CN111131058A - Access point control method and device - Google Patents
Access point control method and device Download PDFInfo
- Publication number
- CN111131058A CN111131058A CN201911164965.3A CN201911164965A CN111131058A CN 111131058 A CN111131058 A CN 111131058A CN 201911164965 A CN201911164965 A CN 201911164965A CN 111131058 A CN111131058 A CN 111131058A
- Authority
- CN
- China
- Prior art keywords
- access
- current limiting
- strategy
- requests
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses an access amount control method and device, and relates to the technical field of computers. One embodiment of the method comprises: receiving an access request; when the number of the received access requests is judged to meet the access amount control condition: determining part of the access requests as target requests, generating normal response data responding to the target requests and returning; for access requests except the target request, disconnecting the access request or placing the access request into a preset waiting queue; when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access rate control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion. The embodiment can provide personalized access control function for the server by setting the access control condition for each server.
Description
Technical Field
The invention relates to the technical field of computers, in particular to an access amount control method and device.
Background
With the development of internet technology, service systems face greater and greater access pressure, and how to ensure the stability and availability of the service systems under the pressure of large-scale access volume becomes more and more important. In the prior art, access control is usually performed based on a unified gateway arranged in front of a server (as shown in fig. 1), and this control method is simple and coarse in granularity, and it is difficult to provide a personalized flow control policy for a specific server. In addition, the unified gateway is used as a single-point part of the whole system to bear all the access volume pressure, and once the unified gateway fails, the whole system is easily unusable.
Disclosure of Invention
In view of this, embodiments of the present invention provide an access control method and an access control device, which can provide a personalized access control function for a server by setting an access control condition for each server.
To achieve the above object, according to one aspect of the present invention, an access amount control method is provided.
The access amount control method of the embodiment of the invention comprises the following steps: receiving an access request; when the number of the received access requests is judged to accord with the preset access amount control condition: determining part of the access requests as target requests, generating normal response data responding to each target request and returning; for each access request except the target request, disconnecting the access request or placing the access request into a preset waiting queue; when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access rate control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion.
Optionally, the throttling policy comprises at least one performance throttling policy; and the access amount control policy is determined according to the following steps: collecting operation data of a current statistical period, and acquiring a performance index of the current statistical period according to the operation data; and determining a performance current limiting strategy with the current limiting condition matched with the performance index of the current statistical period as a primary selection strategy, and determining the strategy with the maximum current limiting proportion in the primary selection strategy as an access control strategy.
Optionally, the current limiting policy further comprises at least one available rate current limiting policy; and, the method further comprises: prior to determining the access control policy: acquiring the availability index of the current statistical period according to the operating data; and determining the available rate current limiting strategy with the current limiting condition matched with the available rate index as the initial selection strategy.
Optionally, the current limiting strategy further comprises at least one timed current limiting strategy, and the current limiting condition of each timed current limiting strategy is a current limiting time interval; and, the method further comprises: and before determining the access rate control strategy, determining a timing current limiting strategy of a current time included in the current time of the current time limiting interval as the initial selection strategy.
Optionally, the determining, by using a pre-stored access amount control policy, whether to normally respond to the access request includes: converting the client identifier carried in the access request into a hash value between 0 and 1; when the hash value is not less than the current limit proportion in the access quantity control strategy, the access request is normally responded; and when the hash value is smaller than the current limit proportion in the access quantity control strategy, disconnecting the access request or placing the access request into the waiting queue.
Optionally, the number of received access requests includes: the number of access requests received in the current acquisition period or the number of access requests currently being processed; the access amount control condition includes: the number of received access requests is greater than a preset threshold; the number of target requests is equal to the threshold; the operational data includes: the response result and the response duration of each access request; and, the performance indicators include at least one of: response time length hundreds of lines TP index, maximum value of response time length and average value of response time length.
To achieve the above object, according to another aspect of the present invention, an access amount control apparatus is provided.
The access amount control device of the embodiment of the invention can comprise: a receiving unit configured to receive an access request; a control unit for: when the number of the received access requests is judged to accord with the preset access amount control condition: determining part of the access requests as target requests, generating normal response data responding to each target request and returning; for each access request except the target request, disconnecting the access request or placing the access request into a preset waiting queue; a current limiting unit for: when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access rate control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion.
To achieve the above object, according to still another aspect of the present invention, there is provided an electronic apparatus.
An electronic device of the present invention includes: one or more processors; and the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors realize the access control method provided by the invention.
To achieve the above object, according to still another aspect of the present invention, there is provided a computer-readable storage medium.
A computer-readable storage medium of the present invention has stored thereon a computer program which, when executed by a processor, implements the access amount control method provided by the present invention.
According to the technical scheme of the invention, one embodiment of the invention has the following advantages or beneficial effects:
firstly, an access amount control condition is set for each server in advance so as to determine a processing mode for an access request, for example, when the number of access requests is greater than a preset threshold, only a part of access requests (the number of the access requests can be equal to the threshold) are normally responded, and other requests are directly disconnected or placed into a waiting queue, so that service resources can be quickly released when large-scale access amount is encountered, and the availability of a system is ensured.
Secondly, by setting a plurality of current limiting strategies for each server, when the number of access requests is not greater than the threshold, acquiring operation data of the server in real time to obtain operation indexes such as performance and availability ratio of the server, and finally determining an access amount control strategy for actually executing current limiting from the plurality of current limiting strategies by using the operation indexes, so that intelligent sensing of the operation condition of the server and automatic control of the access amount are realized when the access amount is large (the access amount at the moment is smaller than the large-scale access amount), the sensitivity, availability and the utilization ratio of service resources can be improved, and a targeted current limiting measure in the face of different access amount pressures is realized. In addition, by setting the timing current limiting strategy, the corresponding current limiting strategy can be deployed in advance before the arrival of the flow flood peak with the periodic characteristic, so that the corresponding current limiting strategy can be effectively responded.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a prior art unified gateway architecture diagram;
FIG. 2 is a schematic diagram of the main steps of the access control method in the embodiment of the present invention;
FIG. 3 is a schematic diagram of an implementation architecture of an access control method in an embodiment of the present invention;
FIG. 4 is a schematic diagram of determining an access control policy in an embodiment of the invention;
FIG. 5 is a schematic diagram of the components of an access control device in an embodiment of the invention;
FIG. 6 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 7 is a schematic structural diagram of an electronic device for implementing the access control method in the embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It should be noted that the embodiments of the present invention and the technical features of the embodiments may be combined with each other without conflict.
Fig. 2 is a schematic diagram of main steps of an access control method in an embodiment of the present invention.
As shown in fig. 2, the method according to the embodiment of the present invention may be specifically performed according to the following steps:
step S201: an access request is received.
In the embodiment of the invention, the server receives the access request sent by the client, and the access request is used for calling the local service of the server. Generally, the access request carries a client identifier for uniquely identifying the client.
Step S202: when the number of the received access requests is judged to accord with the preset access amount control condition: determining part of the access requests as target requests, generating normal response data responding to each target request and returning; and for each access request except the target request, disconnecting the access request or putting the access request into a preset waiting queue.
Before executing this step, the server is configured with access control conditions in advance to execute customized access request restriction, for example, the access control conditions may be configured as: "the number of received access requests is greater than the preset threshold", which means that when the number of received access requests at step S201 is greater than the preset threshold, the restricting operation is performed on the access requests. The number of the received access requests may be the number of the access requests received in a current acquisition cycle (that is, an acquisition cycle closest to the current time, and the acquisition cycle may be set to 1 second or 2 seconds according to an actual environment, etc.), or may be the number of the access requests currently being processed.
In a specific application, the limiting operation performed on the access request may be: and normally responding to a part of access requests (namely generating normal response data responding to each target request and returning the normal response data to the client), and performing disconnection or putting the normal response data into a waiting queue (namely queuing the access requests and disconnecting the access requests after the queuing time exceeds a preset threshold value) on the rest of the access requests. In the embodiment of the present invention, the part of the access request that normally responds may be referred to as a target request, and in an actual application scenario, the target request may be determined through the following steps. The received requests are first sorted according to request time from small to large (i.e. from early to late), and then the previous access requests, the number of which is equal to the threshold value in the access amount control condition, are determined as target requests.
Through the setting, customized access control conditions can be configured for each server to execute access control, when the number of the current access requests is larger than the threshold value, the access requests within the range of the threshold value can be normally responded, and other access requests are disconnected or placed into a waiting queue, so that the system availability is ensured.
Fig. 3 is a schematic diagram of an implementation architecture of the access control method in the embodiment of the present invention.
As shown in fig. 3, the service unit can implement a whole set of service processes, which may include a plurality of service function points. It is understood that the service function point can be used as the service end introduced above. And the access control terminal is integrated and deployed with the service function point, interacts with the access control logic engine and is used for determining the effective state of the access control rule. The access quantity control rule is composed of the access quantity control condition and access quantity limiting operation executed when the condition is met. And the access point control logic engine is responsible for defining and storing the access point control rules and issuing the access point control rules through interaction with the access point control terminal. It can be understood that the service logic fusion of the access control terminal and the service function point can directly count the instant access amount of the service function point and apply the access control rule defined in the access control logic engine to the service function point, thereby realizing the access control.
In general, the access control rules may include a service function point identification, an access pressure metric indicator (number of access requests received per second or currently being processed), a threshold, and a limit operation after an overage.
The following describes an interaction flow at each end by taking a scenario in which an access amount control rule is "when access requests received per second are greater than 100, the excess portion is directly disconnected". The business service unit receives access requests from the client, and when the number of the access requests is not more than 100, all the requests can obtain normal return results; and when the number of the access requests exceeds 100, triggering an access control rule, and executing corresponding processing on all excessive access requests by the access control terminal according to the access control rule to ensure that the whole system is available. It can be understood that the calculation of the access amount for the service function point is dynamic, and as the service resource is released, once the number of access requests of the system is reduced to below the threshold 100, new access requests can be processed normally, and the access amount control rule is not triggered to cause the quick abnormal state return.
Therefore, the invention provides an access amount control method based on specific business services, which can realize a finer-grained access amount control function, more flexible access amount control rule configuration, guarantee the availability of the system and solve the overall unavailable risk caused by single points of the system, compared with the access amount control capability provided by a unified gateway.
Step S203: when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access point control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion.
Step S202 is an access amount control step when the current access number is larger than the threshold value. When the current access number is not greater than the threshold, the excess request does not need to be directly disconnected, at this time, the operation state of the server can be judged according to the operation data of the server, an access control policy is further determined, and finally, corresponding current limiting processing is executed according to the access control policy, and specific execution steps of the current limiting processing will be described below.
1. A plurality of current limiting policies are preset, and each current limiting policy contains a current limiting condition (i.e. a trigger condition for current limiting processing) and a current limiting proportion (i.e. a proportion of access requests for which normal response is not performed). Generally, the current limit ratio is a value between 0 and 1 (i.e., not less than 0 and not more than 1).
For example: a certain current limiting policy for a certain server is: when the TP90 is greater than 1000 milliseconds, 20% of the flow is automatically restricted. Wherein, TP90 is a response time length percentage line TP (top percent) index, and its physical meaning is: and sequencing a plurality of response durations of the server in the statistical period from small to large, wherein the response durations are positioned at the 90% response time. Similarly, TP50 refers to sorting the multiple response durations of the server in the statistical period from small to large, and is located at the 50 th% response time. In the above current limiting strategy, the current limiting conditions are: the TP90 is greater than 1000 ms, the current limit ratio is 20%, and if the current limit policy is used as the access control policy of the server, it can control the server to make no call for 20% of the access requests and make a call for 80% of the access requests.
In an embodiment of the present invention, the current limiting policy of each server may include: a performance current limit policy, an availability current limit policy, and a timing current limit policy. The current limiting condition of the performance current limiting policy is a performance index of the server, such as: TP50, TP90, TP99, TP999, average response time, maximum response time, etc., where the flow limiting policy "TP 90 is greater than 1000 milliseconds in the above example, the flow of 20% of the flow is automatically limited" is the performance flow limiting policy.
The current limit condition of the available rate current limit policy is an available rate index of the server, and in a specific application, the available rate of the server in a certain statistical period is a quotient of the normal call total (i.e. the successful call total) and the call total of the server in the statistical period. For example: the following current limiting strategies are available rate current limiting strategies: and when the service end availability is less than 50%, automatically limiting the flow of 40%.
The current limiting condition of the timing current limiting strategy is a current limiting time interval, namely a preset time interval for triggering current limiting operation. For example: the following current limiting strategy is the timing interval: and automatically limiting 80% of flow within the time range of 2017-10-2723:55: 00-2017-10-2800: 05:00, wherein the flow is represented as follows: and in a time interval from 23:55 in 2017, 10, 27, 23: 2018 and 0:05 in 2018, limiting the current of 80% of access requests, wherein the time interval from 2017-10-2723:55:00 to 2017-10-2800:05:00 is the current limiting time interval.
2. And determining the current access point control strategy from the current limiting strategy.
Specifically, firstly, acquiring the running data of the server in the current statistical period (namely the statistical period closest to the current moment, wherein the statistical period can be set to be 1 minute, one hour and the like), and counting the running data to acquire the performance index of the server in the current statistical period; and in the performance current limiting strategy of the server, determining a performance current limiting strategy with current statistical period performance indexes matched with current limiting conditions, and taking the performance current limiting strategy as an initial selection strategy of the server.
Preferably, the operation data may include: the result of the response to each access request (i.e., normal response or abnormal response) and the response time. The performance index of the server in the current statistical period can be obtained by counting the operation data of the current statistical period, and then the current limiting strategy of which the current limiting condition is matched with the performance index of the current statistical period can be determined as the initial selection strategy of the server.
Then, acquiring the availability index of the server in the current statistical period according to the running data; and determining the available rate current limiting strategy with the current limiting condition matched with the available rate index in the available rate current limiting strategies of the service end, and taking the available rate current limiting strategy as a primary selection strategy of the service end.
Then, in the timing current-limiting strategy of the server, the timing current-limiting strategy of which the current time interval contains the current time (namely, the current time is in the current-limiting time interval) is determined and is used as the initial selection strategy of the server.
And finally, determining the maximum call flow limiting ratio in the initially selected strategy as the access control strategy of the server, and storing the access control strategy. Fig. 4 is a schematic diagram of determining an access point control policy in an embodiment of the present invention, and the step of determining a primary selection policy from a performance throttling policy, an available rate throttling policy, and a timing throttling policy to obtain an access point control policy may be as shown in fig. 4. It should be noted that, the step of determining the primary selection policy from the performance current limiting policies, the step of determining the primary selection policy from the availability current limiting policies, and the step of determining the primary selection policy from the timing current limiting policies are not limited in any order.
3. And when the number of the received access requests is judged not to accord with the access amount control condition, aiming at any access request, judging whether the access request is normally responded by using the access amount control strategy. As a preferred scheme, the client identifier carried in the access request may be first converted into a hash value between 0 and 1; when the hash value is not less than the current limit proportion in the access quantity control strategy, the access request is normally responded; and when the hash value is smaller than the current limit proportion in the access quantity control strategy, disconnecting the access request or putting the access request into a waiting queue. Through the arrangement, the current limiting operation according with the current limiting proportion can be realized.
It can be understood that if the performance index and the availability index of the current statistical period do not conform to each current limiting condition, it indicates that the server is operating normally, and if the current statistical period is not in the current limiting time interval in the timing current limiting policy, the server can respond normally for each access request.
In the technical scheme of the embodiment of the invention, the access amount control condition is preset for each server so as to determine the processing mode aiming at the access request, for example, when the number of the access requests is greater than the preset threshold value, only a part of the access requests are normally responded, and other requests are directly disconnected or placed into a waiting queue, so that the service resources can be quickly released when large-scale access amount is encountered, and the system availability is ensured. In addition, by setting a plurality of current limiting strategies for each server, when the number of access requests is not greater than the threshold value, the operation data of the business service is collected in real time to obtain the performance, the availability ratio and other operation indexes of the business service, and finally, the operation indexes are used for determining the access amount control strategy for actually executing current limiting from the plurality of current limiting strategies, so that the intelligent perception of the business service operation condition and the automatic control of the access amount when the access amount is large are realized, the sensitivity, the availability and the service resource utilization rate of the system can be improved, and the targeted current limiting measures when different access amount pressures are met are realized. In addition, by setting the timing current limiting strategy, the corresponding current limiting strategy can be deployed in advance before the arrival of the flow flood peak with the periodic characteristic, so that the corresponding current limiting strategy can be effectively responded.
It should be noted that, for the convenience of description, the foregoing method embodiments are described as a series of acts, but those skilled in the art will appreciate that the present invention is not limited by the order of acts described, and that some steps may in fact be performed in other orders or concurrently. Moreover, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no acts or modules are necessarily required to implement the invention.
To facilitate a better implementation of the above-described aspects of embodiments of the present invention, the following also provides relevant means for implementing the above-described aspects.
Referring to fig. 5, an access control apparatus 500 according to an embodiment of the present invention may include: a receiving unit 501, a control unit 502 and a current limiting unit 503.
Wherein the receiving unit 501 is operable to receive an access request; the control unit 502 may be configured to: when the number of the received access requests is judged to accord with the preset access amount control condition: determining part of the access requests as target requests, generating normal response data responding to each target request and returning; for each access request except the target request, disconnecting the access request or placing the access request into a preset waiting queue; the current limiting unit 503 may be configured to: when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access rate control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion.
Preferably, the current limiting policy comprises at least one performance current limiting policy; the current limiting unit 503 may further be configured to: collecting operation data of a current statistical period, and acquiring a performance index of the current statistical period according to the operation data; and determining a performance current limiting strategy with the current limiting condition matched with the performance index of the current statistical period as a primary selection strategy, and determining the strategy with the maximum current limiting proportion in the primary selection strategy as an access control strategy.
In some embodiments, the throttling policies further comprise at least one available rate throttling policy; the current limiting unit 503 may further be configured to: prior to determining the access control policy: acquiring the availability index of the current statistical period according to the operating data; and determining the available rate current limiting strategy with the current limiting condition matched with the available rate index as the initial selection strategy.
Preferably, the current limiting strategy may further include at least one timed current limiting strategy, and the current limiting condition of each timed current limiting strategy is a current limiting time interval; the current limiting unit 503 may further be configured to: and before determining the access rate control strategy, determining a timing current limiting strategy of a current time included in the current time of the current time limiting interval as the initial selection strategy.
In an alternative implementation, the current limiting unit 503 may be further configured to: converting the client identifier carried in the access request into a hash value between 0 and 1; when the hash value is not less than the current limit proportion in the access quantity control strategy, the access request is normally responded; and when the hash value is smaller than the current limit proportion in the access quantity control strategy, disconnecting the access request or placing the access request into the waiting queue.
Furthermore, in an embodiment of the present invention, the number of received access requests includes: the number of access requests received in the current acquisition period or the number of access requests currently being processed; the access amount control condition includes: the number of received access requests is greater than a preset threshold; the number of target requests is equal to the threshold; the operational data includes: the response result and the response duration of each access request; and, the performance indicators include at least one of: response time length hundreds of lines TP index, maximum value of response time length and average value of response time length.
In the technical scheme of the embodiment of the invention, the access amount control condition is preset for each server so as to determine the processing mode aiming at the access request, for example, when the number of the access requests is greater than the preset threshold value, only a part of the access requests are normally responded, and other requests are directly disconnected or placed into a waiting queue, so that the service resources can be quickly released when large-scale access amount is encountered, and the system availability is ensured. In addition, by setting a plurality of current limiting strategies for each server, when the number of access requests is not greater than the threshold value, the operation data of the business service is collected in real time to obtain the performance, the availability ratio and other operation indexes of the business service, and finally, the operation indexes are used for determining the access amount control strategy for actually executing current limiting from the plurality of current limiting strategies, so that the intelligent perception of the business service operation condition and the automatic control of the access amount when the access amount is large are realized, the sensitivity, the availability and the service resource utilization rate of the system can be improved, and the targeted current limiting measures when different access amount pressures are met are realized. In addition, by setting the timing current limiting strategy, the corresponding current limiting strategy can be deployed in advance before the arrival of the flow flood peak with the periodic characteristic, so that the corresponding current limiting strategy can be effectively responded.
Fig. 6 illustrates an exemplary system architecture 600 to which the access control method or access control apparatus of an embodiment of the present invention may be applied.
As shown in fig. 6, the system architecture 600 may include terminal devices 601, 602, 603, a network 604 and a server 605 (this architecture is merely an example, and the components included in a specific architecture may be adjusted according to the specific application). The network 604 serves to provide a medium for communication links between the terminal devices 601, 602, 603 and the server 605. Network 604 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
A user may use the terminal devices 601, 602, 603 to interact with the server 605 via the network 604 to receive or send messages or the like. Various client applications, such as an access control application (for example only), may be installed on the terminal devices 601, 602, 603.
The terminal devices 601, 602, 603 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 605 may be a server providing various services, such as a background server (for example only) providing support for access control applications operated by users with the terminal devices 601, 602, 603. The backend server may process the received access amount limiting request and feed back a processing result (e.g., a current access amount status after current limiting-only example) to the terminal device 601, 602, 603.
It should be noted that the access amount control method provided by the embodiment of the present invention is generally executed by the server 605, and accordingly, the access amount control device is generally disposed in the server 605.
It should be understood that the number of terminal devices, networks, and servers in fig. 6 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
The invention also provides the electronic equipment. The electronic device of the embodiment of the invention comprises: one or more processors; and the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors realize the access control method provided by the invention.
Referring now to FIG. 7, shown is a block diagram of a computer system 700 suitable for use with the electronic device implementing an embodiment of the present invention. The electronic device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM703, various programs and data necessary for the operation of the computer system 700 are also stored. The CPU701, the ROM 702, and the RAM703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, the processes described in the main step diagrams above may be implemented as computer software programs, according to embodiments of the present disclosure. For example, embodiments of the invention include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the main step diagram. In the above-described embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program, when executed by the central processing unit 701, performs the above-described functions defined in the system of the present invention.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present invention may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes a receiving unit and a control unit. Where the names of the units do not in some cases constitute a limitation of the unit itself, for example, a receiving unit may also be described as a "unit sending an access request to a controlling unit".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by the apparatus, cause the apparatus to perform steps comprising: receiving an access request; when the number of the received access requests is judged to accord with the preset access amount control condition: determining part of the access requests as target requests, generating normal response data responding to each target request and returning; for each access request except the target request, disconnecting the access request or placing the access request into a preset waiting queue; when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access rate control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion.
In the technical scheme of the embodiment of the invention, the access amount control condition is preset for each server so as to determine the processing mode aiming at the access request, for example, when the number of the access requests is greater than the preset threshold value, only a part of the access requests are normally responded, and other requests are directly disconnected or placed into a waiting queue, so that the service resources can be quickly released when large-scale access amount is encountered, and the system availability is ensured. In addition, by setting a plurality of current limiting strategies for each server, when the number of access requests is not greater than the threshold value, the operation data of the business service is collected in real time to obtain the performance, the availability ratio and other operation indexes of the business service, and finally, the operation indexes are used for determining the access amount control strategy for actually executing current limiting from the plurality of current limiting strategies, so that the intelligent perception of the business service operation condition and the automatic control of the access amount when the access amount is large are realized, the sensitivity, the availability and the service resource utilization rate of the system can be improved, and the targeted current limiting measures when different access amount pressures are met are realized. In addition, by setting the timing current limiting strategy, the corresponding current limiting strategy can be deployed in advance before the arrival of the flow flood peak with the periodic characteristic, so that the corresponding current limiting strategy can be effectively responded.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. An access amount control method, comprising:
receiving an access request;
when the number of the received access requests is judged to accord with the preset access amount control condition: determining part of the access requests as target requests, generating normal response data responding to each target request and returning; for each access request except the target request, disconnecting the access request or placing the access request into a preset waiting queue;
when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access rate control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion.
2. The method of claim 1, wherein the throttling policies include at least one performance throttling policy; and the access amount control policy is determined according to the following steps:
collecting operation data of a current statistical period, and acquiring a performance index of the current statistical period according to the operation data;
and determining a performance current limiting strategy with the current limiting condition matched with the performance index of the current statistical period as a primary selection strategy, and determining the strategy with the maximum current limiting proportion in the primary selection strategy as an access control strategy.
3. The method of claim 2, wherein the throttling strategy further comprises at least one available rate throttling strategy; and, the method further comprises: prior to determining the access control policy:
acquiring the availability index of the current statistical period according to the operating data;
and determining the available rate current limiting strategy with the current limiting condition matched with the available rate index as the initial selection strategy.
4. The method of claim 2, wherein the current limiting strategy further comprises at least one timed current limiting strategy, each timed current limiting strategy having a current limiting condition of a current limiting time interval; and, the method further comprises:
and before determining the access rate control strategy, determining a timing current limiting strategy of a current time included in the current time of the current time limiting interval as the initial selection strategy.
5. The method of claim 1, wherein the determining whether the access request is normally responded to by using the pre-stored access control policy comprises:
converting the client identifier carried in the access request into a hash value between 0 and 1;
when the hash value is not less than the current limit proportion in the access quantity control strategy, the access request is normally responded;
and when the hash value is smaller than the current limit proportion in the access quantity control strategy, disconnecting the access request or placing the access request into the waiting queue.
6. The method of claim 1,
the number of access requests received includes: the number of access requests received in the current acquisition period or the number of access requests currently being processed;
the access amount control condition includes: the number of received access requests is greater than a preset threshold;
the number of target requests is equal to the threshold.
7. The method according to any one of claims 2 to 4,
the operational data includes: the response result and the response duration of each access request;
and, the performance indicators include at least one of: response time length hundreds of lines TP index, maximum value of response time length and average value of response time length.
8. An access amount control apparatus, comprising:
a receiving unit configured to receive an access request;
a control unit for: when the number of the received access requests is judged to accord with the preset access amount control condition: determining part of the access requests as target requests, generating normal response data responding to each target request and returning; for each access request except the target request, disconnecting the access request or placing the access request into a preset waiting queue;
a current limiting unit for: when the number of the received access requests is judged not to meet the access amount control condition: aiming at any access request, judging whether the access request is normally responded by utilizing a prestored access quantity control strategy; the access rate control strategy is determined from a plurality of preset current limiting strategies, and each current limiting strategy comprises a current limiting condition and a current limiting proportion.
9. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911164965.3A CN111131058B (en) | 2019-11-25 | 2019-11-25 | Access quantity control method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911164965.3A CN111131058B (en) | 2019-11-25 | 2019-11-25 | Access quantity control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111131058A true CN111131058A (en) | 2020-05-08 |
| CN111131058B CN111131058B (en) | 2023-06-30 |
Family
ID=70496598
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911164965.3A Active CN111131058B (en) | 2019-11-25 | 2019-11-25 | Access quantity control method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111131058B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112367266A (en) * | 2020-10-29 | 2021-02-12 | 北京字节跳动网络技术有限公司 | Current limiting method, current limiting device, electronic equipment and computer readable medium |
| CN112671897A (en) * | 2020-12-22 | 2021-04-16 | 北京达佳互联信息技术有限公司 | Access method, device, storage medium, equipment and product of distributed system |
| CN112764937A (en) * | 2021-01-29 | 2021-05-07 | 中国平安人寿保险股份有限公司 | Access control method and device, computer equipment and storage medium |
| CN112804160A (en) * | 2021-01-26 | 2021-05-14 | 北京嘀嘀无限科技发展有限公司 | Current limiting method, device, equipment, medium and product based on application program |
| CN113329011A (en) * | 2021-05-27 | 2021-08-31 | 北京天空卫士网络安全技术有限公司 | Security access control method and device |
| CN113765969A (en) * | 2020-09-28 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Flow control method and device |
| CN114553936A (en) * | 2022-02-18 | 2022-05-27 | 北京达佳互联信息技术有限公司 | Connection method, connection device, electronic equipment and computer-readable storage medium |
| CN114745329A (en) * | 2022-03-30 | 2022-07-12 | 青岛海尔科技有限公司 | Flow control method and apparatus, storage medium, and electronic apparatus |
| CN115051952A (en) * | 2022-08-16 | 2022-09-13 | 阿里巴巴(中国)有限公司 | Current limiting processing method, device, equipment and storage medium |
| CN115361339A (en) * | 2022-08-15 | 2022-11-18 | 中国工商银行股份有限公司 | Flow control method and device, electronic equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9386019B1 (en) * | 2013-03-14 | 2016-07-05 | Ca, Inc. | System and method for controlled access to network devices |
| CN110071952A (en) * | 2018-01-24 | 2019-07-30 | 北京京东尚科信息技术有限公司 | The control method and device of service call amount |
-
2019
- 2019-11-25 CN CN201911164965.3A patent/CN111131058B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9386019B1 (en) * | 2013-03-14 | 2016-07-05 | Ca, Inc. | System and method for controlled access to network devices |
