CN114528563A - Authority management method, device, electronic device and medium - Google Patents
Authority management method, device, electronic device and medium Download PDFInfo
- Publication number
- CN114528563A CN114528563A CN202210080023.2A CN202210080023A CN114528563A CN 114528563 A CN114528563 A CN 114528563A CN 202210080023 A CN202210080023 A CN 202210080023A CN 114528563 A CN114528563 A CN 114528563A
- Authority
- CN
- China
- Prior art keywords
- user
- certificate
- configuration
- signature
- organization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Automation & Control Theory (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method, a device, an electronic device and a medium for authority management, wherein the method for authority management comprises the following steps: creating a K8s management organization, and monitoring the K8s management organization to obtain resource information of the K8s management organization; according to the resource information, the certificate, signature and configuration of the user are created; performing approval on the signature, and mapping the configuration to a configuration table according to an approval result; setting the access control authority of the user according to the configuration table; and distributing a corresponding user name space for the user according to the access control authority. The invention has the beneficial effects that: only a corresponding K8s management organization is created according to the existing organization, no invasion is caused to kubernets, and the certificate is stored in a configmap to provide a UI platform and be used by a user in a background command; the cluster user information is stored and managed and organized at K8s, and user and project information can be obtained through the resource information; the learning cost of the cluster is shielded, and the required user system can be obtained only by describing in the layout file; the authority authentication efficiency and the safety are improved.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method and an apparatus for rights management, an electronic device, and a medium.
Background
The native user accounts and user group creation and RBAC authentication permissions provided by kubernets control the operational impact of different users on the cluster. The conventional scheme is to create a certificate, then perform a series of commands through a config plug-in provided by kubecect to obtain a user certificate, and finally create an RBAC (role-based directory access controller) to give rights to the user.
The influence of the user on the cluster needs to be strictly controlled under the cloud, and the cluster is broken down and an inestimable accident occurs probably because of misoperation or unlimited operation. For example, for the same project, project authority ranges required for operation, maintenance and development of two user groups (user groups) are different, and for a unified cluster platform, cluster resource management authority ranges required by different organizations are also different.
Disclosure of Invention
The embodiment of the invention mainly aims to provide a permission management method, a permission management device, electronic equipment and a permission management medium, so that the permission authentication efficiency and the safety are improved.
One aspect of the present invention provides a method for rights management, including: creating a K8s management organization, monitoring the K8s management organization to obtain resource information of the K8s management organization; according to the resource information, establishing a certificate, signature and configuration of a user; performing approval on the signature, and mapping the configuration to a configuration table according to an approval result; setting the access control authority of the user according to the configuration table; and distributing a corresponding user name space for the user according to the access control authority.
According to the authority management method, a K8s management organization is created, the K8s management organization is monitored, and obtaining resource information of the K8s management organization comprises: monitoring the resource information of the K8s management organization through an Informer-Lister mechanism of kubernets, wherein the resource information content comprises an organization name and an item list.
According to the rights management method, wherein the certificate, signature and configuration of the creating user according to the resource information comprises: detecting whether the K8s management organization has the certificate, updating the K8s management organization having the certificate, or sequentially creating a certificate, a signature and a configuration for the K8s management organization not having the certificate.
According to the authority management method, the sequentially creating certificates, signing and configuring the K8s management organization without the certificates comprises the following steps: reading the root certificate of the K8s management organization, calling an x509 method, and generating the certificate of the user client of the K8s management organization; and establishing the signature of the Kubernetes cluster certificate resource and the configuration of the certificate through the SDK provided by the Kubernetes, wherein the certificate is a cluster authentication certificate.
The rights management method according to, wherein performing an approval on the signature comprises: monitoring resource creation of the signature through an Informer-Lister mechanism of kubernets, performing automatic approval on the signature according to a preset approval rule, reading the certificate of a cluster client and writing the certificate into the configuration, wherein the preset approval rule is used for representing whether the signature meets a logic specification.
According to the rights management method, mapping the configuration to a configuration table according to the approval result comprises: and creating a configuration table type resource through the SDK of the kubernets, and storing the configuration in the configuration table, wherein the configuration table supports query and export.
According to the authority management method, the access control authority of the user is set according to the configuration table; allocating a corresponding user namespace to the user according to the access control permission comprises: and granting a Role authority to the user through Role binding, wherein the Role authority is used for representing the cluster authority of the user, the cluster authority is used for representing the management authority of the user to the namespace, and the namespace is managed through the certificate of the user.
Another aspect of the embodiments of the present invention provides a rights management apparatus, including:
the system comprises a first module, a second module and a third module, wherein the first module is used for creating a K8s management organization, monitoring the K8s management organization and obtaining resource information of the K8s management organization;
the second module is used for creating the certificate, signature and configuration of the user according to the resource information;
a third module, configured to perform an approval on the signature, and map the configuration to a configuration table according to an approval result;
the fourth module is used for setting the access control authority of the user according to the configuration table;
and the fifth module is used for distributing a corresponding user name space for the user according to the access control authority.
Another aspect of the embodiments of the present invention provides an electronic device, including a processor and a memory;
the memory is used for storing programs;
the processor executes the program to implement the method as described above.
The embodiment of the invention also discloses a computer program product or a computer program, which comprises computer instructions, and the computer instructions are stored in a computer readable storage medium. The computer instructions may be read by a processor of a computer device from a computer-readable storage medium, and executed by the processor, to cause the computer device to perform the methods described above.
The invention has the beneficial effects that: the user certificate can be obtained only by creating a corresponding K8s management organization according to the existing organization, the steps are simple, the kubernets are not invaded, and the certificate is stored in the configmap to provide a UI platform and be used by a user through a background command; the invention saves the cluster user information, manages and organizes the cluster user information at K8s, and can obtain the user and project information through the resource information; the learning cost of the cluster is shielded, and the required user system can be obtained only by describing in the layout file; the authority authentication efficiency and the safety are improved.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a schematic flow diagram of a method of an embodiment of the invention.
Fig. 2 is a flowchart illustrating a rights management method according to an embodiment of the present invention.
Fig. 3 is a schematic diagram illustrating a user right usage flow according to an embodiment of the present invention.
Fig. 4 is a diagram of a rights management analyzing apparatus according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. In the following description, suffixes such as "module", "part", or "unit" used to denote elements are used only for facilitating the explanation of the present invention, and have no peculiar meaning in itself. Thus, "module", "component" or "unit" may be used mixedly. "first", "second", etc. are used for the purpose of distinguishing technical features only and are not to be understood as indicating or implying relative importance or implicitly indicating the number of indicated technical features or implicitly indicating the precedence of the indicated technical features. In the following description, the method steps are labeled continuously for convenience of examination and understanding, and the implementation sequence of the steps is adjusted without affecting the technical effect achieved by the technical scheme of the invention in combination with the overall technical scheme of the invention and the logical relationship among the steps. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
Interpretation of terms:
kubernets vocabulary interpretation:
namespace: kubernets supports multiple virtual clusters, the bottom of which relies on the same physical cluster. These virtual clusters are called namespaces. In some documents namespaces are also referred to as namespaces.
Config: using the kubeconfig file, organization clusters, users, and namespaces may be defined. Contexts can also be defined to quickly and easily switch between clusters and namespaces
CSR: the certificatesigningrequest (csr) resource is used to apply a certificate signature to a designated signer, which may be approved or denied prior to final signing.
RBAC: role-based (Role) access control (RBAC) is a method of regulating access to a computer or network resource based on the Role of users in an organization.
Informmer: synchronizing local cache, caching the API resource object to the local, and triggering a controller which is registered in advance to call back according to the type of an event;
listener: obtaining an API resource object from a local cache;
technical vocabulary interpretation:
k8 sadminOrganization: CRD name, K8s management organization
Organization: organization or user name;
project: the project name, the technology isolates each project by namespace;
a Controller: the resource processing plug-in can construct the certificate according to the resource information of the K8 sadminOrganization.
As shown in fig. 1, the present embodiment discloses a flowchart of the method of the present invention, which discloses the following processes:
s100, creating a K8S management organization, and monitoring the K8S management organization to obtain resource information of the K8S management organization;
s200, establishing a certificate, a signature and configuration of a user according to the resource information;
s300, carrying out approval on the signature, and mapping the configuration to a configuration table according to an approval result;
s400, setting access control authority of a user according to a configuration table;
and S500, distributing a corresponding user name space for the user according to the access control authority.
In some embodiments, the method steps described above, such as the plug-in, may be implemented automatically by a controller.
According to the technical scheme disclosed by the embodiment, the method at least has the following beneficial effects: the key point of the invention is that the cluster authority control is simplified, and the desired organization and authority can be simply and clearly explained by an arrangement file with the type of K8sadminOrganization, so that a corresponding authority file can be obtained; the invention uses CRD (signature) technology, has no invasion to kubernets, and can carry out unified management through kube-apiserver; the method and the system realize the hiding of complex flow, avoid the permission giving errors, can simply and clearly check the existing organization and organization permission, and have the help of reducing the complexity and simplifying the operation for synchronizing and managing the existing organization architecture.
FIG. 2 illustrates a flow diagram of a rights management method. The process comprises the following steps: in the prior art, the organization name and the managed project are set, the cluster resource with the kind (type) of K8 sandinOrganization is created, and the following process is realized through a controller, and the final user certificate is automatically produced and stored in the configmap of the cluster. Subsequent uses may be based on the UI platform or provided to the user for background use.
The method comprises the following steps:
the method comprises the following steps: k8sadminOrganization is created. Monitoring K8 sandminOrganization resource information through an Informer-Lister mechanism of kubernets, wherein the information content comprises an organization name and an item list owned by the organization, and starting to create if no user certificate exists, and judging whether to update if the user certificate exists.
Step two: a certificate is created. Crt, the root certificate of the cluster is read, and the client certificate of the user in K8sadminOrganization is generated by using the x509 method provided by the crypto package.
Step three: a CSR is created. The SDK provided by Kubernetes is used for creating a Kubernetes cluster certificate resource CSR and a cluster user authentication certificate config, namely a real cluster authority authentication certificate.
Step four: the CSR is automatically approved. Monitoring the establishment of CSR resources, namely certificate applications, through an Informer-Lister mechanism of kubernets, specifying which CSR applications can be automatically approved according to certain standard logic, reading cluster client certificates and writing the cluster client certificates into config according to the approved CSR after the approval, and returning to wait for storage.
Step five: and updating config to configmap. And (3) creating a configmap type resource by using the SDK of the kubernets, storing the config file in the configmap, and providing query and export use.
Step six: the RBAC authority is set. And setting the RBAC authority to the current user or the user group. Binding to a preset cluster authority Role (setting which cluster authorities the Role owns) by using a Rolebinding type (including user and project information), so that the user certificate owns which cluster authorities, for example, only owns viewing authorities of resources such as SERVICE, DEPLOYMENT, POD and the like under a current namespace.
Resulting in user authentication credentials that can manage resources under one or more namespaces (i.e., projects, etc.).
Referring to fig. 3, fig. 3 is a schematic diagram illustrating a user right usage flow according to an embodiment of the present invention. The process is as follows:
s301, obtaining user configuration from a configuration table;
s302, obtaining a user cluster certificate according to user configuration, and determining user authority according to the certificate;
and S302, distributing a corresponding namespace according to the user authority.
As shown in fig. 4, an embodiment of the present invention further provides a rights management analysis apparatus, which includes a first module 401, a first module 402, a first module 403, a first module 404, and a fifth module 405.
The first module is used for creating a K8s management organization, monitoring the K8s management organization and obtaining resource information of the K8s management organization;
the second module is used for creating the certificate, signature and configuration of the user according to the resource information;
the third module is used for carrying out approval on the signature and mapping the configuration to a configuration table according to an approval result;
the fourth module is used for setting the access control authority of the user according to the configuration table;
and the fifth module is used for distributing the corresponding user name space for the user according to the access control authority.
Exemplarily, under cooperation of a first module, a second module, a third module, a fourth module, and a fifth module in the apparatus, the apparatus according to the embodiment may implement any one of the foregoing rights management methods, that is, creating a K8s management organization, and monitoring a K8s management organization to obtain resource information of the K8s management organization; according to the resource information, establishing a certificate, signature and configuration of the user; performing approval on the signature, and mapping the configuration to a configuration table according to an approval result; setting the access control authority of the user according to the configuration table; and distributing a corresponding user name space for the user according to the access control authority. According to the invention, a corresponding K8s management organization is only required to be created according to the existing organization, so that the kubernets are not invaded, and the certificate is stored in the configmap to provide a UI platform and be used by a user in a background command; the cluster user information is stored and managed and organized at K8s, and user and project information can be obtained through the resource information; the learning cost of the cluster is shielded, and the cluster can be obtained only by elaborating the needed user system in the layout file; the authority authentication efficiency and the safety are improved.
The embodiment of the invention also provides the electronic equipment, which comprises a processor and a memory;
the memory stores a program;
the processor executes the program to execute the authority management method; the electronic device has a function of loading and operating a software system for authority management provided by the embodiment of the present invention, for example, a Personal Computer (PC), a mobile phone, a smart phone, a Personal Digital Assistant (PDA), a wearable device, a pocket PC (ppc), a tablet PC, and the like.
The embodiment of the invention also provides a computer readable storage medium, wherein the storage medium stores a program, and the program is executed by a processor to realize the authority management method.
In alternative embodiments, the functions/acts noted in the block diagrams may occur out of the order noted in the operational illustrations. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality/acts involved. Furthermore, the embodiments presented and described in the flow charts of the present invention are provided by way of example in order to provide a more thorough understanding of the technology. The disclosed methods are not limited to the operations and logic flows presented herein. Alternative embodiments are contemplated in which the order of various operations is changed and in which sub-operations described as part of larger operations are performed independently.
The embodiment of the invention also discloses a computer program product or a computer program, which comprises computer instructions, and the computer instructions are stored in a computer readable storage medium. The processor of the computer device may read the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the aforementioned rights management method.
Furthermore, although the present invention is described in the context of functional modules, it should be understood that, unless otherwise stated to the contrary, one or more of the described functions and/or features may be integrated in a single physical device and/or software module, or one or more functions and/or features may be implemented in a separate physical device or software module. It will also be appreciated that a detailed discussion of the actual implementation of each module is not necessary for an understanding of the present invention. Rather, the actual implementation of the various functional modules in the apparatus disclosed herein will be understood within the ordinary skill of an engineer, given the nature, function, and internal relationship of the modules. Accordingly, those skilled in the art can, using ordinary skill, practice the invention as set forth in the claims without undue experimentation. It is also to be understood that the specific concepts disclosed are merely illustrative of and not intended to limit the scope of the invention, which is defined by the appended claims and their full scope of equivalents.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
While embodiments of the invention have been shown and described, it will be understood by those of ordinary skill in the art that: various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.
While the preferred embodiments of the present invention have been illustrated and described, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A method of rights management, comprising:
creating a K8s management organization, monitoring the K8s management organization to obtain resource information of the K8s management organization;
according to the resource information, establishing a certificate, signature and configuration of a user;
performing approval on the signature, and mapping the configuration to a configuration table according to an approval result;
setting the access control authority of the user according to the configuration table;
and distributing a corresponding user name space for the user according to the access control authority.
2. The rights management method of claim 1, wherein the creating of the K8s management organization listens to the K8s management organization, and the obtaining of the resource information of the K8s management organization comprises:
monitoring the resource information of the K8s management organization through an Informer-Lister mechanism of kubernets, wherein the resource information content comprises an organization name and an item list.
3. The rights management method of claim 2, wherein said signing, configuring and creating the user's certificate according to the resource information comprises:
detecting whether the K8s management organization has the certificate, updating the K8s management organization having the certificate, or sequentially creating a certificate, a signature and a configuration for the K8s management organization not having the certificate.
4. The rights management method of claim 3, wherein the creating, signing and configuring in sequence a certificate, a signature and a configuration for the K8s managing organization for which the certificate does not exist comprises:
reading the root certificate of the K8s management organization, calling an x509 method, and generating the certificate of the user client of the K8s management organization;
and establishing the signature of the Kubernetes cluster certificate resource and the configuration of the certificate through the SDK provided by the Kubernetes, wherein the certificate is a cluster authentication certificate.
5. The rights management method of claim 4, wherein said performing an approval of the signature comprises:
monitoring resource creation of the signature through an Informer-Lister mechanism of kubernets, performing automatic approval on the signature according to a preset approval rule, reading the certificate of a cluster client and writing the certificate into the configuration, wherein the preset approval rule is used for representing whether the signature meets a logic specification.
6. The rights management method of claim 1, wherein mapping the configuration to a configuration table according to the approval result comprises:
and creating a configuration table type resource through the SDK of the kubernets, and storing the configuration in the configuration table, wherein the configuration table supports query and export.
7. The rights management method according to claim 1, wherein the access control rights of the user are set according to the configuration table; allocating a corresponding user namespace to the user according to the access control permission comprises:
and granting a Role authority to the user through Role binding, wherein the Role authority is used for representing the cluster authority of the user, the cluster authority is used for representing the management authority of the user to the namespace, and the namespace is managed through the certificate of the user.
8. A rights management device, comprising:
the system comprises a first module, a second module and a third module, wherein the first module is used for creating a K8s management organization, monitoring the K8s management organization and obtaining resource information of the K8s management organization;
the second module is used for creating the certificate, signature and configuration of the user according to the resource information;
a third module, configured to perform an approval on the signature, and map the configuration to a configuration table according to an approval result;
the fourth module is used for setting the access control authority of the user according to the configuration table;
and the fifth module is used for distributing a corresponding user name space for the user according to the access control authority.
9. An electronic device comprising a processor and a memory;
the memory is used for storing programs;
the processor executes the program to implement the rights management method of any of claims 1-7.
10. A computer-readable storage medium, characterized in that the storage medium stores a program, which is executed by a processor to implement the rights management method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210080023.2A CN114528563A (en) | 2022-01-24 | 2022-01-24 | Authority management method, device, electronic device and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210080023.2A CN114528563A (en) | 2022-01-24 | 2022-01-24 | Authority management method, device, electronic device and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114528563A true CN114528563A (en) | 2022-05-24 |
Family
ID=81620389
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210080023.2A Pending CN114528563A (en) | 2022-01-24 | 2022-01-24 | Authority management method, device, electronic device and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114528563A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116974703A (en) * | 2023-09-22 | 2023-10-31 | 山东未来网络研究院(紫金山实验室工业互联网创新应用基地) | Kubernetes application resource management method and system |
-
2022
- 2022-01-24 CN CN202210080023.2A patent/CN114528563A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116974703A (en) * | 2023-09-22 | 2023-10-31 | 山东未来网络研究院(紫金山实验室工业互联网创新应用基地) | Kubernetes application resource management method and system |
| CN116974703B (en) * | 2023-09-22 | 2024-01-02 | 山东未来网络研究院(紫金山实验室工业互联网创新应用基地) | Kubernetes application resource management method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6796194B2 (en) | Kernel event trigger | |
| CN110414268B (en) | Access control method, device, equipment and storage medium | |
| US9740468B2 (en) | Cloud-based application resource files | |
| TWI624794B (en) | Computer implemented method, computing device, and computer-readable storage medium for enabling collaboration among groups of users | |
| TWI512494B (en) | Locally backed cloud-based storage | |
| CN109598117A (en) | Right management method, device, electronic equipment and storage medium | |
| CN108289098B (en) | Authority management method and device of distributed file system, server and medium | |
| US8719949B1 (en) | Parameter based operation | |
| CN108351769B (en) | Dashboard as a remote computing service | |
| CN104796412B (en) | End-to-end cloud service system and access method to its sensitive data | |
| CN110489994B (en) | File authority management method and device for nuclear power station and terminal equipment | |
| JP2004158007A (en) | Computer access authorization | |
| CN112149109A (en) | Modularized authority control management method and system | |
| CN112632919A (en) | Document editing method and device, computer equipment and storage medium | |
| CN111651738A (en) | Fine-grained role authority unified management method based on front-end and back-end separation framework and electronic device | |
| US10841342B2 (en) | Data driven user interfaces for device management | |
| CN114528563A (en) | Authority management method, device, electronic device and medium | |
| CN111475803A (en) | Background authority management system and management method | |
| JP2008059063A (en) | Information management program | |
| WO2019139855A1 (en) | Data driven user interfaces for device management | |
| US10303343B1 (en) | Data driven user interfaces for device management | |
| CN109635558A (en) | Access control method, device and system | |
| CN110196683A (en) | A kind of method, apparatus, terminal device and the medium of operation control | |
| CN113341929A (en) | Electronic control unit calibration data management system, method, device and equipment | |
| CN109543420B (en) | Permission configuration method and device based on sud, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |