[go: up one dir, main page]

WO2024193085A1 - Gateway service request processing method and device, and cloud native gateway system management method and device - Google Patents

Gateway service request processing method and device, and cloud native gateway system management method and device Download PDF

Info

Publication number
WO2024193085A1
WO2024193085A1 PCT/CN2023/134349 CN2023134349W WO2024193085A1 WO 2024193085 A1 WO2024193085 A1 WO 2024193085A1 CN 2023134349 W CN2023134349 W CN 2023134349W WO 2024193085 A1 WO2024193085 A1 WO 2024193085A1
Authority
WO
WIPO (PCT)
Prior art keywords
gateway
target
information
service
address information
Prior art date
Application number
PCT/CN2023/134349
Other languages
French (fr)
Chinese (zh)
Inventor
韩相元
刘凯
赵建星
Original Assignee
京东科技信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 京东科技信息技术有限公司 filed Critical 京东科技信息技术有限公司
Publication of WO2024193085A1 publication Critical patent/WO2024193085A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • H04L67/63Routing a service request depending on the request content or context
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Definitions

  • the present disclosure relates to the fields of network technology and cloud native technology, and more specifically, to a method for processing a service request, a method and device for managing a cloud native gateway system, an electronic device, a computer-readable storage medium, and a computer program product.
  • API gateway can refer to a unified entry point on the system boundary for external access to internal interface services.
  • Kubernetes can include a collection of API resources based on different gateway definitions.
  • the Ingress API resource collection based on the Ingress gateway definition and the Gateway API resource collection based on the Gateway gateway definition.
  • the present disclosure provides a method for processing a service request, a method and device for managing a cloud native gateway system, an electronic device, a computer-readable storage medium, and a computer program product.
  • a method for processing a gateway service request comprising:
  • Target service information corresponding to the target service In response to receiving the pending gateway service request, determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target gateway information corresponding to the target gateway according to the preset mapping relationship and the pending gateway service configuration information in the pending gateway service request.
  • Target service information corresponding to the target service In response to receiving the pending gateway service request, determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target gateway information corresponding to the target gateway according to the preset mapping relationship and the pending gateway service configuration information in the pending gateway service request.
  • the to-be-processed gateway service request is sent to the target container group, so that the target container group processes the to-be-processed gateway service request.
  • determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service according to the preset mapping relationship and the pending gateway service configuration information in the pending gateway service request includes:
  • the target gateway cluster information determine the gateway address information corresponding to the target gateway and the service port information corresponding to the target service;
  • the target service information is determined according to the third preset mapping relationship and the service port information.
  • the target gateway cluster includes at least one gateway, each of the at least one gateway corresponds to at least one service, each of the at least one gateway corresponds to gateway address information, and each of the at least one service corresponds to service port information.
  • the determining of the gateway address information corresponding to the target gateway and the service port information corresponding to the target service according to the target gateway cluster information includes:
  • the service port information of the service corresponding to the gateway is determined according to the gateway address information corresponding to the gateway.
  • determining the target virtual Internet Protocol address information according to the gateway service configuration information to be processed includes:
  • the above target virtual network address information is determined.
  • the first preset mapping relationship includes at least one second key-value relationship
  • the second key-value relationship includes second key information and second value information
  • the at least one second key-value relationship is constructed in the following manner:
  • each second key-value relationship in the at least one second key-value relationship in response to receiving a gateway creation instruction, obtaining a gateway identifier, gateway configuration information, and a gateway cluster identifier;
  • the second key-value relationship is constructed according to the second key information and the second value information.
  • determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information includes:
  • the first resource pool determining target address information from the at least one first candidate address information
  • the virtual Internet Protocol address information configuring a second resource pool, wherein the second resource pool includes at least one second candidate address information
  • the second resource pool determining target address information in the at least one second candidate address information
  • the equal-cost multi-path routing protocol configure equal-cost routing information corresponding to the target address information
  • the above-mentioned equivalent routing information is determined as the above-mentioned gateway address information.
  • the second preset mapping relationship includes at least one third key-value relationship
  • the third key-value relationship includes third key information and third value information
  • the at least one third key-value relationship is constructed in the following manner:
  • gateway identifier determine the gateway address information corresponding to the above gateway identifier
  • the third key-value relationship is constructed according to the third key information and the third value information.
  • the target service information includes container group address information corresponding to each of the at least one container group.
  • the at least one corresponding to the target service is determined based on the target gateway cluster information, the target gateway information and the target service information.
  • the running status of each container group includes:
  • the step of determining a target container group in the at least one container group corresponding to the target service according to the respective running states of the at least one container group includes:
  • the container group In response to the running state of the container group being a normal running state, the container group is determined as the target container group.
  • sending the to-be-processed gateway service request to the target container group includes:
  • the target container group address information establish an actual network connection with the target container group
  • the to-be-processed service request is sent to the target container group.
  • a method for managing a cloud native gateway system including:
  • the gateway service request processing method processing the target gateway service request to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with the cloud native gateway system;
  • a gateway service request processing device including:
  • the first determining module is configured to, in response to receiving a pending gateway service request, determine, according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request, Determine the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service;
  • a second determination module is used to determine the respective running status of at least one container group corresponding to the target service according to the target gateway cluster information, the target gateway information and the target service information;
  • a third determining module configured to determine a target container group from the at least one container group corresponding to the target service according to the respective running states of the at least one container group.
  • the sending module is used to send the to-be-processed gateway service request to the target container group, so that the target container group processes the to-be-processed gateway service request.
  • a management device for a cloud native gateway system including:
  • a processing module configured to process a target gateway service request using a processing device for a gateway service request to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with a cloud native gateway system;
  • the management module is used to manage the cloud native gateway system according to the processing results.
  • an electronic device including:
  • processors one or more processors
  • a memory for storing one or more instructions
  • the one or more processors When the one or more instructions are executed by the one or more processors, the one or more processors implement the method described in the present disclosure.
  • a computer-readable storage medium on which executable instructions are stored.
  • the processor implements the method described in the present disclosure.
  • a computer program product includes computer executable instructions. When the computer executable instructions are executed, they are used to implement the method described in the present disclosure.
  • FIG1 schematically shows a system architecture to which a method for processing a gateway service request and a method for managing a cloud-native gateway system can be applied according to an embodiment of the present disclosure
  • FIG2 schematically shows a flow chart of a method for processing a gateway service request according to an embodiment of the present disclosure
  • FIG. 3 schematically shows an example schematic diagram of determining target gateway cluster information corresponding to a target gateway cluster, target gateway information corresponding to a target gateway, and target service information corresponding to a target service according to a preset mapping relationship and the to-be-processed gateway service configuration information in the to-be-processed service request according to an embodiment of the present disclosure
  • FIG4 schematically shows an example schematic diagram of constructing a second key-value relationship according to an embodiment of the present disclosure
  • 5A schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to an embodiment of the present disclosure
  • 5B schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to another embodiment of the present disclosure
  • FIG6 schematically shows an example schematic diagram of constructing a third key-value relationship according to an embodiment of the present disclosure
  • FIG. 7 schematically shows an example schematic diagram of determining the respective running states of at least one container group corresponding to a target service according to target gateway cluster information, target gateway information and target service information according to an embodiment of the present disclosure
  • FIG8 schematically shows an example schematic diagram of a method for processing a gateway service request according to an embodiment of the present disclosure
  • FIG9 schematically shows an example schematic diagram of a method for managing a cloud native gateway system according to an embodiment of the present disclosure
  • FIG10 schematically shows a block diagram of a device for processing a service request according to an embodiment of the present disclosure
  • FIG. 11 schematically shows a management device of a cloud native gateway system according to an embodiment of the present disclosure. Example schematic diagram of the configuration.
  • Figure 12 schematically shows a block diagram of an electronic device suitable for implementing a method for processing gateway service requests and a method for managing a cloud-native gateway system according to an embodiment of the present disclosure.
  • the collection, updating, analysis, processing, use, transmission, provision, disclosure, storage, etc. of the data involved are in compliance with the provisions of relevant laws and regulations, are used for legitimate purposes, and do not violate public order and good morals.
  • necessary measures are taken for user personal information to prevent illegal access to user personal information data and maintain the security of user personal information, network security, and national security.
  • the user's authorization or consent is obtained before obtaining or collecting the user's personal information.
  • the user information can be desensitized by using methods including de-identification or anonymization to protect the security of user information.
  • the API gateway can receive client requests, forward the requests to the corresponding backend system services according to predetermined policies and routes, and process the results returned by the backend servers.
  • the resources in the Ingress API resource collection and the gateway API resource collection can work together to build models for various network use cases.
  • the gateway API resource collection can include at least one of the following: gatewayclass resources, gateway resources, HTTPRoute resources, TCPRoute resources, and Service resources.
  • the gateway API can achieve configuration decoupling by separating resource objects so that resources can be managed by people with different roles.
  • the present disclosure provides a method for processing a gateway service request, a method and device for managing a cloud native gateway system, which can be applied to the fields of network technology and cloud native technology.
  • the method for processing a gateway service request includes: in response to receiving a pending gateway service request, determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target gateway information corresponding to the target service according to the preset mapping relationship and the pending gateway service configuration information in the pending gateway service request.
  • the target service information is obtained; according to the target gateway cluster information, the target gateway information and the target service information, the operating status of at least one container group corresponding to the target service is determined; according to the operating status of at least one container group corresponding to the target service, the target container group is determined in the at least one container group; the to-be-processed gateway service request is sent to the target container group, so that the target container group processes the to-be-processed gateway service request.
  • the method for processing gateway service requests, the method for managing a cloud native gateway system, and the device provided in the embodiments of the present disclosure can be used in the field of network technology and the field of cloud native technology, for example, in the field of container technology.
  • the method for processing gateway service requests, the method for managing a cloud native gateway system, and the device provided in the embodiments of the present disclosure can also be used in any field other than the field of network technology and the field of cloud native technology, for example, in the field of information processing technology.
  • the application field of the method for processing gateway service requests, the method for managing a cloud native gateway system, and the device provided in the embodiments of the present disclosure is not limited.
  • FIG1 schematically shows a system architecture to which a method for processing a gateway service request and a method for managing a cloud native gateway system can be applied according to an embodiment of the present disclosure. It should be noted that FIG1 is only an example of a system architecture to which an embodiment of the present disclosure can be applied, to help those skilled in the art understand the technical content of the present disclosure, but does not mean that the embodiment of the present disclosure cannot be used in other devices, systems, environments or scenarios.
  • the system architecture 100 may include a first terminal device 101, a second terminal device 102, a third terminal device 103, a network 104, and a server 105.
  • the network 104 is used to provide a medium for a communication link between the first terminal device 101, the second terminal device 102, the third terminal device 103, and the server 105.
  • the network 104 may include various connection types, such as wired, wireless communication links, or optical fiber cables, etc.
  • the user may use at least one of the first terminal device 101, the second terminal device 102, and the third terminal device 103 to interact with the server 105 through the network 104 to receive or send messages, etc.
  • Various communication client applications may be installed on the first terminal device 101, the second terminal device 102, and the third terminal device 103, such as shopping applications, web browser applications, search applications, instant messaging tools, email clients, social platform software, etc. (only for example).
  • the first terminal device 101, the second terminal device 102, and the third terminal device 103 can be various electronic devices with display screens and supporting web browsing, including but not limited to smart phones, Tablets, laptops, desktops, and more.
  • the server 105 may be a server that provides various services, such as a background management server (only as an example) that provides support for websites browsed by users using the first terminal device 101, the second terminal device 102, and the third terminal device 103.
  • the background management server may analyze and process the received data such as user requests, and feed back the processing results (such as web pages, information, or data obtained or generated according to user requests) to the terminal device.
  • the method for processing the gateway service request and the method for managing the cloud native gateway system provided in the embodiment of the present disclosure can generally be executed by the server 105.
  • the processing device for the gateway service request and the management device for the cloud native gateway system provided in the embodiment of the present disclosure can generally be set in the server 105.
  • the method for processing the gateway service request and the management method for the cloud native gateway system provided in the embodiment of the present disclosure can also be executed by a server or server cluster that is different from the server 105 and can communicate with the first terminal device 101, the second terminal device 102, the third terminal device 103 and/or the server 105.
  • the processing device for the gateway service request and the management device for the cloud native gateway system provided in the embodiment of the present disclosure can also be set in a server or server cluster that is different from the server 105 and can communicate with the first terminal device 101, the second terminal device 102, the third terminal device 103 and/or the server 105.
  • the method for processing a gateway service request and the method for managing a cloud-native gateway system provided in the embodiments of the present disclosure may also be executed by the first terminal device 101, the second terminal device 102, or the third terminal device 103, or may also be executed by other terminal devices different from the first terminal device 101, the second terminal device 102, or the third terminal device 103.
  • the device for processing a gateway service request and the device for managing a cloud-native gateway system provided in the embodiments of the present disclosure may also be provided in the first terminal device 101, the second terminal device 102, or the third terminal device 103, or in other terminal devices different from the first terminal device 101, the second terminal device 102, or the third terminal device 103.
  • terminal devices, networks and servers in Figure 1 is only illustrative. Any number of terminal devices, networks and servers may be provided according to implementation requirements.
  • sequence numbers of the operations in the following method are only used as representations of the operations for the purpose of description, and should not be regarded as representing the execution order of the operations. Unless explicitly stated, the method does not need to be executed completely in the order shown.
  • FIG2 schematically shows a flow chart of a method for processing a gateway service request according to an embodiment of the present disclosure.
  • the gateway service request processing method 200 includes operations S210 to S240 .
  • target gateway cluster information corresponding to the target gateway cluster, target gateway information corresponding to the target gateway, and target service information corresponding to the target service are determined according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request.
  • the operating state of each of at least one container group corresponding to the target service is determined according to the target gateway cluster information, the target gateway information, and the target service information.
  • a target container group is determined in the at least one container group according to the respective running states of the at least one container group corresponding to the target service.
  • the to-be-processed gateway service request is sent to the target container group, so that the target container group processes the to-be-processed gateway service request.
  • a method for processing a gateway service request can be implemented based on the container orchestration engine Kubernetes.
  • Kubernetes multiple containers can be created, an application instance can be run in each container, and the application instance can be managed and accessed through the built-in strategy.
  • a service in Kubernetes can be exposed to the outside of the cluster or a request outside the cluster can be forwarded to the inside of the cluster through a gateway proxy for access by clients outside the cluster.
  • the method of implementing the interaction between Kubernetes and the client may include at least one of the following: a method based on Ingress and Ingress Controller, and a method based on gateway and gatewayController.
  • Ingress and gateway may refer to routing rules customized by the client.
  • IngressController and gatewayController may be provided by software vendors, and may dynamically perceive changes in routing rules in the cluster through interaction with Kubernetes.
  • a code for generating a pending gateway service request may be pre-written into a target script.
  • the target terminal may run the target script to generate a pending gateway service request message and send the message to a server, so that the server can process the pending gateway service request. Service request message for processing.
  • the preset mapping relationship may include at least one of the following: a preset mapping relationship between virtual Internet Protocol address (VIP) information and gateway cluster information, a preset mapping relationship between gateway address information and gateway information, and a preset mapping relationship between service port information and service information.
  • VIP virtual Internet Protocol address
  • gateway cluster information can be used to describe different gateway clusters.
  • the gateway cluster information can include at least one of a gateway cluster identifier and a gateway cluster name.
  • the virtual Internet Protocol address information matching the service configuration information to be processed can be determined based on a preset mapping relationship between the virtual Internet Protocol address information and the gateway cluster information.
  • the gateway cluster information corresponding to the virtual Internet Protocol address information can be determined as the target gateway cluster information.
  • a gateway cluster may include at least one gateway. At least one gateway may each correspond to gateway address information.
  • the gateway may refer to an API gateway (i.e., Application Programming Interface, application program interface gateway).
  • the gateway may include at least one of the following: Spring Cloud Gateway gateway and Nginx gateway.
  • the gateway may route according to the request received from the client so as to forward the request to the corresponding backend service.
  • the gateway may route according to the data received from the backend service so as to forward the data to the corresponding client.
  • gateway information can be used to describe different gateways.
  • Gateway information can include at least one of a gateway identifier and a gateway name.
  • gateway address information matching the service configuration information to be processed can be determined based on a preset mapping relationship between gateway address information and gateway information.
  • gateway information corresponding to the gateway address information can be determined as target gateway information.
  • each of the at least one gateway may correspond to at least one service.
  • At least one service may correspond to service port information.
  • the service information may be used to describe different services.
  • the service information may include at least one of a service identifier and a service name.
  • the service port information matching the service configuration information to be processed may be determined based on a preset mapping relationship between the service port information and the service information.
  • the service information corresponding to the service port information may be determined as the target service. information.
  • each service in at least one service may correspond to at least one container group (i.e., pod).
  • a container group may represent the smallest deployable computing unit created and managed in a container cluster.
  • Each container group in at least one container group may include at least one container.
  • At least one container group may correspond to container group address information.
  • the operating status of at least one container group may be determined according to the container group address information of at least one container group corresponding to the target service. The operating status may be used to characterize whether the container group is running normally.
  • a target container group can be determined in the at least one container group according to the respective operating status of the at least one container group. For example, a container group whose operating status indicates normal operation can be determined as the target container group.
  • the to-be-processed gateway service request can be sent to the target container group according to the container group address information corresponding to the target container group, so that the target container group processes the to-be-processed gateway service request and returns a processing result message.
  • the target container group is determined according to the respective operating states of at least one container group corresponding to the target service, and the operating state is determined according to the target gateway cluster information, the target gateway information and the target service information, it is possible to determine the target container group whose operating state is normal operation.
  • the target container group by sending the pending gateway service request to the target container group, automatic routing of the gateway service request is achieved, and by using the target container group to process the pending gateway service request, automatic processing of the gateway service request is achieved, thereby at least partially overcoming the technical problem in the related art that the high availability of resources and services in Kubernetes cannot be guaranteed, and improving the stability of request processing, thereby ensuring the high availability of resources and services.
  • the method 200 for processing a gateway service request will be further described below with reference to FIGS. 3 , 4 , 5A, 5B, 6 , 7 and 8 .
  • the gateway service request processing method 200 may be based on The gatewayController is implemented by gatewayController.
  • the gatewayController can monitor the update events of the gateway, assign a virtual Internet Protocol address to the gateway, and store the gateway monitoring content to the distributed registration service center (such as ETCD).
  • the gatewayController can monitor the domain name, path, request parameter rewrite, backend and weight on the httproute, and store the httproute monitoring content to the distributed registration service center.
  • the code logic of the gatewayController is formed by expanding and supplementing the k8s-gateway standard, thereby realizing the gateway control plane service.
  • the front-end agent to dynamically add and delete the open source gateway listening port, the data plane service is realized.
  • the scheduling of VIP is completed through the cooperation of the gatewayController and the front-end agent, thereby forming a complete cloud-native seven-layer gateway service. This will be explained below according to specific embodiments.
  • operation S210 may include the following operations.
  • a gateway cluster, a gateway, and a service may belong to a custom resource (Custom Resource Definition, CRD).
  • CRD Customer Resource Definition
  • the configuration information of the gateway service to be processed may be processed to obtain a processing result.
  • the target virtual network address information is determined.
  • the target virtual network address information may be used to indicate the target gateway cluster.
  • the processing method of the service configuration information to be processed may be configured according to actual business needs and is not limited here. For example, the service configuration information to be processed may be parsed to obtain the domain name information corresponding to the service request to be processed. On this basis, the target virtual network address information is determined according to the domain name information.
  • the first preset mapping relationship can be used to characterize the preset mapping relationship between the virtual Internet Protocol address information and the gateway cluster information.
  • the relationship may include at least one first key-value relationship.
  • the first key-value relationship may be created based on the virtual Internet Protocol address information and the gateway cluster information.
  • the first key-value relationship may include a one-to-one correspondence between the virtual Internet Protocol address information and the gateway cluster information.
  • the gateway cluster may be represented by a gatewayclass.
  • a gatewayclass may refer to a group of gateways with common configurations and behaviors.
  • a gateway cluster may be used to describe the definition of different gateway services by k8s operation and maintenance, and to selectively authorize a gateway cluster that meets the business scenario to the business operation and maintenance.
  • a second preset mapping relationship can be used to characterize a preset mapping relationship between gateway address information and gateway information.
  • a gateway can be characterized by a gateway.
  • a gateway can refer to a point that can convert traffic to a service within a cluster.
  • a gateway can be used to describe the business operation and maintenance definition of the scope of use of a gateway, for example, by which services under which namespace can use it.
  • a gateway has a VIP and a listening port, and business operation and maintenance can authorize business users who meet the scope of use through a gateway.
  • the third preset mapping relationship can be used to characterize the preset mapping relationship between the service port information and the service information.
  • the route can be characterized by httproute. httproute can refer to how the traffic obtained through the gateway is mapped to the service. httproute can be used to describe the matching rule description of the business user for the business service. For example, the domain name, path and backend can be bound to the gateway to realize external exposure of the service.
  • the target gateway cluster information is determined based on the first preset mapping relationship and the target virtual Internet Protocol address information
  • the target gateway information is determined based on the second preset mapping relationship and the gateway address information
  • the target service information is determined based on the third preset mapping relationship and the service port information
  • Figure 3 schematically shows an example schematic diagram of determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request according to an embodiment of the present disclosure.
  • At least one gateway cluster includes a gateway cluster 304_1 and a gateway cluster 304_2, and at least one gateway corresponding to the gateway cluster 304_1 includes a gateway 304_11 and gateway 304_12, at least one service corresponding to gateway 304_11 includes service 304_111, at least one service corresponding to gateway 304_12 includes service 304_121 and service 304_122, at least one gateway corresponding to gateway cluster 304_2 includes gateway 304_21 and gateway 304_22, at least one service corresponding to gateway 304_21 includes service 304_211, service 304_212 and service 304_213, and at least one service corresponding to gateway 304_22 includes service 304_221 as an example to illustrate the information determination method of an embodiment of the present disclosure.
  • the target virtual Internet Protocol address information 302 can be determined according to the pending gateway service configuration information 301_1 in the pending gateway service request 301.
  • the target gateway cluster information corresponding to the gateway cluster 304_2 is determined.
  • the gateway address information 305 and the service port information 307 can be determined.
  • the target gateway information corresponding to the gateway 304_21 can be determined.
  • the target service information corresponding to the service 304_212 can be determined.
  • determining target virtual Internet Protocol address information according to the to-be-processed gateway service configuration information may include the following operations.
  • the pending gateway service configuration information is parsed to obtain domain name information corresponding to the pending gateway service request, and the target virtual network address information is determined according to the domain name information.
  • domain name information may refer to the name of a computer or computer group on the Internet consisting of a string of names separated by dots. Domain name information may be used to identify the electronic location of a computer during data transmission.
  • the domain name information after obtaining the domain name information, can be further subjected to domain name resolution processing to map the domain name information into an IP address and obtain the target virtual network address information.
  • the domain name resolution processing method can be configured according to actual business needs and is not limited here.
  • the domain name resolution processing method can include at least one of the following: recursive resolution and iterative resolution. Recursive resolution can refer to completing the transformation of a name and an address at one time. Iterative resolution can refer to requesting a single server each time.
  • At least one second key-value relationship may be: The formula is constructed.
  • a gateway identifier, gateway configuration information, and a gateway cluster identifier are obtained.
  • virtual network address information corresponding to the gateway cluster identifier is determined.
  • the gateway address information corresponding to the gateway identifier is determined.
  • the gateway address information is determined as the second key information.
  • the gateway configuration information is determined as the second value information.
  • a second key-value relationship is constructed according to the second key information and the second value information.
  • the second preset mapping relationship may include at least one second key-value relationship.
  • the second key-value relationship may include second key information and second value information.
  • the Kubernetes cluster can obtain the newly created gateway configuration information when monitoring the existence of a newly created gateway, and generate a gateway creation instruction based on the information.
  • the gateway configuration information may include at least one of the following: a gateway identifier and a gateway cluster identifier.
  • the code for generating a gateway creation instruction can be pre-written into a first script.
  • the target terminal can run the first script, generate a gateway creation instruction message and send the message to the server, so that the server can create a gateway according to the message.
  • a target routing protocol can be used to implement conversion between private IP addresses and public IP addresses to access the Internet.
  • a private IP address can refer to an address used in a local area network.
  • a public IP address can refer to an address that can be directly accessed on the Internet.
  • the target routing protocol can be configured according to actual business needs, which is not limited here.
  • the target routing protocol can include at least one of the following: ALL-IN mode routing protocol, Equal Cost Multi Path (ECMP), Border Gateway Protocol (BGP), and Open Shortest Path First (OSPF).
  • ALL-IN mode routing protocol Equal Cost Multi Path (ECMP)
  • ECMP Equal Cost Multi Path
  • Border Gateway Protocol Border Gateway Protocol
  • OSPF Open Shortest Path First
  • the gateway address information corresponding to the gateway identifier can be determined according to the target routing protocol and the virtual network address information. After obtaining the virtual network address information and the gateway address information, the gateway address information and the gateway configuration information can be used to create a gateway address.
  • Second key-value relationship may include a one-to-one correspondence between gateway address information and gateway configuration information.
  • determining the target gateway information according to the second preset mapping relationship and the gateway address information may include: determining at least one first similarity according to the gateway address information and the second key information corresponding to each of the at least one second key-value relationships. Determining the target second key information according to the at least one first similarity. Determining the target second value information corresponding to the target second value information according to the target second key information. Determining the target gateway information according to the gateway configuration information corresponding to the target second value information.
  • the second preset mapping relationship may include at least one second key-value relationship
  • the second key-value relationship is determined in response to receiving a gateway creation instruction
  • the second key-value relationship may include a one-to-one correspondence between gateway address information and gateway configuration information, which is beneficial for the subsequent use of the second preset mapping relationship to automatically determine the target gateway information, thereby improving the efficiency of determining the target gateway information, and further improving the efficiency of processing gateway service requests.
  • FIG. 4 schematically shows an example schematic diagram of constructing a second key-value relationship according to an embodiment of the present disclosure.
  • gateway configuration information 401_1 in response to receiving a gateway creation instruction 401 , gateway configuration information 401_1 , a gateway cluster identifier 401_2 , and a gateway identifier 401_3 may be acquired.
  • the virtual network address information 402 corresponding to the gateway cluster identification 401_2 can be determined according to the gateway cluster identification 401_2.
  • the gateway address information 404 corresponding to the gateway identification 401_3 can be determined according to the target routing protocol 403 and the virtual network address information 402.
  • the gateway address information 404 may be determined as the second key information 405.
  • the gateway configuration information 401_1 may be determined as the second value information 406.
  • a second key-value relationship 407 may be constructed.
  • determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include the following operations.
  • a first resource pool is configured, wherein the first resource
  • the source pool includes at least one first candidate address information.
  • the target address information is determined in the at least one first candidate address information.
  • the target address information is published via any two front-end agents so as to determine the target address information as the gateway address information.
  • the border gateway protocol may refer to a dynamic routing protocol used to exchange routing information between different autonomous systems (Autonomous System, AS) or within the same autonomous system.
  • AS Autonomous System
  • a node running the border gateway protocol may be designated for each autonomous system, and the node represents the autonomous system to exchange routing information with other autonomous systems.
  • a node running a border gateway protocol may include at least one of a host and a router. Taking a router as an example, after the router receives routing information from an upstream neighbor, the best route in the dynamic routing protocol learned by the device can be flushed to the driver to guide traffic forwarding, and the best route in the dynamic routing protocol learned by the device can be notified to the neighbor.
  • the first resource pool may include at least one first candidate address information.
  • the first candidate address information may refer to a VIP address.
  • At least one first candidate address information may be managed and scheduled by a gatewayContrller.
  • the first resource pool may include at least one of the following: a first dynamic resource pool (i.e., Dynamic Pool) and a first static resource pool (i.e., Static Pool).
  • a corresponding first resource pool can be configured for the terminal according to the virtual Internet Protocol address information.
  • the target address information can be determined from at least one first candidate address information, and the target address information can be returned to the gateway.
  • the task of publishing the gateway address information corresponding to the gateway can be notified to any two front-end agents (i.e., agents), and the target address information can be published to the switch based on the border gateway protocol via the any two front-end agents, and the target address information can be bound to the local loopback interface.
  • the nodes of any two front-end agents can be set according to actual business needs, and are not limited here. It is only necessary to ensure that there are an even number of nodes. For example, it can be the 2nth node and the 2n+1th node.
  • the front-end proxy can be used with an open source gateway (such as Apisix) Deployed in the same container, multiple copies are deployed through k8s statefulset.
  • the network mode uses host mode.
  • Other containers can be excluded through k8s taints and anti-affinity to achieve exclusive nodes.
  • Multi-copy deployment can refer to the selection of the master through the k8s lease, that is, only the master node is responsible for listening to events and reading and writing distributed registration service centers.
  • the front-end proxy can reload the listening port to the open source gateway, so that the front-end proxy can dynamically add and delete the open source gateway listening port.
  • the gatewayController can cooperate with the front-end agent to complete the scheduling of VIP.
  • the PodIP and PodName can be mapped to the environment variables of the container through the k8s downwardAPI.
  • the front-end agent can intercept the serial number from the PodName and report its own heartbeat and serial number to the gatewayController.
  • the gatewayController can perform bit operations on the VIP to obtain the decimal sum of the 4-segment IP, and then perform modulus operations on the number of Apisix nodes to obtain the corresponding node.
  • the gatewayController can write the VIP into the distributed registration service center directory of the corresponding node to complete the scheduling of the VIP.
  • the target address information is determined in at least one first candidate address information according to the first resource pool, the target address information is automatically determined, thereby shortening the VIP address scheduling time, improving the processing efficiency of the VIP address scheduling, and further improving the efficiency of determining the gateway address information.
  • the gateway address information is determined according to the border gateway protocol through any two front-end agents publishing the target address information, optimization of operation and maintenance and business users is achieved.
  • FIG. 5A schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to an embodiment of the present disclosure.
  • a first resource pool 502 may be configured according to virtual Internet Protocol address information 501.
  • the first resource pool 502 may include at least one first candidate address information.
  • the at least one first candidate address information may include first candidate address information 502_1, first candidate address information 502_2, ..., first candidate address information 502_p, ..., first candidate address information 502_P.
  • P may be an integer greater than or equal to 1, p ⁇ 1, 2, ..., (P-1), P ⁇ .
  • the target address information 503 is determined from the first candidate address information 502_p, ..., and the first candidate address information 502_P.
  • the target address information 503 is published via the front-end proxy 505_1 and the front-end proxy 505_2, so that the target address information 503 is determined as the gateway address information 506.
  • determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include the following operations.
  • a second resource pool is configured, wherein the second resource pool includes at least one second candidate address information.
  • target address information is determined in the at least one second candidate address information.
  • equal-cost routing information corresponding to the target address information is configured. The equal-cost routing information is determined as the gateway address information.
  • an equal-cost multi-path routing protocol may refer to using multiple links simultaneously in any network environment, that is, a network environment in which multiple different links exist to reach the same destination address.
  • the path selection method of the equal-cost multi-path routing protocol may be set according to actual business needs and is not limited here.
  • the path selection method may include at least one of the following: a hash-based path selection method, a polling-based path selection method, and a path weight-based path selection method.
  • the second resource pool may include at least one second candidate address information.
  • the second candidate address information may refer to a VIP address.
  • At least one second candidate address information may be managed and scheduled by a gatewayContrller.
  • the second resource pool may include at least one of the following: a second dynamic resource pool (i.e., Dynamic Pool) and a second static resource pool (i.e., Static Pool).
  • the VIP network segment can be equally routed to all nodes of apisix by configuring equal-cost routing on the switch.
  • the corresponding second resource pool can be configured for the terminal according to the virtual Internet Protocol address information.
  • the target address information can be determined from at least one second candidate address information, and the equivalent routing information corresponding to the target address information can be configured via the equal-cost multipath routing protocol, and the equivalent routing information is returned to the gateway.
  • the target routing protocol is an ALL-IN mode routing protocol
  • all the apisix node IPs reported by the front-end agent can be returned to the gateway, and the service user can select one or more IP gateway address information by himself.
  • the specific implementation in this case is relatively simple.
  • the target address information is determined in at least one second candidate address information according to the second resource pool, the target address information is automatically determined, thereby shortening the VIP address scheduling time, improving the processing efficiency of VIP address scheduling, and further improving the efficiency of determining the gateway address information.
  • the gateway address information is determined according to the equal-cost multi-path routing protocol by configuring the equal-cost routing information corresponding to the target address information, it is more friendly to business users and improves the user experience.
  • FIG5B schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to another embodiment of the present disclosure.
  • a second resource pool 508 may be configured according to the virtual Internet Protocol address information 507.
  • the second resource pool 508 may include at least one second candidate address information.
  • the at least one second candidate address information may include second candidate address information 508_1, second candidate address information 508_2, ..., second candidate address information 508_q, ..., second candidate address information 508_Q.
  • Q may be an integer greater than or equal to 1, q ⁇ 1, 2, ..., (Q-1), Q ⁇ .
  • the target address information 509 can be determined from the second candidate address information 508_1, the second candidate address information 508_2, ..., the second candidate address information 508_q, ..., the second candidate address information 508_Q.
  • the equal-cost routing information 511 corresponding to the target address information 509 is configured.
  • the equal-cost routing information 511 is determined as the gateway address information 512.
  • determining the gateway address information corresponding to the target gateway and the service port information corresponding to the target service according to the target gateway cluster information may include the following operations.
  • the target gateway cluster may include at least one gateway.
  • Each of the at least one gateway may correspond to at least one service.
  • the at least one gateway may correspond to gateway address information.
  • the at least one service may correspond to service port information.
  • the network segment range of the target gateway cluster can be determined according to the target gateway cluster information.
  • the network segment range can be characterized by W.X.Y.Z. W, X, Y, Z ⁇ [0, 255].
  • the network segment range can be set to W ⁇ [0, 10], X ⁇ [0, 10], ⁇ [0, 10], Z ⁇ [0, 255], that is, the network segment range may include an Internet Protocol address in the range of 0.0.0.0 to 10.10.10.255.
  • the gateway address information corresponding to the gateway can be determined for each gateway in at least one gateway.
  • At least one third key-value relationship may be constructed in the following manner.
  • each third key-value relationship in at least one third key-value relationship in response to receiving a service creation instruction, obtain a service identifier, service configuration information, and a gateway identifier. According to the gateway identifier, determine the gateway address information corresponding to the gateway identifier. According to the gateway address information, determine the service port information corresponding to the service identifier. Determine the service port information as the third key information. Determine the service configuration information as the third value information. Construct a third key-value relationship according to the third key information and the third value information.
  • the third preset mapping relationship may include at least one third key-value relationship.
  • the third key-value relationship may include third key information and third value information.
  • the Kubernetes cluster can obtain the newly created service configuration information when monitoring the existence of a newly created service, and generate a service creation instruction based on this.
  • the service configuration information may include at least one of the following: container address, service domain name, service port, and service annotation information.
  • the code for generating a service creation instruction can be pre-written into a second script.
  • the target terminal can run the second script, generate a service creation instruction message and send the message to the server, so that the server can create a service based on the message.
  • the gateway address information corresponding to the gateway identifier can be determined according to the gateway identifier.
  • the service port information corresponding to the service identifier can be determined according to the gateway address information.
  • a third key value relationship can be created according to the service port information and the service configuration information.
  • the third key value relationship may include a one-to-one correspondence between the service port information and the service configuration information.
  • determining the target service information according to the third preset mapping relationship and the service port information may include: determining at least one second similarity according to the service port information and the third key information corresponding to each of the at least one third key-value relationships. Determining the target third key information according to the at least one second similarity. Determining the target third value information corresponding to the target third value information according to the target third key information. Determining the target service information according to the service configuration information corresponding to the target third value information.
  • the third preset mapping relationship may include at least one third key-value relationship
  • the third key-value relationship is determined in response to receiving a service creation instruction
  • the third key-value relationship may include a one-to-one correspondence between service port information and service configuration information, which is beneficial for the subsequent use of the third preset mapping relationship to automatically determine the target service information, thereby improving the efficiency of determining the target service information, and further improving the efficiency of processing service requests.
  • FIG. 6 schematically shows an example schematic diagram of constructing a third key-value relationship according to an embodiment of the present disclosure.
  • gateway service configuration information 601_1 in response to receiving a service creation instruction 601 , gateway service configuration information 601_1 , a gateway identifier 601_2 , and a service identifier 601_3 may be acquired.
  • the gateway address information 602 corresponding to the gateway identifier 601_2 can be determined.
  • the service port information 603 corresponding to the service identifier 601_3 can be determined.
  • the service port information 603 can be determined as the third key information 604.
  • the configuration information 6011 is determined as the third value information 605. According to the third key information 604 and the third value information 605, a third key-value relationship 606 is constructed.
  • operation S220 may include the following operations.
  • a detection network connection is established with the container group according to the container group address information. If a heartbeat detection packet sent by the container group is received within a predetermined period of time, it is determined that the running state of the container group is a normal running state. If a heartbeat detection packet sent by the container group is not received within the predetermined period of time, it is determined that the running state of the container group is an abnormal running state.
  • the target service information may include container group address information corresponding to each of the at least one container groups.
  • the detection network connection can be used to characterize a short connection between a gatewayContrller and a container group.
  • a short connection can mean that during data transmission, a connection is established only when data needs to be sent, and the connection is disconnected after the data is sent, that is, each connection only completes the sending of one service.
  • a heartbeat detection packet can be sent to the container group based on the detection network connection.
  • a heartbeat detection packet may refer to a custom command word that periodically notifies each other of the status of the gatewayContrller and the container group, and the heartbeat detection packet may be sent at a predetermined time interval.
  • the predetermined time period may be set according to actual business needs and is not limited here.
  • the predetermined time period may be a pre-set detection time interval, for example, the predetermined time period may be set to 30 minutes.
  • operation S230 may include the following operations.
  • the container group In response to the running state of the container group being a normal running state, the container group is determined as a target container group.
  • the abnormal operation state may be determined when a heartbeat detection packet sent by the container group is not received within a predetermined period of time.
  • the normal operation state may be determined when a heartbeat detection packet sent by the container group is received within a predetermined period of time.
  • the container group whose operation state is the normal operation state may be determined as the target container group.
  • FIG. 7 schematically shows a method for determining at least one container corresponding to a target service according to target gateway cluster information, target gateway information, and target service information according to an embodiment of the present disclosure.
  • a detection network connection 702 with the container group may be established according to the container group address information 701. After the detection network connection 702 is established, operation S710 may be performed.
  • operation S240 may include the following operations.
  • an actual network connection with the target container group can be established based on the target container group address information.
  • the actual network connection can be used to characterize a long connection between the gatewayContrller and the target container group.
  • a long connection can refer to a connection on which multiple data packets can be continuously sent.
  • the application layer protocol may include at least one of the following: a full-duplex communication protocol based on the transmission control protocol (WebSocket), a hypertext transfer protocol (HTTP), and a message queuing telemetry transport protocol (MQTT).
  • WebSocket transmission control protocol
  • HTTP hypertext transfer protocol
  • MQTT message queuing telemetry transport protocol
  • FIG8 schematically shows an example diagram of a method for processing a gateway service request according to an embodiment of the present disclosure.
  • operations S801 to S814 schematically illustrate a method for processing a gateway service request.
  • k8s operation and maintenance can create a gateway cluster.
  • the k8s operation and maintenance can point the gateway cluster identifier to the system component.
  • k8s operation and maintenance can authorize the gateway cluster to business operation and maintenance.
  • the business operation and maintenance may create a gateway.
  • the business operation and maintenance can point the gateway identifier to the gateway cluster of k8s operation and maintenance.
  • the gateway cluster operated and maintained by k8s can allocate gateway address information to the gateway.
  • k8s operation and maintenance can send gateway address information to business operation and maintenance.
  • the service operation and maintenance may receive gateway address information.
  • the business operation and maintenance may authorize the gateway to the business user.
  • a business user may create a service.
  • the service user may point the service identifier to the gateway.
  • the service operation and maintenance gateway may allocate service port information for the service.
  • the service operation and maintenance may send the service port information to the service user.
  • the service user may receive service port information.
  • gateway service request processing methods known in the art, as long as they can improve the stability of request processing and ensure high availability of resources and services.
  • FIG9 schematically shows a flow chart of a method for managing a cloud-native gateway system according to an embodiment of the present disclosure.
  • the management method 900 of the cloud native gateway system includes operations S910 to S920 .
  • a target gateway service request is processed using a gateway service request processing method to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with a cloud native gateway system.
  • the cloud native gateway system is managed according to the processing result.
  • FIG10 schematically shows a block diagram of a device for processing a gateway service request according to an embodiment of the present disclosure.
  • the service request processing device 1000 may include a first determination module 1010 , a second determination module 1020 , a third determination module 1030 and a sending module 1040 .
  • the first determination module 1010 is used to determine, in response to receiving a pending service request, the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service according to a preset mapping relationship and the pending service configuration information in the pending service request.
  • the second determination module 1020 is used to determine the respective running status of at least one container group corresponding to the target service according to the target gateway cluster information, the target gateway information and the target service information.
  • the third determining module 1030 is configured to determine a target container group in the at least one container group according to the respective running states of the at least one container group corresponding to the target service.
  • the sending module 1040 is used to send the pending service request to the target container group, so that the target container group can process the pending service request.
  • the first determination module 1010 may include a first determination submodule, a second determination submodule, a third determination submodule, a fourth determination submodule, and a fifth determination submodule.
  • the first determination submodule is used to determine target virtual Internet Protocol address information according to the service configuration information to be processed.
  • the second determining submodule is used to determine the target gateway cluster information corresponding to the target gateway cluster according to the first preset mapping relationship and the target virtual Internet Protocol address information.
  • the third determination submodule is used to determine the gateway address information corresponding to the target gateway and the service port information corresponding to the target service according to the target gateway cluster information.
  • the fourth determining submodule is used to determine the target gateway information according to the second preset mapping relationship and the gateway address information.
  • the fifth determining submodule is used to determine the target service information according to the third preset mapping relationship and the service port information.
  • the target gateway cluster includes at least one gateway, each of the at least one gateway corresponds to at least one service, the at least one gateway corresponds to gateway address information, and the at least one service corresponds to service port information.
  • the third determining submodule may include a first determining unit, a second determining unit, and a third determining unit.
  • the first determining unit is used to determine the network segment range of the target gateway cluster according to the target gateway cluster information.
  • the second determining unit is configured to determine, for each gateway of the at least one gateway, gateway address information corresponding to the gateway according to a network segment range of the target gateway cluster.
  • the third determining unit is configured to determine, for each service of at least one service corresponding to the gateway, service port information of the service corresponding to the gateway according to the gateway address information corresponding to the gateway.
  • the first determining submodule may include a processing unit and a fourth determining unit.
  • the processing unit is used to parse the service configuration information to be processed in response to receiving the service request to be processed, and obtain the domain name information corresponding to the service request to be processed.
  • the fourth determining unit is used to determine the target virtual network address information according to the domain name information.
  • the second preset mapping relationship includes at least one second key-value relationship
  • the second key-value relationship includes second key information and second value information
  • the at least one second key-value relationship can be constructed in the following manner.
  • a gateway identifier, gateway configuration information, and a gateway cluster identifier are obtained.
  • virtual network address information corresponding to the gateway cluster identifier is determined.
  • the gateway address information corresponding to the gateway identifier is determined.
  • the gateway address information is determined as the second key information.
  • the gateway configuration information is determined as the second value information.
  • a second key-value relationship is constructed according to the second key information and the second value information.
  • determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include:
  • a first resource pool is configured, wherein the first resource pool includes at least one first candidate address information.
  • target address information is determined in the at least one first candidate address information.
  • the target address information is published via any two front-end proxies so as to determine the target address information as the gateway address information.
  • determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include:
  • a second resource pool is configured, wherein the second resource
  • the source pool includes at least one second candidate address information.
  • the target address information is determined in the at least one second candidate address information.
  • the equal-cost routing information corresponding to the target address information is configured.
  • the equal-cost routing information is determined as the gateway address information.
  • the third preset mapping relationship includes at least one third key-value relationship
  • the third key-value relationship includes third key information and third value information
  • the at least one third key-value relationship can be constructed in the following manner.
  • each third key-value relationship in at least one third key-value relationship in response to receiving a service creation instruction, obtain a service identifier, service configuration information, and a gateway identifier. According to the gateway identifier, determine the gateway address information corresponding to the gateway identifier. According to the gateway address information, determine the service port information corresponding to the service identifier. Determine the service port information as the third key information. Determine the service configuration information as the third value information. Construct a third key-value relationship according to the third key information and the third value information.
  • the target service information includes container group address information corresponding to at least one container group.
  • the second determining module 1020 may include a first establishing submodule, a sixth determining submodule and a seventh determining submodule.
  • the first establishing submodule is used to establish a detection network connection with the container group according to the container group address information for each container group address information in the at least one container group address information.
  • the sixth determining submodule is configured to determine that the running state of the container group is a normal running state when a heartbeat detection packet sent by the container group is received within a predetermined period of time.
  • the seventh determining submodule is configured to determine that the running state of the container group is in an abnormal running state when no heartbeat detection packet sent by the container group is received within a predetermined period of time.
  • the third determining module 1030 may include an eighth determining submodule.
  • the eighth determining submodule is configured to determine the container group as a target container group in response to the running state of the container group being in a normal running state.
  • the sending module 1040 may include a ninth determining submodule, The second is to establish a submodule and a sending submodule.
  • the ninth determining submodule is configured to determine target container group address information corresponding to the target container group.
  • the second establishing submodule is used to establish an actual network connection with the target container group according to the address information of the target container group.
  • the sending submodule is used to send the pending service request to the target container group based on the actual network connection.
  • FIG11 schematically shows a block diagram of a device for processing a gateway service request according to an embodiment of the present disclosure.
  • the management device 1100 of the cloud-native gateway system may include a processing module 1110 and a management module 1120 .
  • the processing module 1110 is used to utilize the processing device of the gateway service request to process the target gateway service request and obtain the processing result, wherein the target gateway service request includes the target gateway service configuration information, and the target gateway service configuration information is associated with the cloud native gateway system.
  • the management module 1120 is used to manage the cloud native gateway system according to the processing results.
  • any one or more of the modules, submodules, units, and subunits, or at least part of the functions of any one of them can be implemented in one module.
  • any one or more of the modules, submodules, units, and subunits can be split into multiple modules for implementation.
  • any one or more of the modules, submodules, units, and subunits can be at least partially implemented as hardware circuits, such as field programmable gate arrays (FPGAs), programmable logic arrays (PLAs), systems on chips, systems on substrates, systems on packages, application specific integrated circuits (ASICs), or can be implemented by hardware or firmware in any other reasonable way of integrating or packaging the circuit, or implemented in any one of the three implementation methods of software, hardware, and firmware, or in any appropriate combination of any of them.
  • FPGAs field programmable gate arrays
  • PLAs programmable logic arrays
  • ASICs application specific integrated circuits
  • one or more of the modules, submodules, units, and subunits can be at least partially implemented as computer program modules, and when the computer program modules are run, the corresponding functions can be performed.
  • any multiple of the first determination module 1010, the second determination module 1020, the third determination module 1030 and the sending module 1040 may be combined into one module/unit/sub-unit for implementation.
  • any one of the modules/units/subunits can be split into multiple modules/units/subunits.
  • at least part of the functions of one or more modules/units/subunits in these modules/units/subunits can be combined with at least part of the functions of other modules/units/subunits and implemented in one module/unit/subunit.
  • At least one of the first determination module 1010, the second determination module 1020, the third determination module 1030 and the sending module 1040 can be at least partially implemented as a hardware circuit, such as a field programmable gate array (FPGA), a programmable logic array (PLA), a system on a chip, a system on a substrate, a system on a package, an application specific integrated circuit (ASIC), or can be implemented by hardware or firmware such as any other reasonable way of integrating or packaging the circuit, or by any one of the three implementation methods of software, hardware and firmware or by a suitable combination of any of them.
  • FPGA field programmable gate array
  • PLA programmable logic array
  • ASIC application specific integrated circuit
  • At least one of the first determination module 1010 , the second determination module 1020 , the third determination module 1030 and the sending module 1040 may be at least partially implemented as a computer program module, and when the computer program module is executed, a corresponding function may be performed.
  • processing device part of the gateway service request in the embodiment of the present disclosure corresponds to the processing method part of the gateway service request in the embodiment of the present disclosure.
  • the description of the processing device part of the gateway service request specifically refers to the processing method part of the gateway service request, which will not be repeated here.
  • any multiple of the processing modules 1110 and the management modules 1120 may be combined in one module/unit/sub-unit for implementation, or any one of the modules/units/sub-units may be split into multiple modules/units/sub-units.
  • at least part of the functions of one or more of these modules/units/sub-units may be combined with at least part of the functions of other modules/units/sub-units and implemented in one module/unit/sub-unit.
  • At least one of the processing modules 1110 and the management modules 1120 may be at least partially implemented as a hardware circuit, such as a field programmable gate array (FPGA), a programmable logic array (PLA), a system on a chip, a system on a substrate, a system on a package, an application specific integrated circuit (ASIC), or may be implemented by hardware or firmware such as any other reasonable way of integrating or packaging the circuit, or may be implemented in any one of the three implementation methods of software, hardware, and firmware, or in an appropriate combination of any of them.
  • FPGA field programmable gate array
  • PLA programmable logic array
  • ASIC application specific integrated circuit
  • at least one of the processing modules 1110 and the management modules 1120 may be at least partially implemented as a computer program module, When the computer program module is executed, the corresponding function can be executed.
  • management device part of the cloud native gateway system in the embodiment of the present disclosure corresponds to the management method part of the cloud native gateway system in the embodiment of the present disclosure.
  • the description of the management device part of the cloud native gateway system specifically refers to the management method part of the cloud native gateway system, which will not be repeated here.
  • Figure 12 schematically shows a block diagram of an electronic device suitable for implementing a method for processing a gateway service request and a method for managing a cloud native gateway system according to an embodiment of the present disclosure.
  • the electronic device shown in Figure 12 is only an example and should not impose any limitations on the functions and scope of use of the embodiment of the present disclosure.
  • a computer electronic device 1200 includes a processor 1201, which can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) 1202 or a program loaded from a storage portion 1209 into a random access memory (RAM) 1203.
  • the processor 1201 may, for example, include a general-purpose microprocessor (e.g., a CPU), an instruction set processor and/or a related chipset and/or a dedicated microprocessor (e.g., an application-specific integrated circuit (ASIC)), etc.
  • the processor 1201 may also include an onboard memory for caching purposes.
  • the processor 1201 may include a single processing unit or multiple processing units for performing different actions of the method flow according to an embodiment of the present disclosure.
  • RAM 1203 various programs and data required for the operation of electronic device 1200 are stored.
  • Processor 1201, ROM 1202 and RAM 1203 are connected to each other through bus 1204.
  • Processor 1201 performs various operations of the method flow according to the embodiment of the present disclosure by executing the program in ROM 1202 and/or RAM 1203. It should be noted that the program can also be stored in one or more memories other than ROM 1202 and RAM 1203.
  • Processor 1201 can also perform various operations of the method flow according to the embodiment of the present disclosure by executing the program stored in the one or more memories.
  • the electronic device 1200 may further include an input/output (I/O) interface 1205, which is also connected to the bus 1204.
  • the electronic device 1200 may further include one or more of the following components connected to the I/O interface 1205: an input portion 1206 including a keyboard, a mouse, etc.; an output portion 1207 including a cathode ray tube (CRT), a liquid crystal display (LCD), etc., and a speaker, etc.; a storage portion 1208 including a hard disk, etc.
  • the storage unit 1208 includes a communication unit 1209 including a network interface card such as a LAN card, a modem, etc.
  • the communication unit 1209 performs communication processing via a network such as the Internet.
  • a drive 1210 is also connected to the I/O interface 1205 as needed.
  • a removable medium 1211 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, etc., is installed on the drive 1210 as needed, so that a computer program read therefrom is installed into the storage unit 1208 as needed.
  • the method flow according to an embodiment of the present disclosure can be implemented as a computer software program.
  • an embodiment of the present disclosure includes a computer program product, which includes a computer program carried on a computer-readable storage medium, and the computer program contains a program code for executing the method shown in the flowchart.
  • the computer program can be downloaded and installed from the network through the communication part 1209, and/or installed from the removable medium 1211.
  • the computer program is executed by the processor 1201
  • the above-mentioned functions defined in the system of the embodiment of the present disclosure are executed.
  • the system, equipment, device, module, unit, etc. described above can be implemented by a computer program module.
  • the present disclosure also provides a computer-readable storage medium, which may be included in the device/apparatus/system described in the above embodiments; or may exist independently without being assembled into the device/apparatus/system.
  • the above computer-readable storage medium carries one or more programs, and when the above one or more programs are executed, the method according to the embodiment of the present disclosure is implemented.
  • the computer-readable storage medium may be a non-volatile computer-readable storage medium.
  • it may include, but is not limited to: a portable computer disk, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination thereof.
  • a computer-readable storage medium may be any tangible medium containing or storing a program that may be used by or in combination with an instruction execution system, apparatus, or device.
  • the computer-readable storage medium may include the ROM 1202 and/or RAM 1203 described above and/or one or more memories other than ROM 1202 and RAM 1203.
  • Embodiments of the present disclosure also include a computer program product, which includes a computer program,
  • the computer program includes program code for executing the method provided by the embodiment of the present disclosure.
  • the program code is used to enable the electronic device to implement the method for processing gateway service requests and the method for managing a cloud-native gateway system provided by the embodiment of the present disclosure.
  • the computer program may rely on tangible storage media such as optical storage devices, magnetic storage devices, etc.
  • the computer program may also be transmitted and distributed in the form of signals on a network medium, and downloaded and installed through the communication part 1209, and/or installed from the removable medium 1211.
  • the program code contained in the computer program may be transmitted using any appropriate network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the above.
  • the program code for executing the computer program provided by the embodiment of the present disclosure can be written in any combination of one or more programming languages.
  • these computing programs can be implemented using high-level process and/or object-oriented programming languages, and/or assembly/machine languages.
  • Programming languages include, but are not limited to, Java, C++, python, "C" language or similar programming languages.
  • the program code can be executed entirely on the user computing device, partially on the user device, partially on the remote computing device, or entirely on the remote computing device or server.
  • the remote computing device can be connected to the user computing device through any type of network, including a local area network (LAN) or a wide area network (WAN), or can be connected to an external computing device (for example, using an Internet service provider to connect through the Internet).
  • LAN local area network
  • WAN wide area network
  • an Internet service provider to connect through the Internet
  • each box in the flowchart or block diagram may represent a module, a program segment, or a portion of code, which contains one or more executable instructions for implementing the specified logical functions.
  • the functions marked in the boxes may also occur in an order different from that marked in the accompanying drawings. For example, two The boxes represented in succession can actually be executed substantially in parallel, and they can sometimes be executed in the opposite order, depending on the functions involved.
  • each box in the block diagram or flow chart, and the combination of boxes in the block diagram or flow chart can be implemented with a dedicated hardware-based system that performs the specified function or operation, or can be implemented with a combination of dedicated hardware and computer instructions.
  • the features recorded in the various embodiments and/or claims of the present disclosure can be combined and/or combined in various ways, even if such combinations or combinations are not explicitly recorded in the present disclosure.
  • the features recorded in the various embodiments and/or claims of the present disclosure can be combined and/or combined in various ways. All of these combinations and/or combinations fall within the scope of the present disclosure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present disclosure provides a gateway service processing method and device, and a cloud native gateway system management method and device, capable of being applied to the technical fields of networks and cloud native. The gateway service request processing method comprises: in response to receiving a gateway service request to be processed, according to a preset mapping relationship and gateway service configuration information to be processed in said gateway service request, determining target gateway cluster information corresponding to a target gateway cluster, target gateway information corresponding to a target gateway, and target service information corresponding to a target service; according to the target gateway cluster information, the target gateway information, and the target service information, determining the operating state of at least one container group corresponding to the target service; according to the operating state of the at least one container group corresponding to the target service, determining a target container group among the at least one container group; and sending said gateway service request to the target container group, such that the target container group processes said gateway service request.

Description

网关服务请求的处理、云原生网关系统的管理方法及装置Processing of gateway service requests, management method and device of cloud native gateway system

本申请要求于2023年3月22日递交的中国专利申请No.202310288631.7的优先权,其内容一并在此作为参考。This application claims priority to Chinese Patent Application No. 202310288631.7 filed on March 22, 2023, the contents of which are incorporated herein by reference.

技术领域Technical Field

本公开涉及网络技术领域和云原生技术领域,更具体地,涉及一种服务请求的处理方法、云原生网关系统的管理方法及装置、电子设备、计算机可读存储介质和计算机程序产品。The present disclosure relates to the fields of network technology and cloud native technology, and more specifically, to a method for processing a service request, a method and device for managing a cloud native gateway system, an electronic device, a computer-readable storage medium, and a computer program product.

背景技术Background Art

API(Application Programming Interface,应用程序编程接口)网关可以指系统边界上提供给外部访问内部接口服务的统一入口。Kubernetes可以包括基于不同网关定义下的API资源集合。API (Application Programming Interface) gateway can refer to a unified entry point on the system boundary for external access to internal interface services. Kubernetes can include a collection of API resources based on different gateway definitions.

例如,基于Ingress网关定义下的Ingress API资源集合和基于Gateway网关定义下的Gateway API资源集合。Ingress API资源集合和Gateway API资源集合。For example, the Ingress API resource collection based on the Ingress gateway definition and the Gateway API resource collection based on the Gateway gateway definition.

在实现本公开构思的过程中,发明人发现相关技术中至少存在如下问题:无法保障Kubernetes中资源和服务的高可用。In the process of implementing the concept of the present disclosure, the inventors found that there are at least the following problems in the related technology: it is impossible to ensure high availability of resources and services in Kubernetes.

发明内容Summary of the invention

有鉴于此,本公开提供了一种服务请求的处理方法、云原生网关系统的管理方法及装置、电子设备、计算机可读存储介质和计算机程序产品。In view of this, the present disclosure provides a method for processing a service request, a method and device for managing a cloud native gateway system, an electronic device, a computer-readable storage medium, and a computer program product.

根据本公开的一个方面,提供了一种网关服务请求的处理方法,包括:According to one aspect of the present disclosure, a method for processing a gateway service request is provided, comprising:

响应于接收到待处理网关服务请求,根据预设映射关系和上述待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目 标服务对应的目标服务信息;In response to receiving the pending gateway service request, determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target gateway information corresponding to the target gateway according to the preset mapping relationship and the pending gateway service configuration information in the pending gateway service request. Target service information corresponding to the target service;

根据上述目标网关集群信息、上述目标网关信息和上述目标服务信息,确定与上述目标服务对应的至少一个容器组各自的运行状态;Determine the operating status of at least one container group corresponding to the target service according to the target gateway cluster information, the target gateway information and the target service information;

根据上述与目标服务对应的至少一个容器组各自的运行状态,在上述至少一个容器组中确定目标容器组;以及Determining a target container group from the at least one container group corresponding to the target service according to the respective running states of the at least one container group; and

将上述待处理网关服务请求发送至上述目标容器组,以便于上述目标容器组对上述待处理网关服务请求进行处理。The to-be-processed gateway service request is sent to the target container group, so that the target container group processes the to-be-processed gateway service request.

根据本公开的实施例,上述响应于接收到待处理网关服务请求,根据预设映射关系和上述待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息包括:According to an embodiment of the present disclosure, in response to receiving a pending gateway service request, determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service according to the preset mapping relationship and the pending gateway service configuration information in the pending gateway service request includes:

根据上述待处理网关服务配置信息,确定目标虚拟互联网协议地址信息;Determine the target virtual Internet Protocol address information according to the gateway service configuration information to be processed;

根据第一预设映射关系和上述目标虚拟互联网协议地址信息,确定与目标网关集群对应的目标网关集群信息;Determine the target gateway cluster information corresponding to the target gateway cluster according to the first preset mapping relationship and the target virtual Internet Protocol address information;

根据上述目标网关集群信息,确定与上述目标网关对应的网关地址信息和与上述目标服务对应的服务端口信息;According to the target gateway cluster information, determine the gateway address information corresponding to the target gateway and the service port information corresponding to the target service;

根据第二预设映射关系和上述网关地址信息,确定上述目标网关信息;以及Determine the target gateway information according to the second preset mapping relationship and the gateway address information; and

根据第三预设映射关系和上述服务端口信息,确定上述目标服务信息。The target service information is determined according to the third preset mapping relationship and the service port information.

根据本公开的实施例,上述目标网关集群包括至少一个网关,上述至少一个网关中的每个网关各自对应有至少一个服务,上述至少一个网关各自对应有网关地址信息,上述至少一个服务各自对应有服务端口信息。According to an embodiment of the present disclosure, the target gateway cluster includes at least one gateway, each of the at least one gateway corresponds to at least one service, each of the at least one gateway corresponds to gateway address information, and each of the at least one service corresponds to service port information.

根据本公开的实施例,上述根据上述目标网关集群信息,确定与上述目标网关对应的网关地址信息和与上述目标服务对应的服务端口信息包括:According to an embodiment of the present disclosure, the determining of the gateway address information corresponding to the target gateway and the service port information corresponding to the target service according to the target gateway cluster information includes:

根据上述目标网关集群信息,确定上述目标网关集群的网段范围 According to the above target gateway cluster information, determine the network segment range of the above target gateway cluster

针对上述至少一个网关中的每个网关,根据上述目标网关集群的网段范围,确定与上述网关对应的上述网关地址信息;以及For each of the at least one gateway, determine the gateway address information corresponding to the gateway according to the network segment range of the target gateway cluster; and

针对与上述网关对应的上述至少一个服务中的每个服务,根据与上述网关对应的网关地址信息,确定与上述网关对应的上述服务的上述服务端口信息。For each of the at least one service corresponding to the gateway, the service port information of the service corresponding to the gateway is determined according to the gateway address information corresponding to the gateway.

根据本公开的实施例,上述响应于接收到上述待处理服务请求,根据上述待处理网关服务配置信息,确定目标虚拟互联网协议地址信息包括:According to an embodiment of the present disclosure, in response to receiving the service request to be processed, determining the target virtual Internet Protocol address information according to the gateway service configuration information to be processed includes:

响应于接收到上述待处理网关服务请求,对上述待处理网关服务配置信息进行解析处理,得到与上述待处理网关服务请求对应的域名信息;以及In response to receiving the above-mentioned pending gateway service request, parsing the above-mentioned pending gateway service configuration information to obtain domain name information corresponding to the above-mentioned pending gateway service request; and

根据上述域名信息,确定上述目标虚拟网络地址信息。According to the above domain name information, the above target virtual network address information is determined.

根据本公开的实施例,上述第一预设映射关系包括至少一个第二键值关系,上述第二键值关系包括第二键信息和第二值信息,上述至少一个第二键值关系是通过如下方式构建得到的:According to an embodiment of the present disclosure, the first preset mapping relationship includes at least one second key-value relationship, the second key-value relationship includes second key information and second value information, and the at least one second key-value relationship is constructed in the following manner:

针对至少一个第二键值关系中的每个第二键值关系,响应于接收到网关创建指令,获取网关标识、网关配置信息和网关集群标识;For each second key-value relationship in the at least one second key-value relationship, in response to receiving a gateway creation instruction, obtaining a gateway identifier, gateway configuration information, and a gateway cluster identifier;

根据上述网关集群标识,确定与上述网关集群标识对应的虚拟网络地址信息;According to the gateway cluster identifier, determine the virtual network address information corresponding to the gateway cluster identifier;

根据目标路由协议和上述虚拟网络地址信息,确定与上述网关标识对应的网关地址信息;Determine the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information;

将上述虚拟网关地址信息确定为上述第二键信息;Determine the virtual gateway address information as the second key information;

将上述网关配置信息确定为上述第二值信息;以及Determine the gateway configuration information as the second value information; and

根据上述第二键信息和上述第二值信息,构建上述第二键值关系。The second key-value relationship is constructed according to the second key information and the second value information.

根据本公开的实施例,在上述目标路由协议为边界网关协议的情况下,上述根据目标路由协议和上述虚拟网络地址信息,确定与上述网关标识对应的网关地址信息包括:According to an embodiment of the present disclosure, when the target routing protocol is a border gateway protocol, determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information includes:

根据上述虚拟互联网协议地址信息,配置第一资源池,其中,上述第一资源池包括至少一个第一候选地址信息; According to the virtual Internet Protocol address information, configuring a first resource pool, wherein the first resource pool includes at least one first candidate address information;

根据上述第一资源池,在上述至少一个第一候选地址信息中确定目标地址信息;以及According to the first resource pool, determining target address information from the at least one first candidate address information; and

根据上述边界网关协议,经由任意两个前端代理发布上述目标地址信息,以便于将上述目标地址信息确定为上述网关地址信息。According to the border gateway protocol, the target address information is published via any two front-end proxies so as to determine the target address information as the gateway address information.

根据本公开的实施例,在上述目标路由协议为等价多路径路由协议的情况下,上述根据目标路由协议和上述虚拟网络地址信息,确定与上述网关标识对应的网关地址信息包括:According to an embodiment of the present disclosure, when the target routing protocol is an equal-cost multi-path routing protocol, determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information includes:

根据上述虚拟互联网协议地址信息,配置第二资源池,其中,上述第二资源池包括至少一个第二候选地址信息;According to the virtual Internet Protocol address information, configuring a second resource pool, wherein the second resource pool includes at least one second candidate address information;

根据上述第二资源池,在上述至少一个第二候选地址信息中确定目标地址信息;According to the second resource pool, determining target address information in the at least one second candidate address information;

根据上述等价多路径路由协议,配置与上述目标地址信息对应的等价路由信息;以及According to the equal-cost multi-path routing protocol, configure equal-cost routing information corresponding to the target address information; and

将上述等价路由信息确定为上述网关地址信息。The above-mentioned equivalent routing information is determined as the above-mentioned gateway address information.

根据本公开的实施例,上述第二预设映射关系包括至少一个第三键值关系,上述第三键值关系包括第三键信息和第三值信息,上述至少一个第三键值关系是通过如下方式构建得到的:According to an embodiment of the present disclosure, the second preset mapping relationship includes at least one third key-value relationship, the third key-value relationship includes third key information and third value information, and the at least one third key-value relationship is constructed in the following manner:

针对至少一个第三键值关系中的每个第三键值关系,响应于接收到服务创建指令,获取服务标识、服务配置信息和网关标识;For each third key-value relationship of the at least one third key-value relationship, in response to receiving a service creation instruction, obtaining a service identifier, service configuration information, and a gateway identifier;

根据上述网关标识,确定与上述网关标识对应的网关地址信息;According to the above gateway identifier, determine the gateway address information corresponding to the above gateway identifier;

根据上述网关地址信息,确定与上述服务标识对应的服务端口信息;Determine the service port information corresponding to the service identifier according to the gateway address information;

将上述服务端口信息确定为上述第三键信息;Determine the service port information as the third key information;

将上述服务配置信息确定为上述第三值信息;以及Determine the service configuration information as the third value information; and

根据上述第三键信息和上述第三值信息,构建上述第三键值关系。The third key-value relationship is constructed according to the third key information and the third value information.

根据本公开的实施例,上述目标服务信息包括与上述至少一个容器组各自对应的容器组地址信息。According to an embodiment of the present disclosure, the target service information includes container group address information corresponding to each of the at least one container group.

根据本公开的实施例,上述根据上述目标网关集群信息、上述目标网关信息和上述目标服务信息,确定与上述目标服务对应的至少一 个容器组各自的运行状态包括:According to an embodiment of the present disclosure, the at least one corresponding to the target service is determined based on the target gateway cluster information, the target gateway information and the target service information. The running status of each container group includes:

针对至少一个容器组地址信息中的每个容器组地址信息,根据上述容器组地址信息,建立与上述容器组之间的探测网络连接;For each container group address information in at least one container group address information, establishing a detection network connection with the container group according to the container group address information;

在预定时段内接收到上述容器组发送的心跳探测包的情况下,确定上述容器组的运行状态属于正常运行状态;以及In the case where a heartbeat detection packet sent by the container group is received within a predetermined period of time, determining that the operation state of the container group is a normal operation state; and

在上述预定时段内未接收到上述容器组发送的心跳探测包的情况下,确定上述容器组的运行状态属于异常运行状态。When no heartbeat detection packet sent by the container group is received within the predetermined period, it is determined that the operation state of the container group is in an abnormal operation state.

根据本公开的实施例,上述根据上述与目标服务对应的至少一个容器组各自的运行状态,在上述至少一个容器组中确定目标容器组包括:According to an embodiment of the present disclosure, the step of determining a target container group in the at least one container group corresponding to the target service according to the respective running states of the at least one container group includes:

响应于上述容器组的运行状态属于正常运行状态,将上述容器组确定为上述目标容器组。In response to the running state of the container group being a normal running state, the container group is determined as the target container group.

根据本公开的实施例,上述将上述待处理网关服务请求发送至上述目标容器组包括:According to an embodiment of the present disclosure, sending the to-be-processed gateway service request to the target container group includes:

确定与上述目标容器组对应的目标容器组地址信息;Determine the target container group address information corresponding to the target container group;

根据上述目标容器组地址信息,建立与上述目标容器组之间的实际网络连接;以及According to the target container group address information, establish an actual network connection with the target container group; and

基于上述实际网络连接,将上述待处理服务请求发送至上述目标容器组。Based on the actual network connection, the to-be-processed service request is sent to the target container group.

根据本公开的另一个方面,提供了一种云原生网关系统的管理方法,包括:According to another aspect of the present disclosure, a method for managing a cloud native gateway system is provided, including:

利用网关服务请求的处理方法,处理目标网关服务请求,得到处理结果,其中,上述目标网关服务请求包括目标网关服务配置信息,上述目标网关服务配置信息与云原生网关系统相关联;以及Using the gateway service request processing method, processing the target gateway service request to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with the cloud native gateway system; and

根据上述处理结果,对上述云原生网关系统进行管理。Based on the above processing results, the above cloud native gateway system is managed.

根据本公开的另一个方面,提供了一种网关服务请求的处理装置,包括:According to another aspect of the present disclosure, a gateway service request processing device is provided, including:

第一确定模块,用于响应于接收到待处理网关服务请求,根据预设映射关系和上述待处理网关服务请求中的待处理网关服务配置信息, 确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息;The first determining module is configured to, in response to receiving a pending gateway service request, determine, according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request, Determine the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service;

第二确定模块,用于根据上述目标网关集群信息、上述目标网关信息和上述目标服务信息,确定与上述目标服务对应的至少一个容器组各自的运行状态;A second determination module is used to determine the respective running status of at least one container group corresponding to the target service according to the target gateway cluster information, the target gateway information and the target service information;

第三确定模块,用于根据上述与目标服务对应的至少一个容器组各自的运行状态,在上述至少一个容器组中确定目标容器组;以及A third determining module, configured to determine a target container group from the at least one container group corresponding to the target service according to the respective running states of the at least one container group.

发送模块,用于将上述待处理网关服务请求发送至上述目标容器组,以便于上述目标容器组对上述待处理网关服务请求进行处理。The sending module is used to send the to-be-processed gateway service request to the target container group, so that the target container group processes the to-be-processed gateway service request.

根据本公开的另一个方面,提供了一种云原生网关系统的管理装置,包括:According to another aspect of the present disclosure, a management device for a cloud native gateway system is provided, including:

处理模块,用于利用网关服务请求的处理装置,处理目标网关服务请求,得到处理结果,其中,上述目标网关服务请求包括目标网关服务配置信息,上述目标网关服务配置信息与云原生网关系统相关联;以及a processing module, configured to process a target gateway service request using a processing device for a gateway service request to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with a cloud native gateway system; and

管理模块,用于根据上述处理结果,对上述云原生网关系统进行管理。The management module is used to manage the cloud native gateway system according to the processing results.

根据本公开的另一个方面,提供了一种电子设备,包括:According to another aspect of the present disclosure, there is provided an electronic device, including:

一个或多个处理器;one or more processors;

存储器,用于存储一个或多个指令,a memory for storing one or more instructions,

其中,当上述一个或多个指令被上述一个或多个处理器执行时,使得上述一个或多个处理器实现如本公开所述的方法。When the one or more instructions are executed by the one or more processors, the one or more processors implement the method described in the present disclosure.

根据本公开的另一个方面,提供了一种计算机可读存储介质,其上存储有可执行指令,上述可执行指令被处理器执行时使处理器实现如本公开所述的方法。According to another aspect of the present disclosure, a computer-readable storage medium is provided, on which executable instructions are stored. When the executable instructions are executed by a processor, the processor implements the method described in the present disclosure.

根据本公开的另一个方面,提供了一种计算机程序产品,上述计算机程序产品包括计算机可执行指令,上述计算机可执行指令在被执行时用于实现如本公开所述的方法。 According to another aspect of the present disclosure, a computer program product is provided. The computer program product includes computer executable instructions. When the computer executable instructions are executed, they are used to implement the method described in the present disclosure.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

通过以下参照附图对本公开实施例的描述,本公开的上述以及其他目的、特征和优点将更为清楚,在附图中:The above and other objects, features and advantages of the present disclosure will become more apparent through the following description of the embodiments of the present disclosure with reference to the accompanying drawings, in which:

图1示意性示出了根据本公开实施例的可以应用网关服务请求的处理方法、云原生网关系统的管理方法的系统架构;FIG1 schematically shows a system architecture to which a method for processing a gateway service request and a method for managing a cloud-native gateway system can be applied according to an embodiment of the present disclosure;

图2示意性示出了根据本公开实施例的网关服务请求的处理方法的流程图;FIG2 schematically shows a flow chart of a method for processing a gateway service request according to an embodiment of the present disclosure;

图3示意性示出了根据本公开实施例的根据预设映射关系和所述待处理服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息的示例示意图;3 schematically shows an example schematic diagram of determining target gateway cluster information corresponding to a target gateway cluster, target gateway information corresponding to a target gateway, and target service information corresponding to a target service according to a preset mapping relationship and the to-be-processed gateway service configuration information in the to-be-processed service request according to an embodiment of the present disclosure;

图4示意性示出了根据本公开实施例的构建第二键值关系的示例示意图;FIG4 schematically shows an example schematic diagram of constructing a second key-value relationship according to an embodiment of the present disclosure;

图5A示意性示出了根据本公开实施例的根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息的示例示意图;5A schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to an embodiment of the present disclosure;

图5B示意性示出了根据本公开另一实施例的根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息的示例示意图;5B schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to another embodiment of the present disclosure;

图6示意性示出了根据本公开实施例的构建第三键值关系的示例示意图;FIG6 schematically shows an example schematic diagram of constructing a third key-value relationship according to an embodiment of the present disclosure;

图7示意性示出了根据本公开实施例的根据目标网关集群信息、目标网关信息和目标服务信息,确定与目标服务对应的至少一个容器组各自的运行状态的示例示意图;7 schematically shows an example schematic diagram of determining the respective running states of at least one container group corresponding to a target service according to target gateway cluster information, target gateway information and target service information according to an embodiment of the present disclosure;

图8示意性示出了根据本公开实施例的网关服务请求的处理方法的示例示意图;FIG8 schematically shows an example schematic diagram of a method for processing a gateway service request according to an embodiment of the present disclosure;

图9示意性示出了根据本公开实施例的云原生网关系统的管理方法的示例示意图;FIG9 schematically shows an example schematic diagram of a method for managing a cloud native gateway system according to an embodiment of the present disclosure;

图10示意性示出了根据本公开的实施例的服务请求的处理装置的框图;FIG10 schematically shows a block diagram of a device for processing a service request according to an embodiment of the present disclosure;

图11示意性示出了根据本公开实施例的云原生网关系统的管理装 置的示例示意图;以及FIG. 11 schematically shows a management device of a cloud native gateway system according to an embodiment of the present disclosure. Example schematic diagram of the configuration; and

图12示意性示出了根据本公开实施例的适于实现网关服务请求的处理方法、云原生网关系统的管理方法的电子设备的框图。Figure 12 schematically shows a block diagram of an electronic device suitable for implementing a method for processing gateway service requests and a method for managing a cloud-native gateway system according to an embodiment of the present disclosure.

具体实施方式DETAILED DESCRIPTION

以下,将参照附图来描述本公开的实施例。但是应该理解,这些描述只是示例性的,而并非要限制本公开的范围。在下面的详细描述中,为便于解释,阐述了许多具体的细节以提供对本公开实施例的全面理解。然而,明显地,一个或多个实施例在没有这些具体细节的情况下也可以被实施。此外,在以下说明中,省略了对公知结构和技术的描述,以避免不必要地混淆本公开的概念。Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. However, it should be understood that these descriptions are exemplary only and are not intended to limit the scope of the present disclosure. In the following detailed description, for ease of explanation, many specific details are set forth to provide a comprehensive understanding of the embodiments of the present disclosure. However, it is apparent that one or more embodiments may also be implemented without these specific details. In addition, in the following description, descriptions of known structures and technologies are omitted to avoid unnecessary confusion of the concepts of the present disclosure.

