CN109587069B - API gateway-based current limiting method and system - Google Patents

API gateway-based current limiting method and system Download PDF

Info

Publication number
CN109587069B
CN109587069B CN201811511051.5A CN201811511051A CN109587069B CN 109587069 B CN109587069 B CN 109587069B CN 201811511051 A CN201811511051 A CN 201811511051A CN 109587069 B CN109587069 B CN 109587069B
Authority
CN
China
Prior art keywords
max
request
current
current limiting
api gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811511051.5A
Other languages
Chinese (zh)
Other versions
CN109587069A (en
Inventor
张鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Shouqi Zhixing Technology Co Ltd
Original Assignee
Beijing Shouqi Zhixing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Shouqi Zhixing Technology Co Ltd filed Critical Beijing Shouqi Zhixing Technology Co Ltd
Priority to CN201811511051.5A priority Critical patent/CN109587069B/en
Publication of CN109587069A publication Critical patent/CN109587069A/en
Application granted granted Critical
Publication of CN109587069B publication Critical patent/CN109587069B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a current limiting method and system based on an API gateway, relates to the technical field of networks, and aims to limit the current of a network by setting the maximum value V of request times max Encrypting the URL requests with the same address by using a one-way hash function to generate an encryption result on the label keyWithin the validity period T, judging V 1 Whether or not it is not more than V max If yes, pass the current request and V 1 Is added to 1 when V 1 Greater than V max And the current request is rejected, so that strict current limiting on the distributed system in the cluster environment is realized, the performance loss of the system is minimized, and the defects that the strict current limiting on the distributed system in the cluster environment cannot be realized and the system performance loss is large due to current limiting are overcome.

