Disclosure of Invention
The application provides an internal and external network communication method and system, and aims to solve the problem of low internal and external network communication efficiency.
In order to achieve the above object, the present application provides the following technical solutions:
the application provides an internal and external network communication method, which is applied to a gateway in an internal and external network communication system; the intranet and extranet communication system includes: the system comprises a first gateway, a second gateway, a strong isolation device and an intranet database; one gateway is an intranet gateway, and the other gateway is an extranet gateway; the intranet gateway is connected with a first address of the intranet database; the external network gateway is connected with the second address of the internal network database; the second address of the intranet database is an address obtained by the first address through the strong isolation device;
the method comprises the following steps:
the first gateway stores an HTTP request in the intranet database when receiving the HTTP request which is sent by an application and used for indicating an access terminal to access an opposite terminal network;
the second gateway writes the acquired request result of the HTTP request to be processed into the intranet database under the condition that the HTTP request to be processed in the intranet database is inquired; the HTTP request to be processed is an unresponsive HTTP request which is stored in the intranet database by the first gateway and is used for accessing the network where the second gateway is located;
and the first gateway outputs the request result to the application under the condition that the request result of the HTTP request is detected to be stored in the intranet database.
Optionally, the second gateway includes a plurality of query processes; any query process is used for querying the HTTP request to be processed in the intranet database; the method further comprises the following steps:
the second gateway sets a preset identifier for the HTTP request to be processed under the condition that any query process queries any HTTP request to be processed; the preset identifier is used for marking that the pending HTTP request is being responded to.
Optionally, the method further includes:
and the first gateway migrates the HTTP request which has fed back the request result in the intranet database every preset time.
Optionally, the HTTP request with the fed back request result is migrated to a preset table; the method further comprises the following steps:
and under the condition that the first gateway receives a tracing instruction of any one fed back request result HTTP request, inquiring the fed back request result HTTP request from the preset table.
The present application further provides an intranet and extranet communication system, comprising: the system comprises a first gateway, a second gateway, a strong isolation device and an intranet database; one gateway is an intranet gateway, and the other gateway is an extranet gateway; the intranet gateway is connected with a first address of the intranet database; the external network gateway is connected with the second address of the internal network database; the second address of the intranet database is an address obtained by the first address through the strong isolation device;
the first gateway is used for storing the HTTP request in the intranet database under the condition that the HTTP request which is sent by an application and used for indicating an access terminal to access an opposite terminal network is received;
the second gateway is used for writing the acquired request result of the HTTP request to be processed into the intranet database under the condition that the HTTP request to be processed in the intranet database is inquired; the HTTP request to be processed is an unresponsive HTTP request which is stored in the intranet database by the first gateway and is used for accessing the network where the second gateway is located;
the first gateway is further configured to output a request result of the HTTP request to the application when detecting that the request result is stored in the intranet database.
Optionally, the second gateway includes a plurality of query processes; any query process is used for querying the HTTP request to be processed in the intranet database;
the second gateway is further configured to set a preset identifier for the HTTP request to be processed when any one of the query processes queries any one of the HTTP requests to be processed; the preset identifier is used for marking that the pending HTTP request is being responded to.
Optionally, the first gateway is further configured to migrate, at preset intervals, the HTTP request in the intranet database, to which the request result has been fed back.
Optionally, the first gateway and the second gateway respectively consist of at least two programs, namely an Admin program and a bootstrap program;
the Admin program is used for configuring a preset rule of the gateway; the preset rules include: routing rules, current limiting rules, and path rewrite rules;
and the bootstrap program is used for receiving the HTTP request according to the preset rule and responding to the HTTP request.
Optionally, the Admin program is further configured to, after the preset rule is reconfigured, synchronously cache the reconfigured rule in the bootstrap program.
Optionally, the intranet database is a Mysql database.
According to the Intranet and Intranet communication method and system, the first gateway stores the HTTP request in the Intranet database under the condition that the HTTP request which is sent by the application and used for indicating the access terminal to access the opposite terminal network is received; the second gateway writes the acquired request result of the HTTP request to be processed into the intranet database under the condition that the HTTP request to be processed in the intranet database is inquired; and the first gateway outputs a request result to the application under the condition that the request result of the HTTP request is detected to be stored in the intranet database.
That is, in the present application, the application at the first gateway side only needs to send the HTTP request to the first gateway and receive the request result output by the first gateway, that is, there is no direct call relationship between the application at the first gateway side and the intranet database. The second gateway obtains a request result of the HTTP request to be processed and writes the request result into the intranet database, namely, the application at the second gateway side does not need to directly call the intranet database and writes the generated message into the intranet database. In this application, the intranet application and the extranet application have no direct relation with the intranet database, so that the intranet application and the extranet application can normally operate when the database is changed.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The applicant finds in research that the embodiments of the present application need to be applied to a special network environment, that is, an intranet and an extranet must communicate with each other through a strong isolation device, and since the strong isolation device must be based on an intranet database, the intranet and the extranet must communicate with each other based on the strong isolation device and the intranet database, and thus, the conventional gateway product is not suitable for the network environment of the present application. Therefore, it is necessary to develop an intranet and extranet communication system that can prevent the normal operation of intranet and extranet applications from being affected by a database and can normally communicate between intranet and extranet networks by using the HTTP protocol.
Fig. 1 is a schematic view of an application scenario provided in an embodiment of the present application, including: the system comprises an intranet client, an intranet server, an intranet and extranet communication system, an extranet client and an extranet server. The intranet client is connected with the intranet server, the extranet client is connected with the extranet server, and the intranet server and the extranet server are respectively connected with the intranet and extranet communication systems. The connection may be a wireless connection or a wired connection, and the embodiment of the present application does not limit a specific connection manner.
The intranet can access the system, and the extranet can also access the intranet. For the external network to access the internal network, the external network client sends a request to the external network server, and the external network server acquires an access result to the internal network through the internal and external network communication system. For the intranet to access the extranet, the intranet client sends an access request to the intranet server, and the intranet server acquires an access result to the extranet through the intranet and extranet communication system. Namely, the communication between the internal network service terminal and the external network service terminal is realized by the internal and external network communication system.
Fig. 2 is a communication system of an intranet and an extranet according to an embodiment of the present application, including: the system comprises a first gateway, a second gateway, a strong isolation device and an intranet database; one gateway is an intranet gateway, and the other gateway is an extranet gateway. The intranet gateway is connected with a first address of the intranet database; the extranet gateway is coupled to the second address of the intranet database. And the second address of the intranet database is the address obtained by the first address through the strong isolation device.
Currently, there are two main types of databases, oracle and mysql. Since the use environment of this embodiment is complex (the intranet and the extranet must communicate with each other through the strong isolation device, and the strong isolation device must be based on the intranet database, the intranet and the extranet must communicate with each other based on the strong isolation device and the intranet database), the communication system may need to be deployed in multiple scenarios, and the data is absolutely separated, so a lightweight database is required. Because the mysql is a relational database and is suitable for the application scenario of the embodiment of the application, the mysql database is selected as a storage carrier of the message data by the database of the embodiment.
In this embodiment, the first gateway and the second gateway may also be referred to as indb-gateway. In this embodiment, both the first gateway and the second gateway include at least two programs, namely an admin program (inb-gateway-admin) and a bootstrap program (inb-gateway-bootstrap). Data synchronization can be maintained between the two programs through http polling, websocket long connection and the like.
The Admin program is configured to configure a preset rule of the gateway, where the preset rule may include: the routing rule, the current limiting rule, and the path rewriting rule, of course, in practice, the preset rule may further include other contents, and the specific contents of the preset rule are not limited in this embodiment. The bootstrap program is used for receiving the HTTP request according to the preset rule and responding to the HTTP request. Specifically, the bootstrap program is used for receiving the HTTP request, forwarding the HTTP request to the indb-gateway-admin, and the indb-gateway-admin penetrates through the strong isolation according to the configured routing rule and sends the strong isolation to the corresponding intranet or extranet service.
Namely, the embodiment uniformly encapsulates the database and the strong isolation device. The service of the internal network can be exposed to the external network through the configuration of the indb-gateway-admin of the internal network gateway, meanwhile, the service of the external network can also be directly exposed to the internal network through the external network gateway, and HTTP calling can be directly carried out through the gateway after exposure, so that the common HTTP interface calling technology of the internet can be widely applied, and communication between the internal network application and the external network application through modes of calling a database and the like is not needed any more. Thus, the intranet and extranet communication system provided by the embodiment can process communication between the intranet and extranet with high efficiency, low delay, high concurrency and high stability.
The embodiment can utilize the characteristic of the HTTP request, thereby realizing the real-time transmission of the pictures and the texts between the internal network and the external network, and enriching the transmission types of the messages between the internal network and the external network.
Based on the above-described structure regarding the intranet and extranet communication system, a communication procedure between a first gateway and a second gateway in the intranet and extranet communication system will be described below. In this embodiment, one of the first gateway and the second gateway is an intranet gateway, and the other gateway is an extranet gateway. Specifically, the first gateway may be an external network gateway, and the second gateway may be an internal network gateway, or of course, the first gateway may also be an internal network gateway, and the second gateway may also be an external network gateway, and this embodiment does not limit the specific form. That is, the communication process between the first gateway and the second gateway provided in the embodiment of the present application may be regarded as a process in which an intranet accesses an extranet, and may be regarded as a process in which an extranet accesses an intranet. For convenience of description, the present embodiment takes the first gateway as an external network gateway and the second gateway as an internal network gateway as an example for introduction. Specifically, the communication flow between the first gateway and the second gateway is shown in fig. 3, and may include the following steps:
s301, the first gateway stores the HTTP request in an intranet database when receiving the HTTP request which is sent by the application and used for indicating the access terminal to access the opposite terminal network.
In this embodiment, the application sending the HTTP request to the first gateway is a server on the first gateway side. That is, the extranet server sends the HTTP request to the first gateway when receiving the HTTP request sent by the client.
In this step, the first gateway saves the HTTP request in the intranet database.
Specifically, the first gateway is composed of an Admin program and a bootstrap program, and in this step, the bootstrap program receives the HTTP request and stores the received HTTP request in the intranet database according to a preset rule configured by the Admin program.
S302, the first gateway suspends the HTTP request.
In this embodiment, a specific implementation manner of suspending the HTTP request is the prior art, and is not described herein again.
S303, the second gateway acquires a request result of the HTTP request to be processed under the condition that the HTTP request to be processed in the intranet database is inquired.
In this embodiment, the HTTP request to be processed is an unresponsive HTTP request stored by the first gateway in the intranet database and used for accessing the network where the second gateway is located. It should be noted that the pending HTTP request may be a plurality of HTTP requests, including the HTTP request stored in the intranet database by the first gateway.
Optionally, in this embodiment, the bootstrap program in the second gateway scans the HTTP request in the intranet database, and scans out the HTTP request to be processed. And for any one scanned HTTP request, acquiring a request result of the HTTP request according to a preset rule configured by an Admin program.
Optionally, the bootstrap program may include a plurality of query processes, where any query process is used to query the intranet database for the pending HTTP request. In practice, different query processes may scan for the same pending HTTP request, and thus, repeated responses of multiple different query processes to one pending HTTP request may occur. To avoid this problem, in this embodiment, the second gateway uses a distributed lock on the redis, which ensures that the HTTP request can only be responded to once. Specifically, the second gateway sets a preset identifier for the HTTP request to be processed when any query process queries any HTTP request to be processed. The preset identifier is used for marking that the to-be-processed HTTP request is being responded, so that other query processes are prevented from querying the to-be-processed HTTP request to respond.
S304, the second gateway writes the acquired request result of the HTTP request to be processed into an intranet database.
In this embodiment, the second gateway writes the acquired request result of the HTTP request to be processed into the intranet database, so that the first gateway extracts the request result of the HTTP request.
S305, the first gateway outputs the request result to the application when detecting that the request result of the HTTP request is stored in the intranet database.
In this embodiment, after suspending the HTTP request, the first gateway detects whether a request result of the HTTP request is stored in the intranet database, and if so, feeds back the request result of the HTTP request to the service end of the extranet.
Specifically, since the first gateway includes the Admin program and the bootstrap program, in this step, the bootstrap program in the first gateway queries whether the intranet database stores the request result of the HTTP request. The specific query implementation manner of the bootstrap program is the prior art, and is not described herein again.
It can be seen from the foregoing S301 to S305 that, in the present application, the application at the first gateway side only needs to send the HTTP request to the first gateway and receive the request result output by the first gateway, that is, there is no direct call relationship between the application at the first gateway side and the intranet database. The second gateway obtains a request result of the HTTP request to be processed and writes the request result into the intranet database, namely, the application at the second gateway side writes the generated message into the intranet database without calling the intranet database. That is, in the embodiment of the present application, the intranet application and the extranet application have no direct relationship with the intranet database, so that when the database is changed, the intranet application and the extranet application can also run normally.
Meanwhile, the intranet application and the extranet application do not need to directly call an intranet database, so that a strong coupling relation caused by calling the intranet database for communication does not exist between an intranet system (the intranet application and an intranet client) and an extranet system (the extranet application and an extranet client), and therefore the coupling degree between the intranet system and the extranet system can be reduced by adopting the intranet and extranet communication system provided by the embodiment of the application.
S306, the first gateway migrates the HTTP request fed back with the request result in the intranet database every preset time.
In this embodiment, after the first gateway and the second gateway operate for a period of time, a problem of search pressure on the database occurs. Because the data volume in the intranet database is gradually increased along with the time, the pressure for searching the intranet database is also gradually increased. In order to reduce the search pressure on the intranet database, in this embodiment, the first gateway migrates the HTTP request that has been processed in the intranet database out of the intranet database every preset time, that is, migrates the HTTP request that has fed back the request result in the intranet database.
It should be noted that, in this embodiment, this step is an optional step.
Optionally, the information may be migrated to a preset table, and certainly, in practice, the information may also be migrated to other spaces, and the embodiment does not limit the specific manner.
The HTTP request which is migrated to the preset table can be traced conveniently in a specific scene, and a certain HTTP request which has fed back the request result is guaranteed to be safe. Specifically, the first gateway may query the fed-back request result HTTP request from a preset table when receiving a trace back instruction for any fed-back request result HTTP request.
Optionally, in this embodiment, in order to ensure the scalability and the high concurrency performance of the first gateway and the second gateway. Since both the first gateway and the second gateway may be made up of two parts: indb-gateway-admin and indb-gateway-bootstrap. In practice, no matter the first gateway or the second gateway, if the access pressure is continuously increased, a mode of deploying multiple indb-gateway-admin nodes and indb-gateway-bootstrap nodes can be adopted, and the multiple bootstrap nodes are kept connected with the admin through http polling, websocket long connection and the like, so that the access pressure can be dispersed to each different bootstrap node, and the access pressure of a single bootstrap node can be reduced. When the call pressure is increased, bootstrap and admin can also be deployed in a clustering manner to reduce the call pressure.
Optionally, in this embodiment, the Admin program is further configured to, after the preset rule is reconfigured, synchronously cache the reconfigured rule in the bootstrap program, so that in this embodiment, configuration content hot configuration such as routing forwarding, current limiting, authentication and the like is performed on the indb-gateway-Admin, and the rule can be validated in real time after being clicked and released, and the gateway system does not need to be restarted, thereby being applicable to more application scenarios.
Optionally, the first gateway and the second gateway in the intranet and extranet communication system provided in this embodiment may also support the SDK fast access, so that the learning cost may be saved, and the operation is faster. Also, developers are only concerned with the message queue middleware itself. There is no need to pay attention to the internal and external network problems.
Optionally, compared with a common gateway having only functions such as forwarding, the first gateway and the second gateway in the intranet and extranet communication system provided by the present application also support functions such as authentication of an interface, current limiting of an interface, and support of a dubbo interface.
Fig. 4 is a communication method for an intranet and an extranet according to an embodiment of the present application, where the method is applied to the intranet and extranet communication system shown in fig. 2, and may include the following steps:
s401, under the condition that the first gateway receives the HTTP request which is sent by the application and used for indicating the access terminal to access the opposite terminal network, the HTTP request is stored in an intranet database.
The specific implementation process of this step may refer to S301, which is not described herein again.
S402, under the condition that the to-be-processed HTTP request in the intranet database is inquired, the second gateway writes the acquired request result of the to-be-processed HTTP request into the intranet database.
In this step, the HTTP request to be processed is an unresponsive HTTP request that is stored by the first gateway in the intranet database and is used to access the network where the second gateway is located.
The specific implementation manner of this step may refer to S303, which is not described herein again.
And S403, the first gateway outputs the request result to the application when detecting that the request result of the HTTP request is stored in the intranet database.
S305 may be referred to for specific implementation of this step, and details are not described here.
The functions described in the method of the embodiment of the present application, if implemented in the form of software functional units and sold or used as independent products, may be stored in a storage medium readable by a computing device. Based on such understanding, part of the contribution to the prior art of the embodiments of the present application or part of the technical solution may be embodied in the form of a software product stored in a storage medium and including several instructions for causing a computing device (which may be a personal computer, a server, a mobile computing device or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.