The Design And Implementation Of VPC Connection Mechanism Based On OpenStack Neutron

In recent years,cloud computing has attracted wide attention from the industry because of its low deployment cost,strong resource sharing capability and good scalability,and has made cloud computing a mainstream mode for emerging application development and deployment.At present,cloud computing has three mainstream deployment modes:public cloud,private cloud and hybrid cloud,among which the public cloud is regarded as the main form of cloud computing.However,all users on the public cloud share all the resources,which raises the question of the security of cloud computing data.In the era of big data explosion,data security is the lifeline of enterprise's survival and development,so the security of cloud data needs to be solved urgently.This thesis proposes a new approach to solve the security problem of cloud data.VPC is also known as the vritual private cloud.The core idea of this solution is based on the traditional public cloud for the user to establish a logical separation of virtual network space,in which users are free to define virtual network,flexible setup network address space,so as to realize the separation of private network.Based on OpenStack,the mainstream cloud computing support platform,this thesis conducts research on the cloud data security interoperability mechanism of VPC.The VPC communication mechanism breaks the limitation of classical network and separates the underlying physical network from the user business data,which has strong application value.The main focus of this thesis is how to distribute the business to the controller via the OpenStack cloud platform,and the controller can estatblish the network connection to provide the user with resources.Aiming at the above problems,the thesis analyzes the key components of VPC and the communication conditions between VPCs,and gives the requirements and characteristics of VPC intercommunication mechanism.On the basis of this,a system architecture for realizing the docking of cloud platform and controller is proposed based on the custom Neutron component ML2 plugin,and VXALN technology is used to realize virtual network.The main contributions of the thesis include the following aspects:1)On the basis of summarizing the current situation of cloud computing deployment pattern and virtualization network,this thesis analyzes the main technical challenges of public cloud security,and puts forward the application demand of VPC interoperability mechanism based on OpenStack.2)To enhance the capacity of network isolation and optimize the network structure,the functional requirements of implementing VPC in OpenStack are described from the perspectives of the second-layer,third-layer,and intercommunication,based on the project requiremwnts.On this basis,the overall architecture of the system and detailed design of each module are given.3)On the basis of system function design and the OpenStack environment,the implementation process of second-layer,third-layer and intercommunication module is given from multiple perspectives including network,subnet,router and port,and system functions are tested according to the system characteristics.