Search

CN-121980596-A - Container storage processing method, system, terminal and medium based on TIPU

CN121980596ACN 121980596 ACN121980596 ACN 121980596ACN-121980596-A

Abstract

The invention discloses a container storage processing method, a system, a terminal and a medium based on a TIPU (wireless local area network), which relate to the technical field of storage virtualization and have the technical scheme that storage configuration information of NFS shared file information is encrypted, configmap resources are created, a persistent storage statement PVC is created, a TIPU gateway is triggered to dynamically create virtiofs equipment, a POD (point of sale) is created, virtiofs equipment is mounted on a container in the POD, configmap resources are analyzed to inject a first key fragment into a virtiofs file system, and a complete key is formed to decrypt the file information. The invention can ensure that the POD in the Kubernetes environment can sense and directly access the storage resource managed by the TIPU in real time, and realize the efficient and dynamic unloading of the storage load through the seamless integration with the TIPU platform.

Inventors

  • GAO GUOCHUN
  • WU HUAIGU
  • ZHANG NANXIN
  • ZHA MING

Assignees

  • 天府绛溪实验室

Dates

Publication Date
20260505
Application Date
20260409

Claims (10)

  1. 1. The method for storing and processing the container based on the TIPU is characterized by comprising the following steps of: Encrypting the storage configuration information of the NFS shared file information by calling a TIPU gateway interface, and dividing an encryption key into a first key fragment and a second key fragment, wherein the second key fragment is stored in an NFS storage server; Creating Configmap resources containing the encrypted information, the first key fragment and the TIPU gateway connection parameters after encryption processing in a Kubernetes environment; Creating a persistent storage statement PVC through a TIPU CSI driver, and triggering a TIPU gateway to dynamically create virtiofs equipment; creating a POD in a Kubernetes environment, mounting the virtiofs devices to a container in the POD; parsing the Configmap resources to inject a first key fragment into a virtiofs file system; and when the container in the POD accesses the NFS storage server through the virtiofs equipment, combining the first key fragment and the second key fragment into a complete key through a TIPU gateway so as to decrypt file information.
  2. 2. The TIPU-based container storage processing method of claim 1, wherein the storage configuration information includes an NFS server IP address, a shared folder path, and a data key parameter.
  3. 3. The method for processing the container storage based on the TIPU according to claim 1, wherein the triggering the TIPU gateway to dynamically create virtiofs the device comprises: the method comprises the steps of transmitting equipment configuration parameters through an RPC interface provided by a TIPU gateway; The TIPU gateway instantiates virtiofs a device based on the device configuration parameters and returns a device identifier and mounting point information.
  4. 4. The TIPU-based container storage processing method of claim 3, wherein the device configuration parameters include a storage backend address, a device capacity, and an access control policy.
  5. 5. The TIPU-based container store processing method of claim 1, wherein the parsing the Configmap resources comprises: Analyzing Configmap through an Init container or a CSI driver in the POD starting process, and extracting the first key fragment; And writing the first key fragment into a first storage catalog of the virtiofs file system for monitoring and calling by the TIPU gateway.
  6. 6. The TIPU-based container storage processing method of claim 5, wherein the first storage directory and the second storage directory of the second key fragment in the NFS storage server are the same directory or an associated directory.
  7. 7. The TIPU-based container storage processing method of claim 1, further comprising: And triggering the unloading operation of the virtiofs equipment in the container in the POD through the TIPU CSI driver when the container in the POD is closed.
  8. 8. A TIPU-based container storage processing system, comprising: The encryption processing module is configured to encrypt the storage configuration information of the NFS shared file information by calling the TIPU gateway interface, and divide an encryption key into a first key fragment and a second key fragment, wherein the second key fragment is stored in the NFS storage server; the resource creation module is configured to create Configmap resources containing the encrypted information, the first key fragment and the TIPU gateway connection parameters after encryption processing in a Kubernetes environment; the device creation module is configured to create a persistent storage statement PVC through the TIPU CSI driver and trigger the TIPU gateway to dynamically create virtiofs devices; An equipment mounting module configured to create a POD in a Kubernetes environment, mount the virtiofs equipment to a container in the POD; a key injection module configured to parse the Configmap resources to inject a first key fragment into a virtiofs file system; And the key combination module is configured to combine the first key fragment and the second key fragment into a complete key through a TIPU gateway when a container in the POD accesses the NFS storage server through the virtiofs equipment so as to decrypt file information.
  9. 9. A computer terminal comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor implements the TIPU-based container storage handling method according to any one of claims 1-7 when the computer program is executed by the processor.
  10. 10. A computer readable medium having stored thereon a computer program, wherein the computer program is executable by a processor to implement a method of TIPU-based container storage handling according to any one of claims 1 to 7.

Description

Container storage processing method, system, terminal and medium based on TIPU Technical Field The invention relates to the technical field of storage virtualization, in particular to a method, a system, a terminal and a medium for processing container storage based on TIPU. Background Container storage refers to the exchange and persistence of data management between a container and a host or external storage system. Because of the short duration of the container lifecycle, the file system inside the container is typically temporary and the data is lost after the container has terminated. To ensure data persistence for container applications, container technology employs a Volume (Volume) mechanism that mounts the Volume inside the container so that the container can retain data even if it is terminated. Common storage volume types include binding mounts (Bind Mounts) that mount a directory of hosts into a container and naming Volumes (namevolumes) that use the storage mechanism provided by the container platform (e.g., docker, kubernetes). Taking Kubernetes as an example, kubernetes provides PERSISTENT VOLUME (PV) and PERSISTENT VOLUME CLAIM (PVC) mechanisms to manage persistent storage of containers. When the container is unloaded, kubernetes automatically handles the unloading and cleaning operations of the storage volumes and ensures data consistency and resource reclamation according to the definition of PV and PVC. In Docker, storage volumes may be mounted and dismounted through command line tools or APIs. Dockers typically do not automatically delete volumes when the container is unloaded unless explicitly specified. Thus, the user needs to pay special attention to the management of volumes while unloading the container, avoiding losing important data. One of the key challenges of containerized storage is how to properly offload storage volumes at the end of the container lifecycle. In the unloading process of the container, the challenges related to a plurality of technical aspects mainly comprise 1, recovering and releasing storage resources, wherein the container usually cleans temporary storage data inside the container when being unloaded. However, for persistent storage volumes, how to properly release and reclaim storage resources, avoiding storage wastage due to resource leakage or duplicate mounts, is a critical issue in container storage management. Particularly when multiple containers use the same storage volume, the unloading process requires special attention to the dependency between the containers and the storage volume. 2. Dependency management of storage volumes in a containerized environment, one storage volume may be shared by multiple containers or services. When a container is unloaded, it must be confirmed whether other containers remain dependent on the storage volume. If the storage volumes are unloaded blindly, other containers may not be able to access the storage and even cause system failures. Therefore, strict management of references to storage volumes is required when the container is unloaded, ensuring that other dependent containers are not affected. 3. Data consistency assurance that the data in the storage volumes may not have been fully synchronized or committed at the time of container unloading, particularly when using a distributed storage system, the data in the storage volumes may be in an inconsistent state. To ensure data integrity and consistency, complete writing of data needs to be ensured during offloading and the necessary synchronization mechanisms need to be adopted. 4. Cross-platform compatibility As container technology is popular, containers are widely deployed in a variety of environments, including local data centers, public clouds, and hybrid cloud environments. Different offloading mechanisms and policies may exist for storage systems on different platforms, and the container platform needs to provide cross-platform compatibility to ensure that operations of storage offloading can be performed seamlessly in different environments. Although existing container platforms have provided storage management functionality, in complex container applications, especially where multiple storage backend, multiple containers share the same storage volume, there are still issues of incomplete unloading, data loss, or storage resource waste. Therefore, how to study and design a container storage technology capable of overcoming the above defects is an urgent problem to be solved. Disclosure of Invention In order to solve the defects in the prior art, the invention aims to provide a container storage processing method, a system, a terminal and a medium based on a TIPU, which ensure that the POD in the Kubernetes environment can sense and directly access the storage resources managed by the TIPU in real time, and realize the efficient and dynamic unloading of the storage load through the seamless integration with a TIPU platform, thereby remarkably improving t