Description

API gateway-based current limiting method and system
Technical Field
The invention relates to the technical field of networks, in particular to a current limiting method and system based on an API gateway.
Background
When a large amount of data is accessed concurrently, the situation that services or interfaces are unavailable due to sudden requests often occurs, and even chain reaction is caused to cause the whole system to crash. At this time, caching, service downgrading and current limiting are needed, wherein current limiting is the most important way, and when a request reaches a certain concurrency number or rate, waiting, queuing, downgrading, service rejection and the like are performed.
Currently, counter algorithms, leaky bucket algorithms, sliding window algorithms, and token bucket algorithms are mainly used in the industry for throttling. Wherein, the leaky bucket algorithm is mainly used for smoothing the burst flow on the network by controlling the speed of data injection into the network; the token bucket algorithm is one of the most commonly used algorithms in network traffic shaping and rate limiting, and is used to control the amount of data sent onto the network and to allow the transmission of bursty data; the counter algorithm is the simplest algorithm and can be regarded as a low-precision implementation of the sliding window, and since the sliding window needs to store a plurality of counters, the sliding window needs more memory space in implementation, that is, if the precision of the sliding window is higher, the required memory space is larger.
The prior art mainly has the following defects:
(1) Current limiting under a distributed system cannot be fully supported;
(2) Current limiting in a cluster environment is not supported;
(3) Current limiting under strict concurrency is not realized;
(4) The loss of system performance due to current limiting is large.
Disclosure of Invention
In order to overcome the defects in the prior art, embodiments of the present invention provide a method and a system for limiting current based on an API gateway.
In a first aspect, a method for limiting a current based on an API gateway provided in an embodiment of the present invention includes the following steps:
S101setting the maximum value V of the number of requests max
S102, encrypting the URL requests with the same address by using a one-way hash function to generate an encryption result, wherein the encryption result comprises a label key of the URL request and the current request times V 1
S103, judging V in the validity period T of the label key 1 Whether or not it is not more than V max If yes, pass the current request and V 1 Plus 1, wherein T is in units of seconds or minutes or hours;
s104, repeating the step S103, and when V is 1 Greater than V max The current request is denied.
In a second aspect, an API gateway-based current limiting system provided in an embodiment of the present invention includes:
a setting module for setting the maximum value V of the request times max
An encryption module, configured to encrypt, by using a one-way hash function, URL requests with the same address to generate an encryption result, where the encryption result includes a tag key of the request and current request times V 1
A judging module for judging V 1 Whether or not it is not more than V max If yes, pass the current request and V 1 Plus 1, wherein T is in units of seconds or minutes or hours;
and the rejection module is used for rejecting the current request when the V1 is larger than the Vmax.
The API gateway-based current limiting method and system provided by the embodiment of the invention have the following beneficial effects:
the strict current limitation of the distributed system in the cluster environment is realized, and the performance loss of the system is reduced to the minimum.
Drawings
Fig. 1 is a schematic flowchart of a current limiting method based on an API gateway according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a current limiting system based on an API gateway according to an embodiment of the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and the embodiments.
Referring to fig. 1, the API gateway-based current limiting method provided in the embodiment of the present invention includes the following steps:
s101, setting the maximum value V of the request times max
As a specific example, V max The value of (d) is set to 10 times.
S102, encrypting the URL requests with the same address by using a one-way hash function to generate an encryption result, wherein the encryption result comprises a label key of the URL request and the current request times V 1
As a specific example of the way in which the present invention may be used,
https:// www.yourdomain.com/abc/def/createorder.jsoprop 1= v1& p2= v2, https:// www.yourdomain.com/abc/def/createorder.json m1= v3& m2= v2 and https:// www.yourdomain.com/abc/def/createorder.json the same address for the three URL requests, treated as one request and grouped together.
S103, judging V in the validity period T of the label key 1 Whether or not it is not more than V max If yes, pass the current request and V 1 Plus 1, wherein T is in units of seconds or minutes or hours;
s104, repeating the step S103 when V 1 Greater than V max The current request is denied.
As a specific example, when V 1 Above 10, the request may be denied.
Referring to fig. 2, the API gateway based current limiting system according to an embodiment of the present invention includes a setting module, an encryption module, a determining module, and a rejecting module, wherein,
a setting module for setting the maximum value V of the request times max
An encryption module, configured to encrypt the URL requests with the same address by using a one-way hash function to generate an encryption result, where the encryption result includes a tag key of the request and the current request times V 1
A judging module for judging V 1 Whether or not greater than V max If yes, pass the current request and V 1 Plus 1, wherein T is in units of seconds or minutes or hours;
a rejection module for rejecting a signal V 1 Greater than V max The current request is denied.
The API gateway-based current limiting method and system provided by the embodiment of the invention set the maximum value V of the request times max Encrypting the URL requests with the same address by using a one-way hash function to generate an encryption result, and judging V within the validity period T of the label key 1 Whether or not it is not more than V max If yes, pass the current request and V 1 Is added to 1 when V 1 Greater than V max And meanwhile, the current request is rejected, so that strict current limiting on a distributed system in a cluster environment is realized, and the performance loss of the system is reduced to the minimum.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
It will be appreciated that the relevant features of the method and apparatus described above are referred to one another. In addition, "first", "second", and the like in the above embodiments are for distinguishing the embodiments, and do not represent merits of the embodiments.
It can be clearly understood by those skilled in the art that, for convenience and simplicity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The algorithms and displays presented herein are not inherently related to any particular computer, virtual machine, or other apparatus. Various general purpose systems may also be used with the teachings herein. The required structure for constructing such a system will be apparent from the description above. Moreover, the present invention is not directed to any particular programming language. It is appreciated that a variety of programming languages may be used to implement the teachings of the present invention as described herein, and any descriptions of specific languages are provided above to disclose the best mode of the invention.
In addition, the memory may include volatile memory in a computer readable medium, random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (2)

1. A current limiting method based on an API gateway is characterized by comprising the following steps:
s101, setting the maximum value V of the request times max
S102, encrypting the URL requests with the same address by using a one-way hash function to generate an encryption result, wherein the encryption result comprises a label key of the URL request and the current request times V 1
S103, judging V in the validity period T of the label key 1 Whether or not it is not more than V max If yes, pass the current request and V 1 Plus 1, wherein T is in units of seconds or minutes or hours;
s104, repeating the step S103 when V 1 Greater than V max The current request is denied.
2. An API gateway based current limiting system, comprising:
a setting module for setting the maximum value V of the request times max
An encryption module, configured to encrypt the URL requests with the same address by using a one-way hash function to generate an encryption result, where the encryption result includes a tag key of the request and the current request times V 1
A judging module for judging V 1 Whether or not it is not more than V max If yes, pass the current request and V 1 Plus 1, wherein T is in units of seconds or minutes or hours;
a rejection module for rejecting a signal V 1 Greater than V max The current request is denied.
CN201811511051.5A 2018-12-11 2018-12-11 API gateway-based current limiting method and system Active CN109587069B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811511051.5A CN109587069B (en) 2018-12-11 2018-12-11 API gateway-based current limiting method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811511051.5A CN109587069B (en) 2018-12-11 2018-12-11 API gateway-based current limiting method and system

Publications (2)

Publication Number Publication Date
CN109587069A CN109587069A (en) 2019-04-05
CN109587069B true CN109587069B (en) 2022-10-04

Family

ID=65928274

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811511051.5A Active CN109587069B (en) 2018-12-11 2018-12-11 API gateway-based current limiting method and system

Country Status (1)

Country Link
CN (1) CN109587069B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111600807A (en) * 2020-04-14 2020-08-28 网宿科技股份有限公司 Flow control method and system based on API gateway equipment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107222426B (en) * 2016-03-21 2021-07-20 阿里巴巴集团控股有限公司 Flow control method, device and system
CN106302445B (en) * 2016-08-15 2019-07-23 北京百度网讯科技有限公司 Method and apparatus for handling request
CN108848037B (en) * 2018-05-31 2023-06-20 平安医疗科技有限公司 Service request processing method, device, computer equipment and storage medium
CN108471432B (en) * 2018-07-11 2020-09-11 北京智芯微电子科技有限公司 Method for preventing network application program interface from being attacked maliciously

Also Published As

Publication number Publication date
CN109587069A (en) 2019-04-05

Similar Documents

Publication Publication Date Title
AU2019101567A4 (en) Method and apparatus for consensus verification
AU2018246109B2 (en) Blockchain-based transaction processing method and apparatus
CN107368259B (en) Method and device for writing service data into block chain system
CN108932297B (en) Data query method, data sharing method, device and equipment
CN110768912B (en) API gateway current limiting method and device
CN109309652B (en) Method and device for training model
CN106708607B (en) Congestion control method and device for message queue
CN109426732B (en) Data processing method and device
CN109726563B (en) Data statistics method, device and equipment
CN111683039B (en) Authentication method, device and medium
CN106951795B (en) Application data access isolation method and device
JP2014508970A (en) Data encryption processing apparatus and method for cloud storage system
CN113821817B (en) Data processing method, device, equipment and system based on block chain
CN109428900B (en) Data processing method and device
CN109639747B (en) Data request processing method, data request processing device, query message processing method, query message processing device and equipment
CN109587069B (en) API gateway-based current limiting method and system
CN106982193B (en) Method and device for preventing batch registration
CN114817982A (en) Multi-party computing control method, device and equipment for providing privacy protection
CN111131474A (en) Method, device and medium for managing user protocol based on block chain
CN112866265B (en) CSRF attack protection method and device
CN110995447B (en) Data storage method, device, equipment and medium
EP3267383A1 (en) Data transmission method and system
CN107360441B (en) User live broadcast room speech control method and device
CN110868333A (en) Data caching method and system for gateway
CN114301710B (en) Method for determining whether message is tampered, secret pipe platform and secret pipe system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant