CN115550171A - API gateway implementation method based on software definition - Google Patents

API gateway implementation method based on software definition Download PDF

Info

Publication number
CN115550171A
CN115550171A CN202211045207.1A CN202211045207A CN115550171A CN 115550171 A CN115550171 A CN 115550171A CN 202211045207 A CN202211045207 A CN 202211045207A CN 115550171 A CN115550171 A CN 115550171A
Authority
CN
China
Prior art keywords
api gateway
forwarding
plane
user
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211045207.1A
Other languages
Chinese (zh)
Inventor
何文娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Unihub China Information Technology Co Ltd
Original Assignee
Unihub China Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Unihub China Information Technology Co Ltd filed Critical Unihub China Information Technology Co Ltd
Priority to CN202211045207.1A priority Critical patent/CN115550171A/en
Publication of CN115550171A publication Critical patent/CN115550171A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/0816Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0893Assignment of logical groups to network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0896Bandwidth or capacity management, i.e. automatically increasing or decreasing capacities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/14Routing performance; Theoretical aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a method for realizing API gateway based on software definition, which comprises the following steps: the control surface of the API gateway distributes and creates a forwarding surface of the API gateway according to the user request; a user subscribes corresponding functional services for the back-end services to the control surface of the API gateway according to business requirements; the control surface of the API gateway issues the corresponding routing strategy and the security strategy to the forwarding surface of the corresponding API gateway according to the function service subscribed by the user, and the forwarding surface of the API gateway performs routing forwarding and security protection according to the routing strategy and the security strategy; and the control surface of the API gateway acquires and analyzes the corresponding running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and dynamically adjusts the routing strategy and the security strategy according to the analysis result. The method realizes the separation of the control and the forwarding of the API gateway and improves the utilization rate and the reliability of resources.

