Cloud computing technology is a technological revolution in the IT industry and has become the future direction of the IT industry. Whether it is a public cloud that opens a cloud service to the public based on an open network environment, or a private cloud that provides services to internal users of the enterprise, it is necessary to build a data center of different scales as an infrastructure support for providing cloud services. Virtualization technology has become a key technology for building cloud computing data centers.
Resource pooling is achieved through virtualization of different levels of computing resources, storage resources, and network communication resources, enabling cloud computing to implement platformized services (IaaS) at the infrastructure level, such as Amazon EC2, IBM BlueCloud, Cisco UCS, and other typical IaaS products.
Users using cloud computing data center services need to complete access based on devices such as thin clients and mobile cloud terminals, access their virtualized computing resources, and further use various cloud computing services.
The cloud computing data center can provide different services for different user groups. Users between the user groups and user groups have no clear physical boundaries between each other, but the necessary security isolation based on virtualization technology. Whether there is sufficient security, whether user data has sufficient privacy protection and access control, these virtualization security issues have become the key to whether cloud computing can achieve widespread application breakthroughs.
How to make all types of users in the cloud use the network as safely as possible, how to let users seamlessly access and use cloud computing services, how to improve the flexibility and scalability of data center network construction through virtualized network technology Good network security issues have become a problem that must be solved to build a cloud computing data center using virtualization technology. Currently, mainstream vendors have network security technologies such as VLAN security zoneization and firewall virtualization to protect virtualized networks used in cloud computing data centers, but still fail to solve the trustworthiness of user access and the confidentiality of data interaction. Control and other issues.
Based on the typical architecture and access application mode of cloud computing data center based on virtualized network, this paper analyzes the security requirements of data center virtualization network from the aspects of user security access, communication isolation and confidentiality protection, and proposes virtualization. The network security technology framework focuses on the security of virtualized networks based on cryptography, and the security mechanisms such as communication protection, information isolation and security exchange between virtual machines are analyzed and designed. A solution for reference is proposed.
Typical Structure and Access Application Mode of Cloud Computing Virtualization Network
The cloud computing infrastructure consists primarily of computing (server), networking, and storage. For the network, from the entire ecological environment of cloud computing, it can be divided into three levels, data center network, cross-data center network and ubiquitous cloud access network.
The data center network includes a data center LAN that connects computing hosts, storage, and Layer 4 to 7 servers (such as firewalls, load balancing, application servers, IDS/IPS, etc.), and edge virtual networks, that is, after host virtualization, virtual machines. Multiple virtual network switching networks, including distributed virtual switches, virtual bridging, and I/O virtualization; cross-data center networks mainly solve network connections between data centers, enabling data backup, data migration, and multi-data between data centers. Resource optimization between centers and provision of mixed services in multiple data centers; ubiquitous cloud access networks are used to interconnect data centers with end users to provide cloud services to public or enterprise users.
Here, we mainly discuss the data center network technology architecture and access application methods implemented by using virtualized network technology. Because the large number of virtual machines in the data center access the security and controllable computing resources through the virtualized network is the key to solving the cloud computing virtual network security problem. Data center networks include core layer switches, access layer switches, and virtual switches. After using cloud computing, the data center network needs to solve the problem of large data flow, large backup traffic, and large virtual machine migration in the data center. Therefore, the core layer network requires ultra-large-scale data exchange capability and sufficient 10,000. Mega access capability. Access layer switches are required to support a variety of flexible deployment methods and new Ethernet technologies, including lossless Ethernet technology.
The virtual switch virtualizes the corresponding switch and network card functions through the virtual machine manager (Hypervisor) layer and implements management. It provides interconnection of multiple virtual host virtual network cards (vNICs) in the server and traffic for different virtual network cards. Set different VLAN tag functions, so that there is a switch inside the server, which can easily connect different network cards to different ports. The Hypervisor creates one or more vNICs for each VM (virtual host) and connects to the virtual switches in the hypervisor to support communication between VMs. Hypervisor also allows communication between virtual switches and physical network interfaces, as well as efficient communication with external networks, such as the open source OpenvSwitch.
Taking the more mature Ctrix Xen-based virtualization system as the research object (different from other VMwareESX, KVM, Hyper-V, etc., can refer to the idea), analyze the user connection virtualized user terminal, and further access the data center calculation A typical framework for resources is shown in Figure 2.
First, the remote user accesses the user virtual terminal on the data center server based on the thin client and based on the remote desktop protocol (Vmware PCoIP) such as ICA. The ICA protocol is a proprietary protocol based on Xen's Ctrix virtualization system. It interacts with the display, keyboard, and mouse operation information and the server-side management domain. It can create and suspend the corresponding virtualized terminal system on the hypervisor to obtain and localize the computer terminal. Operate the same experience. At the same time, the actual driver of all peripherals is also run on the management domain OS, and the front-end driver module interacts with the front-end driver module running on the virtual machine OS of the series client terminal to realize the support for the virtual machine device driver of each client terminal.
Secondly, the virtual network card and the virtualized switch (including the distributed virtualized switch across the physical server) between the user virtual terminals realize high-speed network data interaction between the virtual terminals and between the user virtual terminal and the virtual application server. Virtualized data-based applications, access to various application servers, or migration of user virtual machines. The distributed virtual switch adopts a method of making the underlying server architecture more transparent, and supports cross-server bridging of virtual switches on different physical servers, so that the virtual switches in one server can transparently connect with the virtual switches in other servers, so that the servers ( VM migration with their virtual interfaces is simpler.
Contactor Accessories are an important part of the contactors' working. Our contactor accessories are mainly divided into the following series:
LA2-D Timer Delay Block
LA1-D Axuiliary Contact Block
F8 Side Mount Axiliary Contact Block
LA3-DN Auxiliary Contact Block
BA3-D Timer Delay Block
LX1-D Coil of Contactor
LX1-F Coil of Contactor
Contactor Accessories
Auxiliary Switch,Auxiliary Contact Block,Contactor Block,Contactor Coil
Ningbo Bond Industrial Electric Co., Ltd. , https://www.bondelectro.com