| Kubernetes容器云平台多租户方案研究与设计 |
| |
| 引用本文: | 黄丹池,何震苇,严丽云,林园致,杨新章. Kubernetes容器云平台多租户方案研究与设计[J]. 电信科学, 2020, 36(9): 102-111. DOI: 10.11959/j.issn.1000-0801.2020187 |
| |
| 作者姓名: | 黄丹池 何震苇 严丽云 林园致 杨新章 |
| |
| 作者单位: | 中国电信股份有限公司研究院,广东 广州 510630 |
| |
| 摘 要: | 在容器云平台中,租户共享底层的计算、存储、网络等资源,存在租户容器运行和数据安全问题。分析了 Kubernetes 访问控制和资源隔离实现方案基础上,提出了一种基于多租户访问控制模型的容器云平台多租户方案,涵盖多租户管理模型、多租户访问控制、计算资源隔离和网络资源隔离等,可切实提升基于Kubernetes的容器云平台的资源隔离能力,有效降低数据安全隐患。
|
| 关 键 词: | 多租户 Kubernetes 容器 |
Research and design of multi-tenant scheme for Kubernetes container cloud platform |
| |
| Danchi HUANG,Zhenwei HE,Liyun YAN,Yuanzhi LIN,Xinzhang YANG. Research and design of multi-tenant scheme for Kubernetes container cloud platform[J]. Telecommunications Science, 2020, 36(9): 102-111. DOI: 10.11959/j.issn.1000-0801.2020187 |
| |
| Authors: | Danchi HUANG Zhenwei HE Liyun YAN Yuanzhi LIN Xinzhang YANG |
| |
| Affiliation: | Research Institute of China Telecom Co.,Ltd.,Guangzhou 510630,China |
| |
| Abstract: | In the container cloud platform,tenants share the underlying computing,storage,network and other resources,and there are problems with the operation of the tenant container and data security.Based on the analysis of Kubernetes scheme based on access control and resource isolation,a multi-tenant cloud platform was proposed,which covers multi-tenancy management model,multi-tenant access control,computing resources isolated and network resources,etc.The proposed model can be practically improving resource isolation capability based on containers of Kubernetes cloud platform,effectively reduce the data security hidden danger. |
| |
| Keywords: | multi-tenant Kubernetes container |
|
| 点击此处可从《电信科学》浏览原始摘要信息 |
|
点击此处可从《电信科学》下载免费的PDF全文 |
|
