Disclosure of Invention
Based on this, the present specification provides a service execution system, a method and a device, and a service isolation system.
According to a first aspect of embodiments herein, there is provided a service execution system, the service execution system comprising a plurality of service units isolated from each other; the business units comprise at least one deployment unit for providing services, and the deployment units of different business units have different identification information; and each deployment unit with the same identification information performs data interaction so that the service unit executes corresponding service.
Optionally, the deployment unit provides services through a container.
Optionally, the container is for: issuing the service provided by the deployment unit and the identification information; and/or calling services issued by other containers according to the identification information.
Optionally, the container is further configured to: matching the identification information of the user with the identification information issued by other containers; and calling the service issued by the container with the matched identification information.
According to a second aspect of embodiments herein, there is provided a service execution method, the method comprising: acquiring identification information of the deployment unit; establishing data interaction between the deployment unit and other deployment units with the same identification information so as to enable the service units comprising the deployment unit and other deployment units to execute services; the deployment units of different service units have different identification information, and the service units are isolated from each other.
Optionally, the step of establishing data interaction between the present deployment unit and other deployment units having the same identification information includes: issuing the service provided by the deployment unit and the identification information so as to be used by other deployment units with the same identification information to call the service; and/or calling the services issued by other deployment units with the same identification information according to the identification information.
According to a third aspect of embodiments herein, there is provided a service execution method, the method including: after receiving a service request, searching a service distribution rule corresponding to the service request; and sending the service request to a corresponding service unit according to the service distribution rule so that the service unit executes the service corresponding to the service request.
According to a fourth aspect of embodiments herein, there is provided a service isolation system, comprising: a service execution system in any of the embodiments; and a service distribution system; the service distribution system is used for searching a service distribution rule corresponding to a service request after receiving the service request, and sending the service request to a corresponding service unit according to the service distribution rule, so that the service unit executes a service corresponding to the service request.
Optionally, the service isolation system further includes: a network access system; the network access system is used for acquiring a service request sent by a user side and forwarding the service request to a service distribution system.
Optionally, the network access system obtains a service request sent by a user side in a reverse proxy manner, and forwards the service request to the service distribution system.
Optionally, the network access system forwards the service request to a service offloading system through a gateway.
According to a fifth aspect of embodiments herein, there is provided a service execution apparatus, the apparatus comprising: the acquisition module is used for acquiring the identification information of the deployment unit; the establishing module is used for establishing data interaction between the deployment unit and other deployment units with the same identification information so as to enable the service units comprising the deployment unit and other deployment units to execute services; the deployment units of different service units have different identification information, and the service units are isolated from each other.
Optionally, the deployment unit provides services through a container.
Optionally, the container is for: issuing the service provided by the deployment unit and the identification information; and/or calling services issued by other containers according to the identification information.
Optionally, the container is further configured to: matching the identification information of the user with the identification information issued by other containers; and calling the service issued by the container with the matched identification information.
According to a sixth aspect of embodiments herein, there is provided a service execution apparatus, the apparatus comprising: the searching module is used for searching a service distribution rule corresponding to a service request after receiving the service request; and the sending module is used for sending the service request to a corresponding service unit according to the service distribution rule so as to enable the service unit to execute the service corresponding to the service request.
According to a seventh aspect of embodiments herein, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any of the embodiments.
According to an eighth aspect of embodiments herein there is provided a computer apparatus comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any of the embodiments when executing the program.
By applying the scheme of the embodiment of the present specification, each service unit includes a plurality of deployment units for providing services, and each deployment unit with the same identification information can perform data interaction, so that the service unit executes a corresponding service, and data interaction is not performed between the deployment units with different identification information.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the specification.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the specification, as detailed in the appended claims.
The terminology used in the description herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the description. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of the present specification. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
As shown in fig. 1, a service system may include a plurality of applications, and each application may run one or more services. For example, in the embodiment shown in fig. 1, the service system includes 3 applications, and each application can run n services, for example: a panning transaction service, a balance transaction service, an offline payment transaction service, etc. Each application may correspond to one deployment unit, and each deployment unit provides a service corresponding to each service by starting a container. The plurality of deployment units form a cluster unit, and the cluster unit is equivalent to a logic service center and used for executing various services of corresponding applications.
In the above-mentioned clustered service mode, all services go to one cluster unit, and the cluster is responsible for very complicated and complicated payment services. A change of one service easily results in the unavailability of one cluster, resulting in the unavailability of the payment related service as a whole. In addition, all services are in a cluster unit, and when the traffic volume is large (such as double eleven promotion), some service or some services may occupy all resources of the whole cluster, which easily results in that other services are not available.
Based on this, the present specification provides a service execution system, which includes a plurality of service units isolated from each other;
the business units comprise at least one deployment unit for providing services, and the deployment units of different business units have different identification information;
and each deployment unit with the same identification information performs data interaction so that the service unit executes corresponding service.
In this embodiment, a plurality of deployment units form a service unit, where a deployment unit may include an application service code and an application container, and one application may have a plurality of deployment units. The application is a service code with a modular function, and the application container can install and deploy software of the application, provide services for the outside and call external services. The service units are isolated from each other, each deployment unit in the same service unit has the same identification information, and each deployment unit with the same identification information can perform data interaction, so that the service units execute corresponding services, and the deployment units with different identification information do not perform data interaction.
As shown in fig. 2, the embodiment includes n service units, and each service unit includes 3 deployment units, that is: the service unit 1 comprises a deployment unit 11, a deployment unit 12 and a deployment unit 13; the service unit 2 comprises a deployment unit 21, a deployment unit 22 and a deployment unit 23; and so on. Wherein, application 1 may run service 11, service 12, … …, service 1 n; application 2 may run service 21, service 22, … …, service 2 n; application 3 may run service 31, service 32, … …, service 3 n. In practical application, services provided by each deployment unit in the same service unit can be mutually invoked through a certain invocation logic, so as to realize a service.
Each deployment unit has identification information, and each deployment unit in the same service unit has the same identification information; deployment units in different business units have different identification information. When executing the service, each deployment unit may perform data interaction according to the identification information. Specifically, only the deployment units with the same identification information can perform data interaction, and the deployment units with different identification information cannot perform data interaction. By the method, the service units can be isolated from each other to ensure that the service of one service unit does not influence the services of other service units, so that when the service of one service unit is abnormal, the normal execution of the services of other service units can be ensured. It should be noted that "isolated" as referred to herein may be a logical isolation, not necessarily a physical isolation.
The deployment unit can provide services through a container, the container is software which bears an application and provides services to the outside, and the application is started through the container so as to publish the services provided by the application. The identification information of the deployment unit may be set by setting parameters within the container.
In one embodiment, the container may be used to: issuing the service provided by the deployment unit and the identification information; and/or calling services issued by other containers according to the identification information. Further, when the container calls the service issued by other containers, the identification information of the container can be matched with the identification information issued by other containers, and the service issued by the container with the matched identification information can be called. After setting the parameters in the container, the container reads the parameters, and the parameters can be attached to the published service; when a service is invoked, services with the same parameters may be invoked.
Only one container can be set for the same application, and different deployment units of the same application can provide services through the container. When different deployment units work, different parameters can be dynamically set for the container, so that the deployment units have different identification information. This has the advantage that services of different service units can be distinguished without changing the application code in the container, but only by setting different parameters for the container.
As shown in fig. 3, an embodiment of the present specification further provides a service execution method, where the method includes:
step 302: acquiring identification information of the deployment unit;
step 304: establishing data interaction between the deployment unit and other deployment units with the same identification information so as to enable the service units comprising the deployment unit and other deployment units to execute services;
the deployment units of different service units have different identification information, and the service units are isolated from each other.
The method of this embodiment may be implemented based on the service execution system of any of the above embodiments.
Each deployment unit has identification information, and each deployment unit in the same service unit has the same identification information; deployment units in different business units have different identification information. When executing the service, each deployment unit may perform data interaction according to the identification information. Specifically, only the deployment units with the same identification information can perform data interaction, and the deployment units with different identification information cannot perform data interaction. By the method, the service units can be isolated from each other to ensure that the service of one service unit does not influence the services of other service units, so that when the service of one service unit is abnormal, the normal execution of the services of other service units can be ensured.
In one embodiment, the step of establishing data interaction between the present deployment unit and other deployment units having the same identification information comprises: issuing the service provided by the deployment unit and the identification information so as to enable other deployment units with the same identification information to call the service; and/or calling the services issued by other deployment units with the same identification information according to the identification information.
The deployment unit can provide services through a container, the container is software which bears an application and provides services to the outside, and the application is started through the container so as to publish the services provided by the application. The identification information of the deployment unit may be set by setting parameters within the container.
When the container calls the service issued by other containers, the identification information of the container can be matched with the identification information issued by other containers, and the service issued by the container with the matched identification information is called. After setting the parameters in the container, the container reads the parameters, and the parameters can be attached to the published service; when a service is invoked, services with the same parameters may be invoked.
Only one container can be set for the same application, and different deployment units of the same application can provide services through the container. When different deployment units work, different parameters can be dynamically set for the container, so that the deployment units have different identification information. This has the advantage that services of different service units can be distinguished without changing the application code in the container, but only by setting different parameters for the container.
As shown in fig. 4, an embodiment of the present specification further provides a service execution method, where the method includes:
step 402: after receiving a service request, searching a service distribution rule corresponding to the service request;
step 404: and sending the service request to a corresponding service unit according to the service distribution rule so that the service unit executes the service corresponding to the service request.
The method of this embodiment may be implemented based on the service execution system of any of the above embodiments.
The service distribution rule can be preset according to the actual situation. For example, for a transaction service, different services may be split according to a transaction number. If the transaction number is the transaction number corresponding to the guarantee transaction, the service corresponding to the transaction number can be divided into the Taobao transaction service unit; if the transaction number is the transaction number corresponding to the instant account transaction, the service corresponding to the transaction number can be divided into offline transaction service units. After sending the service request to the corresponding service unit, each deployment unit in the service unit may execute a respective service code, so that the service unit provides and executes the corresponding service. Specifically, the deployment unit may issue the service and the identification information provided by the deployment unit, and each deployment unit in the same service unit may also perform mutual invocation according to a predefined invocation logic, so that the service unit provides and executes the corresponding service.
As shown in fig. 5, the general flow of the service offloading mode in the embodiment of the present description is as follows:
step 502: and (5) modifying the container. The method specifically comprises the following steps:
step 5022: adding identification information of deployment unit isolation into JVM (Java Virtual Machine) parameters started by a container.
Step 5024: the method comprises the steps that when a container issues an RPC (Remote Procedure Call) service, whether identification information is set or not is sensed, and if yes, the service is issued in the mode of interface name plus identification information.
Step 5026: the container call RPC service is used for sensing whether the set identification information exists or not, and if the set identification information exists, the call RPC service is called in a mode of interface name + marking parameter.
Step 504: the deployment unit establishes and accesses a service distribution center. The method specifically comprises the following steps:
step 5042: the user selects the application that needs to be isolated and only the ingress application needs to access the traffic offload center component.
Step 5044: the user creates a deployment unit for the application (how many deployment units are created requiring multiple business units).
Step 5046: setting JVM parameters of the container in the deployment unit, and starting the container to provide services.
Step 5048: and allocating a distribution rule in the service distribution center and appointing a certain service to a certain service unit.
It should be noted that the execution sequence between the above steps can be performed in other sequences, and the above is only an exemplary description. For example, step 5026 may be performed before step 5024.
As shown in fig. 6, an embodiment of this specification further provides that the service isolation system includes:
a business execution system 602; and
a traffic distribution system 604;
the service distribution system 604 is configured to, after receiving a service request, search for a service distribution rule corresponding to the service request, and send the service request to a corresponding service unit of the service execution system 602 according to the service distribution rule, so that the service unit executes a service corresponding to the service request.
The service execution system 602 in this embodiment may adopt the service execution system in any of the above embodiments, and details are not described here.
The traffic offload system 604 of the embodiments herein is configured to receive traffic at the network layer and identify traffic offload to individual traffic units.
In one embodiment, the traffic isolation system further comprises: a network access system 606; the network access system 606 is configured to obtain a service request sent by a user side, and forward the service request to the service offloading system 604. Further, the network access system 606 may obtain the service request sent by the user side through a reverse proxy manner, and forward the service request to the service offloading system 604. The network access system 606 may also forward the service request to the service forking system 604 through the gateway 608.
As shown in fig. 7, an embodiment of the present specification further provides a service execution apparatus, which may include:
an obtaining module 702, configured to obtain identification information of the deployment unit;
an establishing module 704, configured to establish data interaction between the deployment unit and other deployment units with the same identification information, so that a service unit including the deployment unit and the other deployment units executes a service;
the deployment units of different service units have different identification information, and the service units are isolated from each other.
As shown in fig. 8, an embodiment of the present specification further provides a service execution apparatus, which may include:
the searching module 802 is configured to search a service distribution rule corresponding to a service request after receiving the service request;
a sending module 804, configured to send the service request to a corresponding service unit according to the service offloading rule, so that the service unit executes a service corresponding to the service request.
The specific details of the implementation process of the functions and actions of each module in the device are referred to the implementation process of the corresponding step in the method, and are not described herein again.
The embodiments of the apparatus of the present specification can be applied to a computer device, such as a server or a terminal device. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. The software implementation is taken as an example, and as a logical device, the device is formed by reading corresponding computer program instructions in the nonvolatile memory into the memory for operation through the processor in which the file processing is located. From a hardware aspect, as shown in fig. 9, it is a hardware structure diagram of a computer device in which the apparatus of this specification is located, and besides the processor 902, the memory 904, the network interface 906, and the nonvolatile memory 908 shown in fig. 9, a server or an electronic device in which the apparatus is located in the embodiment may also include other hardware according to an actual function of the computer device, which is not described again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, wherein the modules described as separate parts may or may not be physically separate, and the parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules can be selected according to actual needs to achieve the purpose of the solution in the specification. One of ordinary skill in the art can understand and implement it without inventive effort.
Accordingly, the embodiments of the present specification also provide a computer storage medium, in which a program is stored, and the program, when executed by a processor, implements the method in any of the above embodiments.
Accordingly, the embodiments of the present specification also provide a computer device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the program, the method in any of the above embodiments is implemented.
This application may take the form of a computer program product embodied on one or more storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having program code embodied therein. Computer-usable storage media include permanent and non-permanent, removable and non-removable media, and information storage may be implemented by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of the storage medium of the computer include, but are not limited to: phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technologies, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic tape storage or other magnetic storage devices, or any other non-transmission medium, may be used to store information that may be accessed by a computing device.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
The above description is only exemplary of the present disclosure and should not be taken as limiting the disclosure, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.