CN112804244B - Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway - Google Patents

Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway Download PDF

Info

Publication number
CN112804244B
CN112804244B CN202110101675.5A CN202110101675A CN112804244B CN 112804244 B CN112804244 B CN 112804244B CN 202110101675 A CN202110101675 A CN 202110101675A CN 112804244 B CN112804244 B CN 112804244B
Authority
CN
China
Prior art keywords
flow
service
micro
api
api gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110101675.5A
Other languages
Chinese (zh)
Other versions
CN112804244A (en
Inventor
王雷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Huanwang Technology Co Ltd
Original Assignee
Guangdong Huanwang Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Huanwang Technology Co Ltd filed Critical Guangdong Huanwang Technology Co Ltd
Priority to CN202110101675.5A priority Critical patent/CN112804244B/en
Publication of CN112804244A publication Critical patent/CN112804244A/en
Application granted granted Critical
Publication of CN112804244B publication Critical patent/CN112804244B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/566Grouping or aggregating service requests, e.g. for unified processing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention relates to a method, a device and equipment for intelligently controlling bottom micro-service flow by an API gateway, wherein the method comprises the following steps: the client sends a micro-service call request to the API gateway authentication service through the Nginx reverse proxy; the API gateway authentication service performs IP and flow authentication on the source of the micro-service call request; if the authentication is passed, inquiring routing data and gateway DB data in a Redis cache according to the IP and the flow; feeding back routing data and gateway DB data to an API gateway authentication service, and requesting an underlying micro service through a Nginx reverse proxy; calling log collection is carried out through logstack and elastic search in a log collection module, and the result of log collection is counted and stored; according to the log collection result, the flow access strategy of the bottom-layer micro-service is controlled through the API gateway micro-service, wherein the flow access strategy comprises a flow threshold value and access times.

Description

Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway
Technical Field
The invention belongs to the technical field of Internet micro-service calling, and particularly relates to a method, a device and equipment for intelligently controlling bottom micro-service flow by an API gateway.
Background
The Application Programming Interface (API) gateway is used for encapsulating the service capability of the micro service into the API and opening the capability, the service and the data to a user for calling in the form of the API through the API gateway. At present, the API gateway flow limiting policy is that a flow policy is set on a gateway, the set policy is bound with an API, the policy can limit the number of calls per hour, per minute and per day for an APP, the number of times is limited, and a call request is rejected. However, when the number of times of calling in actual application reaches the upper limit, the API of the micro service does not reach the "bottleneck" of the calling, and it is troublesome to manually modify the policy for upgrading the current service alone, and different applications may cause resource limitations due to the difference in the number of times of calling.
Therefore, how to design an intelligent control for calling the number of micro services becomes a technical problem that needs to be solved urgently by those skilled in the art.
Disclosure of Invention
In order to at least solve the problems in the prior art, the invention provides a method, a device and equipment for intelligently controlling the flow of a bottom micro-service by an API gateway so as to realize the intelligent control of micro-service invocation.
The technical scheme provided by the invention is as follows:
on one hand, the method for intelligently controlling the flow of the underlying micro-service by the API gateway comprises the following steps:
the client sends a micro-service call request to an API gateway authentication service through a Nginx reverse proxy;
the API gateway authentication service carries out IP and flow authentication on the source of the micro-service call request;
if the authentication is passed, inquiring routing data and gateway DB data in a Redis cache according to the IP and the flow;
feeding back the routing data and the gateway DB data to the API gateway authentication service, and requesting an underlying micro-service through the Nginx reverse proxy;
calling log collection is carried out through logstack and Elasticissearch in a log collection module, and the result of the log collection is counted and stored;
and controlling a flow access strategy of the bottom-layer micro-service through an API gateway micro-service according to the log acquisition result, wherein the flow access strategy comprises a flow threshold value and access times.
Optionally, before controlling the access policy of the bottom layer micro service through the API gateway micro service, the method includes:
registering a microservice API interface on an API gateway to enable upper layer applications to access the microservice API;
creating a flow access policy on an API gateway, and binding the flow access policy with the micro service API;
and setting the expanded flow of the flow access strategy, wherein the expanded flow is 0-30% of a flow threshold value.
Optionally, the controlling the bottom-layer microservice flow access policy through the API gateway microservice includes:
calling the micro service API through the upper layer application;
detecting whether the current application flow call reaches the upper limit of the flow through the micro service API, and calculating the upper limit proportion of the load;
and if the current application flow rate does not reach the upper flow rate limit, floating the current application flow rate to 0-30% of a flow rate threshold value according to the upper load limit proportion.
Optionally, after the floating of the current application flow to 0 to 30% of the flow threshold according to the load upper limit proportion, the method further includes:
monitoring other load proportions occupied by other application calls;
dynamically adjusting the other load proportions according to the upper limits of the other applications;
and when the call flow of all the applications reaches the upper limit of all the loads, closing the current limiting module to stop the flow call.
Optionally, the flow threshold includes a threshold/minute, a threshold/hour, and a threshold/day.
On the other hand, an apparatus for intelligently controlling the flow of the underlying micro-service by the API gateway includes:
the request module is used for the client side to send a micro-service call request to the API gateway authentication service through the Nginx reverse proxy;
the authentication module is used for the API gateway authentication service to carry out IP and flow authentication on the source of the micro-service calling request;
the query module is used for querying routing data and gateway DB data in the Redis cache according to the IP and the flow if the authentication is passed;
the acquisition module is used for feeding back the routing data and the gateway DB data to the API gateway authentication service and requesting the bottom micro service through the Nginx reverse proxy; calling log collection is carried out through logstack and elastic search in a log collection module, and the result of the log collection is counted and stored;
and the adjusting module is used for controlling the bottom-layer micro-service flow access strategy through the API gateway micro-service according to the log acquisition result, wherein the flow access strategy comprises a flow threshold value and access times.
Optionally, the above API gateway intelligently controls the bottom microservice traffic, further comprising: expand flow setting module, specifically be used for:
registering a microservice API interface on an API gateway to enable upper layer applications to access the microservice API;
creating a flow access policy on an API gateway, and binding the flow access policy with the micro service API;
and setting the expanded flow of the flow access strategy, wherein the expanded flow is 0-30% of a flow threshold value.
Optionally, in the method for intelligently controlling the bottom microservice traffic by the API gateway, the adjusting module is specifically configured to:
calling the micro service API through the upper layer application;
detecting whether the current application flow call reaches the upper limit of the flow through the micro service API, and calculating the upper limit proportion of the load;
and if the current application flow rate does not reach the upper flow rate limit, floating the current application flow rate to 0-30% of a flow rate threshold value according to the upper load limit proportion.
Optionally, the adjusting module is further specifically configured to:
monitoring other load proportions occupied by other application calls;
dynamically adjusting the other load proportions according to the upper limits of the other applications;
and when the call flow of all the applications reaches the upper limit of all the loads, closing the current limiting module to stop the flow call.
In another aspect, an apparatus for intelligently controlling the flow of underlying microservice by an API gateway includes: a processor, and a memory coupled to the processor;
the memory is used for storing a computer program, and the computer program is at least used for executing the method for intelligently controlling the flow of the underlying microservice by the API gateway;
the processor is used for calling and executing the computer program in the memory.
The invention has the beneficial effects that:
the invention provides a method, a device and equipment for intelligently controlling bottom micro-service flow by an API gateway, wherein the method comprises the following steps: the client sends a micro-service call request to the API gateway authentication service through the Nginx reverse proxy; the API gateway authentication service performs IP and flow authentication on the source of the micro-service call request; if the authentication is passed, inquiring routing data and gateway DB data in a Redis cache according to the IP and the flow; feeding back routing data and gateway DB data to an API gateway authentication service, and requesting an underlying micro service through a Nginx reverse proxy; calling log collection is carried out through logstack and elastic search in a log collection module, and the result of log collection is counted and stored; and controlling a bottom-layer micro-service flow access strategy through the API gateway micro-service according to the log acquisition result, wherein the flow access strategy comprises a flow threshold value and access times. By adopting the technical scheme, whether the micro-service reaches the upper limit of the bottleneck is monitored, when the bottleneck is not reached, the calling times are dynamically increased by 0-30%, the strategy is not changed, the strategy is not required to be modified manually, the micro-service calling times are increased in application under the condition that bottom layer resources are not expanded, and the efficiency is improved compared with the original manual modification of a fixed threshold value.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for intelligently controlling underlying microservice traffic by an API gateway according to an embodiment of the present invention;
FIG. 2 is a schematic structural diagram of an API gateway versus underlying microservice traffic intelligent control apparatus according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an API gateway versus underlying microservice traffic intelligent control device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without any inventive step, are within the scope of the present invention.
Fig. 1 is a flowchart of a method for intelligently controlling underlying microservice traffic by an API gateway according to an embodiment of the present invention.
As shown in fig. 1, the method for intelligently controlling the underlying microservice traffic by the API gateway provided in this embodiment includes the following steps:
s11, the client sends a micro-service call request to the API gateway authentication service through the Nginx reverse proxy.
The gateway is divided into four modules, namely an Nginx reverse proxy module, an API gateway management system, API gateway authentication service and log collection service. The client sends a micro-service call request to the API gateway authentication service through the Nginx reverse proxy, and determines whether to call the micro-service by adopting gateway authentication.
S12, the API gateway authentication service performs IP and flow authentication on the source of the micro-service call request.
The standard for auditing the call request is to perform IP and flow authentication on the source of the request to determine whether the call request of the microservice is qualified, and a security key strategy can be adopted to perform the IP and flow authentication.
And S13, if the authentication is passed, inquiring routing data and gateway DB data in the Redis cache according to the IP and the flow.
And if the authentication is passed, inquiring the routing data and the gateway DB data in the Redis cache through the API gateway management system according to the IP and the flow.
S14, feeding back the routing data and the gateway DB data to the API gateway authentication service, and requesting the bottom-layer micro-service through the Nginx reverse proxy.
After the routing data and the gateway DB data are acquired, the data are fed back to the API gateway authentication service, which shows that the calling data are acquired according to the calling request at the moment and the previous preparation work is done, and then the API gateway authentication service requests the bottom micro-service through the Nginx reverse proxy.
S15, call log collection is carried out through logstack and elastic search in the log collection module, and the log collection result is counted and stored.
And log collection is called through logstack and Elasticissearch in the log collection module, and data are stored and counted, so that the analysis of subsequent data is ensured.
And S16, controlling a bottom-layer micro-service flow access strategy through the API gateway micro-service according to the log collection result, wherein the flow access strategy comprises a flow threshold value and access times.
Specifically, before controlling the access policy of the underlying micro-service through the API gateway micro-service, the method includes: registering a micro-service API interface on an API gateway to enable upper-layer application to access a micro-service API; creating a flow access strategy on the API gateway, and binding the flow access strategy with the micro service API; and setting the expanded flow of the flow access strategy, wherein the expanded flow is 0-30% of the flow threshold value. And the access strategy for controlling the bottom layer micro service flow through the API gateway micro service comprises the following steps: calling a micro-service API through an upper layer application; detecting whether the current application flow call reaches the upper limit of the flow through a micro service API, and calculating the upper limit proportion of the load; and if the current application flow rate does not reach the upper limit of the flow rate, floating the current application flow rate to 0-30% of the flow rate threshold value according to the proportion of the upper limit of the load. Specifically, after the current application flow is floated to 0-30% of the flow threshold according to the upper limit proportion of the load, the method further comprises the following steps: monitoring other load proportions occupied by other application calls; dynamically adjusting other load proportions according to upper limits of other applications; and when the call flow of all the applications reaches the upper limit of all the loads, closing the current limiting module to stop the flow call. Flow thresholds include threshold/minute, threshold/hour, threshold/day.
The method comprises the steps that the micro-service is registered on an API gateway, an upper layer application directly requests the micro-service to be changed into a micro-service, the upper layer application requests the gateway, the gateway requests the micro-service again, the gateway is provided with a current limit according to the application (for example, each application can only be accessed for many times every hour every day), and when the request amount of the current micro-service in the current time period is not large, the number of times of the access amount can be directly and dynamically expanded for other applications with large request access amount, and according to the number of the request amount of the upper layer application, a strategy is dynamically adjusted, so that the efficiency is saved compared with the original fixed threshold value manual modification optimization.
The method for intelligently controlling the flow of the underlying microservice by the API gateway provided by the embodiment comprises the following steps: the client sends a micro-service call request to the API gateway authentication service through the Nginx reverse proxy; the API gateway authentication service performs IP and flow authentication on the source of the micro-service call request; if the authentication is passed, inquiring routing data and gateway DB data in a Redis cache according to the IP and the flow; feeding back routing data and gateway DB data to an API gateway authentication service, and requesting an underlying micro service through a Nginx reverse proxy; calling log collection is carried out through logstack and elastic search in a log collection module, and the result of log collection is counted and stored; and controlling a bottom-layer micro-service flow access strategy through the API gateway micro-service according to the log acquisition result, wherein the flow access strategy comprises a flow threshold value and access times. By adopting the technical scheme, whether the micro-service reaches the upper limit of the bottleneck is monitored, when the bottleneck is not reached, the calling times are dynamically increased by 0-30%, the strategy is not changed, the strategy is not required to be modified manually, the micro-service calling times are increased in application under the condition that bottom layer resources are not expanded, and the efficiency is improved compared with the original manual modification of a fixed threshold value.
Based on the same general inventive concept, the application also protects an API gateway intelligent control device for the bottom layer micro-service flow.
Fig. 2 is a schematic structural diagram of an apparatus for intelligently controlling underlying microservice traffic by an API gateway according to an embodiment of the present invention.
As shown in fig. 2, the apparatus for intelligently controlling the bottom microservice traffic by the API gateway provided in this embodiment includes:
the request module 10 is used for the client to send a micro-service call request to the API gateway authentication service through the Nginx reverse proxy;
the authentication module 20 is used for the API gateway authentication service to perform IP and flow authentication on the source of the micro-service call request;
the query module 30 is configured to query, if the authentication passes, the routing data and the gateway DB data in the Redis cache according to the IP and the traffic;
the acquisition module 40 is used for feeding back the routing data and the gateway DB data to the API gateway authentication service and requesting the bottom-layer micro service through the Nginx reverse proxy; calling log collection is carried out through logstack and elastic search in a log collection module, and the result of log collection is counted and stored;
and the adjusting module 50 is configured to control a bottom-layer microservice flow access policy through the API gateway microservice according to a log acquisition result, where the flow access policy includes a flow threshold and access times.
The API gateway provided by this embodiment is to little service flow intelligent control device of bottom, includes: the client sends a micro-service call request to the API gateway authentication service through the Nginx reverse proxy; the API gateway authentication service performs IP and flow authentication on the source of the micro-service call request; if the authentication is passed, inquiring routing data and gateway DB data in a Redis cache according to the IP and the flow; feeding back routing data and gateway DB data to an API gateway authentication service, and requesting an underlying micro service through a Nginx reverse proxy; calling log collection is carried out through logstack and elastic search in a log collection module, and the result of log collection is counted and stored; and controlling a bottom-layer micro-service flow access strategy through the API gateway micro-service according to the log acquisition result, wherein the flow access strategy comprises a flow threshold value and access times. By adopting the technical scheme, whether the micro-service reaches the upper limit of the bottleneck is monitored, when the bottleneck is not reached, the calling times are dynamically increased by 0-30%, the strategy is not changed, the strategy is not required to be modified manually, the micro-service calling times are increased in application under the condition that bottom layer resources are not expanded, and the efficiency is improved compared with the original manual modification of a fixed threshold value.
Further, the expanded flow setting module in this embodiment is specifically configured to:
registering a micro-service API interface on an API gateway to enable upper-layer application to access a micro-service API;
creating a flow access strategy on the API gateway, and binding the flow access strategy with the micro service API;
and setting the expanded flow of the flow access strategy, wherein the expanded flow is 0-30% of the flow threshold value.
Further, the adjusting module is specifically configured to:
calling a micro-service API through an upper layer application;
detecting whether the current application flow call reaches the upper limit of the flow through a micro service API, and calculating the upper limit proportion of the load;
and if the current application flow rate does not reach the upper limit of the flow rate, floating the current application flow rate to 0-30% of the flow rate threshold value according to the proportion of the upper limit of the load.
Further, the adjusting module is specifically further configured to:
monitoring other load proportions occupied by other application calls;
dynamically adjusting other load proportions according to upper limits of other applications;
and when the call flow of all the applications reaches the upper limit of all the loads, closing the current limiting module to stop the flow call.
Embodiments of the apparatus parts have been described in detail in relation to corresponding method embodiments, and therefore will not be described in detail in relation to corresponding apparatus parts, which may be understood by reference to each other.
Based on the same general inventive concept, the embodiment also protects the intelligent control equipment for the bottom-layer micro-service flow by the API gateway.
As shown in fig. 3, the apparatus for intelligently controlling the bottom microservice traffic by the API gateway provided in this embodiment includes: a processor, and a memory coupled to the processor;
the storage is used for storing a computer program, and the computer program is at least used for executing the method for intelligently controlling the flow of the underlying microservice by the API gateway in any embodiment;
the processor is used to call and execute the computer program in the memory.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
It is understood that the same or similar parts in the above embodiments may be mutually referred to, and the same or similar parts in other embodiments may be referred to for the content which is not described in detail in some embodiments.
It should be noted that, in the description of the present invention, the terms "first", "second", etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. Further, in the description of the present invention, the meaning of "a plurality" means at least two unless otherwise specified.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.

Claims (6)

1. An API gateway intelligent control method for bottom micro service flow is characterized by comprising the following steps:
the client sends a micro-service call request to the API gateway authentication service through the Nginx reverse proxy;
the API gateway authentication service carries out IP and flow authentication on the source of the micro-service call request;
if the authentication is passed, inquiring routing data and gateway DB data in a Redis cache according to the IP and the flow;
feeding back the routing data and the gateway DB data to the API gateway authentication service, and requesting an underlying micro-service through the Nginx reverse proxy;
calling log collection is carried out through logstack and Elasticissearch in a log collection module, and the result of the log collection is counted and stored;
controlling a flow access strategy of the bottom-layer micro-service through an API gateway micro-service according to the log acquisition result, wherein the flow access strategy comprises a flow threshold value and access times;
before controlling the bottom layer micro-service access policy through the API gateway micro-service, the method comprises the following steps:
registering a micro-service API interface on an API gateway to enable an upper layer application to access the micro-service API;
creating a flow access strategy on an API gateway, and binding the flow access strategy with the micro service API;
setting an expanded flow of the flow access strategy, wherein the expanded flow is 0-30% of a flow threshold value;
calling the micro service API through the upper layer application;
detecting whether the current application flow call reaches the upper limit of the flow through the micro service API, and calculating the upper limit proportion of the load;
and if the current application flow rate does not reach the upper flow rate limit, floating the current application flow rate to 0-30% of a flow rate threshold value according to the upper load limit proportion.
2. The method for intelligently controlling the API gateway to the underlying microservice traffic according to claim 1, wherein after the floating up of the current application traffic to 0 to 30% of the traffic threshold according to the load upper limit proportion, the method further comprises:
monitoring other load proportions occupied by other application calls;
dynamically adjusting the other load proportions according to the upper limits of the other applications;
and when the call flow of all the applications reaches the upper limit of all the loads, closing the current limiting module to stop the flow call.
3. The method of claim 1, wherein the traffic thresholds comprise threshold/min, threshold/hr, and threshold/day.
4. The utility model provides a API gateway is to little service flow intelligent control device of bottom, its characterized in that includes:
the request module is used for the client side to send a micro-service call request to the API gateway authentication service through the Nginx reverse proxy;
the authentication module is used for the API gateway authentication service to carry out IP and flow authentication on the source of the micro-service calling request;
the query module is used for querying routing data and gateway DB data in the Redis cache according to the IP and the flow if the authentication is passed;
the acquisition module is used for feeding back the routing data and the gateway DB data to the API gateway authentication service and requesting the bottom micro service through the Nginx reverse proxy; calling log collection is carried out through logstack and elastic search in a log collection module, and the result of the log collection is counted and stored;
the adjusting module is used for controlling a flow access strategy of the bottom-layer micro-service through an API gateway micro-service according to the log acquisition result, wherein the flow access strategy comprises a flow threshold value and access times;
before controlling the bottom layer micro-service access policy through the API gateway micro-service, the method comprises the following steps:
registering a microservice API interface on an API gateway to enable upper layer applications to access the microservice API;
creating a flow access policy on an API gateway, and binding the flow access policy with the micro service API;
setting an expanded flow of the flow access strategy, wherein the expanded flow is 0-30% of a flow threshold value;
calling the micro service API through the upper layer application;
detecting whether the current application flow call reaches the upper flow limit or not through the micro service API, and calculating the upper load limit proportion;
and if the current application flow rate does not reach the upper flow rate limit, floating the current application flow rate to 0-30% of a flow rate threshold value according to the upper load limit proportion.
5. The API gateway pair underlying microservice traffic intelligent control apparatus of claim 4, wherein said adjustment module is further configured to:
monitoring other load proportions occupied by other application calls;
dynamically adjusting the other load proportions according to the upper limits of the other applications;
and when the call flow of all the applications reaches the upper limit of all the loads, closing the current limiting module to stop the flow call.
6. The utility model provides a API gateway is to little service flow intelligent control equipment of bottom, its characterized in that includes: a processor, and a memory coupled to the processor;
the memory is used for storing a computer program, and the computer program is at least used for executing the intelligent control method of the API gateway on the flow of the underlying micro-service according to any one of claims 1 to 3;
the processor is used for calling and executing the computer program in the memory.
CN202110101675.5A 2021-01-26 2021-01-26 Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway Active CN112804244B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110101675.5A CN112804244B (en) 2021-01-26 2021-01-26 Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110101675.5A CN112804244B (en) 2021-01-26 2021-01-26 Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway

Publications (2)

Publication Number Publication Date
CN112804244A CN112804244A (en) 2021-05-14
CN112804244B true CN112804244B (en) 2023-03-14

Family

ID=75811729

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110101675.5A Active CN112804244B (en) 2021-01-26 2021-01-26 Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway

Country Status (1)

Country Link
CN (1) CN112804244B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113783774B (en) * 2021-08-20 2024-03-26 北京快乐茄信息技术有限公司 Cross-cluster network configuration method and device, communication equipment and storage medium
CN113868083A (en) * 2021-09-24 2021-12-31 猪八戒股份有限公司 Method for realizing intelligent flow switching based on real-time analysis of application request logs
CN115242722B (en) * 2022-06-14 2024-04-16 中盈优创资讯科技有限公司 Advanced flow control implementation method based on API gateway
CN115277863B (en) * 2022-06-27 2024-05-14 中盈优创资讯科技有限公司 Scheduling method of API (application program interface) route

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109672612A (en) * 2018-12-13 2019-04-23 中国电子科技集团公司电子科学研究院 API gateway system
CN110781476A (en) * 2019-10-15 2020-02-11 南京南瑞信息通信科技有限公司 Flexible micro-service security access control method and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102833668B (en) * 2012-08-20 2015-04-08 中国联合网络通信集团有限公司 Data traffic reminding method and data traffic reminding device
CN106412898A (en) * 2016-09-30 2017-02-15 上海斐讯数据通信技术有限公司 Flow supervising method and system based on Portal authentication time management
CN106817424B (en) * 2017-01-23 2019-08-27 杭州云纪网络科技有限公司 For controlling the method and system of flowing of access

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109672612A (en) * 2018-12-13 2019-04-23 中国电子科技集团公司电子科学研究院 API gateway system
CN110781476A (en) * 2019-10-15 2020-02-11 南京南瑞信息通信科技有限公司 Flexible micro-service security access control method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于OpenResty平台的API网关系统的设计与实现;温馨等;《信息化研究》;20200620(第03期);第62-67页 *

Also Published As

Publication number Publication date
CN112804244A (en) 2021-05-14

Similar Documents

Publication Publication Date Title
CN112804244B (en) Method, device and equipment for intelligently controlling bottom micro-service flow by API gateway
US9948791B2 (en) Sharing group notification
US8095641B2 (en) Method and system for virtualized health monitoring of resources
US11573725B2 (en) Object migration method, device, and system
US9582337B2 (en) Controlling resource consumption
WO2017041556A1 (en) Virtual resource scheduling method
US9665391B2 (en) Automated transaction tuning in application servers
US20050177635A1 (en) System and method for allocating server resources
WO2016007922A1 (en) System and method for resource isolation and consumption in a multitenant application server environment
US10277529B2 (en) Visualization of computer resource quotas
WO2019237591A1 (en) File format conversion method and apparatus, computer device, and storage medium
CN111198759B (en) Memory optimization method, system, terminal equipment and readable storage medium
US10063601B2 (en) Client identification for enforcing computer resource quotas
CN111522636A (en) Application container adjusting method, application container adjusting system, computer readable medium and terminal device
US20140092737A1 (en) Traffic control method and traffic control apparatus
US20170272541A1 (en) Local enforcement of computer resource quotas
RU2769106C1 (en) Method, device and system for providing services, data carrier and electronic device
CN110868323B (en) Bandwidth control method, device, equipment and medium
WO2023093194A1 (en) Cloud monitoring method and cloud management platform
US10348814B1 (en) Efficient storage reclamation for system components managing storage
WO2024109787A1 (en) Data processing method, apparatus and system
CN115242630B (en) 5G network slice arrangement method and device and electronic equipment
US6662057B1 (en) Method and device for controlling processes in a computer system
CN111338792B (en) Cluster resource release method, device and medium
US8132183B2 (en) Methods, systems and computer program products for dynamic categorized event cool off for CIM indications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant