CN115348239B - A registration method, device and system for edge cloud container platform - Google Patents
A registration method, device and system for edge cloud container platform Download PDFInfo
- Publication number
- CN115348239B CN115348239B CN202110521419.1A CN202110521419A CN115348239B CN 115348239 B CN115348239 B CN 115348239B CN 202110521419 A CN202110521419 A CN 202110521419A CN 115348239 B CN115348239 B CN 115348239B
- Authority
- CN
- China
- Prior art keywords
- platform
- edge cloud
- edge
- cloud
- central
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1073—Registration or de-registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0876—Aspects of the degree of configuration automation
- H04L41/0886—Fully automatic configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Multimedia (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
本发明提供一种边缘云容器平台的注册方法、装置以及系统,涉及通信技术领域,应用于边缘云容器平台的方法包括:接收中心云管理平台发送的认证指令;根据所述认证指令,与所述中心云管理平台建立网络隧道;通过所述网络隧道接收所述中心云管理平台发送的认证证书;根据所述认证证书与所述中心云管理平台进行安全访问认证连接;通过所述安全访问认证连接将边缘云容器平台注册到所述中心云管理平台。本发明的方案实现了边缘云容器平台的自动化部署,并主动实现业务、应用、运维等数据的协同。
The present invention provides a registration method, device and system for an edge cloud container platform, which relates to the field of communication technology. The method applied to the edge cloud container platform includes: receiving an authentication instruction sent by a central cloud management platform; establishing a network tunnel with the central cloud management platform according to the authentication instruction; receiving an authentication certificate sent by the central cloud management platform through the network tunnel; performing a secure access authentication connection with the central cloud management platform according to the authentication certificate; and registering the edge cloud container platform to the central cloud management platform through the secure access authentication connection. The solution of the present invention realizes the automated deployment of the edge cloud container platform and actively realizes the coordination of business, application, operation and maintenance data.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method, an apparatus, and a system for registering an edge cloud container platform.
Background
The edge calculation is a distributed open platform integrating network, calculation, storage and application core capabilities at the network edge side close to an object or data source, provides edge intelligent service nearby, and meets key requirements of industry digitization in aspects of agility connection, real-time service, data optimization, application intelligence, safety, privacy protection and the like. It can be used as a bridge connecting physical and digital worlds, enabling intelligent assets, intelligent gateways, intelligent systems and intelligent services.
The cloud computing and the edge computing are gradually fused, the edge computing extends the cloud to the edge side and cooperates with each other, and the edge computing and the cloud computing can better meet the matching of various requirement scenes only through close cooperation, so that the application value of the edge computing and the cloud computing is enlarged. Along with the gradual maturity of 5G technology, bian Yun cooperate and can better support video, image recognition processing or the realization of various new application scene business that requires harsh to network low-delay high bandwidth, such as autopilot, unmanned aerial vehicle, AR/VR, smart city etc..
The edge cloud also has a central cloud architecture, including ECIAAS (edge infrastructure layer), ECPAAS (edge platform layer), ECSAAS (edge application layer). The ECIAAS layer is used as an infrastructure to provide services such as computing resources, storage, networks and the like for the edge cloud, the ECPAAS layer is built on the ECIAAS layer to provide platform layer management services for the edge cloud, the ECSAAS layer is built on the ECPAAS layer to provide application layer business services for the edge cloud, the edge cloud also needs to interact with the center cloud, and the edge cloud can achieve the effect of edge cloud cooperation such as data, business, operation and maintenance through the center cloud management.
Currently, after the infrastructure is created, ECPAAS needs to be deployed manually or through scripts, and then, the edge cloud platform and the service are managed in a mode of central cloud configuration or edge cloud registration. There are also various problems in this way, such as complex deployment of the edge cloud platform, how the edge cloud platform and the central cloud management platform access safely, how the central cloud manages multiple edge cloud platforms, and so on.
The existing solutions have at least the following drawbacks:
And under the condition that the edge cloud has no public network access address, the center cloud management platform cannot be actively accessed.
Disclosure of Invention
The invention aims to provide a registration method, a device and a system for an edge cloud container platform. The problem that the central cloud management platform cannot be actively accessed under the condition that the edge cloud has no public network access address is solved.
In order to solve the technical problems, the technical scheme of the invention is as follows:
The invention provides a registration method of an edge cloud container platform, which is applied to an edge Yun Rongqi platform, and comprises the following steps:
receiving an authentication instruction sent by a central cloud management platform;
establishing a network tunnel with the central cloud management platform according to the authentication instruction;
Receiving an authentication certificate sent by the central cloud management platform through the network tunnel;
performing secure access authentication connection with the central cloud management platform according to the authentication certificate;
And registering an edge Yun Rongqi platform to the central cloud management platform through the secure access authentication connection.
Optionally, the authentication instruction includes at least one of:
the edge cloud runs information of an edge proxy gateway module;
establishing request information of a network tunnel;
the edge cloud accesses authentication information of the central cloud management platform.
Optionally, the authentication certificate is generated by at least one of an edge cloud container platform name, a unique identification, and an intranet access address.
Optionally, registering an edge Yun Rongqi platform with the central cloud management platform through the secure access authentication connection includes:
receiving a deployment component configuration instruction sent by the central cloud management platform;
performing component deployment according to the deployment component configuration instruction;
and automatically updating the component deployment information after the component deployment is completed to the central cloud management platform.
Optionally, the assembly comprises at least one of:
mirror warehouse, container cluster, log analysis, monitoring alarm, load balancing, security management, gray level management, flow control, domain name resolution, automatic configuration management and artificial intelligence AI operation environment.
Optionally, the registration method of the edge Yun Rongqi platform further includes:
establishing a message queue telemetry transmission MQTT data channel with the central cloud management platform;
and carrying out data transmission with the central cloud management platform through the MQTT data channel.
The invention also provides a registration method of the edge cloud container platform, which is applied to the central cloud management platform, and comprises the following steps:
Sending an authentication instruction to an edge Yun Rongqi platform;
establishing a network tunnel with the edge Yun Rongqi platform according to the authentication instruction;
Sending an authentication certificate to the edge cloud container platform through the network tunnel;
performing secure access authentication connection with the edge cloud container platform according to the authentication certificate;
Based on the secure access authentication connection, registration of the edge Yun Rongqi platform is completed.
Optionally, the authentication instruction includes at least one of:
the edge cloud runs information of an edge proxy gateway module;
establishing request information of a network tunnel;
the edge cloud accesses authentication information of the central cloud management platform.
Optionally, the authentication certificate is generated by at least one of an edge cloud container platform name, a unique identifier and an intranet access address created and configured by the central cloud management platform.
Optionally, based on the secure access authentication connection, completing the registration of the edge Yun Rongqi platform includes:
sending a deployment component configuration instruction to the edge Yun Rongqi platform;
and receiving component deployment information after the edge cloud container platform completes component deployment according to the deployment component configuration instruction. .
Optionally, the registration method of the edge Yun Rongqi platform further includes:
establishing a message queue telemetry transmission MQTT data channel with the edge Yun Rongqi platform;
And carrying out data transmission with the edge Yun Rongqi platform through the MQTT data channel.
The invention provides a registration device of an edge cloud container platform, which is applied to an edge Yun Rongqi platform and comprises the following components:
the system comprises a receiving and transmitting module, a network tunnel, a receiving and transmitting module and a transmitting module, wherein the receiving and transmitting module is used for receiving an authentication instruction sent by a central cloud management platform, establishing a network tunnel with the central cloud management platform according to the authentication instruction, and receiving an authentication certificate sent by the central cloud management platform through the network tunnel;
And the processing module is used for carrying out SSL access authentication connection with the central cloud management platform according to the authentication certificate, and registering the edge Yun Rongqi platform to the central cloud management platform through the SSL access authentication connection.
The invention also provides a registration device of the edge cloud container platform, which is applied to the central cloud management platform and comprises:
the receiving and transmitting module is used for sending an authentication instruction to the edge Yun Rongqi platform, establishing a network tunnel with the edge Yun Rongqi platform according to the authentication instruction, and sending an authentication certificate to the edge cloud container platform through the network tunnel;
And the processing module is used for carrying out secure access authentication connection with the edge cloud container platform according to the authentication certificate, and completing registration of the edge Yun Rongqi platform based on the secure access authentication connection.
The invention provides an edge cloud container platform deployment system, which comprises an edge Yun Rongqi platform and a central cloud management platform,
The edge cloud container platform receives an authentication instruction sent by a central cloud management platform;
The edge cloud container platform establishes a network tunnel with the central cloud management platform according to the authentication instruction;
the edge Yun Rongqi platform receives an authentication certificate sent by the central cloud management platform through the network tunnel;
The edge cloud container platform performs secure access authentication connection with the central cloud management platform according to the authentication certificate;
the edge Yun Rongqi platform registers an edge Yun Rongqi platform with the central cloud management platform over the secure access authentication connection.
Optionally, the edge Yun Rongqi platform registers an edge Yun Rongqi platform with the central cloud management platform through the secure access authentication connection, including:
The central cloud management platform sends a deployment component configuration instruction to an edge Yun Rongqi platform;
the edge cloud container platform performs component deployment according to the deployment component configuration instruction to obtain the construction deployment information;
The edge Yun Rongqi platform sends the build deployment information to the central cloud management platform.
Optionally, the edge cloud container platform is further configured to establish a message queue telemetry transmission MQTT data channel with the central cloud management platform;
And the edge cloud container platform transmits data to the central cloud management platform through the MQTT data channel.
The invention also provides a computer readable storage medium storing instructions that, when executed on a computer, cause the computer to perform a method as described above.
The scheme of the invention at least comprises the following beneficial effects:
the method comprises the steps of receiving an authentication instruction sent by a central cloud management platform, establishing a network tunnel with the central cloud management platform according to the authentication instruction, receiving an authentication certificate sent by the central cloud management platform through the network tunnel, performing secure access authentication connection with the central cloud management platform according to the authentication certificate, and registering an edge Yun Rongqi platform to the central cloud management platform through the secure access authentication connection. The edge cloud can access the central cloud management platform, so that automatic deployment of the edge Yun Rongqi platform is realized, and collaboration of data such as business, application, operation and maintenance is actively realized.
Drawings
FIG. 1 is a flow chart of a registration method of an edge Yun Rongqi platform according to an embodiment of the present invention;
FIG. 2 is a schematic flow diagram of edge cloud and center cloud collaboration data in an edge Yun Rongqi platform according to an embodiment of the present invention;
FIG. 3 is a flow chart of a registration method of an edge Yun Rongqi platform according to an embodiment of the present invention;
FIG. 4 is a schematic flow chart of a specific embodiment of the present invention;
FIG. 5 is a schematic diagram of a registration device of the edge Yun Rongqi platform according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of the edge Yun Rongqi platform deployment system of an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As shown in fig. 1, an embodiment of the present invention provides a registration method of an edge cloud container platform, applied to an edge Yun Rongqi platform, where the method includes:
step 11, receiving an authentication instruction sent by a central cloud management platform;
Step 12, establishing a network tunnel with the central cloud management platform according to the authentication instruction;
Step 13, receiving an authentication certificate sent by the central cloud management platform through the network tunnel;
Step 14, carrying out secure access authentication connection with the central cloud management platform according to the authentication certificate;
And 15, registering an edge Yun Rongqi platform to the central cloud management platform through the secure access authentication connection.
The registration method of the edge Yun Rongqi Platform is applied to the edge Yun Rongqi Platform, an edge Yun Rongqi Platform is built on an edge cloud container Platform with an infrastructure and automatically registered on a central cloud management Platform, and it is to be noted that the edge Yun Rongqi Platform is responsible for ECPAAS (Platform-as-a-Service for EdgeComputing) business and AI processing, and the edge Yun Rongqi Platform is provided with an edge cloud base environment, a terminal interaction component and a cloud interaction component.
The cloud end unified management system has the functions of cloud end unified management of the edge container platform, network establishment, two-way access authentication and automatic registration, the edge Yun Rongqi platform can be automatically added into the central cloud management platform, automatic deployment of the edge container cloud platform is realized, and cooperative interaction of the edge cloud container platform and the central cloud platform is achieved.
In an optional embodiment of the present invention, the authentication instruction in step 11 includes at least one of information that the edge cloud runs an edge proxy gateway module, information that the edge cloud needs to establish a network tunnel, and authentication information that the edge cloud accesses a central cloud management platform.
In this embodiment, the edge cloud container platform receives the authentication instruction sent by the central cloud management platform, executes the authentication instruction, runs the proxy gateway module, and establishes a network tunnel;
As shown in fig. 2, further describing the network tunnel, the edge Yun Rongqi platform provides a proxy gateway module, and the central cloud management platform provides an edge cloud collaboration gateway, which perform data interaction through the network tunnel. The edge cloud container platform accesses the service and data of the center cloud management platform through the edge cloud cooperative gateway module, and the edge cloud container platform and the center cloud management platform realize bidirectional authentication access through a bidirectional SSL (Secure Sockets Layer, secure socket protocol) authentication mode.
In an optional embodiment of the present invention, the authentication certificate in step 13 is generated by at least one of an edge cloud container platform name, a unique identifier, and an intranet access address created and configured by the central cloud management platform.
In this embodiment, the edge Yun Rongqi platform receives the authentication credentials through the network tunnel and then configures SSL access authentication through the credential information.
In an alternative embodiment of the present invention, step 15 includes:
step 151, receiving a deployment component configuration instruction sent by the central cloud management platform;
step 152, performing component deployment according to the deployment component configuration instruction;
and step 153, automatically updating the component deployment information after the component deployment is completed to the central cloud management platform.
The system comprises a mirror image warehouse, a container cluster, log analysis, monitoring and alarming, load balancing, safety management, gray level management, flow control, domain name analysis, automatic configuration management and artificial intelligent AI operation environment.
In this embodiment, after receiving the configuration command of deploying the component of the edge cloud container platform, the proxy gateway module of the edge Yun Rongqi platform deploys the component at the corresponding node of the plan, and after the component deployment is completed, the component deployment information is automatically updated to the central cloud management platform through the proxy gateway service, where step 152 is preferably implemented by using Ansible tools, and Ansible tools are an automated operation and maintenance tool developed based on the Python operating system.
In an alternative embodiment of the present invention, the registration method of the edge Yun Rongqi platform further includes:
step 16, establishing a message queue telemetry transmission MQTT data channel with the central cloud management platform;
and step 17, carrying out data transmission with the central cloud management platform through the MQTT data channel.
In this embodiment, the edge Yun Rongqi platform provides a proxy gateway module, the central cloud management platform provides an edge cloud collaboration gateway, the edge Yun Rongqi platform and the central cloud management platform perform data interaction through a network tunnel, and the edge Yun Rongqi platform can synchronize service data and transport data of the edge Yun Rongqi platform to the central cloud management platform through an MQTT (Message Queuing Telemetry Transport; message queue telemetry transport protocol) message queue mode after accessing the edge cloud collaboration gateway.
As shown in fig. 3, the present invention further provides a registration method of an edge cloud container platform, which is applied to a central cloud management platform, and the method includes:
step 31, sending an authentication instruction to an edge Yun Rongqi platform;
step 32, establishing a network tunnel with the edge Yun Rongqi platform according to the authentication instruction;
Step 33, sending an authentication certificate to the edge cloud container platform through the network tunnel;
Step 34, performing secure access authentication connection with the edge cloud container platform according to the authentication certificate;
and 35, finishing registration of the edge Yun Rongqi platform based on the secure access authentication connection.
The registration method of the edge Yun Rongqi platform is applied to a central cloud management platform, an edge Yun Rongqi platform is built on an edge cloud container platform with an infrastructure and automatically registered on the central cloud management platform, and the central cloud management platform is responsible for unified management of central cloud and edge cloud and has an edge cloud interaction function and a central cloud management platform system function component.
In an optional embodiment of the present invention, the authentication instruction in step 31 includes at least one of information of an edge cloud running edge proxy gateway module, request information for establishing a network tunnel, and authentication information of an edge cloud access center cloud management platform.
In the embodiment, an authentication instruction is generated by a central cloud management platform and sent to an edge Yun Rongqi platform, a network tunnel is established between the central cloud management platform and an edge container platform, as shown in fig. 2, the central cloud management platform and the edge Yun Rongqi platform automatically establish the network tunnel, the central cloud management platform provides an edge cloud collaboration gateway and performs data interaction with the edge Yun Rongqi platform through the network tunnel, and the central cloud management platform calls a proxy gateway module of the edge Yun Rongqi platform to access the edge cloud container platform, so that related data operations such as dispatching task issuing and access are realized.
In an optional embodiment of the present invention, the authentication certificate in step 33 is generated by at least one of an edge cloud container platform name, a unique identifier, and an intranet access address created and configured by the central cloud management platform.
In an alternative embodiment of the present invention, step 35 includes:
step 351, sending a deployment component configuration instruction to the edge Yun Rongqi platform;
And step 352, receiving component deployment information after the edge cloud container platform completes component deployment according to the deployment component configuration instruction.
In this embodiment, after the central cloud management platform and the proxy gateway module establish access connection, relevant deployment component configuration is performed on the central cloud management platform, then a deployment component configuration instruction is issued to the edge cloud container platform, and component deployment information after the edge Yun Rongqi platform component deployment is completed is received.
In an alternative embodiment of the present invention, the method for registering the edge Yun Rongqi platform may further include:
step 36, establishing an MQTT (message queue telemetry transport) data channel with the edge Yun Rongqi platform;
and step 37, carrying out data transmission with the edge Yun Rongqi platform through the MQTT data channel.
In this embodiment, as shown in fig. 2, after the proxy gateway module updates the configuration to the central cloud management platform, a data channel is established with the MQTT module of the Bian Yun collaboration gateway of the central cloud management platform, and related information such as services, operation and maintenance, applications and the like of the edge cloud collaboration gateway is pushed through the MQTT to realize data collaboration.
As shown in fig. 4, in a specific embodiment, the process of implementing the automated deployment of the edge cloud container platform is as follows:
the central cloud management platform newly builds an edge cloud, sets configuration and generates an authentication instruction;
Executing an authentication instruction generated on a central cloud management platform on an edge cloud container platform;
the edge cloud container platform runs the proxy gateway module by executing the authentication instruction;
The proxy gateway module registers the edge cloud container platform to the central cloud management platform, and the central cloud management platform configures SSL related authentication and realizes SSL bidirectional authentication with the proxy gateway module;
the central cloud management platform sets relevant deployment component configuration;
The central cloud management platform issues a deployment component configuration instruction, and the proxy gateway module receives the deployment component configuration instruction and starts to execute the deployment component configuration instruction;
After the edge Yun Rongqi platform components are deployed, automatically updating the component deployment information related to the central cloud management platform;
After receiving the component deployment information, the central cloud management platform establishes an MQTT mode data channel with the edge Yun Rongqi platform to cooperate with data services of the edge Yun Rongqi platform and the like;
And completing the automatic deployment of the edge cloud container platform and the central cloud management platform.
The automatic deployment system formed by the edge Yun Rongqi platform and the central cloud management platform has the capability of uniformly managing the edge container platform by the cloud, has functions of network establishment, bidirectional access authentication and automatic registration, realizes automatic deployment of the edge Yun Rongqi platform by configuration issuing of the central cloud platform and registration of updated data, actively realizes collaboration of data such as business, application and operation and maintenance, actively establishes a network tunnel by the edge cloud and the central cloud platform, solves the problem that the edge cloud cannot be actively accessed under the condition of no public network access address, and ensures data safety and reliability by actively generating and automatically configuring SSL bidirectional access and MQTT data channels.
As shown in fig. 5, the present invention provides a registration device 50 of an edge cloud container platform, applied to an edge Yun Rongqi platform, including:
The receiving and transmitting module 51 is used for receiving an authentication instruction sent by a central cloud management platform, establishing a network tunnel with the central cloud management platform according to the authentication instruction, and receiving an authentication certificate sent by the central cloud management platform through the network tunnel;
And the processing module 52 is used for carrying out SSL access authentication connection with the central cloud management platform according to the authentication certificate, and registering the edge Yun Rongqi platform to the central cloud management platform through the SSL access authentication connection.
Optionally, the authentication instruction includes at least one of:
the edge cloud runs information of an edge proxy gateway module;
establishing request information of a network tunnel;
the edge cloud accesses authentication information of the central cloud management platform.
Optionally, the authentication certificate is generated by at least one of an edge cloud container platform name, a unique identification, and an intranet access address.
Optionally, the processing module 52 is specifically configured to:
receiving a deployment component configuration instruction sent by the central cloud management platform;
performing component deployment according to the deployment component configuration instruction;
and automatically updating the component deployment information after the component deployment is completed to the central cloud management platform.
Optionally, the assembly comprises at least one of:
mirror warehouse, container cluster, log analysis, monitoring alarm, load balancing, security management, gray level management, flow control, domain name resolution, automatic configuration management and artificial intelligence AI operation environment.
Optionally, the registration device 30 of the edge Yun Rongqi platform further includes:
the first processing module 53 is configured to establish a message queue telemetry transmission MQTT data channel with the central cloud management platform;
And the second transceiver module 54 is configured to perform data transmission with the central cloud management platform through the MQTT data channel.
It should be noted that, the device is a device corresponding to the above method, and all implementation manners in the above method embodiments are applicable to the embodiment of the device, so that the same technical effects can be achieved.
The embodiment of the invention also provides a registration device of the edge cloud container platform, which is applied to the central cloud management platform and comprises the following components:
the receiving and transmitting module is used for sending an authentication instruction to the edge Yun Rongqi platform, establishing a network tunnel with the edge Yun Rongqi platform according to the authentication instruction, and sending an authentication certificate to the edge cloud container platform through the network tunnel;
And the processing module is used for carrying out secure access authentication connection with the edge cloud container platform according to the authentication certificate, and completing registration of the edge Yun Rongqi platform based on the secure access authentication connection.
Optionally, the authentication instruction includes at least one of:
the edge cloud runs information of an edge proxy gateway module;
establishing request information of a network tunnel;
the edge cloud accesses authentication information of the central cloud management platform.
Optionally, the authentication certificate is generated by at least one of an edge cloud container platform name, a unique identifier and an intranet access address created and configured by the central cloud management platform.
Optionally, the processing module is specifically configured to send a deployment component configuration instruction to the edge Yun Rongqi platform;
And receiving component deployment information after the edge cloud container platform completes component deployment according to the deployment component configuration instruction.
Optionally, the processing module is further configured to establish a message queue telemetry transmission MQTT data channel with the edge Yun Rongqi platform;
The transceiver module is further configured to perform data transmission with the edge Yun Rongqi platform through the MQTT data channel.
It should be noted that, the device is a device corresponding to the above method, and all implementation manners in the above method embodiments are applicable to the embodiment of the device, so that the same technical effects can be achieved.
As shown in fig. 6, embodiments of the present invention also provide an edge cloud container platform deployment system, comprising an edge Yun Rongqi platform and a central cloud management platform,
The edge cloud container platform receives an authentication instruction sent by a central cloud management platform;
The edge cloud container platform establishes a network tunnel with the central cloud management platform according to the authentication instruction;
the edge Yun Rongqi platform receives an authentication certificate sent by the central cloud management platform through the network tunnel;
The edge cloud container platform performs secure access authentication connection with the central cloud management platform according to the authentication certificate;
the edge Yun Rongqi platform registers an edge Yun Rongqi platform with the central cloud management platform over the secure access authentication connection.
Optionally, the edge Yun Rongqi platform registers an edge Yun Rongqi platform with the central cloud management platform through the secure access authentication connection, including:
The central cloud management platform sends a deployment component configuration instruction to an edge Yun Rongqi platform;
the edge cloud container platform performs component deployment according to the deployment component configuration instruction to obtain the construction deployment information;
The edge Yun Rongqi platform sends the build deployment information to the central cloud management platform.
Optionally, the edge cloud container platform is further configured to establish a message queue telemetry transmission MQTT data channel with the central cloud management platform;
And the edge cloud container platform transmits data to the central cloud management platform through the MQTT data channel.
In the embodiment of the invention, the whole automatic deployment process of the edge Yun Rongqi platform has the characteristic of edge cloud cooperation, can realize automatic deployment of central cloud configuration, edge cloud registration and the like and realize data cooperation of edge cloud service and the like, the edge cloud generates execution commands through a central cloud management platform, operates an edge proxy gateway and establishes a network tunnel in a command execution mode to realize network intercommunication from an edge data center to the central cloud, and the edge container cloud platform and the central cloud platform automatically generate private authentication certificates and establish SSL bidirectional authentication and MQTT authentication channels to ensure data security and stability of large data volume.
It should be noted that, the system is a system corresponding to the above method, and all implementation manners in the above method embodiments are applicable to the system embodiment, so that the same technical effects can be achieved.
Embodiments of the present invention also provide a computer-readable storage medium storing instructions that, when executed on a computer, cause the computer to perform a method as described above. All the implementation manners in the method embodiment are applicable to the embodiment, and the same technical effect can be achieved.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. The storage medium includes various media capable of storing program codes such as a U disk, a mobile hard disk, a ROM, a RAM, a magnetic disk or an optical disk.
Furthermore, it should be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. Also, the steps of performing the series of processes described above may naturally be performed in chronological order in the order of description, but are not necessarily performed in chronological order, and some steps may be performed in parallel or independently of each other. It will be appreciated by those of ordinary skill in the art that all or any of the steps or components of the methods and apparatus of the present invention may be implemented in hardware, firmware, software, or a combination thereof in any computing device (including processors, storage media, etc.) or network of computing devices, as would be apparent to one of ordinary skill in the art after reading this description of the invention.
The object of the invention can thus also be achieved by running a program or a set of programs on any computing device. The computing device may be a well-known general purpose device. The object of the invention can thus also be achieved by merely providing a program product containing program code for implementing said method or apparatus. That is, such a program product also constitutes the present invention, and a storage medium storing such a program product also constitutes the present invention. It is apparent that the storage medium may be any known storage medium or any storage medium developed in the future. It should also be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. The steps of executing the series of processes may naturally be executed in chronological order in the order described, but are not necessarily executed in chronological order. Some steps may be performed in parallel or independently of each other.
While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that various modifications and adaptations can be made without departing from the principles of the present invention, and such modifications and adaptations are intended to be comprehended within the scope of the present invention.
Claims (6)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110521419.1A CN115348239B (en) | 2021-05-13 | 2021-05-13 | A registration method, device and system for edge cloud container platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110521419.1A CN115348239B (en) | 2021-05-13 | 2021-05-13 | A registration method, device and system for edge cloud container platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115348239A CN115348239A (en) | 2022-11-15 |
| CN115348239B true CN115348239B (en) | 2025-04-29 |
Family
ID=83977735
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110521419.1A Active CN115348239B (en) | 2021-05-13 | 2021-05-13 | A registration method, device and system for edge cloud container platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115348239B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116633655A (en) * | 2023-06-09 | 2023-08-22 | 京东科技信息技术有限公司 | Method and device for establishing edge cloud tunnel |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110995777A (en) * | 2019-10-24 | 2020-04-10 | 华为技术有限公司 | A business management method and device |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9866637B2 (en) * | 2016-01-11 | 2018-01-09 | Equinix, Inc. | Distributed edge processing of internet of things device data in co-location facilities |
| CN110022371A (en) * | 2019-04-16 | 2019-07-16 | 山东超越数控电子股份有限公司 | One kind managing platform and its working method towards the cloud security of " side Yun Xietong " Yun Zhongxin |
| WO2021045661A1 (en) * | 2019-09-04 | 2021-03-11 | Telefonaktiebolaget Lm Ericsson (Publ) | Edge cloud anchoring |
| CN110798338B (en) * | 2019-09-30 | 2022-08-02 | 烽火通信科技股份有限公司 | Edge cloud deployment method and device |
| CN110719292B (en) * | 2019-10-17 | 2021-11-19 | 中国联合网络通信集团有限公司 | Connection authentication method and system for edge computing equipment and central cloud platform |
| CN110855666B (en) * | 2019-11-14 | 2022-07-12 | 光通天下网络科技股份有限公司 | Gateway equipment activation method, device, equipment and medium based on end cloud cooperation |
| CN111491009B (en) * | 2020-03-26 | 2025-03-28 | 腾讯科技(深圳)有限公司 | Business collaborative processing method and related equipment |
| CN111901173A (en) * | 2020-07-30 | 2020-11-06 | 山东超越数控电子股份有限公司 | Cloud edge cooperative system construction method, device, equipment and readable medium |
| CN112367237B (en) * | 2020-09-29 | 2022-10-21 | 新华三技术有限公司 | Message forwarding method and system |
| CN112383416B (en) * | 2020-11-02 | 2023-05-02 | 之江实验室 | Intelligent edge equipment control platform based on KubeEdge and EdgeX foundation |
-
2021
- 2021-05-13 CN CN202110521419.1A patent/CN115348239B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110995777A (en) * | 2019-10-24 | 2020-04-10 | 华为技术有限公司 | A business management method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115348239A (en) | 2022-11-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Verba et al. | Platform as a service gateway for the Fog of Things | |
| CN107193669A (en) | The system and design method of maintenance interface based on mixed cloud or large-scale cluster | |
| CN108886477A (en) | A kind of equipment configuration method, device, customer terminal equipment and cloud server | |
| CN110035109A (en) | System for dynamically distributing service between controller in the car | |
| US11483178B2 (en) | Customer activation on edge computing environment | |
| US11349709B2 (en) | System and method for onboarding IOT devices | |
| CN111193602A (en) | Automatic operation and maintenance management system and method | |
| CN106933598A (en) | Realize the method and system of the automatic management of template file | |
| CN110266815B (en) | Micro service network system based on block chain | |
| CN111083187A (en) | Industrial application service processing method and system | |
| CN101227470A (en) | System and method of business management | |
| CN115348239B (en) | A registration method, device and system for edge cloud container platform | |
| CN114979133A (en) | Deployment method and device of converged communication cloud platform | |
| CN110290214A (en) | A kind of transmitting data file method and system | |
| CN112468316A (en) | Edge computing gateway device and implementation method thereof | |
| CN114710311B (en) | Multi-project message management method and system | |
| US20210120088A1 (en) | Automatic on-boarding agent for iot edge routers in connected vehicles | |
| CN103001962A (en) | Business support method and system | |
| CN115150374A (en) | Computing network-oriented ubiquitous computing power nano-tube method and device and electronic equipment | |
| CN113315654A (en) | Network automatic configuration system | |
| CN114884771B (en) | Identity network construction method, device and system based on zero trust concept | |
| WO2023122684A1 (en) | Blockchain manager system | |
| CN103746887A (en) | Method for activating locomotive access network | |
| CN112350982B (en) | Resource authentication method and device | |
| EP4017047A1 (en) | Method and device for setting state of bundle after transfer of bundle between apparatuses |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |