the memory 1110 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 1110 optionally includes memory remotely located from processor 1120, which may be connected over a network to an electronic device to implement a cloud network virtual private network internal active probe path planning method. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The computer device for the method for planning the active detection path in the cloud network virtual private network may further include: an input device 1140 and an output device 1150. The processor 1120, the memory 1110, the input device 1140 and the output device 1150 may be connected by a bus or other means, as exemplified by the bus connection in fig. 11.

The input device 1140 may receive input numeric or character information and generate key signal inputs related to user settings and function control of an electronic device to implement the active probe path planning method inside the cloud network virtual private network, such as an input device of a touch screen, a keypad, a mouse, a track pad, a touch pad, a pointing stick, one or more mouse buttons, a track ball, a joystick, etc. The output devices 1150 may include a display device, auxiliary lighting devices (e.g., LEDs), and tactile feedback devices (e.g., vibrating motors), among others. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device can be a touch screen.

In the description herein, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.

Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present application, "plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.

Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing steps of a custom logic function or process, and alternate implementations are included within the scope of the preferred embodiment of the present application in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present application.

The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.

It should be understood that portions of the present application may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. If implemented in hardware as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.

It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.

In addition, functional units in the embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.

The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc. Although embodiments of the present application have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present application, and that variations, modifications, substitutions and alterations may be made to the above embodiments by those of ordinary skill in the art within the scope of the present application.

Claims

1. A planning method for an active detection path in a cloud network virtual private network is characterized by comprising the following steps:

acquiring a residual virtual machine set of each physical machine according to identification information of all virtual machines deployed on each physical machine and identification information of a first virtual machine participating in the first detection path; the remaining virtual machine set of each physical machine refers to a set of second virtual machines which do not participate in the first detection path in each physical machine;

generating a second detection path between each second virtual machine and a virtual switch by using a redundant detection path generation algorithm according to the residual virtual machine set of each physical machine; wherein the generating a second probe path between each second virtual machine and a virtual switch using a redundant probe path generation algorithm according to the remaining set of virtual machines of each physical machine comprises:

judging whether a target residual virtual machine set meeting preset conditions exists in the residual virtual machine sets or not; the number of elements of the target residual virtual machine set is greater than the number of other virtual machines corresponding to the target residual virtual machine set, and the target residual virtual machine set meets the preset condition; the number of other virtual machines corresponding to the target remaining virtual machine set is the number of the remaining second virtual machines which do not participate in the first detection path except the second virtual machine in the target remaining virtual machine set;

if the target residual virtual machine set exists, putting the target residual virtual machine set into a source queue, and putting other residual virtual machine sets into a destination queue; wherein the other remaining virtual machine sets refer to remaining virtual machine sets except the target remaining virtual machine set in the plurality of remaining virtual machine sets;

2. The method according to claim 1, wherein taking each of the physical machines as a node, generating a first probe path among the plurality of physical machines in a fully-interconnected manner according to identification information of all virtual machines deployed on each of the physical machines, includes:

3. The method according to claim 1, wherein the determining whether a target remaining virtual machine set meeting a preset condition exists in the plurality of remaining virtual machine sets comprises:

4. The method of claim 1, wherein said rearranging the order of elements in a lower-level queue of the source queue and the destination queue according to the heights of the source queue and the destination queue comprises:

5. The method according to claim 1, wherein before the sequentially fetching identification information of one virtual machine from each of the source queue and the destination queue and respectively taking a virtual machine corresponding to the identification information of the virtual machine as a source end and a destination end of the probe, the method further comprises:

6. A planning device for an active detection path in a cloud network virtual private network is characterized by comprising:

a second generation module, configured to generate, according to a remaining virtual machine set of each physical machine, a second probe path between each second virtual machine and the virtual switch by using a redundant probe path generation algorithm; wherein the second generation module is specifically configured to:

7. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of active probe path planning within a cloud network virtual private network as claimed in any one of claims 1 to 5 when executing the computer program.

8. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the cloud network virtual private network internal active probe path planning method according to any one of claims 1 to 5.