Intelligent application gateway implementation method based on container cloud
Technical Field
The invention relates to the technical field of gateways, in particular to a method for realizing an intelligent application gateway based on a container cloud.
Background
With the popularization of network, cloud computing and container technologies, cloud applications show explosive growth, the shortage of public network IP resources is gradually shown, although the IPv6 technology has appeared for many years, the limitation is limited to hardware and technology, most data centers still adopt a public network IPv4 scheme at present, and one-to-one binding of applications and ports is realized through NAT. Although the existing scheme can improve the utilization rate of the IP, the problems of incapability of multiplexing ports, complex management, low availability and the like still exist,
for the current application, one external network IP port can only point to one internal network server, most applications need to pass through http or http standard 80, 443 ports, if not reusable, resource waste is generated, utilization rate is low, in addition, the whole data center passes through one gateway outlet, if the gateway has no intelligent fault recovery and automatic load balancing mechanism, great influence is generated on service provision, and the gateway availability problem is caused: moreover, the NAT needs to be mapped manually, so that for an administrator, the maintenance workload is huge, and meanwhile, errors are possible. Particularly, in the container platform, the IP address of the container can be changed as required, and the maintenance workload can be increased.
Disclosure of Invention
The invention aims to overcome the problems in the prior art, provides an efficient, simple and highly-available intelligent application gateway and solves the problem of external network export of cloud services.
In order to achieve the technical purpose and achieve the technical effect, the invention is realized by the following technical scheme:
an implementation method of an intelligent application gateway based on a container cloud comprises a distributed data storage and high availability cluster (etcd), a DNS (sky DNS), a configuration generator (config), a tag acquirer (tagCollector), a policy selector (policySector) and a task executor (tasExecutor), and comprises the following steps:
1) deploying etcd, confd, tagCollector and taskExecutor services on at least one server, and deploying a sky DNS service on any external network server;
2) and adding a new external network IP resource list to/etcd/docker/publicIP in the etcd.
3) Changing NAMESERVER of the domain name to a cloud platform extranet DNS address in the domain name setting;
4) each server judges whether the server is an etcdeleader or not by acquiring an etcd state, if so, a tagCollector is started, and all container tag data taglist.json are acquired from metadata information of a periodical pull container cloud platform;
5) the Taskexecutor analyzes taglist.json and compares the taglist with/etc/docker/allocator, if the newly added domain name is found, the request is sent to the policySector to acquire an external network service address, and the policySector returns an IP address in/etcd/docker/public IP according to policy configuration;
6) the TaskExecutor calls a confd of a host where the IP is located, the host template regenerates the configuration of nginx and reloads the instance, if the configuration is successful, the/etc/docker/allocator in the etcd is updated, and finally the direction of the domain name and the IP in the skyDNS is updated;
7) the TaskExecutor regularly scans/etc/docker/allocator in the cloud platform etcd to ensure that the resources recorded in the allocator are consistent with the actual resources, and performs performance statistics by calling the performance API on nginx.
Preferably, the policy selector (policySelector) is a load balancing method selected when the service is routed, and the load balancing method measures the load condition of each server through the network (systemload/tcpcselect) and preferentially allocates the load condition to the host with the lowest load.
Preferably, the policy selector (policySelector) is a weight-based method selected when routing a service, the weight-based method being assigned by manually specifying a weight setting in an IP address, the weight being represented by a number of 1 to 100, the larger the number the larger the weight.
Preferably, the policy selector (policySelector) is a parent-master-based scheduling method selected during service routing, and the parent-master scheduling method schedules the same root domain name to the same server first.
Preferably, the policy selector (policySelector) is a label-based method selected during service routing, and the label-based method directly designates and schedules a user in a label to a host where a specific IP is located.
The invention has the beneficial effects that:
the application gateway cluster can be dynamically expanded according to the scale, each port can be multiplexed, and the utilization rate of IP resources is greatly improved; load balancing and dynamic allocation of the outlet can be realized through a self-defined scheduling algorithm, and the overall availability and performance of the cloud platform are improved.
Of course, it is not necessary for any product in which the invention is practiced to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a block diagram of the system architecture design of the present invention;
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present embodiment is an implementation method of an intelligent application gateway based on a container cloud, including a distributed data storage and high availability cluster (etcd), a DNS server (sky DNS), a configuration generator (config d), a tag acquirer (tag collector), a policy selector (policy selector), and a task executor (task executor), and the implementation method of the intelligent application gateway is as follows:
1) deploying services such as etcd, confd, tagCollector, taskExecutor and the like on at least one server, and deploying a sky DNS service on any external network server;
2) and adding a new external network IP resource list to/etcd/docker/publicIP in the etcd.
3) Changing NAMESERVER of the domain name to a cloud platform extranet DNS address in the domain name setting;
4) each server judges whether the server is an etcdeleader or not by acquiring an etcd state, if so, a tagCollector is started, and all container tag data taglist.json are acquired from metadata information of a periodical pull container cloud platform;
5) the Taskexecutor analyzes taglist.json and compares the taglist with/etc/docker/allocator (a distributor before), if a newly added domain name is found, the request is sent to the policySector to acquire an external network service address, and the policySector returns an IP address in/etcd/docker/public IP according to policy configuration;
6) the TaskExecutor calls a confd of a host where the IP is located, the host template regenerates the configuration of nginx and reloads the instance, if the configuration is successful, the/etc/docker/allocator in the etcd is updated, and finally the direction of the domain name and the IP in the skyDNS is updated;
7) the TaskExecutor regularly scans/etc/docker/allocator in the cloud platform etcd to ensure that the resources recorded in the allocator are consistent with the actual resources, and performs performance statistics by calling the performance API on nginx.
The policy selector (policySelector) is a load balancing method selected when a service is routed, and the load balancing method measures the load condition of each server through the network (systemload/TCPcollection), and preferentially allocates the load condition to the host with the lowest load.
The policy selector (policySelector) is a weight-based method selected when routing a service, the weight-based method being assigned by manually specifying a weight setting in an IP address, the weight being represented by a number of 1 to 100, the larger the number, the larger the weight.
As mentioned above, the policy selector (policySelector) is a parent-master scheduling method based on service routing, and the parent-master scheduling method schedules the same root domain name to the same server first.
As mentioned above, the policy selector (policysector) is a label-based method selected during service routing, and the label-based method directly assigns and schedules a user in a label to a host where a specific IP is located.
In the description herein, references to the description of "one embodiment," "an example," "a specific example" or the like are intended to mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.