| CN110071952A (en) * | 2018-01-24 | 2019-07-30 | 北京京东尚科信息技术有限公司 | The control method and device of service call amount |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113765969A (en) * | 2020-09-28 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Flow control method and device |
| CN112367266A (en) * | 2020-10-29 | 2021-02-12 | 北京字节跳动网络技术有限公司 | Current limiting method, current limiting device, electronic equipment and computer readable medium |
| CN112671897B (en) * | 2020-12-22 | 2023-03-21 | 北京达佳互联信息技术有限公司 | Access method, device, storage medium, equipment and product of distributed system |
| CN112671897A (en) * | 2020-12-22 | 2021-04-16 | 北京达佳互联信息技术有限公司 | Access method, device, storage medium, equipment and product of distributed system |
| CN112804160A (en) * | 2021-01-26 | 2021-05-14 | 北京嘀嘀无限科技发展有限公司 | Current limiting method, device, equipment, medium and product based on application program |
| CN112804160B (en) * | 2021-01-26 | 2023-06-06 | 北京嘀嘀无限科技发展有限公司 | Application program-based current limiting method, device, equipment, medium and product |
| CN112764937A (en) * | 2021-01-29 | 2021-05-07 | 中国平安人寿保险股份有限公司 | Access control method and device, computer equipment and storage medium |
| CN112764937B (en) * | 2021-01-29 | 2022-04-15 | 中国平安人寿保险股份有限公司 | Access control method and device, computer equipment and storage medium |
| CN113329011A (en) * | 2021-05-27 | 2021-08-31 | 北京天空卫士网络安全技术有限公司 | Security access control method and device |
| CN113329011B (en) * | 2021-05-27 | 2022-07-08 | 北京天空卫士网络安全技术有限公司 | Security access control method and device |
| CN114553936A (en) * | 2022-02-18 | 2022-05-27 | 北京达佳互联信息技术有限公司 | Connection method, connection device, electronic equipment and computer-readable storage medium |
| CN114553936B (en) * | 2022-02-18 | 2024-01-30 | 北京达佳互联信息技术有限公司 | Connection method, device, electronic apparatus, and computer-readable storage medium |
| CN114745329A (en) * | 2022-03-30 | 2022-07-12 | 青岛海尔科技有限公司 | Flow control method and apparatus, storage medium, and electronic apparatus |
| CN114745329B (en) * | 2022-03-30 | 2024-03-22 | 青岛海尔科技有限公司 | Flow control method and device, storage medium and electronic device |
| CN115361339A (en) * | 2022-08-15 | 2022-11-18 | 中国工商银行股份有限公司 | Flow control method and device, electronic equipment and storage medium |
| CN115361339B (en) * | 2022-08-15 | 2024-03-01 | 中国工商银行股份有限公司 | Flow control method, device, electronic equipment and storage medium |
| CN115051952A (en) * | 2022-08-16 | 2022-09-13 | 阿里巴巴(中国)有限公司 | Current limiting processing method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111131058B (en) | 2023-06-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111131058B (en) | Access quantity control method and device | |
| CN109246229B (en) | Method and device for distributing resource acquisition request | |
| CN109684358B (en) | Data query method and device | |
| US10956424B2 (en) | Application recommending method and system, and server | |
| CN109936613B (en) | Disaster recovery method and device applied to server | |
| CN112839067B (en) | Data synchronization method and device | |
| CN108664521B (en) | Method and device for providing serial number, electronic equipment and readable storage medium | |
| CN110071952B (en) | Service call quantity control method and device | |
| CN112311597A (en) | Message pushing method and device | |
| CN109800085B (en) | Resource configuration detection method and device, storage medium and electronic equipment | |
| CN113760982A (en) | Data processing method and device | |
| CN112783629A (en) | Service calling method and device, electronic equipment and storage medium | |
| CN113765966A (en) | Load balancing method and device | |
| CN113760522A (en) | Task processing method and device | |
| CN116661960A (en) | Batch task processing method, device, equipment and storage medium | |
| CN115525411A (en) | Method, device, electronic equipment and computer readable medium for processing service request | |
| CN115543416A (en) | Configuration updating method and device, electronic equipment and storage medium | |
| CN111831503A (en) | Monitoring method based on monitoring agent and monitoring agent device | |
| CN113535020A (en) | Method, apparatus, device, medium and product for generating application icons | |
| CN114265692A (en) | Service scheduling method, device, equipment and storage medium | |
| CN114374657A (en) | Data processing method and device | |
| CN110888770B (en) | Method and device for transmitting information | |
| CN113296982B (en) | Interface calling method and device | |
| CN113778730B (en) | Service degradation method and device for distributed system | |
| CN113495888B (en) | Identification management method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |