WO2012106980A1 - Procédé de bureau virtuel et infrastructure de bureau virtuel de point de service intelligent multidimensionnel - Google Patents

Procédé de bureau virtuel et infrastructure de bureau virtuel de point de service intelligent multidimensionnel Download PDF

Info

Publication number
WO2012106980A1
WO2012106980A1 PCT/CN2012/000159 CN2012000159W WO2012106980A1 WO 2012106980 A1 WO2012106980 A1 WO 2012106980A1 CN 2012000159 W CN2012000159 W CN 2012000159W WO 2012106980 A1 WO2012106980 A1 WO 2012106980A1
Authority
WO
WIPO (PCT)
Prior art keywords
virtual
application
service
user
machine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2012/000159
Other languages
English (en)
Chinese (zh)
Inventor
汤传斌
熊丽
王彦新
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TRANSOFT (SHANGHAI) Inc
Original Assignee
TRANSOFT (SHANGHAI) Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TRANSOFT (SHANGHAI) Inc filed Critical TRANSOFT (SHANGHAI) Inc
Publication of WO2012106980A1 publication Critical patent/WO2012106980A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/451Execution arrangements for user interfaces
    • G06F9/452Remote windowing, e.g. X-Window System, desktop virtualisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/40Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities

Definitions

  • the present invention relates to computer virtualization technologies and applications, and more particularly to multi-dimensional intelligent service point virtual desktop infrastructure. Background technique
  • desktop virtualization uses a client-server (c-S) computing model to separate the desktop environment of personal computers from physical hardware.
  • the remote computer desktop is displayed and operated on the local computer, while the remote computer executes the program and stores the information.
  • Desktop virtualization presents an effective solution to the problems posed by traditional personal computers.
  • VDI Virtual Desktop Infrastructure
  • the desktop operating system and applications run on the virtual machine (hereinafter referred to as the virtual machine) on the server in the data center. Users can access virtual desktops and applications from various terminal devices such as PCs, netbooks, and thin terminals through the network. Get a complete PC experience.
  • the core of VDI management software is to centrally manage the virtual machine pool formed by a large number of virtual machines in the data center through a series of strategies, and deliver the desktop to the end users by using the transmission protocol.
  • VDI's ESXi, Citrix's Xen, and Microsoft's Hyper-V are all available as VDI's underlying virtualization technology. These companies have also launched their own VDI products, namely Wei Rui's VMWare View, Citrix's XenDesktop, and Microsoft VDI suite software.
  • VDI has entered the market for many years, but implementation has been difficult, for two main reasons.
  • ESG Enterprise Solutions Group
  • the full name of the company found that many of the user's concerns are around network performance.
  • Thousands of desktop images are migrated from the terminal (ie, desktop, terminal, etc.) to the data center, including The subsequent tasks of processing applications and data requests are self-evident.
  • the second is the price issue.
  • VDI and traditional Terminal Services (TS) have certain similarities in functionality. Although VDI has the advantage of providing each end user with a separate virtual machine, which is not affected by other users or systems. But in comparison, it is expensive.
  • the invention discloses a multi-dimensional intelligent service point virtual desktop infrastructure, more precisely, a combination of multiple software and hardware and network resources to support a virtualized environment, and a virtual machine, a real machine and a virtual application in a background service point.
  • Program resources are centrally managed (compared to virtual machines, where the real machine refers to physical computers), delivering virtual desktops to end users on demand, providing osmotic services and intelligent sessions, and using them.
  • the number of people with increased service costs has dropped significantly, resulting in economies of scale in virtual desktop infrastructure.
  • the design adopted by the present invention is:
  • the system is constructed by two-dimensional.
  • the horizontal one-dimensional consists of client equipment, access points, service switching points, and background service points, which constitute the transmission path of the virtual desktop.
  • the vertical one-dimensional is operated by the company's operating system, company application, and user application. , user data and settings, the virtual machine is divided into several manageable layers.
  • the service switching point and the background service point manage the entire architecture, wherein the background service point generates virtual machines and virtual applications and centrally manages virtual machines/real machines/applications, access points and service exchanges.
  • the point is mainly responsible for providing network management and services for virtual desktop transmission.
  • the service is permeable and provides a unified programming interface for integration with third parties.
  • the background service point allows users to flexibly choose to use real or virtual machines by integrating real/virtual machines into a unified system.
  • the management of the real machine is completed by the real machine management center, and the management of the virtual machine is completed by the virtual machine management center, and the management of the virtual application is completed by the virtual application manager.
  • the SOD server is generally installed on the real machine by installing the SOD (Service on Demand) client on the virtual machine to integrate the virtual machine and the virtual application.
  • SOD Service on Demand
  • the version tree method is used to implement the upgrade and update of the virtual machine template.
  • the service switching point mainly provides call continuity and service switching services, virtual machine/real machine switching functions, and provides load balancing, rule and policy engines, service monitoring, SIP proxy services, and unified programming interfaces.
  • Access points mainly provide remote access management and connection services, use extended connection agents to connect real and virtual machines, and have registration authentication and single sign-on capabilities, while providing load balancing, rules and policy engines, and service monitoring. , SIP proxy service and unified programming interface.
  • Session Initiation Protocol is a text-based application layer signaling control protocol proposed by the IETF in 1999 to create, modify, and release sessions for one or more participants.
  • the Independent Computing Environment Simple Protocol SPICE is a virtual technology acquired by Red Hat after the acquisition of Qumranet, an adaptive remote transport protocol designed specifically for use in virtual environments, designed for today's bandwidth-intensive applications ( For example, multimedia, VoIP) provides a seamless user experience, enabling users to experience the same experience as using a physical desktop system when using a virtual desktop system.
  • the Remote Desktop Transfer Protocol is a protocol developed by Microsoft Corporation to connect a local client to a terminal server and maintain a session between the two.
  • the SIP protocol can control signaling, so that one user can obtain multiple sessions so that multiple virtual machines can be used at the same time.
  • the inherent time mechanism can realize multiple people using a virtual machine at the same time to implement intelligent sessions.
  • SIP can establish an end-to-end overlay network and intelligent scheduling resources to cover the overlay network composed of Core (core network) and Edge (edge network) to user equipment, so that the virtual desktop transmission is safe and fast.
  • a session is displayed across multiple screens.
  • multiple sessions are displayed on a large screen.
  • the methods of the standby pool and the elastic pool are introduced.
  • the pool is generated by using the inked-clone technology, and the spare pool is set to suspend state.
  • the use of the alternate pool includes the generation, use, optimization, and exit of the standby pool.
  • the elastic pool sets the initial value, the maximum value, the threshold value, and the reserved value to set the size relationship between these values, and uses certain algorithms to determine certain rules to fully utilize virtual machine resources to establish users and Flexible access between virtual machines.
  • the present invention proposes the following technical solutions:
  • a multi-dimensional intelligent service point virtual desktop infrastructure including: a background service point, a service switching point, an access point, and a client device.
  • the background service point generates the virtual machine and the virtual application in the background, and the background service point centrally controls and dispatches the virtual machine, the virtual application, and the real machine to the user;
  • the service switching point connects to the background service point, and the service switching point provides the call continuity and
  • the service switching service sends the exchanged real/virtual machine request to the background service point and controls the service switching service;
  • the access point connects to the service switching point, and the access point provides remote access management and connection service, Control access to access services;
  • client devices are connected to background service points, service switching points, and access points.
  • Client devices are selected from one of the following: personal computers, laptops, netbooks, mobile phones, and handheld terminals.
  • the back-end service points include a real machine management center, a virtual machine management center, a virtual application manager, a virtual workspace manager, and a virtualization infrastructure platform.
  • the real machine management center manages the real machine in the background and assigns the real machine to the user;
  • the virtual machine management center manages the virtual machine in the background and allocates the virtual machine to the user;
  • the virtual application manager generates and manages the virtual application in the background and establishes the virtual application and
  • the virtualized base platform includes multiple hosts, each of which uses a kernel-based virtual machine (KVM) to virtualize the hardware platform.
  • KVM kernel-based virtual machine
  • the real machine management center includes real machine connection manager, real machine status manager, agent controller, real machine list, real machine application list and usage report.
  • the real machine connection manager accepts the user's request to use the real machine, checks the status of the real machine, sends the application (application) message to be used by the user to the agent through the proxy controller, and returns it to the service switching point;
  • the real machine state manager Responsible for monitoring the status and status of the computer;
  • the agent controller is responsible for receiving the message sent by the agent, sending the command of the operation application to the agent, and checking the heart beat message sent by the agent to make a judgment whether to close the real machine;
  • the real machine list is the user You can register the real machine bound to your account to the real machine list;
  • the real application list is a list of applications that the user specifies to use;
  • the usage report is used to count the user's use of real machines and applications.
  • the virtualization infrastructure platform includes a Spice Protocol based on a terminal protocol, a Session Initiation Protocol SIP server, and the Spice Server and Session Initiation Protocol SIP server are used to interact with the client device.
  • the service switching points include virtual machine switches and real machine switches and service switching service controllers.
  • the virtual machine switch and the real machine switch are connected to the virtual machine management center or the real machine management center requesting the response according to the user's request; the service exchange service controller provides the call connection service, the service exchange service, the load balancing, the rules and the policy.
  • Engine Overlay management, service monitoring, SIP services, and service interfaces.
  • the virtual machine switch includes a seat and classroom management database.
  • the access point includes a RAS server and a connection proxy.
  • the RAS server manages remote access and establishes a VPN connection for the user when the user is outside the firewall;
  • the connection agent provides the client access channel and transmits the desktop screen and the application screen to the client, adopts an extended system, and is a virtual machine and a virtual machine in the background.
  • the machine provides a connection.
  • the access point further includes accessing an access service controller, providing network services for access access, and providing a unified programming interface to integrate with a third party.
  • the access access service controller includes a load balancer, a service monitor, a SIP proxy server, an Overlay manager, and a management console.
  • the load balancer provides load balancing services; the service monitor monitors and counts service requests; the SIP proxy server receives virtual desktop requests, decides where to forward these requests, and passes them to the next server; the Overlay Manager provides SIP Overlay management;
  • the management console provides a management control interface.
  • connection agent providing the client access channel further includes generating a credential in the authentication center according to the login information of the user, and encrypting the credential to complete unified authentication and authorization and single sign-on (sso).
  • a multi-dimensional intelligent service point virtual desktop method comprises: controlling access, distribution and transmission of a virtual desktop by using an access point, a service switching point, and a background service point.
  • the background service point generates a virtual machine and a virtual application in the background, and the background service point centrally controls and dispatches the virtual machine, the virtual application, and the real machine to the user; the service switching point connects to the background service point, and the service switching point provides the call continuous.
  • the service exchange service sending the exchanged real/virtual machine request to the background service point, and controlling the service exchange service; the access point is connected to the service switching point, and the access point provides remote access management and connection service, Control access to the access service at the same time.
  • the method further includes performing authentication registration based on the SIP of the client device and the user, and negotiating the machine capability when the authentication is registered, wherein the client device is connected to the background service point, the service switching point, and the access point, and the client device is selected from the following One: PC, laptop, netbook, mobile phone, handheld terminal.
  • the method further includes creating a session using the SIP protocol and establishing a connection between the client device and the background service point; the background service point queries the capability of the client device; and starting the Spice protocol to transfer the virtual desktop screen from the background service point to the client device; After the screen is transferred, the session is terminated using the SIP protocol.
  • the method further includes merging the plurality of sessions by using a time mechanism of the SIP proxy server, so that multiple users use one virtual machine; and the SIP proxy server enables one user to obtain multiple sessions, so that one user can use multiple users at the same time.
  • a virtual machine
  • the method further includes treating the session and the transaction as a common expense, considering each of the virtualized SIP servers having the same performance, and allocating transactions of the same session to the same SIP server load distribution method.
  • the method further includes the method of establishing a virtual SIP Overlay by using a SIP server and a connection thereof, managing the Overlay on the Overlay node, accepting signaling on the SIP port, accepting the virtual machine screen on the Spice port, and providing a unified API interface.
  • the method further includes a method for implementing end-to-end transmission of the virtual desktop through the SIP client and the SIP server protocol stack.
  • a virtual pool management method including: setting an initial value, a maximum value, a threshold, and a reserved value; setting an initial value, a maximum value, a threshold, and a reserved value. Between the logical relationship, according to the initial value, maximum value, threshold value and reserved value and the logical relationship between them to achieve access from the virtual machine pool The rules of the virtual machine.
  • the method further includes: using the linked-clone technology to generate a backup pool corresponding to the primary virtual machine pool, and setting the standby pool to a suspend state, and using the virtual machine in the standby pool with the virtual machine in the primary virtual machine pool.
  • the method further includes dynamically specifying the standby pool according to time, and searching for the spare pool optimization policy of the idle pool.
  • a method for combining a virtual application and a virtual machine including: installing a monitoring program on a server; the monitoring program collects file information and registry information, and packages and packages the file into a tsap file; The request to the application, the tsap file is streamed to the client for the user to use.
  • the method further includes creating a template based on the existing user machine information and the virtual application information, and installing the SOD client on the virtual machine.
  • the method further includes dividing the application on the virtual machine and the virtual machine into four layers: a company operating system, a company application, a user application, user data, and settings, and managing the four layers using a virtual workspace.
  • an over-range screen display method using a virtual desktop infrastructure including: setting a background service point, a background service point generating a virtual machine and a virtual application in the background, and a background service point to the virtual machine,
  • the virtual application and the real machine are centrally controlled and assigned to the user;
  • the application proxy is set in the background service point, and the application proxy includes two parts: the high-end part is the application generator, and the bottom part is the virtual interface; the application is started, and the virtual interface is detected.
  • Write the application data on the display memory calculate the number of screens beyond the screen range, and notify the application generator to generate a process for each of the exceeded screens; send the screen of the original application together with the screen of the generated process to Client.
  • a screen partition display method using a virtual desktop infrastructure including: setting a same IP address and a different TCP port number for each partition of a large screen on a client; The IP address and TCP port number of the partition requested by the desktop, and the virtual desktop is returned to the partition.
  • Multiple service points can provide self-service, can be propagated on demand, and automatically scale based on policies, improving service penetration and quality assurance.
  • An advanced overlay network technology is adopted to achieve end-to-end transmission, which improves transmission reliability and security while reducing transmission path and improving transmission efficiency.
  • a new layered virtual desktop method is implemented by dividing the virtual desktop and its applications and data into several independent layers and distributing them to the client.
  • FIG. 1A is a block diagram of a system composition of a multi-dimensional intelligent service point virtual desktop infrastructure of the present invention
  • FIG. 1B is a block diagram of an access access service controller of an access point portion of the multi-dimensional intelligent service point virtual desktop infrastructure of the present invention
  • 1C is a block diagram of a service switching service controller of a service switching point portion of the multi-dimensional intelligent service point virtual desktop infrastructure of the present invention
  • 1D is a layered structure diagram of a virtualized base platform of a multi-dimensional intelligent service point virtual desktop infrastructure of the present invention
  • Figure 3 is a diagram showing the implementation process of the single sign-on of the virtual desktop infrastructure system (connection agent 122 in Figure 1A);
  • FIG 4 is a process diagram of the present invention (connection proxy 122 in Figure 1A);
  • FIG. 5 is a process diagram of the management console 1237 of Figure 1B of the present invention.
  • FIG. 6 is a process diagram of a user SIP registration authentication process in FIG. 5 of the present invention.
  • FIG. 7 is a diagram showing the establishment and termination process of a SIP session with a background service point when a user requests a virtual machine/real machine according to the present invention
  • 8A is a process diagram of a session aggregator (SIP server 1235 in FIG. 1B) of the present invention converges a plurality of sessions by a time mechanism to implement simultaneous use of a virtual machine by multiple users;
  • SIP server 1235 in FIG. 1B session aggregator
  • FIG 8B is a process diagram of the session splitter (SIP server 1235 in Figure 1B) of the present invention for assigning multiple sessions to a user to enable one person to use multiple virtual machines simultaneously;
  • FIG. 9 is a block diagram showing the composition of a SIP Overlay node of the present invention.
  • FIG 10 is a process diagram of the present invention (load equalizer 1231 in Figure 1B and load balancer 1331 in Figure 1C) based on SIP distributed load;
  • Figure 11 is a diagram showing the operation of the present invention (the virtual machine switch 131 and the real machine switch 132 of Figure 1A);
  • - Figure 12 is a process diagram of the present invention (the real machine connection manager 1411 of Figure 1A);
  • Figure 13 is a process diagram of the present invention (agent controller 1416 of Figure 1A);
  • Figure 14 is a process diagram of the present invention (statement report 1412 of Figure 1A);
  • FIG 15 is a process diagram of the present invention (the real machine state manager 1414 of Figure 1A);
  • Figure 16 is a process diagram of an overnight change strategy (Embodiment) of the virtual machine pool manager 1443 of Figure 1A;
  • FIG. 17 is a process diagram of the creation of a spare pool of the virtual machine pool manager 1443 of the present invention (FIG. 1A);
  • FIG. 18 is a request virtual machine of the standby pool usage policy of the virtual machine pool manager 1443 of the present invention (FIG. 1A) Process diagram
  • FIG. 19 is a process diagram of a spare pool optimization policy of the virtual machine pool manager 1443 of the present invention (FIG. 1A);
  • FIG. 20 is an exit virtual machine of the standby pool optimization strategy of the virtual machine pool manager 1443 of the present invention (FIG. 1A) Process diagram
  • FIG. 21 is a process diagram of the flexible pool rule of the present invention (virtual machine pool manager 1443 of FIG. 1A);
  • FIG. 22 is a process diagram of the pre-deployment action of the virtual application manager 143 of FIG. 1A;
  • Figure 24 is a process diagram of the SOD application stream of the virtual application manager 143 of the present invention ( Figure 1A);
  • Figure 25 is a process diagram of the present invention (the virtual application manager 143 of Figure 1A and the virtual machine management center 144) ;
  • Figure 26 is a process diagram of the virtual machine template versioning of the virtual machine management center 144 of the present invention (Fig. 1A);
  • Fig. 27 is a view of the present invention (the virtual workspace manager 142 of Fig. 1A) for the operating system on the VDI. Process diagram of layer management;
  • 29 is a diagram of a preferred embodiment of the inventive virtual desktop infrastructure at a factory
  • 1A is a general diagram of the desktop virtualization infrastructure including client device 11, access point 12, service switching point 13, and background service point 14.
  • the white box is the software part (function module) involved in this patent; the dashed box is the application number "CN 200810204286.X” submitted by the applicant on December 10, 2008, entitled “Mobile Virtualization Infrastructure and Basic Platform”
  • the functional modules have been described in detail in the patent application. Therefore, the dotted box will not be explained much.
  • Client device 1 1 refers to various user terminal devices, which can be either a traditional PC, a personal notebook, or a terminal device such as a netbook or a mobile phone, that is, various fat terminal devices. If it is a fat terminal, it can be used like a normal PC, or it can be virtualized and used. In the system shown in FIG. 1A, the client device 11 obtains the virtual machine and the application screen from the background service point 14 by accessing the access point 12 and the service switching point 13.
  • Access to the access point 12 is responsible for establishing a connection to the back office point 14 for the client device 11, managing the connection, and providing network services.
  • the connection agent 122 is responsible for the connection with the background service point 14.
  • the Remote Access Server (RAS) 121 provides remote access support by establishing a VPN connection for external users.
  • a typical setup is this:
  • the access point is installed on the Access network side or on the edge of the core network.
  • the underlying hardware can be a switch, router, or server cluster.
  • Access point 12 also provides self-service services that provide services such as load balancing, policy and rules engine, service monitoring, SIP services, session conversion, and unified programming interface APIs (including multiple interfaces). It is permeable and automatically scales up based on strategy.
  • the service switching point 13 is mainly responsible for the service exchange between the virtual machine and the real machine, and switches it to the corresponding background management center according to the virtual machine or real machine service selected by the user.
  • the typical setup is this:
  • the service switching point 13 is installed on the core network or the edge side of the core network (the underlying hardware can be a switch, router or server cluster).
  • the Service Switching Point 13 also has a Personnel and Group Management Database 1321, a Seat and Classroom Management Database 1322, an Application and Package Management Database 1323, and a Virtual Machine Server and Template Management Database 1324. These databases are managed by the Management Console 1442 in the Virtual Machine Administration Center 144 in the Background Service Point 14.
  • the service switching point 13 determines whether the user has the right to obtain the screen of the subscribed application through the unified authentication and authorization system of the connection agent 122.
  • the service switching point 13 can determine whether the application comes from the background of the virtual machine management center 144 or from the background of the real machine management center 143, so that appropriate PC screen adaptation measures are taken.
  • the service switching point also provides self-service services that provide services such as virtual network management, load balancing, policy and rules engines, service monitoring, and a unified programming interface.
  • the background service point 14 (generally the data center) is a background management system for virtual machines, real machines, and virtual applications, and is provided by the virtual machine management center 144, the real machine management center 141, the virtual application manager 143, and the virtual workspace manager 142.
  • the composition is generally installed in the core network.
  • Virtual machine pool management 1443 in the Virtual Machine Management Center introduces flexible pool rules and alternate pool rules.
  • the real machine management center 141 is responsible for managing the real machine and its application list, monitoring the status of the real machine, generating a report of the user using the real machine and the application on it, accepting the user's use request and opening the corresponding application for the user to use.
  • the virtual application manager 143 virtualizes the application by emulating the usage environment of the application on the computer, and the operation is independent of the operating system and other applications on the local desktop, so that even if the software is not installed on the computer, The purpose of running the software normally in a virtual environment.
  • the virtual workspace manager 144 is responsible for hierarchical management of the application. According to the requirements of the enterprise management, the operating system and the applications thereon can be layered, from bottom to top, the company operating system, the company application, the user application, and the user data. & settings (this can achieve layer-to-layer independence, the inter-layer correlation between layers, and facilitate the management of different layers by different privilege administrators).
  • the infrastructure for implementing the desktop virtualization of the present invention requires the SIP client 111 and the Spice client 112 to communicate with the SIP server 1457 and the Spice server 1456 via the SIP protocol and the Spice protocol, wherein the SIP client 111 is a client device.
  • the software, while the SIP server 1457 is running on the Linux kernel operating system of the virtualization infrastructure platform 145.
  • the SIP client 111 and the SPICE client 112 are installed on the client device 11, but note that there may be different options depending on the performance of the client device.
  • the client device performance is poor (very awkward terminal) so that SIP and Spice cannot be run, choose to install the RDP client on the client device.
  • the SIP client is installed at the access point and starts using the SIP protocol from the access point.
  • the client device is a custom thin terminal, only the SIP client is installed on the client device, and a driver is needed to accept the virtual machine screen, and the client only uses SIP communication. Also pay attention to the difference between internal users and external users.
  • the access point 12 can automatically identify that the client terminal is a fat terminal or a thin terminal.
  • the Access Access Service Controller 123 of Figure 1B is a service module in the Access Point that provides self-service virtualization computing and resource services that can be propagated on demand and automatically scaled based on policies.
  • the load balancer 1233 is used to implement load balancing; the policy and rule engine 1232 provides a policy and rules engine; the service monitor 1235 is used to monitor service requests; the Overlay manager 1231 is used to manage SIP Overlay, SIP port transmission signals. Therefore, the Spice port transmits the virtual desktop and establishes an Overlay connection for the signaling and the virtual desktop; the SIP server 1234 can aggregate and split the session, so that multiple users can simultaneously use one virtual machine, and one user can use multiple virtual objects at the same time.
  • the service interface 1236 provides a unified programming interface that can be integrated with third parties.
  • the service switching service controller 133 of Figure 1C is a service module in the service switching point 13, which can provide call connection and service exchange, and can implement call start, interruption or relay exchange. Similar to the access access service controller 123 in the aforementioned access point 12, it provides self-service virtualization computing and resource services, which can be propagated on demand and automatically scaled based on policies.
  • the service switching service controller 133 includes an Overlay Manager 1331, a Policy and Rule Engine 1332, a Load Balancer 1333, a SIP Server 1334, a Call Connection 1335, a Service Switch 1336, a Service Monitor 1337, a Service Interface 1338, and a Management Console 1339. Specifically, it provides load balancing, rules and policy engines, service monitoring, Overlay management, SIP services, and a unified programming interface (the functions of each module are similar to those in access point 12, as described above).
  • the virtualized base platform 145 of Figure 1D is the basic technology of VDI, providing the basic support platform of VDI, which can include multiple hosts, each of which uses Kernel Based Virtual Machine (KVM) 1452 for the hardware platform.
  • KVM Kernel Based Virtual Machine
  • the kernel KVM1452 communicates with the QEMU1453 process to virtualize at least one virtual machine 1454 with guest operating system and memory (the underlying layer can be either KVM, ESX, Xen or Hyper-V).
  • the SIP client 111 and the Spice client 112 are required to establish communication with the SIP service 1457 on the virtualization infrastructure platform through the SIP protocol, thereby establishing a connection for the session. After the connection is established, start the Spice server and transfer the virtual desktop from the background to the guest. Account. Then use the SIP protocol to end the session.
  • Figure 2 - Figure 4 shows the process of registration authentication and single sign-on.
  • FIG. 2 depicts the registration process of the real machine.
  • the real machine here is relative to the virtual machine. It refers to the computer that is not virtualized by hardware, that is, the so-called real physical computer.
  • the real machine is in the background service point. Before using the real machine, you need to register the real machine.
  • the implementation process is as follows:
  • Step 201 Add a pc (a personal computer, that is, a real machine) to the user's My Real Machine interface, and input information such as an ip address/machine name;
  • a pc a personal computer, that is, a real machine
  • Step 202 Add application information to the Application List interface, and input information such as the installation path of the app and the name of the exe (executable file);
  • Step 203 after saving, displaying a download interface, so that the user can download the agent (agent) and the spice server to prompt the user to install;
  • Step 204 prompting the user to test whether the current pc is available, and testing whether the proxy and the spice server (server) are correctly installed by sending and receiving some test messages.
  • Figure 3 Single sign-on
  • Single sign-on is mainly to solve the complexity of user rights management, repeated development of user and rights management modules, and system security risks. Users can log in to one of the application systems and use other ones directly. operating system.
  • the process of single sign-on is as follows: The user enters the username/password and logs in to the single sign-on authentication system.
  • the Certification Authority (AC) verifies the identity of the user based on the information submitted by the user. If it is a legitimate user, create a ticket based on the user information and permissions, otherwise refuse to log in.
  • each credential has a set of keys (public key KA and private key KB) generated according to the asymmetric encryption algorithm, and the data in the credential is encrypted with the public key corresponding to the credential, and the digest algorithm is used. Generate verification information (such as MD5/SHA).
  • the certificate authority saves the credentials of the legitimate user over the network to the computer where the user is located. After the user selects the application VDI that he or she needs to access, it sends its own certificate to the application server and starts to transfer to the application system's authentication program. The application system verifies the validity of the credentials at the certificate authority, such as: Whether it is issued by the certificate authority, whether it exceeds the validity period, and so on.
  • the application system generates a digest from the digest algorithm based on the information of the credentials on the user's computer, and verifies the integrity of the credentials by comparing the verification information with the digest. If the credentials are valid and valid, the private key of the credentials obtained from the certificate authority decrypts the data of the submitted credentials and reads the user information contained therein.
  • the application system VDI verifies whether the user has the legal identity to access the system (determine whether there is access right, whether it is approved and opened by the administrator at the same level). If the identity is legal, the corresponding usage rights are configured according to the rights it has, otherwise the user is denied access. VDI system. After the user ends the use of the system, the user logs out the credentials, and if the system times out, the credentials are automatically destroyed.
  • Step 301 the user inputs a username and password
  • Step 302 The user requests to log in to the single sign-on authentication system.
  • Step 303 The authentication center verifies the identity of the user according to the information submitted by the user.
  • Step 304 Determine whether the user is a legitimate user. If yes, go to step 306, otherwise go Go to step 305;
  • Step 305 prompting the account name or password is incorrect, and refusing the user to log in;
  • Step 306 Create a credential according to user information and permissions
  • each credential has a set of keys (public key and private key) generated according to an asymmetric encryption algorithm, and the data in the credential is encrypted by the public key;
  • Step 308 generating a verification information by using a digest algorithm (such as MD5/SHA);
  • Step 309 the certificate center will be the credentials of the legitimate user
  • Step 310 transmitting to the computer where the user is located through the network, and saving;
  • Step 311 Dynamically generate a user interface.
  • Step 312 the credentials arrive at the SSO client
  • Step 314 selecting a VDI subsystem
  • Step 3 Automatically log in to the VDI subsystem
  • Step 316 sending credentials to the VDI system
  • Step 317 the credentials arrive at the VDI subsystem
  • Step 318 sending the credentials to the authentication center
  • Step 319 the credentials arrive at the authentication center
  • Step 320 verify the validity of the credential TA
  • Step 321 determine if the credentials are valid. If it is valid, go to step 323, otherwise go to step 322;
  • Step 322 the user logs in again
  • Step 323 determining whether the credential is complete. If yes, go to step 325, otherwise go to step
  • Step 324 the user logs in again
  • Step 325 decrypting the credential with the private key
  • Step 326 Determine whether the user has access rights. If yes, go to step 328. Otherwise, go to step 327;
  • Step 327 the user does not have access rights
  • Step 328 automatically generating a VDI subsystem interface according to the authority
  • Step 329 using the VDI subsystem function
  • Step 330 using the end user to exit
  • Step 331 the system times out
  • connection proxy 122 is one of the most important parts of the VDI system. The process is as follows: The user issues a login request to the server. If the user is outside the firewall, the connection proxy 122 establishes a VPN (Virtual Private Network) connection for the user; otherwise, directly transfers Go to the next step to determine whether the user is authorized by SSO authentication; if the authentication is not passed, tell the client to display an error message. If the authentication is passed, the request is transmitted to the SIP.
  • VPN Virtual Private Network
  • the proxy server resolves the address and issues a call request to the next hop; the request arrives at the virtual machine/real machine switch in the service switching point, and if the user requests the application on the virtual machine, then switches to the virtual machine entry, and Connect to the virtual machine management center in the background, let the virtual machine dispatcher obtain the virtual machine, find the application ID from the application list, find the best virtual machine, and notify the application agent to activate the application on the virtual machine, and finally start the Spice server, and transfer the application.
  • the first screen is given to the client; if the user requests the application on the real machine, then switch to the real machine portal, and connect to the real machine management center in the background, query the real machine list and the application list, and select to use a real machine.
  • An application find the best real machine, and notify the application agent to activate the application on the real machine, and finally start the Spice server, transfer the first screen of the application to the client (note that the real machine is the same as the virtual machine, using the SIP protocol Initiate a session, use Spice to transfer the real machine screen; SIP can also be reflected in the connection agent, but the focus is different.
  • the connection proxy In the traditional VDI, there is no In the case of using the SIP protocol, the connection is established through the connection proxy because the traditional screen transfer protocol RDP is only responsible for the transmission of the screen; and after adopting the SIP protocol, the connection function of the connection proxy is mainly used throughout the virtual desktop. Infrastructure with SIP proxy connection for SIP communication.)
  • connection agent here integrates the real machine and the virtual machine into one system, and can be connected to the real machine management center and the virtual machine management center at the same time.
  • Step 401 The user sends a login request to the server.
  • Step 402 The connection agent determines whether the user is outside the firewall. If yes, go to step 403, otherwise go to step 404;
  • Step 403 The connection proxy establishes a VPN connection for the user.
  • Step 404 Determine whether the user passes the SSO authentication authorization. If yes, go to step 406, otherwise go to step 405;
  • Step 405 telling the client to display an error message
  • Step 406 The SIP server forwards the request to the next hop server.
  • Step 407 The virtual machine/real machine switch selects a corresponding virtual machine or real machine entry for the request.
  • Step 408 If the user requests the virtual machine, the connection agent causes the virtual machine dispatcher to obtain the virtual machine, and finds the virtual machine from the application list. Application ID (identity); If the user requests a real machine, the connection agent causes the real machine connection manager to query the real machine and application status;
  • Step 409 connecting the application, in three steps, (a) notifying the application proxy application ID on the virtual machine or the real machine, (b) waiting until the application starts or fails, and (c) notifying the SIP client that the application has started, ready to accept The first screen of the application, or the failure to start the error.
  • Figure 5-10 shows the SIP session and network management process.
  • FIG. 5 shows the working process diagram of the session management console.
  • a user requests (session) to reach a manageable service point
  • a series of management tools are operated through the management console operation to process the session, thereby achieving load balancing, session intelligence, security, and the like.
  • the specific steps are as follows - Step 501, the service monitor monitors the user requesting the virtual machine/real machine;
  • Step 502 Determine whether the user registers authentication through SIP. If yes, go to step 504, otherwise go to step 503; Step 503, telling the client to display an error message;
  • Step 504 The load balancer allocates the request to the SIP server according to the rule.
  • Step 505 Determine whether the operation is an aggregation session. If yes, go to step 506, otherwise go to step 507;
  • Step 506 entering the session aggregator, and the session aggregator will be described in detail in FIG. 8A;
  • Step 507 Determine whether the operation is a split session. If yes, go to step 508, otherwise go to step 509;
  • Step 508 enter the session splitter, and the session splitter will be described in detail in FIG. 8B;
  • Step 509 The virtual SIP Overlay (the overlay network) management node determines the forwarding path of the request.
  • Figure 6 SIP registration certification
  • the user agent client issues a registration request to the registration server.
  • the registration is divided into two types, including the user's registration and the registration of the machine. If it is the registration of the machine, the machine's IP address, machine name and other information is registered to the registration server (this Registration is a registration of a fixed machine, which can be logged into the system with relevant information of the machine. If it is a user's registration, enter the user name, password and other information in the registration interface, and the registration information is stored in the location server (this registration method is flexible) Users can log in to the system with a username and password on different machines in different locations.
  • the registration server knows that the user has not sent the authentication message
  • the response message 401 (Unauthorized) requests the user agent for the authentication certificate
  • the user resends the registration request including the authentication information
  • the registration server verifies the authentication message. If the verification is passed, the registration server passes the verification and returns OK. If the verification fails, the user is required to resend the registration request containing the authentication information.
  • the subsequent steps are the same as above. If the registration server knows that the user registration request carries the authentication message, the subsequent steps are the same as above.
  • the registration information is stored in the location server.
  • the user agent client sends an Invite (session invitation) request to the user agent server, and the proxy server knows that the user does not send an authentication message, that is, sends a response message 407 (Proxy-Authide Request) to the user for the authentication certificate; the user sends an ACK (acknowledgement)
  • the user resends the Invite request containing the authentication information, and the proxy server authenticates the request and sends a 200 OK confirmation.
  • the registration server stores the registration authentication information in the location server.
  • the user agent server analyzes the session description SDP (Session Description Protocol) in the INVITE method sent by the user agent client. If the client device has the capability of receiving and decoding the multimedia signal sent by the server, the two parties can communicate normally. Otherwise a client error is displayed.
  • SDP Session Description Protocol
  • Step 601 The user agent client sends a registration request to the registration server.
  • Step 602 Determine whether the user machine registration is required. If yes, go to step 603, otherwise go to step 604;
  • Step 603 input information such as an IP address and a machine name of the user machine on the registration interface;
  • Step 604 input information such as a user name and a password on the registration interface;
  • Step 605 Determine whether an authentication message is carried in the registration request. If yes, go to step 607, otherwise go to step 606;
  • Step 606 the registration server sends a response message 401 (Unauthorized) to request a certificate from the user agent;
  • Step 607 The registration server verifies the authentication message.
  • Step 608 The user resends the registration request that includes the authentication information.
  • Step 609 Determine whether the authentication message carried in the registration request passes the verification. If yes, go to step 610, otherwise go to step 608;
  • Step 610 the registration server sends a 200 OK to confirm the verification
  • Step 611 storing the registration information of the user into the location server
  • Step 612 The user proxy client sends an Invite request to the user proxy server.
  • Step 613 Determine whether the Invite request carries the authentication message. If the Invite request carries the authentication message, go to step 617, otherwise go to step 614;
  • Step 614 the proxy server sends a response message 407 (Proxy-Authentication Request) to request the authentication certificate from the user;
  • Step 615 the user sends an acknowledgement message ACK
  • Step 616 The user resends an Invite request including the authentication information.
  • Step 617 the proxy server verifies the authentication message.
  • Step 618 Determine whether the authentication message in the Invite request passes the verification. If the verification is passed, the process goes to step 619, otherwise, the process goes to step 617;
  • Step 619 The user agent server analyzes the session description SDP in the INVITE method sent by the user agent client; SIP uses SDP to perform capability exchange.
  • SIP is not as complete and flexible as H.245, because it is subject to In the way of SDP expression, for example, SIP does not support asymmetric capability exchange (only received or only) and the concurrency of audio and video coding.
  • SIP indicates the media type and its parameters that it can accept in the session description of the INVITE method, and can also indicate the type of media it is willing to send.
  • Step 620 Determine whether the client device has the capability of receiving and decoding the multimedia signal sent by the server. If yes, go to step 322, otherwise go to step 321;
  • Step 621 the client error, that is, the client device does not have the capability of receiving the virtual machine/real machine screen sent by the server. If the user wants to use the VDI system, the terminal device needs to be changed, or the SIP client is changed, and the RDP client is installed. , of course this is an alternative;
  • Step 622 The two parties can communicate normally, that is, the client device can receive the virtual machine/real machine screen sent by the server.
  • Figure 7 is a SIP session process diagram
  • the client initiates a session request for Invite to request a virtual machine.
  • the background service point receives the user's request and correctly processes the request, it issues a temporary response lxx.
  • the client receives a temporary response message to determine whether it times out. If it times out, the client re-initiates the session request Invite requests the virtual machine; if it does not time out, it continues to wait for the background service. The response of the business.
  • a redirect 3xx response is issued; if the request contains the wrong format or cannot be completed on this server, then Client error 4xx response; if the server can not correctly handle this obviously legitimate request, then a server error 5xx response is issued; if the request cannot be processed by any server, a global error 6xx response is issued; if the request has been successfully received, and is processed correctly This request, then issued a successful response to the 200 OK response. If the client receives a 3xx-6 XX response, the client re-initiates the session request Invite requests the virtual machine (indicating that the request virtual machine failed); if it receives the 200 OK response, it continues to wait for the next response.
  • the server sends an Option request to the client to ask whether the client has the ability to receive and decode multimedia signals (media type and media parameters) sent by the server.
  • the client receives the Option request. If the multimedia signal (media type and media parameter) sent by the server is within the range of media types and parameters that can be accepted by the server, the client can communicate with the server normally, returning 200 OK, and doing well The preparation of the transmission media stream; on the contrary, the two parties can not communicate, the session ends (this step of machine capability negotiation can also be completed in the registration authentication process, as an alternative.
  • the solution is poorly flexible, but easy to use, so that in the back There is no need to consider the exchange of machine capabilities during the session.
  • the server receives a 200 OK response and starts preparing for the screen.
  • the client receives the Spice data stream transmitted by the server and sends a 200 OK response confirmation. If the server waits for the response to time out, the screen is re-prepared; otherwise, the 200 OK response is received within the normal waiting time.
  • the client sends a Bye request to release the call, and the server receives the Bye request and sends a 200 OK response.
  • Step 701 the registration ends
  • Step 702 The client initiates a session request to the background service point to request the virtual machine/real machine.
  • Step 703 The client receives the temporary response message from the background service point.
  • Step 704 determining whether the response times out. If yes, go to step 702, otherwise go to step
  • Step 705 determining whether a response 3xx-6xx is received.
  • Step 706 the client receives a 200 OK response of the background service point
  • Step 707 The client receives an Option request of the background service point.
  • Step 708 Determine whether the client has the capability of receiving and decoding the multimedia signal sent by the background service point. If yes, go to step 710, otherwise go to step 709;
  • Step 709 The client does not have the capability of receiving and decoding the multimedia signal sent by the background service point, and the two parties cannot communicate, and the session ends;
  • Step 710 the client has the capability of receiving and decoding the multimedia signal sent by the background service point, and the client can normally communicate with the server, and returns 200 OK;
  • Step 711 confirming, starting media stream transmission between the client and the background service point
  • Step 712 the client waits to receive the virtual machine screen sent by the background service point
  • Step 713 the client receives the SPICE data stream transmitted by the server, that is, the virtual machine screen; Step 714, after receiving the virtual machine screen, the client sends a 200 OK response to the background service point; Step 715, the client sends the Bye request to release Call
  • Step 716 the background service point waits for the user to register successfully.
  • Step 717 The background service point receives the user request.
  • Step 718 the background service point sends a temporary response
  • Step 719 Determine whether the background service point successfully processes the client request. If yes, go to step 724, otherwise go to step 720, step 721, step 722, step 723;
  • Step 720 redirecting
  • Step 721 the client is in error
  • Step 722 the server side error
  • Step 724 the background service point successfully processes the client request, and sends a 200 OK response.
  • Step 725 The server sends an Option request to the client to query whether the client has the capability of receiving and decoding the multimedia signal sent by the background service point.
  • Step 726 The background service point receives the 200 OK response of the client.
  • Step 727 the background service point prepares for the screen transmission
  • Step 728 task driven, calculating screen position
  • Step 729 calling SPICE, transmitting a screen
  • Step 730 determining whether the waiting response is timed out
  • Step 731 receiving a 200 OK response
  • Step 732 receiving a Bye request, and sending a 200 OK response.
  • Figure 8A is a session aggregator that describes the process of using a virtual machine by multiple users.
  • Step 8101 the user selects the application to issue a virtual machine/real machine use request to the background service point;
  • Step 8102 the request arrives at the SIP server (session converter), and the SIP server can be at the access point or the service exchange point and Background service point, where the SIP server refers to the SIP server accessing the access point;
  • Step 8103 the request is divided into the convergence time interval of the timer, and the SIP has a time mechanism for determining a minimum time period, and the request in the time period is aggregated and then sent out;
  • Step 8104 the SIP server calculates The number of all virtual machine requests in the time period (interval), a counter can be set in the SIP server to count the number of virtual machines in the time period;
  • Step 8105 Determine whether the number of requests is greater than 1. If it is greater than 1, go to step 8107, otherwise go to step 8106;
  • Step 8106 Determine whether the number of requests is equal to 1. If it is equal to 1, go to step 8108, otherwise go to step 8101;
  • Step 8107 the multiple requests are aggregated into one session request and sent to the background service point;
  • Step 8108 the single request is sent directly to the background service point;
  • Step 8109 the background service point allocates a virtual machine/real machine to the request;
  • Step 8110 Determine whether the request is a request after a plurality of original requests are aggregated. If yes, go to step 8112, otherwise go to 8111;
  • Step 8111 the application proxy opens the corresponding application, and returns the screen directly to the user.
  • Step 8112 the aggregated request is decomposed into the original request, and the application proxy opens the requested application for each original request, and returns the screen to the screen respectively. Each user.
  • Figure 8B is a session splitter that describes the process by which a user uses multiple virtual machines. Since the main task of the SIP Proxy Server is to complete message forwarding, it can overwrite the contents of the original request message before forwarding the request. It can also initiate requests on behalf of other clients, acting as both a server and a client. Here, using the function of SIP Proxy Server, multiple sessions can be assigned to one user, so that one user can use multiple virtual machines at the same time.
  • Step 8201 the user selects the application to issue a virtual machine/real machine use request to the background service point;
  • step 8202 the request arrives at the SIP server (session converter);
  • Step 8203 Determine whether the user requests multiple virtual machines. If the user requests multiple virtual machines, go to step 8204, otherwise go to step 8205;
  • Step 8204 The SIP server sends multiple session requests to the background service point according to the requirements of the user.
  • Step 8205 The SIP server routes the request to the background service point.
  • Step 8206 The background service point allocates a virtual machine for each session request.
  • Step 8207 The background service point allocates a virtual machine for the session request.
  • Step 8208 the background service point returns multiple virtual machines to one user
  • Step 8209 the background service point returns a single virtual machine to a user;
  • Figure 9 Virtual SIP OVERLAY node
  • the figure shows the composition of the SIP Overlay node 91.
  • Many SIP servers and the SIP links on them form the SIP overlay network.
  • the API 913 interface provides a unified interface for interconnecting the overlay networks, and the Overlay management 912 is responsible for managing the Overlay nodes to establish an Overlay for signaling and virtual desktop transmission.
  • the port has Spice port 9111 and SIP port 9112, SIP port 9111 is used to forward the signaling stream, and Spice port 9112 is used to forward the virtual desktop stream.
  • the SIP User Agent 90 can be either a SIP User Agent Client or a SIP User Agent Server.
  • Figure 10 SIP-based load balancing
  • FIG 10 shows the implementation of SIP-based load balancing. Since SIP has two kinds of transactions, session and conversion, and the session is a state, it is created by the Invite transaction and ends by the BYE transaction. Thus SIP has both transactional and conversational expenses. Thus a method of assigning the same session to the same SIP server can be employed. (The advantage of such a load balancing method is that it is easy to manage.) Assume that each SIP server is a server that is evenly distributed after virtualization and has the same performance. The implementation process is as follows: Step 1001, the client sends a virtual machine/real machine request to the load balancer;
  • Step 1002 The load balancer determines whether the request is an Invite request. If yes, go to step 1005, otherwise go to step 1003; Step 1003: Determine whether the request is a Bye request. If yes, go to step 1006, otherwise go to step 1004;
  • Step 1004 The load balancer allocates the request to the SIP server where the same CALL-ID is located (all related SIP messages in the same session use the same Call-ID); Step 1005, the request is The CALL-ID is recorded in the load balancer;
  • Step 1009 determining whether i is less than ⁇ If i is less than n, the process proceeds to step 1007, and the next cycle is started; otherwise, the process proceeds to step 1011;
  • Step 1011 the load balancer finds the smallest (i) smallest SIP server, and allocates the request to the server;
  • Step 1012 the Invite request is allocated to the SIP (i) server;
  • Figure 11-15 is the real machine management part, which gives the real machine management process.
  • FIG 11 shows the workflow of the virtual/real machine switch.
  • VDI virtual machine or real machine according to their own needs.
  • the exchange is done by real/virtual machine switch.
  • the specific implementation process is as follows:
  • Step 1101 The user issues a login request and enters the switch.
  • Step 1102 Determine whether the user selects a real machine. If the real machine is selected, go to step 1103, otherwise go to step 1104;
  • Step 1103 switching to the real machine entrance
  • Step 1104 switching to the virtual machine entry
  • Step 1105 determining the real machine and application selected by the user, notifying the application agent to activate the application on the real machine, and returning the ip/spice port (port) number;
  • Step 1106 find the best virtual machine, and notify the application agent to activate the application on the virtual machine;
  • Step 1107 Spice server: transmits the first screen of the application to the client.
  • Figure 12 Real Machine Connection Manager
  • FIG 12 shows the workflow of the Real Machine Connection Manager.
  • the Connection Manager is responsible for accepting requests from users to use pcs (personal computers). First, it checks if the status of the pc is available, and then sends the application message that the client will use to the proxy controller. Proxy, let it open the corresponding application (application). Then the connection manager returns the information to the switch and records the user's usage. Condition.
  • the implementation process is as follows:
  • Step 1201 the real machine connection manager receives a request from the user to use the real machine
  • Step 1202 the real machine connection manager queries the real machine list and the application list, and selects an application under a real machine;
  • step 1203 the real machine connection manager checks if the status of the pc is power on. If it is power on, go to step 1205, otherwise go to step 1204;
  • Step 1204 returning the check result to the switch, notifying the user that the pc is not started, and cannot be used; Step 1205, sending the application information that needs to be started to the agent, and modifying the state of the pc;
  • Step 1206 determining whether the application is started. If the application has been started, go to step 1208, otherwise go to step 1207;
  • Step 1207 returning to the switch, notifying the user that the application fails to be started, and cannot be used; Step 1208, returning information such as the ip/vnc port of the pc to the switch.
  • FIG. 13 shows the working process diagram of the agent controller.
  • the proxy controller is responsible for receiving the proxy to send to
  • ActiveMQ messages including pc's poweron/poweroff and user login/logout (login/logout); when the user requests to use pc, the proxy controller sends an open/close app command to the proxy.
  • the agent will send a heart beat to the agent controller periodically after the pc starts. If the heart beat is not received after the timeout, the PC will be considered as poweroff and the user will not be able to use it.
  • the implementation process is as follows:
  • Step 1301 the proxy controller receives a heart beat sent by the proxy
  • Step 1302 The proxy controller receives a message sent by the proxy to the ActiveMQ.
  • Step 1303 the agent controller determines whether the heartbea is received within a certain time, if yes, go to step 1315, otherwise go to step 1309;
  • Step 1304 the proxy controller user issues a login request. If yes, go to the step
  • step 1305 the agent controller determines whether the user has issued a logout request. If yes, go to step 1311, otherwise go to step 1306;
  • Step 1306 the agent controller determines whether the user has issued a power on request. If yes, go to step 1312, otherwise go to step 1307;
  • Step 1307 The proxy controller determines whether the user receives the power off request. If yes, go to step 1313, otherwise go to step 1308;
  • the agent controller determines if the user requests to use the pc. If yes, go to step 1314, otherwise go to step 1315;
  • Step 1309 notifying that the pc has poweroff, the user cannot use
  • Step 1310 sending a login instruction to the agent
  • Step 1311 sending a logout instruction to the agent
  • Step 1312 sending a power on command to the agent
  • Step 1313 sending a power off command to the agent;
  • Step 1314 sending an instruction to open/close the application to the agent;
  • Step 1315 no action.
  • Figure 14 shows the process diagram for obtaining the usage record of the real machine/application. According to the record of the user using pc/application, a report of user usage is generated, including usage statistics of each application, usage time statistics of pc, and the like.
  • the specific implementation process is as follows:
  • Step 1401 entering with the requested real machine/application value
  • Step 1402 Determine whether the real machine is in an operating state. If yes, go to step 1404, otherwise go to step 1403;
  • Step 1403 returning an error
  • Step 1404 obtaining a process ID (PID) of the real machine
  • Step 1406 returning the CPU, memory, heartbeat information, usage time, and application time of the real machine
  • Step 1407 generating an application usage report.
  • Figure 15 real machine status manager
  • FIG. 15 shows the working process diagram of the real machine status manager.
  • the real machine status manager is responsible for monitoring the status of the pc. It is one of poweron/poweroff/using and is responsible for state transition.
  • the implementation process is as follows: Step 1501, the state manager obtains the state of the real machine;
  • Step 1502 Determine whether the status is Power on. If yes, go to step 1506, otherwise go to step 1503;
  • Step 1503 Determine whether the status is Power off. If yes, go to step 1506, otherwise go to step 1504;
  • Step 1504 Determine whether the status is in use. If yes, go to step 1506, otherwise go to step 1505;
  • Figure 16-21 shows the virtual machine pool management section.
  • Figure 16 shows the process diagram for the overnight pool change strategy.
  • VDI virtual machine pool
  • the schedule of the class a certain type of virtual machine pool is arranged in advance for a class (without letting the students choose the operating system themselves).
  • VDI must have a policy management that pre-arranges virtual machine pools according to the course schedule. For example, the day before, knowing that a class will switch to a different operating system the next day, it will automatically switch to the course schedule overnight. This kind of strategy is not flexible enough to cope with the sudden change of the course, and there are still cases of changing the pool that day, waiting for students to wait.
  • the seat and classroom management database in Figure 1A is used to store this part. The data of the points.
  • the implementation process is as follows:
  • Step 1601 Create a virtual machine on the template, and clone the virtual machine by using a virtual machine template.
  • Step 1602 every morning, open the virtual machine
  • Step 1604 statically binding the classroom to the virtual machine pool according to the curriculum table
  • Step 1605 after the evening course ends, the virtual machine is turned off
  • Step 1606 restoring the virtual machine.
  • Figure 17 Alternate pool diagram for bulk restore
  • Figure 17 shows the process diagram for the creation of a spare pool.
  • the spare pool is mainly used to solve the sudden change of the course, which requires changing the course within 10 minutes between classes. Since the restoration and opening of large-volume virtual machines requires a long period of time, it is generally difficult to complete the task of replacing the curriculum in such a short period of time. In this case, a spare pool is needed.
  • the steps to create are as follows:
  • Step 1701 Create a primary virtual machine pool.
  • Step 1702 setting a default state of the primary virtual machine pool to power on
  • Step 1703 Create a corresponding backup pool by using linked-clone, and perform one-to-one correspondence with the primary virtual machine by using the pool name.
  • the linked-clone method is used to save physical server resources.
  • Step 1704 Set the default state of the standby pool. For suspend, this setting is to restore the virtual machine in the Jiang spare pool to normal working status in a short time.
  • Figure 18 Spare pool usage strategy 1 request virtual machine
  • Figure 18 shows the alternate pool usage policy—the process of requesting a virtual machine.
  • the user requests the virtual machine. If the virtual machine in the primary virtual machine pool is sufficient, the virtual machine in the primary virtual machine pool is used, otherwise the primary virtual machine pool is used.
  • the virtual machine in the corresponding spare pool the steps are as follows:
  • Step 1801 the user requests a virtual machine
  • Step 1802 Determine whether the virtual machine status in the primary pool is power on. If yes, go to step 1803, otherwise go to step 1804;
  • Step 1803 assigning a virtual machine to the user
  • Step 1804 Determine whether the status of the corresponding standby virtual machine in the standby pool is power On. If yes, go to step 1803, otherwise go to step 1805;
  • Step 1805 Determine whether the virtual machine status in the primary pool is suspend. If yes, go to step 1805, otherwise go to step 1807;
  • Step 1806 the system automatically starts up and allocates it to the user for use
  • Step 1807 Determine whether the status of the corresponding standby virtual machine in the standby pool is suspend. If yes, go to step 1806, otherwise go to step 1808;
  • Step 1808 informing the user that no virtual machine is available.
  • Figure 19 Backup pool optimization strategy Figure 19 shows the optimization strategy for the spare pool.
  • all virtual machine pools can be regarded as spare pools, and then the classroom and standby pools are dynamically assigned by time.
  • the implementation process is as follows:
  • Step 1901 the course schedule changes temporarily
  • Step 1902 Dynamically designating the classroom and the standby pool according to time
  • Step 1906 For pool ⁇ l to n
  • step 1907 it is determined whether the classroom is in the curriculum at this time. If yes, go to step 1905, otherwise go to step 1913;
  • Step 1910 Determine EnergyEfficiency (pool) ⁇ 60%? If yes, go to step 1905, otherwise go to step 1911;
  • Step 191 pool has not yet complete batch-revert? If yes, go to step 1905, otherwise go to step 1912;
  • Figure 20 shows the process of using the standby pool to exit the virtual machine. After the standby pool is used, the user wants to return the virtual machine and exit the standby pool. Proceed as follows:
  • Step 2001 the user issues a request to quit the virtual machine
  • Step 2002 the system puts the virtual machine into a revert waiting queue
  • step 2003 the status of the desktop is set to restore (REVERTING).
  • Figure 21 Elastic pool rules
  • Figure 21 shows the rule diagram for the elastic pool.
  • the implementation process is as follows:
  • Step 2101 Set an elastic pool size parameter.
  • Step 2103 Determine whether the user requests the virtual machine. If yes, go to step 2107, otherwise go to step 2104; In step 2104, it is determined whether the user returns the virtual machine. If yes, go to step 2108, otherwise go to step 2105;
  • Step 2105 illegal operation, error reporting
  • Step 2106 no action
  • Step 2108 Find a virtual machine in the pool that is in an idle state for more than a certain period of time; Step 2109, determine "RUNNING - idle ⁇ min?". If yes, go to step 2113, otherwise go to step 2110;
  • step 2112 it is determined whether there is a virtual machine with a power off. If yes, go to step 2115, otherwise go to step 2111;
  • Step 2116 call the power on virtual machine, the number of Provision- (idle and power on the machine + the virtual machine being started).
  • Figure 22 through Figure 27 show the process of application virtualization, application tiering, virtual machines, and virtual applications.
  • Figure 22 shows the implementation process of the pre-deployment action.
  • the purpose of the pre-deployment action is to collect various software and hardware information of the user's computer, and provide a basis for creating a virtual machine template later. It is implemented as a mutual interaction process between the client and the server, and the steps are as follows - Step 2201, the client user registers;
  • Step 2202 Check user registration information.
  • Step 2203 collecting PC information and sending it to the server
  • Step 2204 saving basic pc information
  • Step 2205 Collect all file extension information in the registry and send the information to the server.
  • Step 2206 saving user file link information
  • Step 2207 Check from the registry whether the user installs an application from the server
  • Step 2208 find the link application of all user file extensions and return to the client
  • Step 2209 Send all user-installed applications to the server
  • Step 2210 Save the application installed by the user.
  • Step 2211 View an unrecognized path from the registry and send it to the server.
  • Step 2212 save other software registration paths
  • Step 2213 Collect user desktop shortcut information and send it to the server.
  • Step 2214 save user shortcut information
  • Step 2215 uploading personal data of the user
  • Step 2216 sending user data to the server
  • Step 2217 saving user data information
  • Step 2218 please provide cd or upload exe, dll;
  • Step 2219 listing the unserialized application to the client
  • Step 2220 uploading an exe or a dll
  • Step 2221 saving the information uploaded by the user
  • Step 2222 the user confirms all the information
  • step 2223 the server side confirmation ends.
  • Figure 23 Pre-deployment action client sequence table diagram
  • Figure 23 shows a sequence table diagram of the pre-deployment action client.
  • the role of the client is to manage the user's authorization and collect computer-related information that the user needs.
  • the implementation steps are as follows - step 2301, the user sends a start request to the client;
  • Step 2302 the pre-deployment action client collects user information from the active directory (AD); Step 2303, the pre-deployment action client sends the base information to the server end thereof;
  • step 2304 it is determined whether the return is successful. If yes, go to step 2306, otherwise, go to step 2305;
  • Step 2305 the user quits
  • Step 2306 the pre-deployment action client collects related information.
  • Step 2307 the user wants to select related information
  • Step 2308 the pre-deployment action client transmits the base information, the application information, and uploads the related file to the pre-deployment action server;
  • Step 2309 The pre-deployment action client sends an end notification to its server.
  • Step 2310 the user finally confirms
  • Step 2311 the pre-deployment action client confirms or cancels
  • step 2312 the user logs out.
  • Figure 24 shows the implementation process of the SOD application stream.
  • the application is provided from a data center or other network location and runs locally on a remote client (client) in a virtual environment.
  • Virtualized applications run in a vacuum zone and operate independently of the operating system and other applications on the local desktop. It simulates the environment in which the software is used on the computer, so that the software can be run normally in the virtual environment even if the software is not installed on the computer.
  • the software no longer requires traditional download, install, and uninstall steps; direct use of the software, no need to restart, wait time; different applications are compatible, no conflicts; no longer Troubled with program failures, updates, migration issues.
  • the SOD application stream is based on the preparation of the Sequencer and Client (client).
  • the function of the Sequencer part is mainly to pre-process the application suite (application suite).
  • application suite application suite
  • the specific implementation of the Sequencer is described in detail in Figure 22.
  • the function of the client is mainly to run the Application package that starts the Sequencer sequence (serialization).
  • the application, the specific implementation of the Client has been described in detail in Figure 23.
  • the SOD client can be installed on a remote terminal client device, or it can be installed on a virtual machine or a real machine in the background service point.
  • the SOD application stream implementation steps are as follows:
  • the operation procedure of the client is - step 2401, the user enters the operation interface
  • Step 2402 Select an application according to user rights
  • Step 2403 Check an application ID from the application list.
  • Step 2404 determining whether the user uses the application for the first time. If yes, go to step 2405, otherwise go to step 2407;
  • Step 2405 the application response is connected to the SOD server through a config (configuration) file;
  • Step 2406 receiving the application file stream on the server side;
  • Step 2407 using a virtual application on the client
  • the server-side steps are as follows:
  • Step 2410 starting the server
  • Step 2411 installing a monitoring directory, and starting a monitoring program
  • Step 2412 start installing an application
  • Step 2413 monitoring the registry, the files installed to the C drive, and the like;
  • step 2414 it is determined whether the installation process is finished. If the installation process is finished, then go to step 2415, otherwise go to step 2413;
  • Step 2415 collecting various file information, registry information
  • Step 2416 sorting the files
  • Step 2417 the package is packaged into a tsap file
  • Step 2418 Receive an application request sent by the client.
  • Step 2419 Find an application by using an ID
  • step 2420 the application file is streamed to the client.
  • Figure 25 Combination of VDI and SOD
  • Figure 25 depicts the process of combining VDI with SOD, primarily by installing a virtual application on a virtual machine.
  • a virtual application primarily by installing a virtual application on a virtual machine.
  • users can also be provided with multiple choices, and the user can use either the virtual application on the virtual machine or the application actually installed on the virtual machine.
  • the implementation process is as follows:
  • Step 2501 collecting setting information of a memory, a CPU, an application, a host, an operating system, etc.; Step 2502, establishing a template record by using the above information;
  • Step 2503 the virtual machine is created by using the template record information, and the specific process of creating the virtual machine is described in detail in the patent of the application number "CN 200810204286.X"; Step 2504, installing the SOD client on the virtual machine;
  • Step 2505 providing an image file
  • the above collected information is mainly obtained through the pre-deployment action process in Figure 22, and based on this information, the template is constructed.
  • the user requests to use the virtual application on the virtual machine.
  • the SOD client program automatically finds the application on the backend server (SOD server side), then streams the application to the virtual machine, and the user can use the virtual application on the virtual machine.
  • Figure 26 depicts the implementation of template versioning.
  • the version tree can be used to solve the problem of template versioning.
  • the implementation process is as follows:
  • Step 2601 fixing the template
  • Step 2602 installing an operating system, providing an image file
  • Step 2603 installing a VDI, determining an action to be deployed on the template
  • Step 2604 a new template request appears, and a new template version is replaced;
  • Step 2605 build a version tree, and the initial version is set to the root node of the tree;
  • Step 2606 placing the new version on the leaf node of the tree
  • Step 2607 continuously expanding the child nodes of the tree
  • Step 2608 periodically evaluating the version tree
  • step 2609 the redundant old node is removed, and the version tree is optimized.
  • Figure 27 Layered virtual desktop
  • Figure 27 shows the layered-VDI method, which tiers the desktop and its applications according to the organization of the company. This helps administrators to manage hierarchically. Different administrators have different Administrative authority, can be responsible for managing different layers, the layers are independent, and the layers are related. On the other hand, users use VDI, which essentially uses the application on the virtual desktop, and how to use the application conveniently and quickly, in order to maximize the value of VDI.
  • virtual desktops are sequentially divided into four levels: a company operating system, a company application, a user application, and user data & settings from bottom to top. The implementation process is as follows:
  • Step 2701 layered according to the organization form of the company: from bottom to top, the company operating system, company application, user application, user data &settings;
  • Step 2702 using a virtual workspace manager to manage each layer separately;
  • Step 2703 setting different administrator and user rights: carrier level administrator, company operating system administrator, company application administrator, user permission setting;
  • Step 2704 different administrators enter their own management interface according to the corresponding rights;
  • Step 2705 the administrator manages the application within the corresponding responsibilities;
  • Figure 28 depicts a preferred embodiment of the virtual desktop infrastructure of the present invention for a securities company, primarily for addressing the issue of a session of a securities company spanning multiple screens.
  • Figure 28 shows the working process diagram of how to display data on multiple screens when the display data exceeds the screen range.
  • the main idea is:
  • the application proxy consists of two parts, one part (high-end) called application generator, and the bottom part called virtual interface.
  • the virtual interface detects the application data written on the display memory, calculates the number of exceeded screens if the screen range is exceeded, and notifies the application generator to generate a process for each of the exceeded screens. Send the screen of the original application along with the screen of the generated process to the client.
  • the specific process is as follows:
  • Step 2801 the client selects the application request virtual machine/real machine (the manner in which the client sends the request is different, and may be a request from a certain device, or may be automatically generated when the user starts up);
  • Step 2802 the request arrives at the background service point (the request is transmitted to the background service point);
  • Step 2803 the application agent opens the corresponding application;
  • step 2804 it is determined whether the application starts normally. If the application is started, go to step 2806, otherwise go to step 2805;
  • Step 2805 telling the client that the application fails to start, and an error is reported, and the request ends.
  • Step 2806 once it is learned that the application has been started, the application agent automatically monitors the application data; Step 2807, it is determined whether the display data exceeds the screen range. If yes, go to step 2808, otherwise go to step 2809;
  • Step 2808 calculating the number of screens beyond which the display data is exceeded, and the application agent generates a corresponding number of processes (a process is an application);
  • Step 2809 start the spice server, and send the application screen to the client.
  • Step 2810 start the spice server, and send the screen of the original application and the generated process screen to the client;
  • step 2811 the client receives the screen and displays it on the display.
  • Figure 29 depicts a preferred embodiment of the virtual desktop infrastructure of the present invention for use in a factory, primarily to address the issue of multiple sessions of a factory being displayed on a large screen.
  • Figure 29 shows the working process diagram of the screen partition display. Mainly to solve the problem of dividing a large screen into multiple zones, each zone displaying different content. The main idea is: Set the same IP address and different TCP port numbers for each partition of a large screen on the client side to distinguish each partition. According to the IP address and TCP port number of the partition requesting the virtual desktop, The virtual desktop is returned to the partition.
  • the working process is as follows: Step 2901, the client sets different port numbers of the same IP address to different partitions of the same display screen;
  • Step 2902 the user (select application) requests a virtual machine/real machine
  • Step 2903 the request arrives at the background service point
  • Step 2904 determining whether the client requires seamless (seamless refers to whether the client requires an open computer, the first screen received is not the desktop, but the application). If yes, go to step 2905, otherwise go to step 2906; Step 2905, the application agent views the application list.
  • Step 2906 the application agent opens the application
  • Step 2907 find the application and launch the application
  • Step 2908 start the spice server, and return the screen to the client;
  • step 2909 the client sends the application screen to the corresponding display area according to the IP and port number;
  • Step 2910 refresh the screen.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention porte sur une infrastructure de bureau virtuel de point de service intelligent multidimensionnel. La dimension transversale se compose d'un équipement client, d'un point d'accès, d'un point de commutation de service et d'un point de service d'arrière-plan, formant ainsi un trajet de transmission d'un bureau virtuel. La dimension longitudinale se compose d'un système d'exploitation de société, d'une application de société, d'une application d'utilisateur, de données et de paramètres d'utilisateur, de la division d'une machine virtuelle en un certain nombre de couches faciles à gérer. Comme le point d'accès, le point de commutation de service et le point de service d' arrière-plan gèrent la totalité de l'infrastructure, une gestion centralisée de la machine virtuelle d'arrière-plan, du programme d'application virtuel, de la machine réelle et de la remise sur demande du bureau virtuel peut être obtenue. Le point de service d'arrière-plan incorpore la gestion de machine virtuelle et la gestion de machine réelle en un système unifié, intègre la gestion de la machine virtuelle et la gestion de l'application virtuelle et divise la machine virtuelle et le programme d'application virtuel et les données relatives à celui-ci en un certain nombre de couches indépendantes. La transmission du bureau virtuel fournit une couverture du réseau de bout en bout par l'utilisation du protocole d'initiation de session (SIP) et du protocole de bureau à distance.
PCT/CN2012/000159 2011-02-11 2012-02-10 Procédé de bureau virtuel et infrastructure de bureau virtuel de point de service intelligent multidimensionnel Ceased WO2012106980A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110036438.1 2011-02-11
CN201110036438.1A CN102638475B (zh) 2011-02-11 2011-02-11 多维智能服务点虚拟桌面方法及基础架构

Publications (1)

Publication Number Publication Date
WO2012106980A1 true WO2012106980A1 (fr) 2012-08-16

Family

ID=46622718

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/000159 Ceased WO2012106980A1 (fr) 2011-02-11 2012-02-10 Procédé de bureau virtuel et infrastructure de bureau virtuel de point de service intelligent multidimensionnel

Country Status (2)

Country Link
CN (1) CN102638475B (fr)
WO (1) WO2012106980A1 (fr)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105407115A (zh) * 2014-09-03 2016-03-16 中国石油化工股份有限公司 一种基于vnc调度的负载均衡方法及其系统
US9846586B2 (en) 2012-09-29 2017-12-19 International Business Machines Corporation Creating a virtual machine and cloud server
CN107959824A (zh) * 2017-10-31 2018-04-24 深信服科技股份有限公司 一种监控视频处理方法、物理服务器及存储介质
CN109195177A (zh) * 2018-09-14 2019-01-11 国云科技股份有限公司 基于ActiveMQ的基站手机停留时间实时统计方法
CN110740352A (zh) * 2019-11-14 2020-01-31 北京京航计算通讯研究所 显卡透传环境下基于spice协议的差异图像显示方法
CN110738034A (zh) * 2018-07-20 2020-01-31 中兴通讯股份有限公司 教学模板管理方法、设备以及计算机可读存储介质
CN110868614A (zh) * 2019-11-14 2020-03-06 北京京航计算通讯研究所 显卡透传环境下基于spice协议的差异图像显示系统
CN114461157A (zh) * 2021-12-23 2022-05-10 天翼云科技有限公司 一种idv客户端多屏分治方法及系统
CN114692120A (zh) * 2020-12-30 2022-07-01 成都鼎桥通信技术有限公司 国密认证方法、虚拟机、终端设备、系统及存储介质
WO2023019736A1 (fr) * 2021-08-20 2023-02-23 苏州浪潮智能科技有限公司 Procédé et appareil de gestion de service qga à base d'hôte en nuage, dispositif et support

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103634484B (zh) * 2012-08-27 2019-01-04 中兴通讯股份有限公司 终端切换方法、装置及系统
CN103677972B (zh) * 2012-09-25 2017-04-26 中国电信股份有限公司 呈现虚拟桌面元数据的方法、装置及系统
CN103020517B (zh) * 2012-11-28 2015-09-16 福建伊时代信息科技股份有限公司 Usb虚拟桌面设备的互访方法和系统
WO2014101163A1 (fr) * 2012-12-31 2014-07-03 华为技术有限公司 Appareil, dispositif et procédé permettant de fournir un service de bureau virtuel
CN103369029B (zh) * 2013-05-15 2016-04-13 北京航空航天大学 本地桌面和远程虚拟桌面同步方法、系统及使用方法
KR101541591B1 (ko) * 2013-05-16 2015-08-03 삼성에스디에스 주식회사 Vdi 환경에서의 싱글 사인온 시스템 및 방법
CN103685441B (zh) * 2013-07-02 2017-07-07 中国科学院重庆绿色智能技术研究院 一种基于龙芯终端的远程桌面控制系统
CN103414712B (zh) * 2013-08-05 2016-01-27 深圳市杰云科技有限公司 一种分布式虚拟桌面管理系统和方法
CN103561090B (zh) * 2013-10-31 2017-01-11 北京云巢动脉科技有限公司 数据通讯方法、装置及系统
CN103607460A (zh) * 2013-11-20 2014-02-26 曙光信息产业(北京)有限公司 集中化计算处理系统
CN104717061B (zh) * 2013-12-11 2018-02-27 中国电信股份有限公司 虚拟桌面的身份识别和访问控制方法及系统
CN103873568A (zh) * 2014-03-04 2014-06-18 赛特斯信息科技股份有限公司 基于云计算实现远程虚拟桌面显示的系统及方法
CN105282095A (zh) * 2014-06-18 2016-01-27 中兴通讯股份有限公司 虚拟桌面登录验证方法和装置
CN105005716B (zh) * 2015-06-16 2018-01-09 中国科学院计算技术研究所 一种应用程序远程交付系统及远程交付方法
CN106330999B (zh) * 2015-06-19 2020-08-21 南京中兴软件有限责任公司 实现客户端与虚拟桌面数据共享的方法、客户端和系统
CN105763532B (zh) * 2016-01-05 2019-05-07 新华三技术有限公司 一种登录虚拟桌面的方法及装置
CN106060035B (zh) * 2016-05-26 2019-09-06 新华三技术有限公司 一种虚拟桌面的解锁方法及装置
CN113067852B (zh) * 2016-07-13 2022-07-26 华为技术有限公司 部署在平台上的应用程序的应用程序弹性系统及其方法
CN106295341A (zh) * 2016-08-11 2017-01-04 浪潮电子信息产业股份有限公司 基于虚拟化的企业数据中心安全解决方法
CN106959854A (zh) * 2017-03-23 2017-07-18 江苏磐数信息科技有限公司 云终端虚拟化系统
CN106686149A (zh) * 2017-03-23 2017-05-17 江苏磐数信息科技有限公司 端到端的企业级动态虚拟桌面交付方法
TWI648637B (zh) * 2017-11-30 2019-01-21 財團法人工業技術研究院 於平台部署與操作行動作業系統的系統及其方法
CN108769135B (zh) * 2018-05-07 2021-01-12 广州杰赛科技股份有限公司 云桌面连接方法、装置、设备及系统
CN109032785B (zh) * 2018-08-14 2022-04-01 北京交通大学 一种基于虚拟桌面的工作流程管控方法及系统
CN110018873A (zh) * 2019-03-31 2019-07-16 山东超越数控电子股份有限公司 一种基于fpga优化虚拟桌面传输的方法
CN110336846B (zh) * 2019-04-15 2020-12-08 长飞光纤光缆股份有限公司 一种基于spice协议的云桌面文件拖拽传输的方法
CN112543112A (zh) * 2019-09-23 2021-03-23 广东引视科技有限公司 一种云桌面智能管理系统
CN110992751A (zh) * 2019-11-29 2020-04-10 广州市粤联信息科技有限公司 一种云+端的虚拟课室构建及其媒体流广播方法
CN111752717B (zh) * 2020-07-08 2021-08-31 广州爱浦路网络技术有限公司 Smf智能扩展方法和装置、smf会话建立的通信方法
CN112052061A (zh) * 2020-09-23 2020-12-08 深圳市哈哈丫丫互联网有限公司 一种通用快餐式“云桌面”设计方案
CN112615810B (zh) * 2020-11-17 2022-08-30 新华三技术有限公司 一种访问控制方法及装置
CN115051993A (zh) * 2022-06-01 2022-09-13 上海弘积信息科技有限公司 一种基于mc集中管理系统的业务虚拟机弹性伸缩方法
CN115879065A (zh) * 2022-11-03 2023-03-31 宝钢工程技术集团有限公司 一种基于web技术的软件使用权限管理机制

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1819011A (zh) * 2004-08-12 2006-08-16 Ati科技公司 显示屏分区再现的装置和方法
CN101231731A (zh) * 2007-01-25 2008-07-30 运软网络科技(上海)有限公司 一种应用虚拟化在公网上的通用商务方法及其迷你服务器
CN101317176A (zh) * 2005-11-29 2008-12-03 泰普有限公司 利用后台处理在移动设备浏览器上显示搜索结果
CN101754466A (zh) * 2008-12-10 2010-06-23 运软网络科技(上海)有限公司 移动虚拟化的基础设施以及基础平台

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050094663A1 (en) * 2003-11-05 2005-05-05 Interdigital Technology Corporation Method and system for providing intelligent remote access to wireless transmit/receive units

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1819011A (zh) * 2004-08-12 2006-08-16 Ati科技公司 显示屏分区再现的装置和方法
CN101317176A (zh) * 2005-11-29 2008-12-03 泰普有限公司 利用后台处理在移动设备浏览器上显示搜索结果
CN101231731A (zh) * 2007-01-25 2008-07-30 运软网络科技(上海)有限公司 一种应用虚拟化在公网上的通用商务方法及其迷你服务器
CN101754466A (zh) * 2008-12-10 2010-06-23 运软网络科技(上海)有限公司 移动虚拟化的基础设施以及基础平台

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9846586B2 (en) 2012-09-29 2017-12-19 International Business Machines Corporation Creating a virtual machine and cloud server
CN105407115A (zh) * 2014-09-03 2016-03-16 中国石油化工股份有限公司 一种基于vnc调度的负载均衡方法及其系统
CN107959824A (zh) * 2017-10-31 2018-04-24 深信服科技股份有限公司 一种监控视频处理方法、物理服务器及存储介质
CN110738034A (zh) * 2018-07-20 2020-01-31 中兴通讯股份有限公司 教学模板管理方法、设备以及计算机可读存储介质
CN109195177B (zh) * 2018-09-14 2021-11-19 国云科技股份有限公司 基于ActiveMQ的基站手机停留时间实时统计方法
CN109195177A (zh) * 2018-09-14 2019-01-11 国云科技股份有限公司 基于ActiveMQ的基站手机停留时间实时统计方法
CN110740352A (zh) * 2019-11-14 2020-01-31 北京京航计算通讯研究所 显卡透传环境下基于spice协议的差异图像显示方法
CN110868614A (zh) * 2019-11-14 2020-03-06 北京京航计算通讯研究所 显卡透传环境下基于spice协议的差异图像显示系统
CN110740352B (zh) * 2019-11-14 2021-07-20 北京京航计算通讯研究所 显卡透传环境下基于spice协议的差异图像显示方法
CN110868614B (zh) * 2019-11-14 2021-09-28 北京京航计算通讯研究所 显卡透传环境下基于spice协议的差异图像显示系统
CN114692120A (zh) * 2020-12-30 2022-07-01 成都鼎桥通信技术有限公司 国密认证方法、虚拟机、终端设备、系统及存储介质
WO2023019736A1 (fr) * 2021-08-20 2023-02-23 苏州浪潮智能科技有限公司 Procédé et appareil de gestion de service qga à base d'hôte en nuage, dispositif et support
CN114461157A (zh) * 2021-12-23 2022-05-10 天翼云科技有限公司 一种idv客户端多屏分治方法及系统
CN114461157B (zh) * 2021-12-23 2023-11-03 天翼云科技有限公司 一种idv客户端多屏分治方法及系统

Also Published As

Publication number Publication date
CN102638475B (zh) 2014-12-10
CN102638475A (zh) 2012-08-15

Similar Documents

Publication Publication Date Title
CN102638475B (zh) 多维智能服务点虚拟桌面方法及基础架构
US10375170B2 (en) Low downtime software-defined wide area network service upgrade
US20220255912A1 (en) Secure Device Notifications From Remote Applications
US8010679B2 (en) Methods and systems for providing access to a computing environment provided by a virtual machine executing in a hypervisor executing in a terminal services session
US10645172B1 (en) Socket tunneling connections in a service provider environment
EP2375328A2 (fr) Procédés et systèmes pour fournir un accès à un environnement informatique
US20120331300A1 (en) Span Out Load Balancing Model
US11722461B2 (en) Connecting client devices to anonymous sessions via helpers
CN101188624A (zh) 基于虚拟机的网格中间件系统
WO2007100942A2 (fr) Procédés et systèmes de fourniture d'accès à un environnement informatique fourni par une machine virtuelle fonctionnant en exécution d'un hyperviseur dans une session de services de terminal
US11122019B2 (en) Systems and methods for client collaborated migration of live TLS connection
US20200004606A1 (en) Real-Time File System Event Mapping To Cloud Events
US20240020357A1 (en) Keyless licensing in a multi-cloud computing system
US20260111251A1 (en) System and Method for Managing Cloud Resources Through a Local Management Endpoint
EP4625877A1 (fr) Authentification d'entreprise avec tpm virtualisé
CN117763529A (zh) 一种实现云桌面与云应用融合管理的方法
Malta et al. An Authentication Broker for Virtual Laboratories
HK1162707A (en) Methods and systems for providing access to a computing environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12744748

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12744748

Country of ref document: EP

Kind code of ref document: A1