Description

API gateway implementation method based on software definition
Technical Field
The invention relates to the technical field of communication, in particular to a method for realizing an API gateway based on software definition.
Background
With the development of micro back-end services and cloud-native related technologies, the granularity of the back-end services is thinner and thinner, the back-end services are organized around business functions, and the back-end service capabilities of some public functions are migrated to an API gateway; the API gateway receives external client requests, performs route matching and protocol conversion on the requests, and then reverse proxies and load balances the requests to the back-end micro back-end service.
Most of the existing API gateways adopt a stateless mechanism to improve performance, which also causes the API gateways to be independent from each other, and once a problem occurs in a certain gateway, the problem may cause a failure or a current interruption.
Disclosure of Invention
In order to solve the above problems in the prior art, the present invention provides a method for implementing an API gateway based on software definition, which defines a forwarding and processing mechanism of a forwarding plane through a control plane, monitors an operating state of the forwarding plane, adjusts a routing policy and a security policy in real time, and improves a resource utilization rate and system reliability.
In order to realize the purpose, the invention adopts the following technical scheme:
in an embodiment of the present invention, a method for implementing an API gateway based on software definition is provided, where the method includes:
the control surface of the API gateway distributes and creates a forwarding surface of the API gateway according to the user request;
a user subscribes corresponding functional services for the back-end services to a control surface of the API gateway according to business requirements;
the control surface of the API gateway issues the corresponding routing strategy and security strategy to the forwarding surface of the API gateway according to the function service subscribed by the user, and the forwarding surface of the API gateway performs routing forwarding and security protection according to the routing strategy and security strategy;
and the control surface of the API gateway acquires and analyzes the corresponding running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and dynamically adjusts the routing strategy and the security strategy according to the analysis result.
Furthermore, the control plane of the API gateway schedules resources according to a request submitted by a user, creates a forwarding plane of the API gateway, and performs initialization configuration on the forwarding plane of the API gateway.
Further, the control plane of the API gateway configures an external public network address for the forwarding plane of the API gateway according to the address pool information, and externally issues external domain name information of the backend service.
Furthermore, a plug-in design mode is adopted for a forwarding surface of the API gateway, and each functional service is a plug-in the API gateway; after the forwarding plane of the API gateway is valid, each functional service plug-in combines a routing strategy and a security strategy issued by the control plane of the API gateway to perform proxy, modification, replication, monitoring and security protection on the flow.
Furthermore, the forwarding plane of the API gateway monitors the change of the configuration parameters in real time, and loads the configuration parameters into the memory in real time, so that all changes are immediately effective.
Furthermore, an access mode of authorization and verification is adopted between a control plane and a forwarding plane of the API gateway; when a forwarding plane of the API gateway proxies a plurality of backend services, different functional service plug-ins are instantiated for each backend service or a part of routing strategies of the backend services according to different security levels or protection levels required by each backend service.
Further, the control plane of the API gateway dynamically opens the functional service plug-in corresponding to the forwarding plane of the API gateway according to the functional service subscribed by the user, instantiates the functional service plug-in when the user configures the specific functional service parameter, and issues the corresponding policy to the forwarding plane of the API gateway.
Further, the control plane of the API gateway adjusts a load ratio between forwarding planes of the API gateway according to an analysis result of an operation state of the forwarding planes of the API gateway.
Furthermore, the control plane of the API gateway performs capacity expansion/capacity reduction on the forwarding plane of the API gateway according to the analysis result of the operation state of the forwarding plane of the API gateway.
In an embodiment of the present invention, a computer device is further provided, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the computer program, the processor implements the implementation method of the API gateway based on the software definition.
In an embodiment of the present invention, a computer-readable storage medium is further provided, where a computer program for executing the implementation method of the API gateway based on the software definition is stored in the computer-readable storage medium.
Has the beneficial effects that:
1. the invention realizes the separation of the control and the forwarding of the API gateway.
2. The invention improves the utilization rate and the reliability of resources.
Drawings
FIG. 1 is a flow chart of the implementation method of the API gateway based on software definition according to the present invention;
FIG. 2 is a flow interaction diagram for an API gateway proxy backend service according to an embodiment of the present invention;
fig. 3 is a schematic diagram of the structure of the computer device of the present invention.
Detailed Description
The principles and spirit of the present invention will be described below with reference to several exemplary embodiments, it being understood that these embodiments are presented only to enable those skilled in the art to better understand and implement the present invention, and are not intended to limit the scope of the present invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As will be appreciated by one skilled in the art, embodiments of the present invention may be embodied as a system, apparatus, device, method, or computer program product. Accordingly, the present disclosure may be embodied in the form of: entirely hardware, entirely software (including firmware, resident software, micro-code, etc.), or a combination of hardware and software.
According to the implementation mode of the invention, the implementation method of the API gateway based on the software definition is provided, and the control surface of the API gateway distributes and establishes the forwarding surface of the API gateway according to the user request; a user subscribes corresponding functional services for the back-end services to a control surface of the API gateway according to business requirements; the control surface of the API gateway issues the corresponding routing strategy and security strategy to the forwarding surface of the API gateway according to the function service subscribed by the user, and the forwarding surface of the API gateway performs routing forwarding and security protection according to the routing strategy and security strategy; and the control surface of the API gateway acquires and analyzes the corresponding running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and dynamically adjusts the routing strategy and the security strategy according to the analysis result.
The principles and spirit of the present invention are explained in detail below with reference to several exemplary embodiments of the present invention.
Fig. 1 is a schematic flow chart of an implementation method of the API gateway based on software definition according to the present invention. As shown in fig. 1, the method includes:
s1, a control surface of an API gateway distributes and creates a forwarding surface of the API gateway according to a user request;
the control surface of the API gateway schedules resources according to the request submitted by the user and establishes a forwarding surface of the API gateway; when a user submits a request, the maximum concurrency, the security service level, the data storage mode and the like of the forwarding surface of the API gateway can be appointed;
scheduling resources by a control plane of the API gateway, creating a forwarding plane of the API gateway, and carrying out initialized configuration on the forwarding plane of the API gateway, wherein the configuration comprises network configuration and default configuration;
the control surface of the API gateway configures an external public network address for the forwarding surface of the API gateway according to the address pool information, and externally issues the external domain name information of the back-end service;
optionally, the control plane of the API gateway may also drop an external public network address on the load balancing device, and at this time, the control plane of the API gateway needs to open a network between the load balancing device and the forwarding plane of the API gateway.
S2, a user subscribes corresponding functional services for the back-end services to the control surface of the API gateway according to business requirements;
a user subscribes functional services to a control plane of the API gateway according to business requirements, wherein the functional services subscribed by the user comprise reverse proxy services, flow control services, monitoring services, black and white list services, API security services, WEB security services, fusing services, health check services and the like;
a user needs to designate routing information of a forwarding plane of an API gateway in reverse proxy service, a control plane of the API gateway verifies the routing information input by the user, the routing in the forwarding plane of the same API gateway cannot be repeated, and the routing can be a transmission layer or an application layer;
the forwarding plane of the API gateway adopts a plug-in design mode, and each functional service is a plug-in the forwarding plane of the API gateway; after the forwarding plane of the API gateway is valid, the functional service plug-in combines a routing strategy and a security strategy issued by the control plane of the API gateway to carry out proxy, modification, copy, monitoring and security protection on the flow;
a forwarding plane of the API gateway monitors the change of the configuration parameters in real time and loads the configuration parameters to a memory in real time so that all changes are in effect immediately;
an access mode of authorization and verification is adopted between a control plane and a forwarding plane of the API gateway; when a forwarding plane of the API gateway proxies a plurality of backend services, the security level or protection level required by each backend service is different, and different functional service plug-ins can be instantiated (created) for each backend service or a part of routing strategies of the backend services;
the user can dynamically subscribe the functional service, and the control plane of the API gateway dynamically opens the corresponding functional service plug-in according to the functional service subscribed by the user.
S3, the control surface of the API gateway issues the corresponding routing strategy and the safety strategy to the forwarding surface of the corresponding API gateway according to the function service subscribed by the user, and the forwarding surface of the API gateway performs routing forwarding and safety protection according to the routing strategy and the safety strategy;
s4, the control surface of the API gateway collects and analyzes the corresponding running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and dynamically adjusts a routing strategy and a security strategy according to the analysis result;
the control surface of the API gateway acquires and analyzes the running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and the control surface of the API gateway performs capacity expansion/contraction on the forwarding surface of the API gateway according to the analysis result of the running state of the forwarding surface of the API gateway; and the control plane of the API gateway adjusts the load ratio between the forwarding planes of the API gateway according to the analysis result of the running state of the forwarding planes of the API gateway.
It should be noted that although the operations of the method of the present invention have been described in the above embodiments and the accompanying drawings in a particular order, this does not require or imply that these operations must be performed in this particular order, or that all of the operations shown must be performed, to achieve the desired results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
In order to clearly explain the implementation method of the API gateway based on software definition, the following description is made with reference to a specific embodiment, however, it should be noted that this embodiment is only for better explaining the present invention and is not to be construed as an undue limitation to the present invention.
Fig. 2 is a flow interaction diagram of an API gateway proxy backend service according to an embodiment of the present invention. As shown in fig. 2, a control flow, i.e., a flow interacted with a control plane of an API gateway, and a data flow, i.e., a flow interacted with a forwarding plane of the API gateway, include the following specific implementation steps:
1. a user initiates purchase of the API gateway through an ordering page, and a control surface of the API gateway instantiates (creates) a forwarding surface of the API gateway according to the specification of the selected forwarding surface of the API gateway;
the control surface of the API gateway schedules resources according to the specification of the forwarding surface of the API gateway selected by the user, and instantiates the forwarding surface of the API gateway; the specification parameters of the forwarding plane of the API gateway comprise the maximum concurrency of the forwarding plane of the API gateway, the safety service level, the data storage mode and the like;
scheduling resources by a control plane of the API gateway, creating a forwarding plane of the API gateway, and carrying out initialized configuration on the forwarding plane of the API gateway, wherein the configuration comprises network configuration and default configuration;
in specific implementation, the default configuration comprises log configuration, reverse proxy configuration and a system parameter threshold value of a forwarding surface of the API gateway;
the control surface of the API gateway configures an external public network address for the forwarding surface of the API gateway according to the address pool information, and externally issues the external domain name information of the back-end service;
the control plane of the API gateway manages public network address pool information, and establishes the relation between the forwarding plane of the API gateway and the public network address and the domain name relation; the control plane of the API gateway allocates an address to the forwarding plane of the API gateway from the unused public network addresses, configures the forwarding plane, and issues Domain Name information to a DNS (Domain Name System). In this embodiment, the DNS is only an example, and may be another GTM (Global Traffic Manager, global Traffic association) system or the like in actual use;
optionally, the control plane of the API gateway may also drop an external public network address on the load balancing device, and at this time, the control plane of the API gateway needs to open a network between the load balancing device and the forwarding plane of the API gateway.
2. A user subscribes corresponding functional services for the back-end services to the control surface of the API gateway according to business requirements;
a user subscribes functional services to a control plane of the API gateway according to business requirements, wherein the functional services subscribed by the user comprise reverse proxy service, flow control service, monitoring service, black and white list service, API security service, WEB security service, fusing service, health check service and the like;
