Search

CN-121984967-A - Cross-cloud-platform virtual private cloud interconnection system based on unified cloud management platform and construction method

CN121984967ACN 121984967 ACN121984967 ACN 121984967ACN-121984967-A

Abstract

The invention provides a cross-cloud platform virtual private cloud interconnection system based on a unified cloud management platform and a construction method thereof, and relates to the technical field of computer networks; the system comprises a unified cloud management platform and at least two independent cloud platforms, wherein the independent cloud platforms operate with corresponding virtual private clouds, network isolation is achieved among the virtual private clouds, the unified cloud management platform builds a VPN tunnel network among a VPN server, a virtual private cloud client and the VPN client based on VPN technology, the virtual private cloud client is used as a gateway node to achieve communication among the virtual private clouds on different cloud platforms, configuration information of the VPN server and configuration information of the virtual private cloud client are issued in a mode of virtual machine data injection and VPN server interface, the problem of data and information island among the cloud platforms in a multi-cloud platform scene can be solved, resource sharing capacity among the cloud platforms is enhanced, and cross-cloud interconnection and cross-domain sharing capacity of data of application are achieved.

Inventors

  • MIAO XINYU
  • LIU XIAOHAO
  • CAO JIANBING
  • HE ZHONGYANG
  • ZENG KUN
  • ZHANG YUAN

Assignees

  • 电科云(北京)科技有限公司

Dates

Publication Date
20260505
Application Date
20251230

Claims (10)

  1. 1. A cross-cloud platform virtual private cloud interconnection system based on unified cloud management, the system comprising: The system comprises a unified cloud management platform and at least two independent cloud platforms, wherein each independent cloud platform operates with a corresponding virtual private cloud, and the virtual private cloud comprises a virtual private cloud network; The VPN server is configured with a public network IP address, and the VPN server can be connected with the VPN client in one way; the VPN tunnel network is used for receiving the connection requests of the VPN client and constructing a VPN tunnel network among all VPN servers, the VPN client and the VPN client; the configuration change request is used for receiving the configuration change request sent by the unified cloud management platform, and the configuration change information is sent to the virtual private cloud client and the VPN client through the VPN tunnel network; The VPN client creates a VPN network based on VPN server information issued by a unified cloud management, initiates a connection request to the VPN server, establishes a VPN tunnel network connected with the VPN server, other VPN clients and the VPN client, receives configuration change information sent by the VPN server, updates the configuration information of the VPN client, receives data of the VPN network, and forwards the data to other VPN clients and VPN clients through the VPN tunnel network; The target VPN client is used for initiating a connection request to a VPN server by a local terminal, establishing a VPN tunnel network connected with the VPN server, other VPN clients and the VPN client, receiving configuration change information sent by the VPN server, and updating the configuration information of the VPN client.
  2. 2. The cross-cloud platform virtual private cloud interconnection system based on the unified cloud management platform according to claim 1, wherein before the unified cloud management platform establishes a VPN tunnel network with a VPN client in each virtual private cloud through the VPN server, the unified cloud management platform is further configured to generate a server configuration file required by VPN services, including an authentication configuration file, an encryption mode configuration file and a route setting configuration file; The VPN server is also used for starting the VPN service and loading the server configuration file; The unified cloud management platform is further configured to add client information and a client configuration file corresponding to the VPN client to the VPN server.
  3. 3. The cloud platform-crossing virtual private cloud interconnection system based on the unified cloud management platform as claimed in claim 2, wherein the unified cloud management platform is further used for acquiring network configuration information of each virtual private cloud in real time, and adjusting load balancing between each independent cloud platform and security policies between the unified cloud management platform and each independent cloud platform based on the network configuration information.
  4. 4. The unified cloud management platform-based cross-cloud platform virtual private cloud interconnection system as claimed in claim 3, wherein said network configuration includes routing configuration information, network topology information or bandwidth requirement information, said adjusting load balancing between said individual cloud platforms and security policies between said unified cloud management platform and said individual cloud platforms based on said network configuration information comprises: based on the route configuration information, adjusting routes between the unified cloud management platform and each independent cloud platform; based on the network topology information and the bandwidth demand information, bandwidth allocation among the independent cloud platforms is adjusted, and an encryption algorithm between the unified cloud management platform and the independent cloud platforms is adjusted.
  5. 5. The cross-cloud platform virtual private cloud interconnection system based on the unified cloud management platform as claimed in claim 2, wherein the VPN server is a server constructed based on a virtual machine instance, and the unified cloud management platform is further used for generating the virtual machine instance before generating a server configuration file required by a virtual private network service; The VPN client is further configured to send a connection request to the VPN server through the public network IP address, so that the VPN server establishes the communication channel with the VPN client after receiving the connection request through the monitoring port.
  6. 6. The cross-cloud platform VPN cloud interconnection system based on the unified cloud management platform according to claim 2, wherein before the client information and the client configuration file corresponding to the VPN client are added to the VPN server, the unified cloud management platform is further configured to generate a virtual machine instance in each VPN, and generate the corresponding client configuration file and the client information to configure the virtual machine instance to obtain the VPN client.
  7. 7. The cross-cloud platform virtual private cloud interconnection system based on the unified cloud management platform according to claim 1, wherein the unified cloud management platform is further configured to configure corresponding configuration files and connection information in the virtual private cloud client, so that the virtual private cloud client is connected with the VPN server through a public network IP.
  8. 8. The cross-cloud platform virtual private cloud interconnection system based on the unified cloud management platform according to claim 1, wherein the unified cloud management platform is further used for carrying out flow monitoring on each independent cloud platform, and optimizing network bandwidth allocation among different cloud platforms according to a real-time flow monitoring result and an intelligent flow control algorithm.
  9. 9. The cross-cloud platform virtual private cloud interconnection system based on the unified cloud management platform as claimed in claim 1, wherein a security policy management mechanism between the unified cloud management platform and each independent cloud platform is the same, and the security policy management mechanism comprises an end-to-end encryption mechanism, an identity verification mechanism or an access control mechanism.
  10. 10. The method for constructing the cross-cloud platform virtual private cloud interconnection system based on the unified cloud management platform is characterized by comprising the following steps of: Creating a virtual machine instance of a VPN server through a unified cloud management platform and distributing a public network IP address and a monitoring port; Performing VPN service configuration on the VPN service virtual machine instance, generating a required server configuration file, obtaining a VPN service end and starting VPN service, wherein the server configuration file comprises an authentication mechanism configuration file, an encryption mode configuration file and a route setting configuration file; respectively creating VPN networks and configuring routes for at least two independent cloud platforms, and reloading the VPN services; Creating VPN client virtual machine examples in the virtual private cloud corresponding to each independent cloud platform respectively, configuring required client configuration files for the VPN client virtual machine examples, obtaining a VPN client, starting the VPN client, and constructing a communication channel between the VPN client and the VPN server; And respectively creating a virtual private cloud virtual machine instance in each virtual private cloud as a virtual private cloud client to obtain the cross-cloud platform virtual private cloud interconnection system.

Description

Cross-cloud-platform virtual private cloud interconnection system based on unified cloud management platform and construction method Technical Field The invention relates to the technical field of computer networks, in particular to a cross-cloud platform virtual private cloud interconnection system based on a unified cloud management platform and a construction method. Background With the rapid development of cloud computing technology, more and more enterprises and organizations choose to adopt multiple cloud platforms to meet different business requirements, including public clouds, private clouds, hybrid clouds and the like. However, virtual private networks (VPCs) between different cloud platforms are often isolated from each other, and this isolation increases the complexity and cost of cross-platform data transfer, severely limiting efficient collaboration and resource sharing in a multi-cloud environment. In a scenario that a plurality of cloud platforms are managed by a unified cloud management platform, how to realize virtual private network interconnection between different cloud platforms becomes a key technical problem. At present, most cloud management platforms only support management of a single cloud platform, and management and network interconnection of cross-cloud platforms are difficult to effectively support. Because of the lack of a unified cross-cloud platform virtual private network interconnection solution, users need to configure and manage virtual networks on each cloud platform independently, which results in low resource utilization efficiency and increased operation cost. Disclosure of Invention In view of this, the embodiment of the invention provides a cross-cloud virtual private cloud interconnection system based on a unified cloud management platform and a construction method thereof, so as to eliminate or improve one or more defects existing in the prior art. The problem of low resource utilization efficiency due to isolation among cloud platforms under a multi-cloud platform scene can be solved. The invention provides a cross-cloud virtual private cloud interconnection system of a unified cloud management platform, which comprises the following components: The system comprises a unified cloud management platform and at least two independent cloud platforms, wherein each independent cloud platform runs with a corresponding virtual private cloud, and the virtual private cloud comprises a virtual private cloud client and a VPN client; The VPN client establishes communication connection with the corresponding local VPN client and is used for sending a data request to the local VPN client through the communication connection, so that the local VPN client forwards the data request to the VPN server based on a communication channel under the condition of receiving the data request; The VPN server side is used for sending the data request to a target VPN client side in the target virtual private cloud based on the target virtual private cloud indicated by the target virtual private cloud information under the condition that the data request is received; And the target VPN client is used for forwarding the data request to the target client according to the target client indicated by the target client information after receiving the data request, so that the target client returns the target resource corresponding to the target resource information under the condition of receiving the data request. In some embodiments of the present invention, before the unified cloud management platform establishes a communication channel with a VPN client in each virtual private cloud through a VPN server, the unified cloud management platform is further configured to generate a server configuration file required by a virtual private network service, where the server configuration file includes an authentication mechanism configuration file, an encryption mode configuration file, and a route setting configuration file; The VPN server is also used for starting the virtual special network service and loading a server configuration file; the unified cloud management platform is further used for adding the client information and the client configuration file corresponding to the VPN client to the VPN server. In some embodiments of the present invention, the unified cloud management platform is further configured to obtain network configuration information of each virtual private cloud in real time, and adjust load balancing between each independent cloud platform and security policies between the unified cloud management platform and each independent cloud platform. In some embodiments of the present invention, the network configuration includes routing configuration information, network topology information, or bandwidth requirement information, and adjusting load balancing between individual cloud platforms and unifying security policies between the cloud management platform and the individual clou