在此使用的术语仅仅是为了描述具体实施例,而并非意在限制本公开。在此使用的术语“包括”、“包含”等表明了所述特征、步骤、操作和/或部件的存在,但是并不排除存在或添加一个或多个其他特征、步骤、操作或部件。The terms used herein are only for describing specific embodiments and are not intended to limit the present disclosure. The terms "include", "comprising", etc. used herein indicate the existence of the features, steps, operations and/or components, but do not exclude the existence or addition of one or more other features, steps, operations or components.

在此使用的所有术语(包括技术和科学术语)具有本领域技术人员通常所理解的含义,除非另外定义。应注意,这里使用的术语应解释为具有与本说明书的上下文相一致的含义,而不应以理想化或过于刻板的方式来解释。All terms (including technical and scientific terms) used herein have the meanings commonly understood by those skilled in the art, unless otherwise defined. It should be noted that the terms used herein should be interpreted as having a meaning consistent with the context of this specification, and should not be interpreted in an idealized or overly rigid manner.

在使用类似于“A、B和C等中至少一个”这样的表述的情况下,一般来说应该按照本领域技术人员通常理解该表述的含义来予以解释(例如,“具有A、B和C中至少一个的系统”应包括但不限于单独具有A、单独具有B、单独具有C、具有A和B、具有A和C、具有B和C、和/或具有A、B、C的系统等)。在使用类似于“A、B或C等中至少一个”这样的表述的情况下,一般来说应该按照本领域技术人员通常理解该表述的含义来予以解释(例如,“具有A、B或C中至少一个的系统”应包括但不限于单独具有A、单独具有B、单独具有C、具有A和B、具有A和C、具有B和C、和/或具有A、B、C的系统等)。 In the case of using expressions such as "at least one of A, B, and C, etc.", it should generally be interpreted in accordance with the meaning of the expression generally understood by those skilled in the art (for example, "a system having at least one of A, B, and C" should include but is not limited to a system having A alone, B alone, C alone, A and B, A and C, B and C, and/or A, B, C, etc.). In the case of using expressions such as "at least one of A, B, or C, etc.", it should generally be interpreted in accordance with the meaning of the expression generally understood by those skilled in the art (for example, "a system having at least one of A, B, or C" should include but is not limited to a system having A alone, B alone, C alone, A and B, A and C, B and C, and/or A, B, C, etc.).

在本公开的实施例中,所涉及的数据(例如,包括但不限于用户个人信息)的收集、更新、分析、处理、使用、传输、提供、公开、存储等方面,均符合相关法律法规的规定,被用于合法的用途,且不违背公序良俗。特别地,对用户个人信息采取了必要措施,防止对用户个人信息数据的非法访问,维护用户个人信息安全、网络安全和国家安全。In the embodiments of the present disclosure, the collection, updating, analysis, processing, use, transmission, provision, disclosure, storage, etc. of the data involved (for example, including but not limited to user personal information) are in compliance with the provisions of relevant laws and regulations, are used for legitimate purposes, and do not violate public order and good morals. In particular, necessary measures are taken for user personal information to prevent illegal access to user personal information data and maintain the security of user personal information, network security, and national security.

在本公开的实施例中,在获取或采集用户个人信息之前,均获取了用户的授权或同意。In the embodiments of the present disclosure, the user's authorization or consent is obtained before obtaining or collecting the user's personal information.

例如,在收集待处理网关服务配置信息之后,可以采用包括去标识化或者匿名化处理方式对用户信息进行脱敏,以保护用户信息安全。For example, after collecting the gateway service configuration information to be processed, the user information can be desensitized by using methods including de-identification or anonymization to protect the security of user information.

API网关可以接收客户端的请求,根据预定策略和路由将该请求转发到相应的后端系统服务上,并处理后端服务端返回的结果。The API gateway can receive client requests, forward the requests to the corresponding backend system services according to predetermined policies and routes, and process the results returned by the backend servers.

Ingress API资源集合和gateway API资源集合中的资源可以共同为各种网络用例构建模型。gateway API资源集合可以包括以下至少之一:gatewayclass资源、gateway资源、HTTPRoute资源、TCPRoute资源和Service资源。gateway API可以通过将资源对象分离,实现配置上的解耦,以便于由不同角色的人员来管理资源。The resources in the Ingress API resource collection and the gateway API resource collection can work together to build models for various network use cases. The gateway API resource collection can include at least one of the following: gatewayclass resources, gateway resources, HTTPRoute resources, TCPRoute resources, and Service resources. The gateway API can achieve configuration decoupling by separating resource objects so that resources can be managed by people with different roles.

但是,由于Ingress网关定义中的属性较少,对于host域名,path路径,port端口等。对于header重写、hosts重写和权重等功能,需要在Ingress网关定义中通过注解进行额外添加,因而导致用户体验较差。此外,由于当前的gateway网关定义仅制定了规范,并未落地实现实际承担路由规则下发的gatewayController。However, since there are fewer attributes in the Ingress gateway definition, for host domain name, path path, port port, etc., header rewriting, hosts rewriting, weight and other functions need to be added through annotations in the Ingress gateway definition, resulting in a poor user experience. In addition, since the current gateway definition only formulates specifications, the gatewayController that actually takes charge of issuing routing rules has not been implemented.

综上所述,在实现本公开构思的过程中,发明人发现相关技术中至少存在如下问题:无法保障Kubernetes中资源和服务的高可用。In summary, in the process of implementing the concept of the present disclosure, the inventors found that there are at least the following problems in the related art: the high availability of resources and services in Kubernetes cannot be guaranteed.

为了至少部分地解决相关技术中存在的技术问题,本公开提供了一种网关服务请求的处理方法、云原生网关系统的管理方法及装置,可以应用于网络技术领域和云原生技术领域。该网关服务请求的处理方法包括:响应于接收到待处理网关服务请求,根据预设映射关系和待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应 的目标服务信息;根据目标网关集群信息、目标网关信息和目标服务信息,确定与目标服务对应的至少一个容器组各自的运行状态;根据与目标服务对应的至少一个容器组各自的运行状态,在至少一个容器组中确定目标容器组;将待处理网关服务请求发送至目标容器组,以便于目标容器组对待处理网关服务请求进行处理。In order to at least partially solve the technical problems existing in the related technologies, the present disclosure provides a method for processing a gateway service request, a method and device for managing a cloud native gateway system, which can be applied to the fields of network technology and cloud native technology. The method for processing a gateway service request includes: in response to receiving a pending gateway service request, determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target gateway information corresponding to the target service according to the preset mapping relationship and the pending gateway service configuration information in the pending gateway service request. The target service information is obtained; according to the target gateway cluster information, the target gateway information and the target service information, the operating status of at least one container group corresponding to the target service is determined; according to the operating status of at least one container group corresponding to the target service, the target container group is determined in the at least one container group; the to-be-processed gateway service request is sent to the target container group, so that the target container group processes the to-be-processed gateway service request.

需要说明的是,本公开实施例提供的网关服务请求的处理方法、云原生网关系统的管理方法和装置可用于网络技术领域和云原生技术领域,例如应用于容器技术领域。本公开实施例提供的网关服务请求的处理方法、云原生网关系统的管理方法和装置也可用于除网络技术领域和云原生技术领域之外的任意领域,例如应用于信息处理技术领域。本公开实施例提供的网关服务请求的处理方法、云原生网关系统的管理方法和装置的应用领域不做限定。It should be noted that the method for processing gateway service requests, the method for managing a cloud native gateway system, and the device provided in the embodiments of the present disclosure can be used in the field of network technology and the field of cloud native technology, for example, in the field of container technology. The method for processing gateway service requests, the method for managing a cloud native gateway system, and the device provided in the embodiments of the present disclosure can also be used in any field other than the field of network technology and the field of cloud native technology, for example, in the field of information processing technology. The application field of the method for processing gateway service requests, the method for managing a cloud native gateway system, and the device provided in the embodiments of the present disclosure is not limited.

图1示意性示出了根据本公开实施例的可以应用网关服务请求的处理方法、云原生网关系统的管理方法的系统架构。需要注意的是,图1所示仅为可以应用本公开实施例的系统架构的示例,以帮助本领域技术人员理解本公开的技术内容,但并不意味着本公开实施例不可以用于其他设备、系统、环境或场景。FIG1 schematically shows a system architecture to which a method for processing a gateway service request and a method for managing a cloud native gateway system can be applied according to an embodiment of the present disclosure. It should be noted that FIG1 is only an example of a system architecture to which an embodiment of the present disclosure can be applied, to help those skilled in the art understand the technical content of the present disclosure, but does not mean that the embodiment of the present disclosure cannot be used in other devices, systems, environments or scenarios.

如图1所示,根据该实施例的系统架构100可以包括第一终端设备101、第二终端设备102、第三终端设备103,网络104和服务器105。网络104用以在第一终端设备101、第二终端设备102、第三终端设备103和服务器105之间提供通信链路的介质。网络104可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。As shown in FIG1 , the system architecture 100 according to this embodiment may include a first terminal device 101, a second terminal device 102, a third terminal device 103, a network 104, and a server 105. The network 104 is used to provide a medium for a communication link between the first terminal device 101, the second terminal device 102, the third terminal device 103, and the server 105. The network 104 may include various connection types, such as wired, wireless communication links, or optical fiber cables, etc.

用户可以使用第一终端设备101、第二终端设备102、第三终端设备103中的至少一个通过网络104与服务器105交互,以接收或发送消息等。第一终端设备101、第二终端设备102、第三终端设备103上可以安装有各种通讯客户端应用,例如购物类应用、网页浏览器应用、搜索类应用、即时通信工具、邮箱客户端、社交平台软件等(仅为示例)。The user may use at least one of the first terminal device 101, the second terminal device 102, and the third terminal device 103 to interact with the server 105 through the network 104 to receive or send messages, etc. Various communication client applications may be installed on the first terminal device 101, the second terminal device 102, and the third terminal device 103, such as shopping applications, web browser applications, search applications, instant messaging tools, email clients, social platform software, etc. (only for example).

第一终端设备101、第二终端设备102、第三终端设备103可以是具有显示屏并且支持网页浏览的各种电子设备,包括但不限于智能手机、 平板电脑、膝上型便携计算机和台式计算机等等。The first terminal device 101, the second terminal device 102, and the third terminal device 103 can be various electronic devices with display screens and supporting web browsing, including but not limited to smart phones, Tablets, laptops, desktops, and more.

服务器105可以是提供各种服务的服务器,例如对用户利用第一终端设备101、第二终端设备102、第三终端设备103所浏览的网站提供支持的后台管理服务器(仅为示例)。后台管理服务器可以对接收到的用户请求等数据进行分析等处理,并将处理结果(例如根据用户请求获取或生成的网页、信息、或数据等)反馈给终端设备。The server 105 may be a server that provides various services, such as a background management server (only as an example) that provides support for websites browsed by users using the first terminal device 101, the second terminal device 102, and the third terminal device 103. The background management server may analyze and process the received data such as user requests, and feed back the processing results (such as web pages, information, or data obtained or generated according to user requests) to the terminal device.

需要说明的是,本公开实施例所提供的网关服务请求的处理方法、云原生网关系统的管理方法一般可以由服务器105执行。相应地,本公开实施例所提供的网关服务请求的处理装置、云原生网关系统的管理装置一般可以设置于服务器105中。本公开实施例所提供的网关服务请求的处理方法、云原生网关系统的管理方法也可以由不同于服务器105且能够与第一终端设备101、第二终端设备102、第三终端设备103和/或服务器105通信的服务器或服务器集群执行。相应地,本公开实施例所提供的网关服务请求的处理装置、云原生网关系统的管理装置也可以设置于不同于服务器105且能够与第一终端设备101、第二终端设备102、第三终端设备103和/或服务器105通信的服务器或服务器集群中。It should be noted that the method for processing the gateway service request and the method for managing the cloud native gateway system provided in the embodiment of the present disclosure can generally be executed by the server 105. Accordingly, the processing device for the gateway service request and the management device for the cloud native gateway system provided in the embodiment of the present disclosure can generally be set in the server 105. The method for processing the gateway service request and the management method for the cloud native gateway system provided in the embodiment of the present disclosure can also be executed by a server or server cluster that is different from the server 105 and can communicate with the first terminal device 101, the second terminal device 102, the third terminal device 103 and/or the server 105. Accordingly, the processing device for the gateway service request and the management device for the cloud native gateway system provided in the embodiment of the present disclosure can also be set in a server or server cluster that is different from the server 105 and can communicate with the first terminal device 101, the second terminal device 102, the third terminal device 103 and/or the server 105.

备选地,本公开实施例所提供的网关服务请求的处理方法、云原生网关系统的管理方法也可以由第一终端设备101、第二终端设备102或第三终端设备103执行,或者也可以由不同于第一终端设备101、第二终端设备102或第三终端设备103的其他终端设备执行。相应地,本公开实施例所提供的网关服务请求的处理装置、云原生网关系统的管理装置也可以设置于第一终端设备101、第二终端设备102或第三终端设备103中,或设置于不同于第一终端设备101、第二终端设备102或第三终端设备103的其他终端设备中。Alternatively, the method for processing a gateway service request and the method for managing a cloud-native gateway system provided in the embodiments of the present disclosure may also be executed by the first terminal device 101, the second terminal device 102, or the third terminal device 103, or may also be executed by other terminal devices different from the first terminal device 101, the second terminal device 102, or the third terminal device 103. Accordingly, the device for processing a gateway service request and the device for managing a cloud-native gateway system provided in the embodiments of the present disclosure may also be provided in the first terminal device 101, the second terminal device 102, or the third terminal device 103, or in other terminal devices different from the first terminal device 101, the second terminal device 102, or the third terminal device 103.

应该理解,图1中的终端设备、网络和服务器的数目仅仅是示意性的。根据实现需要,可以具有任意数目的终端设备、网络和服务器。It should be understood that the number of terminal devices, networks and servers in Figure 1 is only illustrative. Any number of terminal devices, networks and servers may be provided according to implementation requirements.

应注意,以下方法中各个操作的序号仅作为该操作的表示以便描述,而不应被看作表示该各个操作的执行顺序。除非明确指出,否则该方法不需要完全按照所示顺序来执行。 It should be noted that the sequence numbers of the operations in the following method are only used as representations of the operations for the purpose of description, and should not be regarded as representing the execution order of the operations. Unless explicitly stated, the method does not need to be executed completely in the order shown.

图2示意性示出了根据本公开实施例的网关服务请求的处理方法的流程图。FIG2 schematically shows a flow chart of a method for processing a gateway service request according to an embodiment of the present disclosure.

如图2所示,该网关服务请求的处理方法200包括操作S210~S240。As shown in FIG. 2 , the gateway service request processing method 200 includes operations S210 to S240 .

在操作S210,响应于接收到待处理网关服务请求,根据预设映射关系和待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息。In operation S210, in response to receiving a pending gateway service request, target gateway cluster information corresponding to the target gateway cluster, target gateway information corresponding to the target gateway, and target service information corresponding to the target service are determined according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request.

在操作S220,根据目标网关集群信息、目标网关信息和目标服务信息,确定与目标服务对应的至少一个容器组各自的运行状态。In operation S220, the operating state of each of at least one container group corresponding to the target service is determined according to the target gateway cluster information, the target gateway information, and the target service information.

在操作S230,根据与目标服务对应的至少一个容器组各自的运行状态,在至少一个容器组中确定目标容器组。In operation S230, a target container group is determined in the at least one container group according to the respective running states of the at least one container group corresponding to the target service.

在操作S240,将待处理网关服务请求发送至目标容器组,以便于目标容器组对待处理网关服务请求进行处理。In operation S240 , the to-be-processed gateway service request is sent to the target container group, so that the target container group processes the to-be-processed gateway service request.

根据本公开的实施例,网关服务请求的处理方法可以是基于容器编排引擎Kubernetes实现的。在Kubernetes中,可以创建多个容器,在每个容器中运行一个应用实例,并可以通过内置略,实现对应用实例的管理和访问。例如,可以通过网关代理将Kubernetes内的服务暴露到集群外部或者将集群外部的请求转发至集群内部,以供集群外部的客户端进行访问。According to an embodiment of the present disclosure, a method for processing a gateway service request can be implemented based on the container orchestration engine Kubernetes. In Kubernetes, multiple containers can be created, an application instance can be run in each container, and the application instance can be managed and accessed through the built-in strategy. For example, a service in Kubernetes can be exposed to the outside of the cluster or a request outside the cluster can be forwarded to the inside of the cluster through a gateway proxy for access by clients outside the cluster.

根据本公开的实施例,实现Kubernetes和客户端之间交互的方式可以包括以下至少之一:基于Ingress和Ingress Controller的方式、基于gateway和gatewayController的方式。Ingress和gateway可以指由客户端自定义的路由规则。IngressController和gatewayController可以由软件供应商提供,可以通过与Kubernetes的交互,动态感知集群中路由规则的变化。According to an embodiment of the present disclosure, the method of implementing the interaction between Kubernetes and the client may include at least one of the following: a method based on Ingress and Ingress Controller, and a method based on gateway and gatewayController. Ingress and gateway may refer to routing rules customized by the client. IngressController and gatewayController may be provided by software vendors, and may dynamically perceive changes in routing rules in the cluster through interaction with Kubernetes.

根据本公开的实施例,可以将生成待处理网关服务请求的代码预先写入目标脚本中,响应于检测到目标用户利用目标终端发起的网关服务处理操作,目标终端可以运行该目标脚本,生成待处理网关服务请求报文并将该报文发送至服务器,以便于服务器对该待处理网关服 务请求报文进行处理。According to an embodiment of the present disclosure, a code for generating a pending gateway service request may be pre-written into a target script. In response to detecting a gateway service processing operation initiated by a target user using a target terminal, the target terminal may run the target script to generate a pending gateway service request message and send the message to a server, so that the server can process the pending gateway service request. Service request message for processing.

根据本公开的实施例,预设映射关系可以包括以下至少之一:虚拟互联网协议地址(Virtual IP Address,VIP)信息和网关集群信息之间的预设映射关系、网关地址信息和网关信息之间的预设映射关系、服务端口信息和服务信息之间的预设映射关系。According to an embodiment of the present disclosure, the preset mapping relationship may include at least one of the following: a preset mapping relationship between virtual Internet Protocol address (VIP) information and gateway cluster information, a preset mapping relationship between gateway address information and gateway information, and a preset mapping relationship between service port information and service information.

根据本公开的实施例,网关集群信息可以用于描述不同的网关集群。网关集群信息可以包括网关集群标识和网关集群名称中的至少之一。例如,可以根据虚拟互联网协议地址信息和网关集群信息之间的预设映射关系,确定与待处理服务配置信息相匹配的虚拟互联网协议地址信息,在此情况下,可以将与该虚拟互联网协议地址信息对应的网关集群信息确定为目标网关集群信息。According to an embodiment of the present disclosure, gateway cluster information can be used to describe different gateway clusters. The gateway cluster information can include at least one of a gateway cluster identifier and a gateway cluster name. For example, the virtual Internet Protocol address information matching the service configuration information to be processed can be determined based on a preset mapping relationship between the virtual Internet Protocol address information and the gateway cluster information. In this case, the gateway cluster information corresponding to the virtual Internet Protocol address information can be determined as the target gateway cluster information.

根据本公开的实施例,网关集群可以包括至少一个网关。至少一个网关可以各自对应有网关地址信息。例如,网关可以指API网关(即Application Programming Interface,应用程序接口gateway)。网关可以包括以下至少之一:Spring Cloud Gateway网关和Nginx网关。网关可以根据接收到的来自于客户端的请求进行路由,以便于将该请求转发至对应的后端服务。此外,网关可以根据接收到的来自于后端服务的数据进行路由,以便于将该数据转发至对应的客户端。According to an embodiment of the present disclosure, a gateway cluster may include at least one gateway. At least one gateway may each correspond to gateway address information. For example, the gateway may refer to an API gateway (i.e., Application Programming Interface, application program interface gateway). The gateway may include at least one of the following: Spring Cloud Gateway gateway and Nginx gateway. The gateway may route according to the request received from the client so as to forward the request to the corresponding backend service. In addition, the gateway may route according to the data received from the backend service so as to forward the data to the corresponding client.

根据本公开的实施例,网关信息可以用于描述不同的网关。网关信息可以包括网关标识和网关名称中的至少之一。例如,可以根据网关地址信息和网关信息之间的预设映射关系,确定与待处理服务配置信息相匹配的网关地址信息,在此情况下,可以将与该网关地址信息对应的网关信息确定为目标网关信息。According to an embodiment of the present disclosure, gateway information can be used to describe different gateways. Gateway information can include at least one of a gateway identifier and a gateway name. For example, gateway address information matching the service configuration information to be processed can be determined based on a preset mapping relationship between gateway address information and gateway information. In this case, gateway information corresponding to the gateway address information can be determined as target gateway information.

根据本公开的实施例,至少一个网关中的每个网关可以各自对应有至少一个服务。至少一个服务可以各自对应有服务端口信息。服务信息可以用于描述不同的服务。服务信息可以包括服务标识和服务名称中的至少之一。例如,可以根据服务端口信息和服务信息之间的预设映射关系,确定与待处理服务配置信息相匹配的服务端口信息,在此情况下,可以将与该服务端口信息对应的服务信息确定为目标服务 信息。According to an embodiment of the present disclosure, each of the at least one gateway may correspond to at least one service. At least one service may correspond to service port information. The service information may be used to describe different services. The service information may include at least one of a service identifier and a service name. For example, the service port information matching the service configuration information to be processed may be determined based on a preset mapping relationship between the service port information and the service information. In this case, the service information corresponding to the service port information may be determined as the target service. information.

根据本公开的实施例,至少一个服务中的每个服务可以各自对应有至少一个容器组(即pod)。容器组可以表征容器集群中创建和管理的最小可部署计算单元。至少一个容器组中的每个容器组均可以包括至少一个容器。至少一个容器组可以各自对应有容器组地址信息。在获得目标网关集群信息、目标网关信息和目标服务信息之后,可以根据与该目标服务对应的至少一个容器组各自的容器组地址信息,确定至少一个容器组各自的运行状态。运行状态可以用于表征容器组是否正常运行。According to an embodiment of the present disclosure, each service in at least one service may correspond to at least one container group (i.e., pod). A container group may represent the smallest deployable computing unit created and managed in a container cluster. Each container group in at least one container group may include at least one container. At least one container group may correspond to container group address information. After obtaining the target gateway cluster information, the target gateway information, and the target service information, the operating status of at least one container group may be determined according to the container group address information of at least one container group corresponding to the target service. The operating status may be used to characterize whether the container group is running normally.

根据本公开的实施例,在获得与目标服务对应的至少一个容器组各自的运行状态之后,可以根据至少一个容器组各自的运行状态,在至少一个容器组中确定目标容器组。例如,可以将运行状态表征正常运行的容器组确定为目标容器组。According to an embodiment of the present disclosure, after obtaining the respective operating status of at least one container group corresponding to the target service, a target container group can be determined in the at least one container group according to the respective operating status of the at least one container group. For example, a container group whose operating status indicates normal operation can be determined as the target container group.

根据本公开的实施例,在确定目标容器组之后,可以根据与该目标容器组对应的容器组地址信息,将待处理网关服务请求发送至目标容器组,以便于目标容器组对该待处理网关服务请求进行处理并返回处理结果报文。According to an embodiment of the present disclosure, after determining the target container group, the to-be-processed gateway service request can be sent to the target container group according to the container group address information corresponding to the target container group, so that the target container group processes the to-be-processed gateway service request and returns a processing result message.

根据本公开的实施例,由于目标容器组是根据与目标服务对应的至少一个容器组各自的运行状态确定的,而运行状态是根据目标网关集群信息、目标网关信息和目标服务信息确定的,因而能够确定运行状态为正常运行的目标容器组。在此基础上,通过将待处理网关服务请求发送至目标容器组,由此实现了网关服务请求自动路由,通过利用目标容器组对待处理网关服务请求进行处理,由此实现了网关服务请求的自动处理,因而至少部分地克服了相关技术中无法保障Kubernetes中资源和服务的高可用的技术问题,提高了请求处理的稳定性,从而保障了资源和服务的高可用。According to the embodiments of the present disclosure, since the target container group is determined according to the respective operating states of at least one container group corresponding to the target service, and the operating state is determined according to the target gateway cluster information, the target gateway information and the target service information, it is possible to determine the target container group whose operating state is normal operation. On this basis, by sending the pending gateway service request to the target container group, automatic routing of the gateway service request is achieved, and by using the target container group to process the pending gateway service request, automatic processing of the gateway service request is achieved, thereby at least partially overcoming the technical problem in the related art that the high availability of resources and services in Kubernetes cannot be guaranteed, and improving the stability of request processing, thereby ensuring the high availability of resources and services.

下面参考图3、图4、图5A、图5B、图6、图7和图8,对根据本公开实施例的网关服务请求的处理方法200做进一步说明。The method 200 for processing a gateway service request according to an embodiment of the present disclosure will be further described below with reference to FIGS. 3 , 4 , 5A, 5B, 6 , 7 and 8 .

根据本公开的实施例,网关服务请求的处理方法200可以是基于 gatewayController实现的。gatewayController能够监听gateway的更新事件,为gateway分配虚拟互联网协议地址,并能够将gateway监听内容存储到分布式注册服务中心(例如ETCD)。此外,gatewayController能够监听httproute上的域名、路径、请求参数重写、后端和权重等,并能够将httproute监听内容存储到分布式注册服务中心。According to an embodiment of the present disclosure, the gateway service request processing method 200 may be based on The gatewayController is implemented by gatewayController. The gatewayController can monitor the update events of the gateway, assign a virtual Internet Protocol address to the gateway, and store the gateway monitoring content to the distributed registration service center (such as ETCD). In addition, the gatewayController can monitor the domain name, path, request parameter rewrite, backend and weight on the httproute, and store the httproute monitoring content to the distributed registration service center.

根据本公开的实施例,在gateway的v1beta版本原生语义的基础上,通过对k8s-gateway标准进行扩展和补充,形成gatewayController的代码逻辑,由此实现网关控制面服务。通过利用前端代理对开源网关监听端口进行动态添加和删除,由此实现数据面服务。在此基础上,通过gatewayController和前端代理配合完成对VIP的调度,由此形成完整的云原生七层网关服务。以下将根据具体实施例对此进行说明。According to the embodiments of the present disclosure, based on the native semantics of the v1beta version of the gateway, the code logic of the gatewayController is formed by expanding and supplementing the k8s-gateway standard, thereby realizing the gateway control plane service. By using the front-end agent to dynamically add and delete the open source gateway listening port, the data plane service is realized. On this basis, the scheduling of VIP is completed through the cooperation of the gatewayController and the front-end agent, thereby forming a complete cloud-native seven-layer gateway service. This will be explained below according to specific embodiments.

根据本公开的实施例,操作S210可以包括如下操作。According to an embodiment of the present disclosure, operation S210 may include the following operations.

根据待处理网关服务配置信息,确定目标虚拟互联网协议地址信息。根据第一预设映射关系和目标虚拟互联网协议地址信息,确定与目标网关集群对应的目标网关集群信息。根据目标网关集群信息,确定与目标网关对应的网关地址信息和与目标服务对应的服务端口信息。根据第二预设映射关系和网关地址信息,确定目标网关信息。根据第三预设映射关系和服务端口信息,确定目标服务信息。Determine the target virtual Internet Protocol address information according to the gateway service configuration information to be processed. Determine the target gateway cluster information corresponding to the target gateway cluster according to the first preset mapping relationship and the target virtual Internet Protocol address information. Determine the gateway address information corresponding to the target gateway and the service port information corresponding to the target service according to the target gateway cluster information. Determine the target gateway information according to the second preset mapping relationship and the gateway address information. Determine the target service information according to the third preset mapping relationship and the service port information.

根据本公开的实施例,网关集群、网关和服务可以属于自定义资源(Custom Resource Definition,CRD)。在获得待处理网关服务配置信息之后,可以对待处理网关服务配置信息进行处理,得到处理结果。根据处理结果,确定目标虚拟网络地址信息。目标虚拟网络地址信息可以用于指示目标网关集群。对待处理服务配置信息的处理方式可以根据实际业务需求进行配置,在此不作限定。例如,可以对待处理服务配置信息进行解析处理,得到与待处理服务请求对应的域名信息。在此基础上,再根据域名信息,确定目标虚拟网络地址信息。According to an embodiment of the present disclosure, a gateway cluster, a gateway, and a service may belong to a custom resource (Custom Resource Definition, CRD). After obtaining the configuration information of the gateway service to be processed, the configuration information of the gateway service to be processed may be processed to obtain a processing result. According to the processing result, the target virtual network address information is determined. The target virtual network address information may be used to indicate the target gateway cluster. The processing method of the service configuration information to be processed may be configured according to actual business needs and is not limited here. For example, the service configuration information to be processed may be parsed to obtain the domain name information corresponding to the service request to be processed. On this basis, the target virtual network address information is determined according to the domain name information.

根据本公开的实施例,第一预设映射关系可以用于表征虚拟互联网协议地址信息和网关集群信息之间的预设映射关系。第一预设映射 关系可以包括至少一个第一键值关系。可以根据虚拟互联网协议地址信息和网关集群信息,创建第一键值关系。第一键值关系可以包括虚拟互联网协议地址信息和网关集群信息之间的一一对应关系。网关集群可以使用gatewayclass表征。gatewayclass可以指一组具有共同配置和行为的网关。网关集群可以用于描述k8s运维对不同网关服务的定义,实现有选择地向业务运维授权符合业务场景的网关集群。According to an embodiment of the present disclosure, the first preset mapping relationship can be used to characterize the preset mapping relationship between the virtual Internet Protocol address information and the gateway cluster information. The relationship may include at least one first key-value relationship. The first key-value relationship may be created based on the virtual Internet Protocol address information and the gateway cluster information. The first key-value relationship may include a one-to-one correspondence between the virtual Internet Protocol address information and the gateway cluster information. The gateway cluster may be represented by a gatewayclass. A gatewayclass may refer to a group of gateways with common configurations and behaviors. A gateway cluster may be used to describe the definition of different gateway services by k8s operation and maintenance, and to selectively authorize a gateway cluster that meets the business scenario to the business operation and maintenance.

根据本公开的实施例,第二预设映射关系可以用于表征网关地址信息和网关信息之间的预设映射关系。网关可以使用gateway表征。gateway可以指能够将流量转换至集群内部服务的点。gateway可以用于描述业务运维对网关使用范围的定义,例如,可以由何种namespace下的业务使用。此外,gateway具有VIP和监听端口,业务运维可以通过gateway向符合使用范围的业务用户授权。According to an embodiment of the present disclosure, a second preset mapping relationship can be used to characterize a preset mapping relationship between gateway address information and gateway information. A gateway can be characterized by a gateway. A gateway can refer to a point that can convert traffic to a service within a cluster. A gateway can be used to describe the business operation and maintenance definition of the scope of use of a gateway, for example, by which services under which namespace can use it. In addition, a gateway has a VIP and a listening port, and business operation and maintenance can authorize business users who meet the scope of use through a gateway.

根据本公开的实施例,第三预设映射关系可以用于表征服务端口信息和服务信息之间的预设映射关系。路由可以使用httproute表征。httproute可以指通过网关获得的流量如何映射到服务。httproute可以用于描述业务用户对业务服务的匹配规则描述,例如,可以将域名、路径和后端绑定到gateway上,以实现对外暴露服务。According to an embodiment of the present disclosure, the third preset mapping relationship can be used to characterize the preset mapping relationship between the service port information and the service information. The route can be characterized by httproute. httproute can refer to how the traffic obtained through the gateway is mapped to the service. httproute can be used to describe the matching rule description of the business user for the business service. For example, the domain name, path and backend can be bound to the gateway to realize external exposure of the service.

根据本公开的实施例,由于目标网关集群信息是根据第一预设映射关系和目标虚拟互联网协议地址信息确定的,目标网关信息是根据第二预设映射关系和网关地址信息确定的,目标服务信息是根据第三预设映射关系和服务端口信息确定的,由此实现了根据待处理网关服务配置信息自动确定目标网关集群信息、目标网关信息和目标服务信息,提高了信息处理的效率,进而提高了网关服务请求的处理的效率。According to the embodiments of the present disclosure, since the target gateway cluster information is determined based on the first preset mapping relationship and the target virtual Internet Protocol address information, the target gateway information is determined based on the second preset mapping relationship and the gateway address information, and the target service information is determined based on the third preset mapping relationship and the service port information, it is possible to automatically determine the target gateway cluster information, target gateway information and target service information based on the gateway service configuration information to be processed, thereby improving the efficiency of information processing and thereby improving the efficiency of processing gateway service requests.

图3示意性示出了根据本公开实施例的根据预设映射关系和待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息的示例示意图。Figure 3 schematically shows an example schematic diagram of determining the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request according to an embodiment of the present disclosure.

如图3所示,在300中,以至少一个网关集群包括网关集群304_1和网关集群304_2,与网关集群304_1对应的至少一个网关包括网关 304_11和网关304_12,与网关304_11对应的至少一个服务包括服务304_111,与网关304_12对应的至少一个服务包括服务304_121和服务304_122,与网关集群304_2对应的至少一个网关包括网关304_21和网关304_22,与网关304_21对应的至少一个服务包括服务304_211、服务304_212和服务304_213,与网关304_22对应的至少一个服务包括服务304_221为例示例性示出本公开实施例的信息确定方法。As shown in FIG. 3 , in 300 , at least one gateway cluster includes a gateway cluster 304_1 and a gateway cluster 304_2, and at least one gateway corresponding to the gateway cluster 304_1 includes a gateway 304_11 and gateway 304_12, at least one service corresponding to gateway 304_11 includes service 304_111, at least one service corresponding to gateway 304_12 includes service 304_121 and service 304_122, at least one gateway corresponding to gateway cluster 304_2 includes gateway 304_21 and gateway 304_22, at least one service corresponding to gateway 304_21 includes service 304_211, service 304_212 and service 304_213, and at least one service corresponding to gateway 304_22 includes service 304_221 as an example to illustrate the information determination method of an embodiment of the present disclosure.

响应于接收到待处理网关服务请求301,可以根据待处理网关服务请求301中的待处理网关服务配置信息301_1,确定目标虚拟互联网协议地址信息302。根据目标虚拟互联网协议地址信息302和第一预设映射关系,确定与网关集群304_2对应的目标网关集群信息。可以根据与网关集群304_2对应的目标网关集群信息,确定网关地址信息305和服务端口信息307。可以根据网关地址信息305和第二预设映射关系306,确定与网关304_21对应的目标网关信息。可以根据服务端口信息307和第三预设映射关系308,确定与服务304_212对应的目标服务信息。In response to receiving the pending gateway service request 301, the target virtual Internet Protocol address information 302 can be determined according to the pending gateway service configuration information 301_1 in the pending gateway service request 301. According to the target virtual Internet Protocol address information 302 and the first preset mapping relationship, the target gateway cluster information corresponding to the gateway cluster 304_2 is determined. According to the target gateway cluster information corresponding to the gateway cluster 304_2, the gateway address information 305 and the service port information 307 can be determined. According to the gateway address information 305 and the second preset mapping relationship 306, the target gateway information corresponding to the gateway 304_21 can be determined. According to the service port information 307 and the third preset mapping relationship 308, the target service information corresponding to the service 304_212 can be determined.

根据本公开的实施例,根据待处理网关服务配置信息,确定目标虚拟互联网协议地址信息可以包括如下操作。According to an embodiment of the present disclosure, determining target virtual Internet Protocol address information according to the to-be-processed gateway service configuration information may include the following operations.

响应于接收到待处理网关服务请求,对待处理网关服务配置信息进行解析处理,得到与待处理网关服务请求对应的域名信息。根据域名信息,确定目标虚拟网络地址信息。In response to receiving the pending gateway service request, the pending gateway service configuration information is parsed to obtain domain name information corresponding to the pending gateway service request, and the target virtual network address information is determined according to the domain name information.

根据本公开地实施例,域名信息可以指由一串用点分隔的名字组成的因特网上某台计算机或计算机组的名称。域名信息可以用于在数据传输时标识计算机的电子方位。According to an embodiment of the present disclosure, domain name information may refer to the name of a computer or computer group on the Internet consisting of a string of names separated by dots. Domain name information may be used to identify the electronic location of a computer during data transmission.

根据本公开地实施例,在获得域名信息之后,可以进一步对域名信息进行域名解析处理,以将域名信息映射转换为IP地址,得到目标虚拟网络地址信息。域名解析处理的方式可以根据实际业务需求进行配置,在此不作限定。例如,域名解析处理的方式可以包括以下至少之一:递归解析和反复解析。递归解析可以指一次性完成名字和地址的变换。反复解析可以指每次请求单一的服务器。According to the embodiments of the present disclosure, after obtaining the domain name information, the domain name information can be further subjected to domain name resolution processing to map the domain name information into an IP address and obtain the target virtual network address information. The domain name resolution processing method can be configured according to actual business needs and is not limited here. For example, the domain name resolution processing method can include at least one of the following: recursive resolution and iterative resolution. Recursive resolution can refer to completing the transformation of a name and an address at one time. Iterative resolution can refer to requesting a single server each time.

根据本公开的实施例,至少一个第二键值关系可以是通过如下方 式构建得到的。According to an embodiment of the present disclosure, at least one second key-value relationship may be: The formula is constructed.

针对至少一个第二键值关系中的每个第二键值关系,响应于接收到网关创建指令,获取网关标识、网关配置信息和网关集群标识。根据网关集群标识,确定与网关集群标识对应的虚拟网络地址信息。根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息。将网关地址信息确定为第二键信息。将网关配置信息确定为第二值信息。根据第二键信息和第二值信息,构建第二键值关系。For each second key-value relationship in at least one second key-value relationship, in response to receiving a gateway creation instruction, a gateway identifier, gateway configuration information, and a gateway cluster identifier are obtained. According to the gateway cluster identifier, virtual network address information corresponding to the gateway cluster identifier is determined. According to the target routing protocol and the virtual network address information, the gateway address information corresponding to the gateway identifier is determined. The gateway address information is determined as the second key information. The gateway configuration information is determined as the second value information. A second key-value relationship is constructed according to the second key information and the second value information.

根据本公开的实施例,第二预设映射关系可以包括至少一个第二键值关系。第二键值关系可以包括第二键信息和第二值信息。According to an embodiment of the present disclosure, the second preset mapping relationship may include at least one second key-value relationship. The second key-value relationship may include second key information and second value information.

根据本公开的实施例,Kubernetes集群可以在监听到存在新创建的网关的情况下,获取新创建的网关配置信息,并以此生成网关创建指令。网关配置信息可以包括以下至少之一:网关标识和网关集群标识。According to an embodiment of the present disclosure, the Kubernetes cluster can obtain the newly created gateway configuration information when monitoring the existence of a newly created gateway, and generate a gateway creation instruction based on the information. The gateway configuration information may include at least one of the following: a gateway identifier and a gateway cluster identifier.

根据本公开的实施例,可以将生成网关创建指令的代码预先写入第一脚本中,响应于检测到目标用户利用目标终端发起的网关创建操作,目标终端可以运行该第一脚本,生成网关创建指令报文并将该报文发送至服务器,以便于服务器根据该报文创建网关。According to an embodiment of the present disclosure, the code for generating a gateway creation instruction can be pre-written into a first script. In response to detecting a gateway creation operation initiated by a target user using a target terminal, the target terminal can run the first script, generate a gateway creation instruction message and send the message to the server, so that the server can create a gateway according to the message.

根据本公开的实施例,目标路由协议可以用于实现私网IP地址和公网IP地址之间的转换,以实现访问互联网。私网IP地址可以指在局域网中使用的地址。公网IP地址可以指在互联网上能够直接访问的地址。According to an embodiment of the present disclosure, a target routing protocol can be used to implement conversion between private IP addresses and public IP addresses to access the Internet. A private IP address can refer to an address used in a local area network. A public IP address can refer to an address that can be directly accessed on the Internet.

根据本公开的实施例,目标路由协议可以根据实际业务需求进行配置,在此不作限定。例如,目标路由协议可以包括以下至少之一:ALL-IN模式路由协议、等价多路径路由协议(Equal Cost Multi Path,ECMP)、边界网关路由协议(Border Gateway Protocol,BGP)和开放式最短路径优先路由协议(Open Shortest Path First,OSPF)。According to the embodiments of the present disclosure, the target routing protocol can be configured according to actual business needs, which is not limited here. For example, the target routing protocol can include at least one of the following: ALL-IN mode routing protocol, Equal Cost Multi Path (ECMP), Border Gateway Protocol (BGP), and Open Shortest Path First (OSPF).

根据本公开的实施例,可以根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息。在获得虚拟网络地址信息和网关地址信息之后,可以根据网关地址信息和网关配置信息,创建 第二键值关系。第二键值关系可以包括网关地址信息和网关配置信息之间的一一对应关系。According to an embodiment of the present disclosure, the gateway address information corresponding to the gateway identifier can be determined according to the target routing protocol and the virtual network address information. After obtaining the virtual network address information and the gateway address information, the gateway address information and the gateway configuration information can be used to create a gateway address. Second key-value relationship: The second key-value relationship may include a one-to-one correspondence between gateway address information and gateway configuration information.

根据本公开的实施例,在此情况下,根据第二预设映射关系和网关地址信息,确定目标网关信息可以包括:根据网关地址信息和与至少一个第二键值关系各自对应的第二键信息,确定至少一个第一相似度。根据至少一个第一相似度,确定目标第二键信息。根据目标第二键信息,确定与目标第二值信息对应的目标第二值信息。根据与目标第二值信息对应的网关配置信息,确定目标网关信息。According to an embodiment of the present disclosure, in this case, determining the target gateway information according to the second preset mapping relationship and the gateway address information may include: determining at least one first similarity according to the gateway address information and the second key information corresponding to each of the at least one second key-value relationships. Determining the target second key information according to the at least one first similarity. Determining the target second value information corresponding to the target second value information according to the target second key information. Determining the target gateway information according to the gateway configuration information corresponding to the target second value information.

根据本公开的实施例,由于第二预设映射关系可以包括至少一个第二键值关系,第二键值关系是响应于接收到网关创建指令确定的,因而第二键值关系可以包括网关地址信息和网关配置信息之间的一一对应关系,有利于后续利用该第二预设映射关系自动确定目标网关信息,由此提高了目标网关信息确定的效率,进而提高了网关服务请求的处理的效率。According to an embodiment of the present disclosure, since the second preset mapping relationship may include at least one second key-value relationship, and the second key-value relationship is determined in response to receiving a gateway creation instruction, the second key-value relationship may include a one-to-one correspondence between gateway address information and gateway configuration information, which is beneficial for the subsequent use of the second preset mapping relationship to automatically determine the target gateway information, thereby improving the efficiency of determining the target gateway information, and further improving the efficiency of processing gateway service requests.

图4示意性示出了根据本公开实施例的构建第二键值关系的示例示意图。FIG. 4 schematically shows an example schematic diagram of constructing a second key-value relationship according to an embodiment of the present disclosure.

如图4所示,在400中,响应于接收到网关创建指令401,可以获取网关配置信息401_1、网关集群标识401_2和网关标识401_3。As shown in FIG. 4 , in 400 , in response to receiving a gateway creation instruction 401 , gateway configuration information 401_1 , a gateway cluster identifier 401_2 , and a gateway identifier 401_3 may be acquired.

可以根据网关集群标识识401_2,确定与网关集群标识识401_2对应的虚拟网络地址信息402。在获得虚拟网络地址信息402之后,可以根据目标路由协议403和虚拟网络地址信息402,确定与网关标识401_3对应的网关地址信息404。The virtual network address information 402 corresponding to the gateway cluster identification 401_2 can be determined according to the gateway cluster identification 401_2. After the virtual network address information 402 is obtained, the gateway address information 404 corresponding to the gateway identification 401_3 can be determined according to the target routing protocol 403 and the virtual network address information 402.

在获得网关地址信息404之后,可以将网关地址信息404确定为第二键信息405。将网关配置信息401_1确定为第二值信息406。根据第二键信息405和第二值信息406,构建第二键值关系407。After obtaining the gateway address information 404, the gateway address information 404 may be determined as the second key information 405. The gateway configuration information 401_1 may be determined as the second value information 406. According to the second key information 405 and the second value information 406, a second key-value relationship 407 may be constructed.

根据本公开的实施例,在目标路由协议为边界网关协议的情况下,根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息可以包括如下操作。According to an embodiment of the present disclosure, when the target routing protocol is the Border Gateway Protocol, determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include the following operations.

根据虚拟互联网协议地址信息,配置第一资源池,其中,第一资 源池包括至少一个第一候选地址信息。根据第一资源池,在至少一个第一候选地址信息中确定目标地址信息。根据边界网关协议,经由任意两个前端代理发布目标地址信息,以便于将目标地址信息确定为网关地址信息。According to the virtual Internet Protocol address information, a first resource pool is configured, wherein the first resource The source pool includes at least one first candidate address information. According to the first resource pool, the target address information is determined in the at least one first candidate address information. According to the border gateway protocol, the target address information is published via any two front-end agents so as to determine the target address information as the gateway address information.

根据本公开的实施例,边界网关协议可以指用于在不同自治系统(Autonomous System,AS)之间,或用于同一自治系统内部交换路由信息的动态路由协议。例如,在两个自治系统需要交换路由信息的情况下,可以为每个自治系统指定一个运行边界网关协议的节点,并由该节点代表自治系统与其它自治系统交换路由信息。According to an embodiment of the present disclosure, the border gateway protocol may refer to a dynamic routing protocol used to exchange routing information between different autonomous systems (Autonomous System, AS) or within the same autonomous system. For example, when two autonomous systems need to exchange routing information, a node running the border gateway protocol may be designated for each autonomous system, and the node represents the autonomous system to exchange routing information with other autonomous systems.

根据本公开的实施例,运行边界网关协议的节点可以包括主机和路由器中的至少之一。以节点为路由器为例,在路由器接收到来自于上游邻居的路由信息之后,可以将本设备学习到的动态路由协议中最优的路由下刷给驱动以指导流量转发,同时可以将本设备学习到的动态路由协议中最优的路由向邻居通告。According to an embodiment of the present disclosure, a node running a border gateway protocol may include at least one of a host and a router. Taking a router as an example, after the router receives routing information from an upstream neighbor, the best route in the dynamic routing protocol learned by the device can be flushed to the driver to guide traffic forwarding, and the best route in the dynamic routing protocol learned by the device can be notified to the neighbor.

根据本公开的实施例,第一资源池可以包括至少一个第一候选地址信息。第一候选地址信息可以指VIP地址。至少一个第一候选地址信息可以由gatewayContrller进行管理与调度。第一资源池可以包括以下至少之一:第一动态资源池(即Dynamic Pool)和第一静态资源池(即Static Pool)。According to an embodiment of the present disclosure, the first resource pool may include at least one first candidate address information. The first candidate address information may refer to a VIP address. At least one first candidate address information may be managed and scheduled by a gatewayContrller. The first resource pool may include at least one of the following: a first dynamic resource pool (i.e., Dynamic Pool) and a first static resource pool (i.e., Static Pool).

根据本公开的实施例,在接收到网关创建指令之后,可以根据虚拟互联网协议地址信息,为终端配置对应的第一资源池。在确定的第一资源池之后,可以从至少一个第一候选地址信息中确定目标地址信息,将目标地址信息返回给网关。此外,可以将与网关对应的网关地址信息的发布任务通知给任意两个前端代理(即agent),并经由该任意两个前端代理基于边界网关协议向交换机发布该目标地址信息以及将目标地址信息绑定到本地回环接口。任意两个前端代理的节点可以根据实际业务需求进行设置,在此不作限定,只需保证是偶数个节点即可。例如,可以为第2n节点和第2n+1节点。According to an embodiment of the present disclosure, after receiving a gateway creation instruction, a corresponding first resource pool can be configured for the terminal according to the virtual Internet Protocol address information. After the first resource pool is determined, the target address information can be determined from at least one first candidate address information, and the target address information can be returned to the gateway. In addition, the task of publishing the gateway address information corresponding to the gateway can be notified to any two front-end agents (i.e., agents), and the target address information can be published to the switch based on the border gateway protocol via the any two front-end agents, and the target address information can be bound to the local loopback interface. The nodes of any two front-end agents can be set according to actual business needs, and are not limited here. It is only necessary to ensure that there are an even number of nodes. For example, it can be the 2nth node and the 2n+1th node.

根据本公开的实施例,前端代理可以和开源网关(例如Apisix) 部署于同一容器内,通过k8s的statefulset进行多副本部署,网络模式选用host模式,可以通过k8s污点与反亲和性排斥其他容器,以实现独占节点。多副本部署可以指通过k8s的租约实现选主,即只有主节点负责监听事件和读写分布式注册服务中心。前端代理可以将监听端口reload到开源网关中,由此前端代理可以实现对开源网关监听端口的动态添加和删除。According to an embodiment of the present disclosure, the front-end proxy can be used with an open source gateway (such as Apisix) Deployed in the same container, multiple copies are deployed through k8s statefulset. The network mode uses host mode. Other containers can be excluded through k8s taints and anti-affinity to achieve exclusive nodes. Multi-copy deployment can refer to the selection of the master through the k8s lease, that is, only the master node is responsible for listening to events and reading and writing distributed registration service centers. The front-end proxy can reload the listening port to the open source gateway, so that the front-end proxy can dynamically add and delete the open source gateway listening port.

根据本公开的实施例,gatewayController可以和前端代理配合完成的对VIP的调度。例如,可以通过k8s的downwardAPI可以将PodIP和PodName映射到容器的环境变量中,前端代理可以从PodName中截取序列号,并向gatewayController上报自身的心跳和序列号。gatewayController可以对VIP进行位运算得到4段IP的十进制之和,再对Apisix节点数进行取模求余运算,以得到对应的节点。gatewayController可以将VIP写入到对应节点的分布式注册服务中心目录中,以完成对VIP的调度。According to an embodiment of the present disclosure, the gatewayController can cooperate with the front-end agent to complete the scheduling of VIP. For example, the PodIP and PodName can be mapped to the environment variables of the container through the k8s downwardAPI. The front-end agent can intercept the serial number from the PodName and report its own heartbeat and serial number to the gatewayController. The gatewayController can perform bit operations on the VIP to obtain the decimal sum of the 4-segment IP, and then perform modulus operations on the number of Apisix nodes to obtain the corresponding node. The gatewayController can write the VIP into the distributed registration service center directory of the corresponding node to complete the scheduling of the VIP.

根据本公开的实施例,由于目标地址信息是根据第一资源池,在至少一个第一候选地址信息中确定的,由此实现了目标地址信息的自动确定,从而缩短了VIP地址调度的时间,提高了VIP地址调度的处理效率,进而提高了网关地址信息确定的效率。在此基础上,由于网关地址信息是根据边界网关协议,经由任意两个前端代理发布目标地址信息来确定的,由此实现了对运维和业务用户的优化。According to the embodiments of the present disclosure, since the target address information is determined in at least one first candidate address information according to the first resource pool, the target address information is automatically determined, thereby shortening the VIP address scheduling time, improving the processing efficiency of the VIP address scheduling, and further improving the efficiency of determining the gateway address information. On this basis, since the gateway address information is determined according to the border gateway protocol through any two front-end agents publishing the target address information, optimization of operation and maintenance and business users is achieved.

图5A示意性示出了根据本公开实施例的根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息的示例示意图。FIG. 5A schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to an embodiment of the present disclosure.

如图5A所示,在500A中,可以根据虚拟互联网协议地址信息501,配置第一资源池502。第一资源池502可以包括至少一个第一候选地址信息。至少一个第一候选地址信息可以包括第一候选地址信息502_1、第一候选地址信息502_2、…、第一候选地址信息502_p、…、第一候选地址信息502_P。P可以是大于或等于1的整数,p∈{1,2,…,(P-1),P}。As shown in FIG. 5A, in 500A, a first resource pool 502 may be configured according to virtual Internet Protocol address information 501. The first resource pool 502 may include at least one first candidate address information. The at least one first candidate address information may include first candidate address information 502_1, first candidate address information 502_2, ..., first candidate address information 502_p, ..., first candidate address information 502_P. P may be an integer greater than or equal to 1, p∈{1, 2, ..., (P-1), P}.

可以在第一候选地址信息502_1、第一候选地址信息502_2、…、 第一候选地址信息502_p、…、第一候选地址信息502_P中确定目标地址信息503。根据边界网关协议504,经由前端代理505_1和前端代理505_2发布目标地址信息503,以便于将目标地址信息503确定为网关地址信息506。The first candidate address information 502_1, the first candidate address information 502_2, ..., The target address information 503 is determined from the first candidate address information 502_p, ..., and the first candidate address information 502_P. According to the border gateway protocol 504, the target address information 503 is published via the front-end proxy 505_1 and the front-end proxy 505_2, so that the target address information 503 is determined as the gateway address information 506.

根据本公开的实施例,在目标路由协议为等价多路径路由协议的情况下,根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息可以包括如下操作。According to an embodiment of the present disclosure, when the target routing protocol is an equal-cost multi-path routing protocol, determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include the following operations.

根据虚拟互联网协议地址信息,配置第二资源池,其中,第二资源池包括至少一个第二候选地址信息。根据第二资源池,在至少一个第二候选地址信息中确定目标地址信息。根据等价多路径路由协议,配置与目标地址信息对应的等价路由信息。将等价路由信息确定为网关地址信息。According to the virtual Internet Protocol address information, a second resource pool is configured, wherein the second resource pool includes at least one second candidate address information. According to the second resource pool, target address information is determined in the at least one second candidate address information. According to the equal-cost multi-path routing protocol, equal-cost routing information corresponding to the target address information is configured. The equal-cost routing information is determined as the gateway address information.

根据本公开的实施例,等价多路径路由协议可以指在任意网络环境下同时使用多条链路,即存在多条不同链路到达同一目的地址的网络环境。等价多路径路由协议的路径选择方法可以根据实际业务需求进行设置,在此不作限定。例如,路径选择方法可以包括以下至少之一:基于哈希的路径选择方法、基于轮询的路径选择方法和基于路径权重的路径选择方法。According to an embodiment of the present disclosure, an equal-cost multi-path routing protocol may refer to using multiple links simultaneously in any network environment, that is, a network environment in which multiple different links exist to reach the same destination address. The path selection method of the equal-cost multi-path routing protocol may be set according to actual business needs and is not limited here. For example, the path selection method may include at least one of the following: a hash-based path selection method, a polling-based path selection method, and a path weight-based path selection method.

根据本公开的实施例,第二资源池可以包括至少一个第二候选地址信息。第二候选地址信息可以指VIP地址。至少一个第二候选地址信息可以由gatewayContrller进行管理与调度。第二资源池可以包括以下至少之一:第二动态资源池(即Dynamic Pool)和第二静态资源池(即Static Pool)。According to an embodiment of the present disclosure, the second resource pool may include at least one second candidate address information. The second candidate address information may refer to a VIP address. At least one second candidate address information may be managed and scheduled by a gatewayContrller. The second resource pool may include at least one of the following: a second dynamic resource pool (i.e., Dynamic Pool) and a second static resource pool (i.e., Static Pool).

根据本公开的实施例,可以通过在交换机上配置等价路由,将VIP网段等价路由到apisix的所有节点。在接收到网关创建指令之后,可以根据虚拟互联网协议地址信息,为终端配置对应的第二资源池。在确定的第二资源池之后,可以从至少一个第二候选地址信息中确定目标地址信息,经由等价多路径路由协议配置与目标地址信息对应的等价路由信息,并将等价路由信息返回给网关。 According to an embodiment of the present disclosure, the VIP network segment can be equally routed to all nodes of apisix by configuring equal-cost routing on the switch. After receiving the gateway creation instruction, the corresponding second resource pool can be configured for the terminal according to the virtual Internet Protocol address information. After the second resource pool is determined, the target address information can be determined from at least one second candidate address information, and the equivalent routing information corresponding to the target address information can be configured via the equal-cost multipath routing protocol, and the equivalent routing information is returned to the gateway.

根据本公开的实施例,在目标路由协议为ALL-IN模式路由协议的情况下,可以将前端代理上报的apisix节点IP全部返回给网关,有业务用户自行选择其中的1个或多个IP网关地址信息。在此情况下的具体实现较为简便。According to the embodiment of the present disclosure, when the target routing protocol is an ALL-IN mode routing protocol, all the apisix node IPs reported by the front-end agent can be returned to the gateway, and the service user can select one or more IP gateway address information by himself. The specific implementation in this case is relatively simple.

根据本公开的实施例,由于目标地址信息是根据第二资源池,在至少一个第二候选地址信息中确定的,由此实现了目标地址信息的自动确定,从而缩短了VIP地址调度的时间,提高了VIP地址调度的处理效率,进而提高了网关地址信息确定的效率。在此基础上,由于网关地址信息是根据等价多路径路由协议,通过配置与目标地址信息对应的等价路由信息来确定的,因而对业务用户较为友好,提高了用户体验。According to the embodiments of the present disclosure, since the target address information is determined in at least one second candidate address information according to the second resource pool, the target address information is automatically determined, thereby shortening the VIP address scheduling time, improving the processing efficiency of VIP address scheduling, and further improving the efficiency of determining the gateway address information. On this basis, since the gateway address information is determined according to the equal-cost multi-path routing protocol by configuring the equal-cost routing information corresponding to the target address information, it is more friendly to business users and improves the user experience.

图5B示意性示出了根据本公开另一实施例的根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息的示例示意图。FIG5B schematically shows an example schematic diagram of determining gateway address information corresponding to a gateway identifier according to a target routing protocol and virtual network address information according to another embodiment of the present disclosure.

如图5B所示,在500B中,可以根据虚拟互联网协议地址信息507,配置第二资源池508。第二资源池508可以包括至少一个第二候选地址信息。至少一个第二候选地址信息可以包括第二候选地址信息508_1、第二候选地址信息508_2、…、第二候选地址信息508_q、…、第二候选地址信息508_Q。Q可以是大于或等于1的整数,q∈{1,2,…,(Q-1),Q}。As shown in FIG. 5B , in 500B, a second resource pool 508 may be configured according to the virtual Internet Protocol address information 507. The second resource pool 508 may include at least one second candidate address information. The at least one second candidate address information may include second candidate address information 508_1, second candidate address information 508_2, ..., second candidate address information 508_q, ..., second candidate address information 508_Q. Q may be an integer greater than or equal to 1, q∈{1, 2, ..., (Q-1), Q}.

可以在第二候选地址信息508_1、第二候选地址信息508_2、…、第二候选地址信息508_q、…、第二候选地址信息508_Q中确定目标地址信息509。根据等价多路径路由协议510,配置与目标地址信息509对应的等价路由信息511。将等价路由信息511确定为网关地址信息512。The target address information 509 can be determined from the second candidate address information 508_1, the second candidate address information 508_2, ..., the second candidate address information 508_q, ..., the second candidate address information 508_Q. According to the equal-cost multi-path routing protocol 510, the equal-cost routing information 511 corresponding to the target address information 509 is configured. The equal-cost routing information 511 is determined as the gateway address information 512.

根据本公开的实施例,根据目标网关集群信息,确定与目标网关对应的网关地址信息和与目标服务对应的服务端口信息可以包括如下操作。According to an embodiment of the present disclosure, determining the gateway address information corresponding to the target gateway and the service port information corresponding to the target service according to the target gateway cluster information may include the following operations.

根据目标网关集群信息,确定目标网关集群的网段范围。针对至 少一个网关中的每个网关,根据目标网关集群的网段范围,确定与网关对应的网关地址信息。针对与网关对应的至少一个服务中的每个服务,根据与网关对应的网关地址信息,确定与网关对应的服务的服务端口信息。Determine the network segment range of the target gateway cluster based on the target gateway cluster information. For each of the at least one gateway, determine the gateway address information corresponding to the gateway according to the network segment range of the target gateway cluster. For each of the at least one service corresponding to the gateway, determine the service port information of the service corresponding to the gateway according to the gateway address information corresponding to the gateway.

根据本公开的实施例,目标网关集群可以包括至少一个网关。至少一个网关中的每个网关可以各自对应有至少一个服务。至少一个网关可以各自对应有网关地址信息。至少一个服务可以各自对应有服务端口信息。According to an embodiment of the present disclosure, the target gateway cluster may include at least one gateway. Each of the at least one gateway may correspond to at least one service. The at least one gateway may correspond to gateway address information. The at least one service may correspond to service port information.

根据本公开的实施例,在获得目标网关集群信息之后,可以根据目标网关集群信息,确定目标网关集群的网段范围。网段范围可以使用W.X.Y.Z来表征。W、X、Y、Z∈[0,255]。例如,网段范围可以设置W∈[0,10]、X∈[0,10]、∈[0,10]、Z∈[0,255],即网段范围可以包括0.0.0.0~10.10.10.255范围内的互联网协议地址。在获得目标网关集群的网段范围之后,可以分别为至少一个网关中的每个网关确定与网关对应的网关地址信息。According to an embodiment of the present disclosure, after obtaining the target gateway cluster information, the network segment range of the target gateway cluster can be determined according to the target gateway cluster information. The network segment range can be characterized by W.X.Y.Z. W, X, Y, Z∈[0, 255]. For example, the network segment range can be set to W∈[0, 10], X∈[0, 10], ∈[0, 10], Z∈[0, 255], that is, the network segment range may include an Internet Protocol address in the range of 0.0.0.0 to 10.10.10.255. After obtaining the network segment range of the target gateway cluster, the gateway address information corresponding to the gateway can be determined for each gateway in at least one gateway.

根据本公开的实施例,至少一个第三键值关系可以是通过如下方式构建得到的。According to an embodiment of the present disclosure, at least one third key-value relationship may be constructed in the following manner.

针对至少一个第三键值关系中的每个第三键值关系,响应于接收到服务创建指令,获取服务标识、服务配置信息和网关标识。根据网关标识,确定与网关标识对应的网关地址信息。根据网关地址信息,确定与服务标识对应的服务端口信息。将服务端口信息确定为第三键信息。将服务配置信息确定为第三值信息。根据第三键信息和第三值信息,构建第三键值关系。For each third key-value relationship in at least one third key-value relationship, in response to receiving a service creation instruction, obtain a service identifier, service configuration information, and a gateway identifier. According to the gateway identifier, determine the gateway address information corresponding to the gateway identifier. According to the gateway address information, determine the service port information corresponding to the service identifier. Determine the service port information as the third key information. Determine the service configuration information as the third value information. Construct a third key-value relationship according to the third key information and the third value information.

根据本公开的实施例,第三预设映射关系可以包括至少一个第三键值关系。第三键值关系可以包括第三键信息和第三值信息。According to an embodiment of the present disclosure, the third preset mapping relationship may include at least one third key-value relationship. The third key-value relationship may include third key information and third value information.

根据本公开的实施例,Kubernetes集群可以在监听到存在新创建的服务的情况下,获取新创建的服务配置信息,并以此生成服务创建指令。服务配置信息可以包括以下至少之一:容器地址、服务域名、服务端口和服务注解信息。 According to an embodiment of the present disclosure, the Kubernetes cluster can obtain the newly created service configuration information when monitoring the existence of a newly created service, and generate a service creation instruction based on this. The service configuration information may include at least one of the following: container address, service domain name, service port, and service annotation information.

根据本公开的实施例,可以将生成服务创建指令的代码预先写入第二脚本中,响应于检测到目标用户利用目标终端发起的服务创建操作,目标终端可以运行该第二脚本,生成服务创建指令报文并将该报文发送至服务器,以便于服务器根据该报文创建服务。According to an embodiment of the present disclosure, the code for generating a service creation instruction can be pre-written into a second script. In response to detecting a service creation operation initiated by a target user using a target terminal, the target terminal can run the second script, generate a service creation instruction message and send the message to the server, so that the server can create a service based on the message.

根据本公开的实施例,可以根据网关标识,确定与网关标识对应的网关地址信息。根据网关地址信息,确定与服务标识对应的服务端口信息。在获得服务端口信息之后,可以根据服务端口信息和服务配置信息,创建第三键值关系。第三键值关系可以包括服务端口信息和服务配置信息之间的一一对应关系。According to an embodiment of the present disclosure, the gateway address information corresponding to the gateway identifier can be determined according to the gateway identifier. The service port information corresponding to the service identifier can be determined according to the gateway address information. After obtaining the service port information, a third key value relationship can be created according to the service port information and the service configuration information. The third key value relationship may include a one-to-one correspondence between the service port information and the service configuration information.

根据本公开的实施例,在此情况下,根据第三预设映射关系和服务端口信息,确定目标服务信息可以包括:根据服务端口信息和与至少一个第三键值关系各自对应的第三键信息,确定至少一个第二相似度。根据至少一个第二相似度,确定目标第三键信息。根据目标第三键信息,确定与目标第三值信息对应的目标第三值信息。根据与目标第三值信息对应的服务配置信息,确定目标服务信息。According to an embodiment of the present disclosure, in this case, determining the target service information according to the third preset mapping relationship and the service port information may include: determining at least one second similarity according to the service port information and the third key information corresponding to each of the at least one third key-value relationships. Determining the target third key information according to the at least one second similarity. Determining the target third value information corresponding to the target third value information according to the target third key information. Determining the target service information according to the service configuration information corresponding to the target third value information.

根据本公开的实施例,由于第三预设映射关系可以包括至少一个第三键值关系,第三键值关系是响应于接收到服务创建指令确定的,因而第三键值关系可以包括服务端口信息和服务配置信息之间的一一对应关系,有利于后续利用该第三预设映射关系自动确定目标服务信息,由此提高了目标服务信息确定的效率,进而提高了服务请求的处理的效率。According to an embodiment of the present disclosure, since the third preset mapping relationship may include at least one third key-value relationship, and the third key-value relationship is determined in response to receiving a service creation instruction, the third key-value relationship may include a one-to-one correspondence between service port information and service configuration information, which is beneficial for the subsequent use of the third preset mapping relationship to automatically determine the target service information, thereby improving the efficiency of determining the target service information, and further improving the efficiency of processing service requests.

图6示意性示出了根据本公开实施例的构建第三键值关系的示例示意图。FIG. 6 schematically shows an example schematic diagram of constructing a third key-value relationship according to an embodiment of the present disclosure.

如图6所示,在600中,响应于接收到服务创建指令601,可以获取网关服务配置信息601_1、网关标识601_2和服务标识601_3。As shown in FIG. 6 , in 600 , in response to receiving a service creation instruction 601 , gateway service configuration information 601_1 , a gateway identifier 601_2 , and a service identifier 601_3 may be acquired.

可以根据网关标识601_2,确定与网关标识601_2对应的网关地址信息602。根据网关地址信息602,确定与服务标识601_3对应的服务端口信息603。According to the gateway identifier 601_2, the gateway address information 602 corresponding to the gateway identifier 601_2 can be determined. According to the gateway address information 602, the service port information 603 corresponding to the service identifier 601_3 can be determined.

可以将服务端口信息603确定为第三键信息604。将网关服务配 置信息6011确定为第三值信息605。根据第三键信息604和第三值信息605,构建第三键值关系606。The service port information 603 can be determined as the third key information 604. The configuration information 6011 is determined as the third value information 605. According to the third key information 604 and the third value information 605, a third key-value relationship 606 is constructed.

根据本公开的实施例,操作S220可以包括如下操作。According to an embodiment of the present disclosure, operation S220 may include the following operations.

针对至少一个容器组地址信息中的每个容器组地址信息,根据容器组地址信息,建立与容器组之间的探测网络连接。在预定时段内接收到容器组发送的心跳探测包的情况下,确定容器组的运行状态属于正常运行状态。在预定时段内未接收到容器组发送的心跳探测包的情况下,确定容器组的运行状态属于异常运行状态。For each container group address information in the at least one container group address information, a detection network connection is established with the container group according to the container group address information. If a heartbeat detection packet sent by the container group is received within a predetermined period of time, it is determined that the running state of the container group is a normal running state. If a heartbeat detection packet sent by the container group is not received within the predetermined period of time, it is determined that the running state of the container group is an abnormal running state.

根据本公开的实施例,目标服务信息可以包括与至少一个容器组各自对应的容器组地址信息。According to an embodiment of the present disclosure, the target service information may include container group address information corresponding to each of the at least one container groups.

根据本公开的实施例,探测网络连接可以用于表征gatewayContrller和容器组之间的短连接。短连接可以指在数据传送过程中,只在需要发送数据的情况下,才去建立一个连接,数据发送完成后则断开此连接,即每次连接只完成一项业务的发送。在建立探测网络连接之后,可以基于探测网络连接向容器组发送的心跳探测包。According to an embodiment of the present disclosure, the detection network connection can be used to characterize a short connection between a gatewayContrller and a container group. A short connection can mean that during data transmission, a connection is established only when data needs to be sent, and the connection is disconnected after the data is sent, that is, each connection only completes the sending of one service. After the detection network connection is established, a heartbeat detection packet can be sent to the container group based on the detection network connection.

根据本公开的实施例,心跳探测包可以指在gatewayContrller和容器组之间定时通知对方各自状态的自定义命令字,心跳探测包可以按照预定时段间隔发送。预定时段可以根据实际业务需求进行设置,在此不作限定。预定时段可以为预先设置好的探测时间区间,例如,预定时段可以设置为30分钟。According to an embodiment of the present disclosure, a heartbeat detection packet may refer to a custom command word that periodically notifies each other of the status of the gatewayContrller and the container group, and the heartbeat detection packet may be sent at a predetermined time interval. The predetermined time period may be set according to actual business needs and is not limited here. The predetermined time period may be a pre-set detection time interval, for example, the predetermined time period may be set to 30 minutes.

根据本公开的实施例,操作S230可以包括如下操作。According to an embodiment of the present disclosure, operation S230 may include the following operations.

响应于容器组的运行状态属于正常运行状态,将容器组确定为目标容器组。In response to the running state of the container group being a normal running state, the container group is determined as a target container group.

根据本公开的实施例,异常运行状态可以是在预定时段内未接收到容器组发送的心跳探测包的情况下确定的。正常运行状态可以是在预定时段内接收到容器组发送的心跳探测包的情况下确定的。可以将运行状态为正常运行状态的容器组确定为目标容器组。According to an embodiment of the present disclosure, the abnormal operation state may be determined when a heartbeat detection packet sent by the container group is not received within a predetermined period of time. The normal operation state may be determined when a heartbeat detection packet sent by the container group is received within a predetermined period of time. The container group whose operation state is the normal operation state may be determined as the target container group.

图7示意性示出了根据本公开实施例的根据目标网关集群信息、目标网关信息和目标服务信息,确定与目标服务对应的至少一个容器 组各自的运行状态的示例示意图。FIG. 7 schematically shows a method for determining at least one container corresponding to a target service according to target gateway cluster information, target gateway information, and target service information according to an embodiment of the present disclosure. Example diagram of the operating status of each group.

如图7所示,在700中,针对至少一个容器组地址信息中的每个容器组地址信息701,可以根据容器组地址信息701,建立与容器组之间的探测网络连接702。在建立探测网络连接702之后,可以执行操作S710。As shown in Fig. 7, in 700, for each container group address information 701 in at least one container group address information, a detection network connection 702 with the container group may be established according to the container group address information 701. After the detection network connection 702 is established, operation S710 may be performed.

在操作S710,预定时段内接收到容器组发送的心跳探测包?In operation S710, is a heartbeat detection packet sent by the container group received within a predetermined period of time?

若是,则可以确定容器组的运行状态属于正常运行状态703。If so, it can be determined that the running state of the container group belongs to the normal running state 703.

若否,则可以确定容器组的运行状态属于异常运行状态704。If not, it can be determined that the running state of the container group is in an abnormal running state 704.

根据本公开的实施例,操作S240可以包括如下操作。According to an embodiment of the present disclosure, operation S240 may include the following operations.

确定与目标容器组对应的目标容器组地址信息。根据目标容器组地址信息,建立与目标容器组之间的实际网络连接。基于实际网络连接,将待处理服务请求发送至目标容器组。Determine the target container group address information corresponding to the target container group. Establish an actual network connection with the target container group according to the target container group address information. Send the pending service request to the target container group based on the actual network connection.

根据本公开的实施例,可以根据目标容器组地址信息,建立与目标容器组之间的实际网络连接。实际网络连接可以用于表征gatewayContrller和目标容器组之间的长连接。长连接可以指一个连接上能够连续发送多个数据包的连接。在建立实际网络连接之后,可以基于应用层协议通过该实际网络连接将待处理网关服务请求发送至目标容器组。According to an embodiment of the present disclosure, an actual network connection with the target container group can be established based on the target container group address information. The actual network connection can be used to characterize a long connection between the gatewayContrller and the target container group. A long connection can refer to a connection on which multiple data packets can be continuously sent. After the actual network connection is established, the to-be-processed gateway service request can be sent to the target container group through the actual network connection based on the application layer protocol.

根据本公开的实施例,应用层协议可以包括以下至少之一:基于传输控制协议的全双工通信协议(WebSocket)、超文本传输协议(HyperText Transfer Protocol,HTTP)和消息队列遥测传输协议(Message Queuing Telemetry Transport,MQTT)。According to an embodiment of the present disclosure, the application layer protocol may include at least one of the following: a full-duplex communication protocol based on the transmission control protocol (WebSocket), a hypertext transfer protocol (HTTP), and a message queuing telemetry transport protocol (MQTT).

图8示意性示出了根据本公开实施例的网关服务请求的处理方法的示例示意图。FIG8 schematically shows an example diagram of a method for processing a gateway service request according to an embodiment of the present disclosure.

如图8所示,操作S801~操作S814示意性示出了网关服务请求的处理方法的示意图。As shown in FIG. 8 , operations S801 to S814 schematically illustrate a method for processing a gateway service request.

在操作S801,k8s运维可以创建网关集群。In operation S801, k8s operation and maintenance can create a gateway cluster.

在操作S802,k8s运维可以将网关集群标识指向本系统组件。In operation S802, the k8s operation and maintenance can point the gateway cluster identifier to the system component.

在操作S803,k8s运维可以将网关集群授权给业务运维。 In operation S803, k8s operation and maintenance can authorize the gateway cluster to business operation and maintenance.

在操作S804,业务运维可以创建网关。In operation S804, the business operation and maintenance may create a gateway.

在操作S805,业务运维可以将网关标识指向k8s运维的网关集群。In operation S805, the business operation and maintenance can point the gateway identifier to the gateway cluster of k8s operation and maintenance.

在操作S806,k8s运维的网关集群可以为网关分配网关地址信息。In operation S806, the gateway cluster operated and maintained by k8s can allocate gateway address information to the gateway.

在操作S807,k8s运维可以向业务运维发送网关地址信息。In operation S807, k8s operation and maintenance can send gateway address information to business operation and maintenance.

在操作S808,业务运维可以接收网关地址信息。In operation S808, the service operation and maintenance may receive gateway address information.

在操作S809,业务运维可以将网关授权给业务用户。In operation S809, the business operation and maintenance may authorize the gateway to the business user.

在操作S810,业务用户可以创建服务。In operation S810 , a business user may create a service.

在操作S811,业务用户可以将服务标识指向网关。In operation S811 , the service user may point the service identifier to the gateway.

在操作S812,业务运维的网关可以为服务分配服务端口信息。In operation S812, the service operation and maintenance gateway may allocate service port information for the service.

在操作S813,业务运维可以向业务用户发送服务端口信息。In operation S813, the service operation and maintenance may send the service port information to the service user.

在操作S814,业务用户可以接收服务端口信息。In operation S814, the service user may receive service port information.

以上仅是示例性实施例,但不限于此,还可以包括本领域已知的其他网关服务请求的处理方法,只要能够提高请求处理的稳定性,保障资源和服务的高可用即可。The above are only exemplary embodiments, but are not limited thereto, and may also include other gateway service request processing methods known in the art, as long as they can improve the stability of request processing and ensure high availability of resources and services.

图9示意性示出了根据本公开实施例的云原生网关系统的管理方法的流程图。FIG9 schematically shows a flow chart of a method for managing a cloud-native gateway system according to an embodiment of the present disclosure.

如图9所示,该云原生网关系统的管理方法900包括操作S910~S920。As shown in FIG. 9 , the management method 900 of the cloud native gateway system includes operations S910 to S920 .

在操作S910,利用网关服务请求的处理方法,处理目标网关服务请求,得到处理结果,其中,目标网关服务请求包括目标网关服务配置信息,目标网关服务配置信息与云原生网关系统相关联。In operation S910, a target gateway service request is processed using a gateway service request processing method to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with a cloud native gateway system.

在操作S920,根据处理结果,对云原生网关系统进行管理。In operation S920, the cloud native gateway system is managed according to the processing result.

图10示意性示出了根据本公开的实施例的网关服务请求的处理装置的框图。FIG10 schematically shows a block diagram of a device for processing a gateway service request according to an embodiment of the present disclosure.

如图10所示,服务请求的处理装置1000可以包括第一确定模块1010、第二确定模块1020、第三确定模块1030和发送模块1040。As shown in FIG. 10 , the service request processing device 1000 may include a first determination module 1010 , a second determination module 1020 , a third determination module 1030 and a sending module 1040 .

第一确定模块1010,用于响应于接收到待处理服务请求,根据预设映射关系和待处理服务请求中的待处理服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息。 The first determination module 1010 is used to determine, in response to receiving a pending service request, the target gateway cluster information corresponding to the target gateway cluster, the target gateway information corresponding to the target gateway, and the target service information corresponding to the target service according to a preset mapping relationship and the pending service configuration information in the pending service request.

第二确定模块1020,用于根据目标网关集群信息、目标网关信息和目标服务信息,确定与目标服务对应的至少一个容器组各自的运行状态。The second determination module 1020 is used to determine the respective running status of at least one container group corresponding to the target service according to the target gateway cluster information, the target gateway information and the target service information.

第三确定模块1030,用于根据与目标服务对应的至少一个容器组各自的运行状态,在至少一个容器组中确定目标容器组。The third determining module 1030 is configured to determine a target container group in the at least one container group according to the respective running states of the at least one container group corresponding to the target service.

发送模块1040,用于将待处理服务请求发送至目标容器组,以便于目标容器组对待处理服务请求进行处理。The sending module 1040 is used to send the pending service request to the target container group, so that the target container group can process the pending service request.

根据本公开的实施例,第一确定模块1010可以包括第一确定子模块、第二确定子模块、第三确定子模块、第四确定子模块和第五确定子模块。According to an embodiment of the present disclosure, the first determination module 1010 may include a first determination submodule, a second determination submodule, a third determination submodule, a fourth determination submodule, and a fifth determination submodule.

第一确定子模块,用于根据待处理服务配置信息,确定目标虚拟互联网协议地址信息。The first determination submodule is used to determine target virtual Internet Protocol address information according to the service configuration information to be processed.

第二确定子模块,用于根据第一预设映射关系和目标虚拟互联网协议地址信息,确定与目标网关集群对应的目标网关集群信息。The second determining submodule is used to determine the target gateway cluster information corresponding to the target gateway cluster according to the first preset mapping relationship and the target virtual Internet Protocol address information.

第三确定子模块,用于根据目标网关集群信息,确定与目标网关对应的网关地址信息和与目标服务对应的服务端口信息。The third determination submodule is used to determine the gateway address information corresponding to the target gateway and the service port information corresponding to the target service according to the target gateway cluster information.

第四确定子模块,用于根据第二预设映射关系和网关地址信息,确定目标网关信息。The fourth determining submodule is used to determine the target gateway information according to the second preset mapping relationship and the gateway address information.

第五确定子模块,用于根据第三预设映射关系和服务端口信息,确定目标服务信息。The fifth determining submodule is used to determine the target service information according to the third preset mapping relationship and the service port information.

根据本公开的实施例,目标网关集群包括至少一个网关,至少一个网关中的每个网关各自对应有至少一个服务,至少一个网关各自对应有网关地址信息,至少一个服务各自对应有服务端口信息。According to an embodiment of the present disclosure, the target gateway cluster includes at least one gateway, each of the at least one gateway corresponds to at least one service, the at least one gateway corresponds to gateway address information, and the at least one service corresponds to service port information.

根据本公开的实施例,第三确定子模块可以包括第一确定单元、第二确定单元和第三确定单元。According to an embodiment of the present disclosure, the third determining submodule may include a first determining unit, a second determining unit, and a third determining unit.

第一确定单元,用于根据目标网关集群信息,确定目标网关集群的网段范围。The first determining unit is used to determine the network segment range of the target gateway cluster according to the target gateway cluster information.

第二确定单元,用于针对至少一个网关中的每个网关,根据目标网关集群的网段范围,确定与网关对应的网关地址信息。 The second determining unit is configured to determine, for each gateway of the at least one gateway, gateway address information corresponding to the gateway according to a network segment range of the target gateway cluster.

第三确定单元,用于针对与网关对应的至少一个服务中的每个服务,根据与网关对应的网关地址信息,确定与网关对应的服务的服务端口信息。The third determining unit is configured to determine, for each service of at least one service corresponding to the gateway, service port information of the service corresponding to the gateway according to the gateway address information corresponding to the gateway.

根据本公开的实施例,第一确定子模块可以包括处理单元和第四确定单元。According to an embodiment of the present disclosure, the first determining submodule may include a processing unit and a fourth determining unit.

处理单元,用于响应于接收到待处理服务请求,对待处理服务配置信息进行解析处理,得到与待处理服务请求对应的域名信息。The processing unit is used to parse the service configuration information to be processed in response to receiving the service request to be processed, and obtain the domain name information corresponding to the service request to be processed.

第四确定单元,用于根据域名信息,确定目标虚拟网络地址信息。The fourth determining unit is used to determine the target virtual network address information according to the domain name information.

根据本公开的实施例,第二预设映射关系包括至少一个第二键值关系,第二键值关系包括第二键信息和第二值信息,至少一个第二键值关系可以是通过如下方式构建得到的。According to an embodiment of the present disclosure, the second preset mapping relationship includes at least one second key-value relationship, the second key-value relationship includes second key information and second value information, and the at least one second key-value relationship can be constructed in the following manner.

针对至少一个第二键值关系中的每个第二键值关系,响应于接收到网关创建指令,获取网关标识、网关配置信息和网关集群标识。根据网关集群标识,确定与网关集群标识对应的虚拟网络地址信息。根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息。将网关地址信息确定为第二键信息。将网关配置信息确定为第二值信息。根据第二键信息和第二值信息,构建第二键值关系。For each second key-value relationship in at least one second key-value relationship, in response to receiving a gateway creation instruction, a gateway identifier, gateway configuration information, and a gateway cluster identifier are obtained. According to the gateway cluster identifier, virtual network address information corresponding to the gateway cluster identifier is determined. According to the target routing protocol and the virtual network address information, the gateway address information corresponding to the gateway identifier is determined. The gateway address information is determined as the second key information. The gateway configuration information is determined as the second value information. A second key-value relationship is constructed according to the second key information and the second value information.

根据本公开的实施例,在目标路由协议为边界网关协议的情况下,根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息,可以包括:According to an embodiment of the present disclosure, when the target routing protocol is a border gateway protocol, determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include:

根据虚拟互联网协议地址信息,配置第一资源池,其中,第一资源池包括至少一个第一候选地址信息。根据第一资源池,在至少一个第一候选地址信息中确定目标地址信息。根据边界网关协议,经由任意两个前端代理发布目标地址信息,以便于将目标地址信息确定为网关地址信息。According to the virtual Internet Protocol address information, a first resource pool is configured, wherein the first resource pool includes at least one first candidate address information. According to the first resource pool, target address information is determined in the at least one first candidate address information. According to the border gateway protocol, the target address information is published via any two front-end proxies so as to determine the target address information as the gateway address information.

根据本公开的实施例,在目标路由协议为等价多路径路由协议的情况下,根据目标路由协议和虚拟网络地址信息,确定与网关标识对应的网关地址信息,可以包括:According to an embodiment of the present disclosure, when the target routing protocol is an equal-cost multi-path routing protocol, determining the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information may include:

根据虚拟互联网协议地址信息,配置第二资源池,其中,第二资 源池包括至少一个第二候选地址信息。根据第二资源池,在至少一个第二候选地址信息中确定目标地址信息。根据等价多路径路由协议,配置与目标地址信息对应的等价路由信息。将等价路由信息确定为网关地址信息。According to the virtual Internet Protocol address information, a second resource pool is configured, wherein the second resource The source pool includes at least one second candidate address information. According to the second resource pool, the target address information is determined in the at least one second candidate address information. According to the equal-cost multi-path routing protocol, the equal-cost routing information corresponding to the target address information is configured. The equal-cost routing information is determined as the gateway address information.

根据本公开的实施例,第三预设映射关系包括至少一个第三键值关系,第三键值关系包括第三键信息和第三值信息,至少一个第三键值关系可以是通过如下方式构建得到的。According to an embodiment of the present disclosure, the third preset mapping relationship includes at least one third key-value relationship, the third key-value relationship includes third key information and third value information, and the at least one third key-value relationship can be constructed in the following manner.

针对至少一个第三键值关系中的每个第三键值关系,响应于接收到服务创建指令,获取服务标识、服务配置信息和网关标识。根据网关标识,确定与网关标识对应的网关地址信息。根据网关地址信息,确定与服务标识对应的服务端口信息。将服务端口信息确定为第三键信息。将服务配置信息确定为第三值信息。根据第三键信息和第三值信息,构建第三键值关系。For each third key-value relationship in at least one third key-value relationship, in response to receiving a service creation instruction, obtain a service identifier, service configuration information, and a gateway identifier. According to the gateway identifier, determine the gateway address information corresponding to the gateway identifier. According to the gateway address information, determine the service port information corresponding to the service identifier. Determine the service port information as the third key information. Determine the service configuration information as the third value information. Construct a third key-value relationship according to the third key information and the third value information.

根据本公开的实施例,目标服务信息包括与至少一个容器组各自对应的容器组地址信息。According to an embodiment of the present disclosure, the target service information includes container group address information corresponding to at least one container group.

根据本公开的实施例,第二确定模块1020可以包括第一建立子模块、第六确定子模块和第七确定子模块。According to an embodiment of the present disclosure, the second determining module 1020 may include a first establishing submodule, a sixth determining submodule and a seventh determining submodule.

第一建立子模块,用于针对至少一个容器组地址信息中的每个容器组地址信息,根据容器组地址信息,建立与容器组之间的探测网络连接。The first establishing submodule is used to establish a detection network connection with the container group according to the container group address information for each container group address information in the at least one container group address information.

第六确定子模块,用于在预定时段内接收到容器组发送的心跳探测包的情况下,确定容器组的运行状态属于正常运行状态。The sixth determining submodule is configured to determine that the running state of the container group is a normal running state when a heartbeat detection packet sent by the container group is received within a predetermined period of time.

第七确定子模块,用于在预定时段内未接收到容器组发送的心跳探测包的情况下,确定容器组的运行状态属于异常运行状态。The seventh determining submodule is configured to determine that the running state of the container group is in an abnormal running state when no heartbeat detection packet sent by the container group is received within a predetermined period of time.

根据本公开的实施例,第三确定模块1030可以包括第八确定子模块。According to an embodiment of the present disclosure, the third determining module 1030 may include an eighth determining submodule.

第八确定子模块,用于响应于容器组的运行状态属于正常运行状态,将容器组确定为目标容器组。The eighth determining submodule is configured to determine the container group as a target container group in response to the running state of the container group being in a normal running state.

根据本公开的实施例,发送模块1040可以包括第九确定子模块、 第二建立子模块和发送子模块。According to an embodiment of the present disclosure, the sending module 1040 may include a ninth determining submodule, The second is to establish a submodule and a sending submodule.

第九确定子模块,用于确定与目标容器组对应的目标容器组地址信息。The ninth determining submodule is configured to determine target container group address information corresponding to the target container group.

第二建立子模块,用于根据目标容器组地址信息,建立与目标容器组之间的实际网络连接。The second establishing submodule is used to establish an actual network connection with the target container group according to the address information of the target container group.

发送子模块,用于基于实际网络连接,将待处理服务请求发送至目标容器组。The sending submodule is used to send the pending service request to the target container group based on the actual network connection.

图11示意性示出了根据本公开的实施例的网关服务请求的处理装置的框图。FIG11 schematically shows a block diagram of a device for processing a gateway service request according to an embodiment of the present disclosure.

如图11所示,云原生网关系统的管理装置1100可以包括处理模块1110和管理模块1120。As shown in FIG. 11 , the management device 1100 of the cloud-native gateway system may include a processing module 1110 and a management module 1120 .

处理模块1110,用于利用网关服务请求的处理装置,处理目标网关服务请求,得到处理结果,其中,目标网关服务请求包括目标网关服务配置信息,目标网关服务配置信息与云原生网关系统相关联。The processing module 1110 is used to utilize the processing device of the gateway service request to process the target gateway service request and obtain the processing result, wherein the target gateway service request includes the target gateway service configuration information, and the target gateway service configuration information is associated with the cloud native gateway system.

管理模块1120,用于根据处理结果,对云原生网关系统进行管理。The management module 1120 is used to manage the cloud native gateway system according to the processing results.

根据本公开的实施例的模块、子模块、单元、子单元中的任意多个、或其中任意多个的至少部分功能可以在一个模块中实现。根据本公开实施例的模块、子模块、单元、子单元中的任意一个或多个可以被拆分成多个模块来实现。根据本公开实施例的模块、子模块、单元、子单元中的任意一个或多个可以至少被部分地实现为硬件电路,例如现场可编程门阵列(FPGA)、可编程逻辑阵列(PLA)、片上系统、基板上的系统、封装上的系统、专用集成电路(ASIC),或可以通过对电路进行集成或封装的任何其他的合理方式的硬件或固件来实现,或以软件、硬件以及固件三种实现方式中任意一种或以其中任意几种的适当组合来实现。或者,根据本公开实施例的模块、子模块、单元、子单元中的一个或多个可以至少被部分地实现为计算机程序模块,当该计算机程序模块被运行时,可以执行相应的功能。According to the embodiments of the present invention, any one or more of the modules, submodules, units, and subunits, or at least part of the functions of any one of them can be implemented in one module. According to the embodiments of the present invention, any one or more of the modules, submodules, units, and subunits can be split into multiple modules for implementation. According to the embodiments of the present invention, any one or more of the modules, submodules, units, and subunits can be at least partially implemented as hardware circuits, such as field programmable gate arrays (FPGAs), programmable logic arrays (PLAs), systems on chips, systems on substrates, systems on packages, application specific integrated circuits (ASICs), or can be implemented by hardware or firmware in any other reasonable way of integrating or packaging the circuit, or implemented in any one of the three implementation methods of software, hardware, and firmware, or in any appropriate combination of any of them. Alternatively, according to the embodiments of the present invention, one or more of the modules, submodules, units, and subunits can be at least partially implemented as computer program modules, and when the computer program modules are run, the corresponding functions can be performed.

例如,第一确定模块1010、第二确定模块1020、第三确定模块1030和发送模块1040中的任意多个可以合并在一个模块/单元/子单元中实现, 或者其中的任意一个模块/单元/子单元可以被拆分成多个模块/单元/子单元。或者,这些模块/单元/子单元中的一个或多个模块/单元/子单元的至少部分功能可以与其他模块/单元/子单元的至少部分功能相结合,并在一个模块/单元/子单元中实现。根据本公开的实施例,第一确定模块1010、第二确定模块1020、第三确定模块1030和发送模块1040中的至少一个可以至少被部分地实现为硬件电路,例如现场可编程门阵列(FPGA)、可编程逻辑阵列(PLA)、片上系统、基板上的系统、封装上的系统、专用集成电路(ASIC),或可以通过对电路进行集成或封装的任何其他的合理方式等硬件或固件来实现,或以软件、硬件以及固件三种实现方式中任意一种或以其中任意几种的适当组合来实现。或者,第一确定模块1010、第二确定模块1020、第三确定模块1030和发送模块1040中的至少一个可以至少被部分地实现为计算机程序模块,当该计算机程序模块被运行时,可以执行相应的功能。For example, any multiple of the first determination module 1010, the second determination module 1020, the third determination module 1030 and the sending module 1040 may be combined into one module/unit/sub-unit for implementation. Or any one of the modules/units/subunits can be split into multiple modules/units/subunits. Or, at least part of the functions of one or more modules/units/subunits in these modules/units/subunits can be combined with at least part of the functions of other modules/units/subunits and implemented in one module/unit/subunit. According to an embodiment of the present disclosure, at least one of the first determination module 1010, the second determination module 1020, the third determination module 1030 and the sending module 1040 can be at least partially implemented as a hardware circuit, such as a field programmable gate array (FPGA), a programmable logic array (PLA), a system on a chip, a system on a substrate, a system on a package, an application specific integrated circuit (ASIC), or can be implemented by hardware or firmware such as any other reasonable way of integrating or packaging the circuit, or by any one of the three implementation methods of software, hardware and firmware or by a suitable combination of any of them. Alternatively, at least one of the first determination module 1010 , the second determination module 1020 , the third determination module 1030 and the sending module 1040 may be at least partially implemented as a computer program module, and when the computer program module is executed, a corresponding function may be performed.

需要说明的是,本公开的实施例中网关服务请求的处理装置部分与本公开的实施例中网关服务请求的处理方法部分是相对应的,网关服务请求的处理装置部分的描述具体参考网关服务请求的处理方法部分,在此不再赘述。It should be noted that the processing device part of the gateway service request in the embodiment of the present disclosure corresponds to the processing method part of the gateway service request in the embodiment of the present disclosure. The description of the processing device part of the gateway service request specifically refers to the processing method part of the gateway service request, which will not be repeated here.

例如,处理模块1110和管理模块1120中的任意多个可以合并在一个模块/单元/子单元中实现,或者其中的任意一个模块/单元/子单元可以被拆分成多个模块/单元/子单元。或者,这些模块/单元/子单元中的一个或多个模块/单元/子单元的至少部分功能可以与其他模块/单元/子单元的至少部分功能相结合,并在一个模块/单元/子单元中实现。根据本公开的实施例,处理模块1110和管理模块1120中的至少一个可以至少被部分地实现为硬件电路,例如现场可编程门阵列(FPGA)、可编程逻辑阵列(PLA)、片上系统、基板上的系统、封装上的系统、专用集成电路(ASIC),或可以通过对电路进行集成或封装的任何其他的合理方式等硬件或固件来实现,或以软件、硬件以及固件三种实现方式中任意一种或以其中任意几种的适当组合来实现。或者,处理模块1110和管理模块1120中的至少一个可以至少被部分地实现为计算机程序模块, 当该计算机程序模块被运行时,可以执行相应的功能。For example, any multiple of the processing modules 1110 and the management modules 1120 may be combined in one module/unit/sub-unit for implementation, or any one of the modules/units/sub-units may be split into multiple modules/units/sub-units. Alternatively, at least part of the functions of one or more of these modules/units/sub-units may be combined with at least part of the functions of other modules/units/sub-units and implemented in one module/unit/sub-unit. According to an embodiment of the present disclosure, at least one of the processing modules 1110 and the management modules 1120 may be at least partially implemented as a hardware circuit, such as a field programmable gate array (FPGA), a programmable logic array (PLA), a system on a chip, a system on a substrate, a system on a package, an application specific integrated circuit (ASIC), or may be implemented by hardware or firmware such as any other reasonable way of integrating or packaging the circuit, or may be implemented in any one of the three implementation methods of software, hardware, and firmware, or in an appropriate combination of any of them. Alternatively, at least one of the processing modules 1110 and the management modules 1120 may be at least partially implemented as a computer program module, When the computer program module is executed, the corresponding function can be executed.

需要说明的是,本公开的实施例中云原生网关系统的管理装置部分与本公开的实施例中云原生网关系统的管理方法部分是相对应的,云原生网关系统的管理装置部分的描述具体参考云原生网关系统的管理方法部分,在此不再赘述。It should be noted that the management device part of the cloud native gateway system in the embodiment of the present disclosure corresponds to the management method part of the cloud native gateway system in the embodiment of the present disclosure. The description of the management device part of the cloud native gateway system specifically refers to the management method part of the cloud native gateway system, which will not be repeated here.

图12示意性示出了根据本公开实施例的适于实现网关服务请求的处理方法、云原生网关系统的管理方法的电子设备的框图。图12示出的电子设备仅仅是一个示例,不应对本公开实施例的功能和使用范围带来任何限制。Figure 12 schematically shows a block diagram of an electronic device suitable for implementing a method for processing a gateway service request and a method for managing a cloud native gateway system according to an embodiment of the present disclosure. The electronic device shown in Figure 12 is only an example and should not impose any limitations on the functions and scope of use of the embodiment of the present disclosure.

如图12所示,根据本公开实施例的计算机电子设备1200包括处理器1201,其可以根据存储在只读存储器(ROM)1202中的程序或者从存储部分1209加载到随机访问存储器(RAM)1203中的程序而执行各种适当的动作和处理。处理器1201例如可以包括通用微处理器(例如CPU)、指令集处理器和/或相关芯片组和/或专用微处理器(例如,专用集成电路(ASIC)),等等。处理器1201还可以包括用于缓存用途的板载存储器。处理器1201可以包括用于执行根据本公开实施例的方法流程的不同动作的单一处理单元或者是多个处理单元。As shown in FIG12 , a computer electronic device 1200 according to an embodiment of the present disclosure includes a processor 1201, which can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) 1202 or a program loaded from a storage portion 1209 into a random access memory (RAM) 1203. The processor 1201 may, for example, include a general-purpose microprocessor (e.g., a CPU), an instruction set processor and/or a related chipset and/or a dedicated microprocessor (e.g., an application-specific integrated circuit (ASIC)), etc. The processor 1201 may also include an onboard memory for caching purposes. The processor 1201 may include a single processing unit or multiple processing units for performing different actions of the method flow according to an embodiment of the present disclosure.

在RAM 1203中,存储有电子设备1200操作所需的各种程序和数据。处理器1201、ROM 1202以及RAM 1203通过总线1204彼此相连。处理器1201通过执行ROM 1202和/或RAM 1203中的程序来执行根据本公开实施例的方法流程的各种操作。需要注意,所述程序也可以存储在除ROM 1202和RAM 1203以外的一个或多个存储器中。处理器1201也可以通过执行存储在所述一个或多个存储器中的程序来执行根据本公开实施例的方法流程的各种操作。In RAM 1203, various programs and data required for the operation of electronic device 1200 are stored. Processor 1201, ROM 1202 and RAM 1203 are connected to each other through bus 1204. Processor 1201 performs various operations of the method flow according to the embodiment of the present disclosure by executing the program in ROM 1202 and/or RAM 1203. It should be noted that the program can also be stored in one or more memories other than ROM 1202 and RAM 1203. Processor 1201 can also perform various operations of the method flow according to the embodiment of the present disclosure by executing the program stored in the one or more memories.

根据本公开的实施例,电子设备1200还可以包括输入/输出(I/O)接口1205,输入/输出(I/O)接口1205也连接至总线1204。电子设备1200还可以包括连接至I/O接口1205的以下部件中的一项或多项:包括键盘、鼠标等的输入部分1206;包括诸如阴极射线管(CRT)、液晶显示器(LCD)等以及扬声器等的输出部分1207;包括硬盘等的存储部 分1208;以及包括诸如LAN卡、调制解调器等的网络接口卡的通信部分1209。通信部分1209经由诸如因特网的网络执行通信处理。驱动器1210也根据需要连接至I/O接口1205。可拆卸介质1211,诸如磁盘、光盘、磁光盘、半导体存储器等等,根据需要安装在驱动器1210上,以便于从其上读出的计算机程序根据需要被安装入存储部分1208。According to an embodiment of the present disclosure, the electronic device 1200 may further include an input/output (I/O) interface 1205, which is also connected to the bus 1204. The electronic device 1200 may further include one or more of the following components connected to the I/O interface 1205: an input portion 1206 including a keyboard, a mouse, etc.; an output portion 1207 including a cathode ray tube (CRT), a liquid crystal display (LCD), etc., and a speaker, etc.; a storage portion 1208 including a hard disk, etc. The storage unit 1208 includes a communication unit 1209 including a network interface card such as a LAN card, a modem, etc. The communication unit 1209 performs communication processing via a network such as the Internet. A drive 1210 is also connected to the I/O interface 1205 as needed. A removable medium 1211, such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, etc., is installed on the drive 1210 as needed, so that a computer program read therefrom is installed into the storage unit 1208 as needed.

根据本公开的实施例,根据本公开实施例的方法流程可以被实现为计算机软件程序。例如,本公开的实施例包括一种计算机程序产品,其包括承载在计算机可读存储介质上的计算机程序,该计算机程序包含用于执行流程图所示的方法的程序代码。在这样的实施例中,该计算机程序可以通过通信部分1209从网络上被下载和安装,和/或从可拆卸介质1211被安装。在该计算机程序被处理器1201执行时,执行本公开实施例的系统中限定的上述功能。根据本公开的实施例,上文描述的系统、设备、装置、模块、单元等可以通过计算机程序模块来实现。According to an embodiment of the present disclosure, the method flow according to an embodiment of the present disclosure can be implemented as a computer software program. For example, an embodiment of the present disclosure includes a computer program product, which includes a computer program carried on a computer-readable storage medium, and the computer program contains a program code for executing the method shown in the flowchart. In such an embodiment, the computer program can be downloaded and installed from the network through the communication part 1209, and/or installed from the removable medium 1211. When the computer program is executed by the processor 1201, the above-mentioned functions defined in the system of the embodiment of the present disclosure are executed. According to an embodiment of the present disclosure, the system, equipment, device, module, unit, etc. described above can be implemented by a computer program module.

本公开还提供了一种计算机可读存储介质,该计算机可读存储介质可以是上述实施例中描述的设备/装置/系统中所包含的;也可以是单独存在,而未装配入该设备/装置/系统中。上述计算机可读存储介质承载有一个或者多个程序,当上述一个或者多个程序被执行时,实现根据本公开实施例的方法。The present disclosure also provides a computer-readable storage medium, which may be included in the device/apparatus/system described in the above embodiments; or may exist independently without being assembled into the device/apparatus/system. The above computer-readable storage medium carries one or more programs, and when the above one or more programs are executed, the method according to the embodiment of the present disclosure is implemented.

根据本公开的实施例,计算机可读存储介质可以是非易失性的计算机可读存储介质。例如可以包括但不限于:便携式计算机磁盘、硬盘、随机访问存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、便携式紧凑磁盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。在本公开中,计算机可读存储介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。According to an embodiment of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium. For example, it may include, but is not limited to: a portable computer disk, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination thereof. In the present disclosure, a computer-readable storage medium may be any tangible medium containing or storing a program that may be used by or in combination with an instruction execution system, apparatus, or device.

例如,根据本公开的实施例,计算机可读存储介质可以包括上文描述的ROM 1202和/或RAM 1203和/或ROM 1202和RAM 1203以外的一个或多个存储器。For example, according to an embodiment of the present disclosure, the computer-readable storage medium may include the ROM 1202 and/or RAM 1203 described above and/or one or more memories other than ROM 1202 and RAM 1203.

本公开的实施例还包括一种计算机程序产品,其包括计算机程序, 该计算机程序包含用于执行本公开实施例所提供的方法的程序代码,当计算机程序产品在电子设备上运行时,该程序代码用于使电子设备实现本公开实施例所提供的网关服务请求的处理方法、云原生网关系统的管理方法。Embodiments of the present disclosure also include a computer program product, which includes a computer program, The computer program includes program code for executing the method provided by the embodiment of the present disclosure. When the computer program product is running on an electronic device, the program code is used to enable the electronic device to implement the method for processing gateway service requests and the method for managing a cloud-native gateway system provided by the embodiment of the present disclosure.

在该计算机程序被处理器1201执行时,执行本公开实施例的系统/装置中限定的上述功能。根据本公开的实施例,上文描述的系统、装置、模块、单元等可以通过计算机程序模块来实现。When the computer program is executed by the processor 1201, the above functions defined in the system/device of the embodiment of the present disclosure are executed. According to the embodiment of the present disclosure, the system, device, module, unit, etc. described above can be implemented by a computer program module.

在一种实施例中,该计算机程序可以依托于光存储器件、磁存储器件等有形存储介质。在另一种实施例中,该计算机程序也可以在网络介质上以信号的形式进行传输、分发,并通过通信部分1209被下载和安装,和/或从可拆卸介质1211被安装。该计算机程序包含的程序代码可以用任何适当的网络介质传输,包括但不限于:无线、有线等等,或者上述的任意合适的组合。In one embodiment, the computer program may rely on tangible storage media such as optical storage devices, magnetic storage devices, etc. In another embodiment, the computer program may also be transmitted and distributed in the form of signals on a network medium, and downloaded and installed through the communication part 1209, and/or installed from the removable medium 1211. The program code contained in the computer program may be transmitted using any appropriate network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the above.

根据本公开的实施例,可以以一种或多种程序设计语言的任意组合来编写用于执行本公开实施例提供的计算机程序的程序代码,具体地,可以利用高级过程和/或面向对象的编程语言、和/或汇编/机器语言来实施这些计算程序。程序设计语言包括但不限于诸如Java,C++,python,“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算设备上执行、部分地在用户设备上执行、部分在远程计算设备上执行、或者完全在远程计算设备或服务器上执行。在涉及远程计算设备的情形中,远程计算设备可以通过任意种类的网络,包括局域网(LAN)或广域网(WAN),连接到用户计算设备,或者,可以连接到外部计算设备(例如利用因特网服务提供商来通过因特网连接)。According to an embodiment of the present disclosure, the program code for executing the computer program provided by the embodiment of the present disclosure can be written in any combination of one or more programming languages. Specifically, these computing programs can be implemented using high-level process and/or object-oriented programming languages, and/or assembly/machine languages. Programming languages include, but are not limited to, Java, C++, python, "C" language or similar programming languages. The program code can be executed entirely on the user computing device, partially on the user device, partially on the remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device can be connected to the user computing device through any type of network, including a local area network (LAN) or a wide area network (WAN), or can be connected to an external computing device (for example, using an Internet service provider to connect through the Internet).

附图中的流程图和框图,图示了按照本公开各种实施例的系统、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段、或代码的一部分,上述模块、程序段、或代码的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两 个接连地表示的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图或流程图中的每个方框、以及框图或流程图中的方框的组合,可以用执行规定的功能或操作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。本领域技术人员可以理解,本公开的各个实施例和/或权利要求中记载的特征可以进行多种组合和/或结合,即使这样的组合或结合没有明确记载于本公开中。特别地,在不脱离本公开精神和教导的情况下,本公开的各个实施例和/或权利要求中记载的特征可以进行多种组合和/或结合。所有这些组合和/或结合均落入本公开的范围。The flowcharts and block diagrams in the accompanying drawings illustrate the possible architectures, functions, and operations of the systems, methods, and computer program products according to various embodiments of the present disclosure. In this regard, each box in the flowchart or block diagram may represent a module, a program segment, or a portion of code, which contains one or more executable instructions for implementing the specified logical functions. It should also be noted that in some alternative implementations, the functions marked in the boxes may also occur in an order different from that marked in the accompanying drawings. For example, two The boxes represented in succession can actually be executed substantially in parallel, and they can sometimes be executed in the opposite order, depending on the functions involved. It should also be noted that each box in the block diagram or flow chart, and the combination of boxes in the block diagram or flow chart, can be implemented with a dedicated hardware-based system that performs the specified function or operation, or can be implemented with a combination of dedicated hardware and computer instructions. It will be understood by those skilled in the art that the features recorded in the various embodiments and/or claims of the present disclosure can be combined and/or combined in various ways, even if such combinations or combinations are not explicitly recorded in the present disclosure. In particular, without departing from the spirit and teachings of the present disclosure, the features recorded in the various embodiments and/or claims of the present disclosure can be combined and/or combined in various ways. All of these combinations and/or combinations fall within the scope of the present disclosure.

以上对本公开的实施例进行了描述。但是,这些实施例仅仅是为了说明的目的,而并非为了限制本公开的范围。尽管在以上分别描述了各实施例,但是这并不意味着各个实施例中的措施不能有利地结合使用。本公开的范围由所附权利要求及其等同物限定。不脱离本公开的范围,本领域技术人员可以做出多种替代和修改,这些替代和修改都应落在本公开的范围之内。 The embodiments of the present disclosure are described above. However, these embodiments are only for illustrative purposes and are not intended to limit the scope of the present disclosure. Although the embodiments are described above separately, this does not mean that the measures in the various embodiments cannot be used in combination to advantage. The scope of the present disclosure is defined by the attached claims and their equivalents. Without departing from the scope of the present disclosure, those skilled in the art may make a variety of substitutions and modifications, which should all fall within the scope of the present disclosure.

Claims (17)

一种网关服务请求的处理方法,包括:A method for processing a gateway service request, comprising: 响应于接收到待处理网关服务请求,根据预设映射关系和所述待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息;In response to receiving a pending gateway service request, determining target gateway cluster information corresponding to the target gateway cluster, target gateway information corresponding to the target gateway, and target service information corresponding to the target service according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request; 根据所述目标网关集群信息、所述目标网关信息和所述目标服务信息,确定与所述目标服务对应的至少一个容器组各自的运行状态;Determine, according to the target gateway cluster information, the target gateway information, and the target service information, a respective running state of at least one container group corresponding to the target service; 根据所述与目标服务对应的至少一个容器组各自的运行状态,在所述至少一个容器组中确定目标容器组;以及Determining a target container group in the at least one container group corresponding to the target service according to the respective running states of the at least one container group; and 将所述待处理网关服务请求发送至所述目标容器组,以便于所述目标容器组对所述待处理网关服务请求进行处理。The to-be-processed gateway service request is sent to the target container group, so that the target container group processes the to-be-processed gateway service request. 根据权利要求1所述的方法,其中,所述响应于接收到待处理网关服务请求,根据预设映射关系和所述待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息包括:The method according to claim 1, wherein, in response to receiving a pending gateway service request, determining, according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request, target gateway cluster information corresponding to the target gateway cluster, target gateway information corresponding to the target gateway, and target service information corresponding to the target service comprises: 根据所述待处理网关服务配置信息,确定目标虚拟互联网协议地址信息;Determining target virtual Internet Protocol address information according to the to-be-processed gateway service configuration information; 根据第一预设映射关系和所述目标虚拟互联网协议地址信息,确定与目标网关集群对应的目标网关集群信息;Determine the target gateway cluster information corresponding to the target gateway cluster according to the first preset mapping relationship and the target virtual Internet Protocol address information; 根据所述目标网关集群信息,确定与所述目标网关对应的网关地址信息和与所述目标服务对应的服务端口信息;Determine, according to the target gateway cluster information, the gateway address information corresponding to the target gateway and the service port information corresponding to the target service; 根据第二预设映射关系和所述网关地址信息,确定所述目标网关信息;以及Determining the target gateway information according to the second preset mapping relationship and the gateway address information; and 根据第三预设映射关系和所述服务端口信息,确定所述目标服务信息。The target service information is determined according to a third preset mapping relationship and the service port information. 根据权利要求2所述的方法,其中,所述目标网关集群包括至少一个网关,所述至少一个网关中的每个网关各自对应有至少一个服 务,所述至少一个网关各自对应有网关地址信息,所述至少一个服务各自对应有服务端口信息;The method according to claim 2, wherein the target gateway cluster includes at least one gateway, each of the at least one gateway corresponds to at least one server The at least one gateway has gateway address information corresponding to each of the at least one services, and the at least one service has service port information corresponding to each of the at least one services; 所述根据所述目标网关集群信息,确定与所述目标网关对应的网关地址信息和与所述目标服务对应的服务端口信息包括:The determining, according to the target gateway cluster information, the gateway address information corresponding to the target gateway and the service port information corresponding to the target service comprises: 根据所述目标网关集群信息,确定所述目标网关集群的网段范围;Determine the network segment range of the target gateway cluster according to the target gateway cluster information; 针对所述至少一个网关中的每个网关,For each gateway of the at least one gateway, 根据所述目标网关集群的网段范围,确定与所述网关对应的所述网关地址信息;以及Determining the gateway address information corresponding to the gateway according to the network segment range of the target gateway cluster; and 针对与所述网关对应的所述至少一个服务中的每个服务,For each of the at least one service corresponding to the gateway, 根据与所述网关对应的网关地址信息,确定与所述网关对应的所述服务的所述服务端口信息。The service port information of the service corresponding to the gateway is determined according to the gateway address information corresponding to the gateway. 根据权利要求2所述的方法,其中,所述响应于接收到所述待处理网关服务请求,根据所述待处理网关服务配置信息,确定目标虚拟互联网协议地址信息包括:The method according to claim 2, wherein, in response to receiving the pending gateway service request, determining the target virtual Internet Protocol address information according to the pending gateway service configuration information comprises: 响应于接收到所述待处理网关服务请求,对所述待处理网关服务配置信息进行解析处理,得到与所述待处理网关服务请求对应的域名信息;以及In response to receiving the pending gateway service request, parsing the pending gateway service configuration information to obtain domain name information corresponding to the pending gateway service request; and 根据所述域名信息,确定所述目标虚拟网络地址信息。The target virtual network address information is determined according to the domain name information. 根据权利要求2所述的方法,其中,所述第二预设映射关系包括至少一个第二键值关系,所述第二键值关系包括第二键信息和第二值信息,所述至少一个第二键值关系是通过如下方式构建得到的:The method according to claim 2, wherein the second preset mapping relationship includes at least one second key-value relationship, the second key-value relationship includes second key information and second value information, and the at least one second key-value relationship is constructed in the following manner: 针对至少一个第二键值关系中的每个第二键值关系,For each second key-value relationship in the at least one second key-value relationship, 响应于接收到网关创建指令,获取网关标识、网关配置信息和网关集群标识;In response to receiving the gateway creation instruction, obtaining a gateway identifier, gateway configuration information, and a gateway cluster identifier; 根据所述网关集群标识,确定与所述网关集群标识对应的虚拟网络地址信息;According to the gateway cluster identifier, determining virtual network address information corresponding to the gateway cluster identifier; 根据目标路由协议和所述虚拟网络地址信息,确定与所述网关标识对应的网关地址信息;Determine the gateway address information corresponding to the gateway identifier according to the target routing protocol and the virtual network address information; 将所述网关地址信息确定为所述第二键信息; Determining the gateway address information as the second key information; 将所述网关配置信息确定为所述第二值信息;以及determining the gateway configuration information as the second value information; and 根据所述第二键信息和所述第二值信息,构建所述第二键值关系。The second key-value relationship is constructed according to the second key information and the second value information. 根据权利要求5所述的方法,其中,在所述目标路由协议为边界网关协议的情况下,The method according to claim 5, wherein, when the target routing protocol is a border gateway protocol, 所述根据目标路由协议和所述虚拟网络地址信息,确定与所述网关标识对应的网关地址信息包括:The determining, according to the target routing protocol and the virtual network address information, the gateway address information corresponding to the gateway identifier comprises: 根据所述虚拟互联网协议地址信息,配置第一资源池,其中,所述第一资源池包括至少一个第一候选地址信息;According to the virtual Internet Protocol address information, configuring a first resource pool, wherein the first resource pool includes at least one first candidate address information; 根据所述第一资源池,在所述至少一个第一候选地址信息中确定目标地址信息;以及determining target address information from the at least one first candidate address information according to the first resource pool; and 根据所述边界网关协议,经由任意两个前端代理发布所述目标地址信息,以便于将所述目标地址信息确定为所述网关地址信息。According to the border gateway protocol, the target address information is published via any two front-end proxies, so as to determine the target address information as the gateway address information. 根据权利要求5所述的方法,其中,在所述目标路由协议为等价多路径路由协议的情况下,The method according to claim 5, wherein, when the target routing protocol is an equal-cost multi-path routing protocol, 所述根据目标路由协议和所述虚拟网络地址信息,确定与所述网关标识对应的网关地址信息包括:The determining, according to the target routing protocol and the virtual network address information, the gateway address information corresponding to the gateway identifier comprises: 根据所述虚拟互联网协议地址信息,配置第二资源池,其中,所述第二资源池包括至少一个第二候选地址信息;According to the virtual Internet Protocol address information, configuring a second resource pool, wherein the second resource pool includes at least one second candidate address information; 根据所述第二资源池,在所述至少一个第二候选地址信息中确定目标地址信息;determining target address information in the at least one second candidate address information according to the second resource pool; 根据所述等价多路径路由协议,配置与所述目标地址信息对应的等价路由信息;以及According to the equal-cost multi-path routing protocol, configuring equal-cost routing information corresponding to the target address information; and 将所述等价路由信息确定为所述网关地址信息。The equal-cost routing information is determined as the gateway address information. 根据权利要求2所述的方法,其中,所述第三预设映射关系包括至少一个第三键值关系,所述第三键值关系包括第三键信息和第三值信息,所述至少一个第三键值关系是通过如下方式构建得到的:The method according to claim 2, wherein the third preset mapping relationship includes at least one third key-value relationship, the third key-value relationship includes third key information and third value information, and the at least one third key-value relationship is constructed in the following manner: 针对至少一个第三键值关系中的每个第三键值关系,For each third key-value relationship in the at least one third key-value relationship, 响应于接收到服务创建指令,获取服务标识、服务配置信息和网关标识; In response to receiving the service creation instruction, obtaining a service identifier, service configuration information, and a gateway identifier; 根据所述网关标识,确定与所述网关标识对应的网关地址信息;According to the gateway identifier, determining the gateway address information corresponding to the gateway identifier; 根据所述网关地址信息,确定与所述服务标识对应的服务端口信息;Determine the service port information corresponding to the service identifier according to the gateway address information; 将所述服务端口信息确定为所述第三键信息;Determining the service port information as the third key information; 将所述服务配置信息确定为所述第三值信息;以及determining the service configuration information as the third value information; and 根据所述第三键信息和所述第三值信息,构建所述第三键值关系。The third key-value relationship is constructed according to the third key information and the third value information. 根据权利要求1至8中任一项所述的方法,其中,所述目标服务信息包括与所述至少一个容器组各自对应的容器组地址信息;The method according to any one of claims 1 to 8, wherein the target service information includes container group address information corresponding to each of the at least one container groups; 所述根据所述目标网关集群信息、所述目标网关信息和所述目标服务信息,确定与所述目标服务对应的至少一个容器组各自的运行状态包括:The determining, according to the target gateway cluster information, the target gateway information, and the target service information, the respective running states of at least one container group corresponding to the target service comprises: 针对至少一个容器组地址信息中的每个容器组地址信息,For each container group address information in the at least one container group address information, 根据所述容器组地址信息,建立与所述容器组之间的探测网络连接;Establishing a detection network connection with the container group according to the container group address information; 在预定时段内接收到所述容器组发送的心跳探测包的情况下,确定所述容器组的运行状态属于正常运行状态;以及In the case where a heartbeat detection packet sent by the container group is received within a predetermined period of time, determining that the running state of the container group is a normal running state; and 在所述预定时段内未接收到所述容器组发送的心跳探测包的情况下,确定所述容器组的运行状态属于异常运行状态。When no heartbeat detection packet sent by the container group is received within the predetermined period of time, it is determined that the running state of the container group is in an abnormal running state. 根据权利要求9所述的方法,其中,所述根据所述与目标服务对应的至少一个容器组各自的运行状态,在所述至少一个容器组中确定目标容器组包括:The method according to claim 9, wherein determining the target container group in the at least one container group corresponding to the target service according to the respective running states of the at least one container group comprises: 响应于所述容器组的运行状态属于正常运行状态,将所述容器组确定为所述目标容器组。In response to the running state of the container group being a normal running state, the container group is determined as the target container group. 根据权利要求1至8中任一项所述的方法,其中,所述将所述待处理网关服务请求发送至所述目标容器组包括:The method according to any one of claims 1 to 8, wherein sending the pending gateway service request to the target container group comprises: 确定与所述目标容器组对应的目标容器组地址信息;Determine target container group address information corresponding to the target container group; 根据所述目标容器组地址信息,建立与所述目标容器组之间的实际网络连接;以及Establishing an actual network connection with the target container group according to the target container group address information; and 基于所述实际网络连接,将所述待处理网关服务请求发送至所述 目标容器组。Based on the actual network connection, the pending gateway service request is sent to the The target container group. 一种云原生网关系统的管理方法,包括:A method for managing a cloud native gateway system, comprising: 利用权利要求1~11中任一项所述的方法,处理目标网关服务请求,得到处理结果,其中,所述目标网关服务请求包括目标网关服务配置信息,所述目标网关服务配置信息与云原生网关系统相关联;以及Using the method described in any one of claims 1 to 11, processing a target gateway service request to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with a cloud native gateway system; and 根据所述处理结果,对所述云原生网关系统进行管理。The cloud native gateway system is managed according to the processing result. 一种网关服务请求的处理装置,包括:A device for processing a gateway service request, comprising: 第一确定模块,用于响应于接收到待处理网关服务请求,根据预设映射关系和所述待处理网关服务请求中的待处理网关服务配置信息,确定与目标网关集群对应的目标网关集群信息、与目标网关对应的目标网关信息和与目标服务对应的目标服务信息;A first determination module is used to determine, in response to receiving a pending gateway service request, target gateway cluster information corresponding to the target gateway cluster, target gateway information corresponding to the target gateway, and target service information corresponding to the target service according to a preset mapping relationship and the pending gateway service configuration information in the pending gateway service request; 第二确定模块,用于根据所述目标网关集群信息、所述目标网关信息和所述目标服务信息,确定与所述目标服务对应的至少一个容器组各自的运行状态;A second determination module is used to determine the respective running status of at least one container group corresponding to the target service according to the target gateway cluster information, the target gateway information and the target service information; 第三确定模块,用于根据所述与目标服务对应的至少一个容器组各自的运行状态,在所述至少一个容器组中确定目标容器组;以及A third determining module, configured to determine a target container group from the at least one container group corresponding to the target service according to a respective running state of the at least one container group; and 发送模块,用于将所述待处理网关服务请求发送至所述目标容器组,以便于所述目标容器组对所述待处理网关服务请求进行处理。The sending module is used to send the to-be-processed gateway service request to the target container group, so that the target container group processes the to-be-processed gateway service request. 一种云原生网关系统的管理装置,包括:A management device for a cloud native gateway system, comprising: 处理模块,用于利用权利要求13所述的装置,处理目标网关服务请求,得到处理结果,其中,所述目标网关服务请求包括目标网关服务配置信息,所述目标网关服务配置信息与云原生网关系统相关联;以及A processing module, configured to process a target gateway service request using the apparatus of claim 13 to obtain a processing result, wherein the target gateway service request includes target gateway service configuration information, and the target gateway service configuration information is associated with a cloud native gateway system; and 管理模块,用于根据所述处理结果,对所述云原生网关系统进行管理。A management module is used to manage the cloud native gateway system according to the processing result. 一种电子设备,包括:An electronic device, comprising: 一个或多个处理器;one or more processors; 存储器,用于存储一个或多个指令,a memory for storing one or more instructions, 其中,当所述一个或多个指令被所述一个或多个处理器执行时, 使得所述一个或多个处理器实现权利要求1至11中任一项或权利要求12所述的方法。Wherein, when the one or more instructions are executed by the one or more processors, The one or more processors are caused to implement the method of any one of claims 1 to 11 or claim 12. 一种计算机可读存储介质,其上存储有可执行指令,所述可执行指令被处理器执行时使处理器实现权利要求1至11中任一项或权利要求12所述的方法。A computer-readable storage medium having executable instructions stored thereon, wherein when the executable instructions are executed by a processor, the processor implements the method of any one of claims 1 to 11 or claim 12. 一种计算机程序产品,所述计算机程序产品包括计算机可执行指令,所述计算机可执行指令在被执行时用于实现权利要求1至11中任一项或权利要求12所述的方法。 A computer program product, comprising computer executable instructions, wherein the computer executable instructions are used to implement the method of any one of claims 1 to 11 or claim 12 when executed.
PCT/CN2023/134349 2023-03-22 2023-11-27 Gateway service request processing method and device, and cloud native gateway system management method and device WO2024193085A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202310288631.7A CN116389599A (en) 2023-03-22 2023-03-22 Gateway service request processing method and device and cloud native gateway system management method and device
CN202310288631.7 2023-03-22

Publications (1)

Publication Number Publication Date
WO2024193085A1 true WO2024193085A1 (en) 2024-09-26

Family

ID=86974290

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/134349 WO2024193085A1 (en) 2023-03-22 2023-11-27 Gateway service request processing method and device, and cloud native gateway system management method and device

Country Status (2)

Country Link
CN (1) CN116389599A (en)
WO (1) WO2024193085A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116389599A (en) * 2023-03-22 2023-07-04 京东科技信息技术有限公司 Gateway service request processing method and device and cloud native gateway system management method and device
CN117596284B (en) * 2024-01-18 2024-03-29 腾讯科技(深圳)有限公司 Method, device, computer equipment and storage medium for data transmission

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109582441A (en) * 2018-11-30 2019-04-05 北京百度网讯科技有限公司 For providing system, the method and apparatus of container service
CN113783922A (en) * 2021-03-26 2021-12-10 北京沃东天骏信息技术有限公司 Method, system and device for load balancing
CN114398176A (en) * 2022-01-04 2022-04-26 北京金山云网络技术有限公司 Service access method, device, electronic equipment and storage medium
CN114884956A (en) * 2022-07-05 2022-08-09 北京世纪好未来教育科技有限公司 Method and device for realizing multi-cluster architecture and multi-cluster architecture system
CN115242882A (en) * 2022-09-20 2022-10-25 之江实验室 A method and device for accessing k8s container environment based on transport layer routing
CN115412549A (en) * 2021-05-27 2022-11-29 北京金山云网络技术有限公司 Information configuration method and device and request processing method and device
CN116389599A (en) * 2023-03-22 2023-07-04 京东科技信息技术有限公司 Gateway service request processing method and device and cloud native gateway system management method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109582441A (en) * 2018-11-30 2019-04-05 北京百度网讯科技有限公司 For providing system, the method and apparatus of container service
CN113783922A (en) * 2021-03-26 2021-12-10 北京沃东天骏信息技术有限公司 Method, system and device for load balancing
CN115412549A (en) * 2021-05-27 2022-11-29 北京金山云网络技术有限公司 Information configuration method and device and request processing method and device
CN114398176A (en) * 2022-01-04 2022-04-26 北京金山云网络技术有限公司 Service access method, device, electronic equipment and storage medium
CN114884956A (en) * 2022-07-05 2022-08-09 北京世纪好未来教育科技有限公司 Method and device for realizing multi-cluster architecture and multi-cluster architecture system
CN115242882A (en) * 2022-09-20 2022-10-25 之江实验室 A method and device for accessing k8s container environment based on transport layer routing
CN116389599A (en) * 2023-03-22 2023-07-04 京东科技信息技术有限公司 Gateway service request processing method and device and cloud native gateway system management method and device

Also Published As

Publication number Publication date
CN116389599A (en) 2023-07-04

Similar Documents

Publication Publication Date Title
JP7293446B2 (en) Virtual network verification service
JP7060636B2 (en) Virtual network interface object
US7774485B2 (en) Dynamic service composition and orchestration
US10931559B2 (en) Distribution of network-policy configuration, management, and control using model-driven and information-centric networking
US10680945B1 (en) Extending overlay networks to edge routers of a substrate network
WO2024193085A1 (en) Gateway service request processing method and device, and cloud native gateway system management method and device
CN113301116B (en) Cross-network communication method, device, system and equipment for micro-service application
US20080313318A1 (en) Providing enhanced data retrieval from remote locations
JP7012079B2 (en) Communication method, system, program between on-premises and off-premises
US10785056B1 (en) Sharing a subnet of a logically isolated network between client accounts of a provider network
US9742669B2 (en) Aliasing of named data objects and named graphs for named data networks
US11863528B1 (en) Glue layer that abstracts dynamic endpoints to static endpoints
CN115242882B (en) A method and device for accessing k8s container environment based on transport layer routing
JP2017201776A (en) Content delivery through uneven network
US11792301B1 (en) Parallelized automated creation of proxy manifests
EP3170089B1 (en) Brokering data access requests and responses
US11528206B2 (en) Identifying and mapping applications to devices in a network
US11663058B1 (en) Preemptive filtering of events of an event bus with a deterministic filter
Łaskawiec et al. New solutions for exposing clustered applications deployed in the cloud
US10313254B1 (en) Network management interface for a network element with network-wide information
CN118353832B (en) Stream table processing method, stream table processing device, stream table processing computer, stream table processing storage medium and stream table processing program product
CN114553876B (en) Method and system for in-packet version marking using peripheral NAT
US20240291759A1 (en) Multi-cloud container communication
WO2022134970A1 (en) Location information conversion method, network gateway, controller, terminal, device, and medium
Castillo Lema A generic network function virtualization manager and orchestrator for content-centric networks.

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23928389

Country of ref document: EP

Kind code of ref document: A1