in specific implementation, a user needs to specify routing information of a forwarding plane of an API gateway in reverse proxy service, a control plane of the API gateway verifies the routing information input by the user, the routing in the forwarding plane of the same API gateway cannot be repeated, and the routing can be a transmission layer or an application layer;
in specific implementation, when the Client needs to access the back-end service published by the user, the Client initiates a request to the DNS according to the domain name published by the control plane of the API gateway, and the DNS returns the public network address corresponding to the forwarding plane of the API gateway;
when the access flow of the Client terminal reaches the forwarding surface of the API gateway, the forwarding surface of the API gateway proxies the Client terminal request to the back-end service according to the reverse proxy configured by the user, and the back-end service responds according to the request; when the traffic passes through the API gateway, the forwarding plane of the API gateway processes the traffic according to the function service subscribed by the user, for example, when the user subscribes to the IP black and white list function, the forwarding plane of the API gateway detects whether the requested client address hits the IP black and white list, if so, the client address is directly intercepted, and if so, the client address directly passes through the black list;
the functional services subscribed by the user on the control surface of the API gateway are issued to the forwarding surface of the API gateway in a plug-in mode, a routing strategy and a security strategy are formed on the forwarding surface of the API gateway, and the request of the client is subjected to proxy, modification, copying, monitoring and security protection; the routing strategy comprises flow control related strategies, such as flow proxy, modification, replication, load balancing, flow rate limiting, flow distribution and the like; the security policy mainly comprises security detection, traffic interception, traffic monitoring and other policies;
the forwarding plane of the API gateway adopts a plug-in design mode, and each functional service is a plug-in the forwarding plane of the API gateway; after the forwarding plane of the API gateway is valid, each functional service plug-in performs proxy, modification, copying, monitoring and safety protection on the flow according to a routing strategy and a safety strategy issued by the control plane of the API gateway;
the forwarding surface of the API gateway monitors the change of the configuration parameters in real time and loads the configuration parameters into a memory in real time so that all changes are in effect immediately;
an access mode of authorization and verification is adopted between a control plane and a forwarding plane of the API gateway, and only the control plane can carry out configuration management on the forwarding plane; when a forwarding plane of the API gateway proxies a plurality of back-end services, the security level or protection level required by each back-end service is different, and different functional service plug-ins can be instantiated for each back-end service or a part of routing strategies of the back-end services;
in this embodiment, a user subscribes to a reverse proxy service and a flow control service for a backend service a; subscribing reverse proxy and IP black and white list service for a back-end service B;
in specific implementation, a user can subscribe different functional services for a certain route, and the route can be an accurate URL request or a wildcard URL; for example, limiting the speed of the logged URL, the flow control service may be subscribed for logging the route, the request rate and the number of concurrences of the flow may be limited, and the backend service may be protected;
in specific implementation, some fields or parameters of the request message may be used as matching conditions, for example, speed limit is performed on an address of a certain client, and flow control is performed on a certain UA (user-agent).
3. The control surface of the API gateway issues the corresponding routing strategy and security strategy to the forwarding surface of the API gateway according to the function service subscribed by the user, and the forwarding surface of the API gateway performs routing forwarding and security protection according to the routing strategy and security strategy;
the control surface of the API gateway starts a functional service plug-in related to the forwarding surface of the API gateway according to the functional service subscribed by the user, and instantiates the functional service plug-in when the user configures specific functional service parameters; for example, if the user subscribes to the high-level reverse proxy service, the control plane of the API gateway will open the high-level reverse proxy plug-in of the forwarding plane, and issue the specific routing policy and security policy to the forwarding plane of the API gateway.
4. The control surface of the API gateway acquires and analyzes the corresponding running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and dynamically adjusts a routing strategy and a safety strategy according to the analysis result;
the control surface of the API gateway acquires and analyzes the corresponding running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and the control surface of the API gateway expands/contracts the forwarding surface of the API gateway according to the analysis result; the control surface of the API gateway adjusts the load ratio between forwarding surfaces of the API gateway according to the analysis result;
in specific implementation, if a user subscribes to a flow control service, a control surface of the API gateway acquires related logs, monitors the times/link times of requests of the API interface, issues a routing policy and a security policy according to a monitoring result, limits a certain API interface speed or limits a certain source end of the API interface, and a forwarding surface of the API gateway does not sense an analysis result and only needs to execute the routing policy and the security policy issued by the control surface of the API gateway, so that the forwarding efficiency is improved;
in specific implementation, a control plane of the API gateway monitors the operation state of forwarding planes of the API gateway, for example, monitors the memory between the forwarding planes of the API gateway, the usage of the CPU, and the number of requested links, and if the forwarding plane of a certain API gateway is overloaded, the control plane of the API gateway may update LB, that is, the load ratio in load balancing, so that the forwarding planes of the API gateway are all in a normal operation state, and when the forwarding plane of the API gateway is still overloaded after adjustment, capacity expansion is performed; and if the forwarding surfaces of all the API gateways are lightly loaded, carrying out capacity reduction.
Based on the aforementioned inventive concept, as shown in fig. 3, the present invention further provides a computer device 100, which includes a memory 110, a processor 120, and a computer program 130 stored in the memory 110 and capable of running on the processor 120, wherein the processor 120 implements the method for implementing the API gateway based on software definition when executing the computer program 130.
Based on the foregoing inventive concept, the present invention further provides a computer-readable storage medium storing a computer program for executing the foregoing implementation method of the API gateway based on the software definition.
The implementation method of the API gateway based on the software definition provided by the invention realizes the separation of the control and the forwarding of the API gateway and improves the utilization rate and the reliability of resources.
While the spirit and principles of the invention have been described with reference to several particular embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, nor is the division of aspects, which is for convenience only as the features in such aspects may not be combined to benefit. The invention is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.
The present invention is not limited to the above embodiments, and it should be understood by those skilled in the art that various modifications and changes may be made without inventive changes in the technical solutions of the present invention.

Claims (11)

1. A method for realizing API gateway based on software definition is characterized in that the method comprises the following steps:
the control surface of the API gateway distributes and creates a forwarding surface of the API gateway according to the user request;
a user subscribes corresponding functional services for the back-end services to a control surface of the API gateway according to business requirements;
the control surface of the API gateway issues the corresponding routing strategy and security strategy to the forwarding surface of the API gateway according to the function service subscribed by the user, and the forwarding surface of the API gateway performs routing forwarding and security protection according to the routing strategy and security strategy;
and the control surface of the API gateway acquires and analyzes the corresponding running state of the forwarding surface of the API gateway in real time according to the monitoring service subscribed by the user, and dynamically adjusts the routing strategy and the security strategy according to the analysis result.
2. The method as claimed in claim 1, wherein the control plane of the API gateway schedules resources according to a request submitted by a user, creates a forwarding plane of the API gateway, and performs initialization configuration on the forwarding plane of the API gateway.
3. The method according to claim 2, wherein the control plane of the API gateway configures an external public network address for the forwarding plane of the API gateway according to the address pool information, and issues external domain name information of the backend service to the outside.
4. The method according to claim 1, wherein the forwarding plane of the API gateway adopts a plug-in design, and each functional service is a plug-in the API gateway; after the forwarding plane of the API gateway is valid, each functional service plug-in combines with a routing strategy and a security strategy issued by the control plane of the API gateway to carry out proxy, modification, copying, monitoring and security protection on the traffic.
5. The method according to claim 4, wherein the forwarding plane of the API gateway monitors the change of the configuration parameters in real time and loads the configuration parameters into the memory in real time, so that all changes are immediately effective.
6. The method for implementing the API gateway based on the software definition according to claim 4, wherein an access mode of authorization and verification is adopted between a control plane and a forwarding plane of the API gateway; when the forwarding plane of the API gateway proxies a plurality of backend services, different functional service plug-ins are instantiated for each backend service or a part of routing strategies of the backend services according to different security levels or protection levels required by each backend service.
7. The method according to claim 1, wherein the control plane of the API gateway dynamically opens a functional service plug-in corresponding to the forwarding plane of the API gateway according to the functional service subscribed by the user, instantiates the functional service plug-in when the user configures the specific functional service parameter, and issues the corresponding policy to the forwarding plane of the API gateway.
8. The method as claimed in claim 1, wherein the control plane of the API gateway adjusts a load ratio between forwarding planes of the API gateway according to an analysis result of an operation state of the forwarding planes of the API gateway.
9. The method according to claim 1 or 8, wherein the control plane of the API gateway performs capacity expansion/reduction on the forwarding plane of the API gateway according to the analysis result of the operating state of the forwarding plane of the API gateway.
10. A computer arrangement comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1-8 when executing the computer program.
11. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which is executable by a processor to implement the method of any one of claims 1-8.
CN202211045207.1A 2022-08-30 2022-08-30 API gateway implementation method based on software definition Pending CN115550171A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211045207.1A CN115550171A (en) 2022-08-30 2022-08-30 API gateway implementation method based on software definition

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211045207.1A CN115550171A (en) 2022-08-30 2022-08-30 API gateway implementation method based on software definition

Publications (1)

Publication Number Publication Date
CN115550171A true CN115550171A (en) 2022-12-30

Family

ID=84726597

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211045207.1A Pending CN115550171A (en) 2022-08-30 2022-08-30 API gateway implementation method based on software definition

Country Status (1)

Country Link
CN (1) CN115550171A (en)

Similar Documents

Publication Publication Date Title
JP6600373B2 (en) System and method for active-passive routing and control of traffic in a traffic director environment
EP3425870B1 (en) Method for optimization of the connection setup of an ssl proxy
US9961143B2 (en) Providing enhanced data retrieval from remote locations
JP5492200B2 (en) Automatically distributed network protection
US10749983B2 (en) Server request management
US10187458B2 (en) Providing enhanced access to remote services
Ibrahim et al. Web server performance improvement using dynamic load balancing techniques: A review
Basu et al. Interactive Grid Architecture for Application Service Providers.
US20230231802A1 (en) Systems and methods for selecting tunnels for transmitting application traffic by an sd-wan application
CN115550171A (en) API gateway implementation method based on software definition
US8312154B1 (en) Providing enhanced access to remote services
CN115516842A (en) Orchestration broker service
Sajjad et al. A component-based architecture for an autonomic middleware enabling mobile access to grid infrastructure
US11792133B2 (en) Systems and methods for performing header protection in distributed systems
US20230231768A1 (en) Systems and methods for updating a configuration of an sd-wan application using connectivity or usage data
US20230254243A1 (en) Systems and methods for managing network services by an sd-wan application and an sd-wan device
Otebolaku et al. On modeling adaptation in context-aware mobile grid systems
Serra et al. Enhancing the Availability of Web Services in the IoT-to-Edge-to-Cloud Compute Continuum: A WordPress Case Study
Srilakshmi et al. A Survey on Web Server Load Balancing Using SSL Back-End Forwarding Method
Pasquale et al. Improving Wireless Access to the Internet By Extending the Client/Server Model
Yousofi et al. A novel method for achieving load balancing in web clusters based on congestion control and cost reduction
Gomes et al. A WEB APPLIANCE IMPLEMENTATION: REDUCING AND SECURING NETWORK TRAFFIC IN A VIRTUAL LABORATORY ENVIRONMENT

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination