CN112073232A - Distribution method and device of public resource configuration information and computer equipment - Google Patents

Distribution method and device of public resource configuration information and computer equipment Download PDF

Info

Publication number
CN112073232A
CN112073232A CN202010899130.9A CN202010899130A CN112073232A CN 112073232 A CN112073232 A CN 112073232A CN 202010899130 A CN202010899130 A CN 202010899130A CN 112073232 A CN112073232 A CN 112073232A
Authority
CN
China
Prior art keywords
configuration information
resource configuration
public resource
information
micro
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010899130.9A
Other languages
Chinese (zh)
Inventor
马腾俊
田雪峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Absolute Health Ltd
Original Assignee
Beijing Absolute Health Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Absolute Health Ltd filed Critical Beijing Absolute Health Ltd
Priority to CN202010899130.9A priority Critical patent/CN112073232A/en
Publication of CN112073232A publication Critical patent/CN112073232A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0889Techniques to speed-up the configuration process
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles

Abstract

In the technical solution of a method, an apparatus and a computer device for allocating public resource configuration information provided by the embodiments of the present invention, receiving a resource acquisition request sent by the micro server, creating public resource configuration information required by the micro server according to the resource acquisition request, the public resource allocation information is subjected to privilege processing to generate the privileged public resource allocation information, the privileged public resource allocation information is distributed to the micro-service terminal, so that the micro-service end acquires the public resource allocation information after acquiring the use authority, starts the service corresponding to the micro-service end according to the public resource allocation information, can allocate the public resource allocation information to the corresponding micro-service, improves the allocation efficiency of the public resource allocation information, and the public resource configuration information with the authority is distributed to the micro-service terminal, so that the safety of the system is improved.

Description

Distribution method and device of public resource configuration information and computer equipment
[ technical field ] A method for producing a semiconductor device
The present invention relates to the technical field of resource allocation, and in particular, to a method and an apparatus for allocating public resource configuration information, and a computer device.
[ background of the invention ]
In the related art, in order to improve the portability of the system, the configuration file is generally separated from the service, so that the starting of a single micro service depends on the external configuration file, and the common resource configuration information used by all the micro services is usually maintained only by one and is shared by all the micro services. Since the public resource configuration information has no authority control, anyone can browse information of other services, and sensitive information needs to be stored in another system manually and independently, so that the process of distributing the public resource configuration information is complicated and is prone to errors.
[ summary of the invention ]
In view of this, the present invention provides a method, an apparatus, and a computer device for allocating public resource configuration information, which can allocate the public resource configuration information to a corresponding micro-service, improve the allocation efficiency of the public resource configuration information, and improve the security of the system by allocating the authorized public resource configuration information to the micro-service.
In one aspect, an embodiment of the present invention provides a method for allocating public resource configuration information, which is applied to a resource management end, and the method includes:
receiving a resource acquisition request sent by a micro server;
establishing public resource configuration information required by the micro server according to the resource acquisition request;
performing authorization processing on the public resource configuration information to generate authorized public resource configuration information;
distributing the authorized public resource configuration information to the micro server so that the micro server acquires the public resource configuration information after acquiring the use authority, and starting the service corresponding to the micro server according to the public resource configuration information.
Optionally, the resource obtaining request includes service information required by the micro server;
the creating of the public resource configuration information required by the micro server according to the resource acquisition request comprises:
and creating public resource configuration information required by the micro server according to a pre-generated configuration information template and the service information required by the micro server.
Optionally, the common resource configuration information includes sensitive field information;
after the creating the public resource configuration information required by the microserver according to the resource acquisition request, the method further comprises the following steps:
and storing the sensitive field information to a first storage system.
Optionally, the public resource configuration information further includes public resource information and basic configuration information;
after the creating the public resource configuration information required by the microserver according to the resource acquisition request, the method further comprises the following steps:
storing the common resource information and the basic configuration information to a second storage system, wherein the security level of the first storage system is higher than that of the second storage system.
Optionally, the public resource configuration information includes sensitive field information, public resource information, and basic configuration information;
the step of performing authorization processing on the public resource configuration information to generate authorized public resource configuration information includes:
and setting the use authority for the sensitive field information, and generating the authorized public resource configuration information according to the public resource information, the basic configuration information and the sensitive field information with the use authority set.
Optionally, after the distributing the authorized common resource configuration information to the microserver, the method further includes:
receiving a binding request sent by the micro server, wherein the binding request is used for requesting to bind the public resource configuration information and the micro server so as to obtain the use permission;
and setting the use authority for the micro server according to the binding request.
On the other hand, an embodiment of the present invention provides an apparatus for allocating public resource configuration information, which is applied to a resource management end, and the apparatus includes:
the receiving module is used for receiving a resource acquisition request sent by the micro server;
the creation module is used for creating public resource configuration information required by the micro server according to the resource acquisition request;
the first processing module is used for performing authorization processing on the public resource configuration information to generate authorized public resource configuration information;
the distribution module is used for distributing the public resource configuration information with the authority to the micro server so that the micro server can obtain the public resource configuration information after obtaining the use authority, and starts the service corresponding to the micro server according to the public resource configuration information.
Optionally, the public resource configuration information includes sensitive field information, public resource information, and basic configuration information;
the first processing module is further configured to set a usage right for the sensitive field information, and generate the authorized public resource configuration information according to the public resource information, the basic configuration information, and the sensitive field information with the usage right set.
On the other hand, an embodiment of the present invention provides a storage medium, where the storage medium includes a stored program, and when the program runs, a device in which the storage medium is located is controlled to execute the foregoing method for allocating common resource configuration information.
In another aspect, an embodiment of the present invention provides a computer device, including a memory and a processor, where the memory is used to store information including program instructions, and the processor is used to control execution of the program instructions, and the program instructions are loaded by the processor and execute the steps of the above-mentioned method for allocating common resource configuration information.
In the technical scheme provided by the embodiment of the invention, a resource acquisition request sent by a micro server is received, public resource configuration information required by the micro server is created according to the resource acquisition request, the public resource configuration information is subjected to privilege processing to generate the privileged public resource configuration information, the privileged public resource configuration information is distributed to the micro server, so that the micro server acquires the public resource configuration information after acquiring the use privilege, the corresponding service of the micro server is started according to the public resource configuration information, the public resource configuration information can be distributed to the corresponding micro server, the distribution efficiency of the public resource configuration information is improved, and the security of the system is improved by distributing the privileged public resource configuration information to the micro server.
[ description of the drawings ]
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 is an architecture diagram of a system for allocating common resource configuration information according to an embodiment of the present invention;
fig. 2 is a flowchart of a method for allocating common resource allocation information according to an embodiment of the present invention;
fig. 3 is a flowchart of a method for allocating common resource configuration information according to another embodiment of the present invention;
fig. 4 is a flowchart of a method for allocating common resource configuration information according to another embodiment of the present invention;
fig. 5 is a schematic structural diagram of an apparatus for allocating common resource allocation information according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of another apparatus for allocating common resource configuration information according to an embodiment of the present invention;
fig. 7 is a schematic diagram of a computer device according to an embodiment of the present invention.
[ detailed description ] embodiments
For better understanding of the technical solutions of the present invention, the following detailed descriptions of the embodiments of the present invention are provided with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be understood that the term "and/or" as used herein is merely one type of associative relationship that describes an associated object, meaning that three types of relationships may exist, e.g., A and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Before introducing the distribution system of the public resource configuration information provided by the embodiment of the invention, the related concepts related to the invention are introduced:
(1) micro-services
The micro-service is used to indicate a single application having a corresponding function, for example, the micro-service includes a take-out service or a ticket-robbing service.
(2) Common resource configuration information
The public resource configuration information is used for indicating the resource management terminal to configure a set of information which can be actually connected to other public resources such as a database or a redis storage system for the micro service terminal, wherein the public resource configuration information comprises sensitive field information, public resource information and basic configuration information, and the basic configuration information can be modified as required after the micro service binds the public resource configuration information.
After the above-mentioned related concepts are introduced, a brief description will be given of a method for allocating common resource configuration information in the related art:
in order to improve development efficiency and increase service reliability in the current internet background, a single application service is often split into micro services, each micro service is responsible for a part of the whole function, and the micro services together complete the function of the whole service. Under the background of increasing micro-services, in order to improve system portability, configuration files are generally separated from services, so that the starting of a single micro-service depends on an external configuration file, and common resource configuration information used by all micro-services is usually maintained only by one part and is shared by all micro-service terminals. However, since the public resource configuration information has no authority control, anyone can browse the information of other services, and sensitive field information needs to be stored in another system by person, which leads to the problem that the process of configuring the public resource information is tedious and error-prone.
Based on this, to solve the above technical problem, the present invention provides a method, an apparatus, and a computer device for allocating public resource allocation information, which can allocate the public resource allocation information to a corresponding micro service, improve the allocation efficiency of the public resource allocation information, and improve the security of the system by allocating the authorized public resource allocation information to the micro service.
Fig. 1 is an architecture diagram of a system for allocating common resource configuration information according to an embodiment of the present invention, as shown in fig. 1, the system 100 includes: a resource management side 10 and a microserver side 20.
In the embodiment of the present invention, the resource management terminal 10 is configured to receive a resource acquisition request sent by a micro server, create public resource configuration information required by the micro server according to the resource acquisition request, perform authorization processing on the public resource configuration information, generate authorized public resource configuration information, and allocate the authorized public resource configuration information to the micro server.
The micro server 20 is configured to obtain the public resource configuration information after obtaining the usage right, and start a service corresponding to the micro server according to the public resource configuration information.
It should be noted that, the authorized public resource configuration information is allocated to the micro server 20, so that the micro server 20 is in an encrypted state with respect to the sensitive field information, so that when the micro server 20 waits to start a service, a first token is sent to the resource management terminal 10, and the sensitive field information is obtained from the address information according to the first token, so that the service is normally started according to the sensitive field information.
In the embodiment of the present invention, the resource management terminal 10 allocates the public resource configuration information to the corresponding micro server terminal 20, so as to improve the allocation efficiency of the public resource configuration information, and the resource management terminal 10 allocates the authorized public resource configuration information to the micro server terminal 20, so as to improve the security of the system.
Specifically, the resource management terminal 10 is further configured to create common resource configuration information required by the micro server according to a pre-generated configuration information template and service information required by the micro server.
The resource management terminal 10 is further configured to store the sensitive field information to the first storage system; and storing the common resource information and the basic configuration information to a second storage system, wherein the security level of the first storage system is higher than that of the second storage system.
The resource management terminal 10 is further configured to set a usage right for the sensitive field information, generate the authorized public resource configuration information according to the public resource information, the basic configuration information, and the sensitive field information after the usage right is set, and allocate the authorized public resource configuration information to the micro service terminal 20, so that the security of the system can be improved.
The resource management terminal 10 is further configured to receive a binding request sent by the micro server 20, where the binding request is used to request to bind the public resource configuration information and the micro server 20 to obtain a usage right; and setting the use authority for the micro server according to the binding request.
Fig. 2 is a flowchart of a method for allocating common resource configuration information according to an embodiment of the present invention, as shown in fig. 2, the method is applied to a resource management side, and the method includes:
and 102, receiving a resource acquisition request sent by a micro server.
In the embodiment of the invention, before the micro-service end starts the service, the micro-service end needs to apply for the corresponding resource to the resource management end, and the user operating the micro-service end can apply for the corresponding resource to the administrator operating the resource management end.
In the embodiment of the present invention, step 102 may specifically include: and creating the public resource configuration information required by the micro server according to the pre-generated configuration information template and the service information required by the micro server.
It should be noted that the micro server needs to send a resource obtaining request to the resource management end, where the resource obtaining request carries service information, where the service information is used to indicate service information and a special configuration requirement required by the micro server, so as to request to obtain corresponding public resource configuration information and a usage right of the public resource configuration information through the service information, and therefore, through the service information carried in the resource obtaining request, the step may be performed to create the public resource configuration information required by the micro server according to a pre-generated configuration information template and the service information required by the micro server.
In the embodiment of the invention, the resource management terminal abstracts the common attributes of different public resources, combines the abstracted keys into a uniform template of corresponding resources, creates public resource configuration information which can be applied by the micro-service terminal through the template, and abstracts the whole public resource configuration information distribution process into three layers of the template, the resources and the service resources. That is, the resource management terminal abstracts some public attributes in the public resource configuration information by abstracting the public resource configuration information that a plurality of micro servers depend on together, forms a whole set of configuration templates corresponding to different resources, supports to specifically create a public resource configuration information for the designated micro service according to the generated template and the service information required by the micro servers, and enables the public resource configuration information to be controllably allocated to the designated micro service for use, thereby realizing the controllability and the use condition statistics of the public resources, and facilitating the management of the public resources and the synchronous update of the corresponding configuration.
And step 104, establishing public resource configuration information required by the micro server according to the resource acquisition request.
In the embodiment of the invention, the public resource configuration information comprises sensitive information. The public resource configuration information is used for indicating that sensitive field information in the public resource configuration information is in a non-encryption state for the micro-service terminal.
In the embodiment of the invention, when the resource management terminal creates the public resource configuration information required by the micro server, an administrator of the resource management terminal can select the corresponding micro service name on the operation interface, click the micro service name and establish the public resource configuration information required by the micro server, so that the public resource configuration information and the micro service have one-to-one correspondence, and the follow-up micro service can retrieve the public resource configuration information on the operation interface.
In the embodiment of the present invention, after step 104, the method further includes:
and 105a, storing the sensitive field information to a first storage system.
In embodiments of the present invention, the first storage system may comprise a vault storage system. Specifically, when the public resource configuration information required by the microserver is created, sensitive fields are stored in the vault storage system, wherein the sensitive fields may include sensitive fields specified by the resource manager, for example, the sensitive fields include fields of a user name, a password, and the like. By storing the sensitive fields into the vault storage system, the problems that the micro-service end avoids the resource management end to connect the public resource configuration information, so that the resource leakage is caused, or the public resource configuration information is maliciously utilized are solved.
Specifically, the resource management terminal stores the sensitive field into the safe vault storage system by setting the resource attribute, and the sensitive information is encrypted for the micro service terminal, and the micro service terminal can actively go to the vault storage system to obtain the sensitive field information only when the micro service terminal is really used, so that the system safety can be improved.
And 105b, storing the public resource information and the basic configuration information to a second storage system, wherein the security level of the first storage system is higher than that of the second storage system.
In embodiments of the present invention, the second storage system may comprise a git storage system.
It should be noted that the security level of the first storage system is higher than that of the second storage system. The security level may be determined by a plurality of parameters such as the number of persons allowed to access the storage system, the encryption degree of data, and the like, and the calculation method of the security level is not particularly limited.
And 106, performing authorization processing on the public resource configuration information to generate authorized public resource configuration information.
In the embodiment of the present invention, step 106 may specifically include: and setting the use authority for the sensitive field information, and generating the authorized public resource configuration information according to the public resource information, the basic configuration information and the sensitive field information with the use authority set.
In the embodiment of the invention, after the resource management terminal creates the corresponding public resource configuration information according to the resource acquisition request, the authorized public resource configuration information is distributed to the corresponding micro-service. After distributing the public resource configuration information with the authority, a developer of the micro-service end can see the corresponding public resource configuration information with the authority on a visual operation interface, wherein the public resource configuration information with the weight limit is used for indicating that sensitive field information in the public resource configuration information is in an encrypted state for the micro-service end. For example, the sensitive field information may include a username and password to connect to the database. Specifically, after the authorized public resource configuration information is distributed to the micro-service terminal, in a visual operation interface of the micro-service terminal, a user name and a password for connecting the database are hidden.
In the embodiment of the invention, the public resource configuration information comprises sensitive field information, public resource information and basic configuration information. In addition, the configuration information of each resource is commonly referred to as public resource configuration, and developers at the micro server can set according to actual requirements and permissions, and the sensitive field information, the configuration information which can be changed by users in a self-defined manner and the global unified management configuration information are divided.
And 108, distributing the authorized public resource configuration information to the micro-service terminal, so that the micro-service terminal acquires the public resource configuration information after acquiring the use authorization, and starting a service corresponding to the micro-service terminal according to the public resource configuration information.
In this embodiment of the present invention, after the step 108 of allocating the authorized public resource configuration information to the microserver is executed, the method further includes:
and step 109, receiving a binding request sent by the micro server, wherein the binding request is used for requesting to bind the public resource configuration information and the micro server so as to obtain the use permission.
In the embodiment of the invention, developers of the micro-service terminal can generate the binding request by manually clicking the binding button, and the resource management terminal binds the public resource configuration information and the micro-service terminal according to the binding request and distributes the use permission for the micro-service terminal.
And step 110, setting the use authority for the micro server according to the binding request.
In the embodiment of the invention, the resource management terminal sets the use authority for the micro service terminal, so that the micro service terminal acquires the public resource configuration information after acquiring the use authority, and starts the service corresponding to the micro service terminal according to the public resource configuration information. By setting the use authority, the problem that the public resource configuration information is low in safety because anyone can browse information of other services without authority control of the configuration information is solved.
In the technical scheme provided by the embodiment of the invention, a resource acquisition request sent by a micro server is received, public resource configuration information required by the micro server is created according to the resource acquisition request, the public resource configuration information is subjected to privilege processing to generate the privileged public resource configuration information, the privileged public resource configuration information is distributed to the micro server, so that the micro server acquires the public resource configuration information after acquiring the use privilege, the corresponding service of the micro server is started according to the public resource configuration information, the public resource configuration information can be distributed to the corresponding micro server, the distribution efficiency of the public resource configuration information is improved, and the security of the system is improved by distributing the privileged public resource configuration information to the micro server.
Fig. 3 is a flowchart of a method for allocating common resource configuration information according to another embodiment of the present invention, as shown in fig. 3, the method is applied to a microserver, and the method includes:
step 202, sending a resource acquisition request to a resource management terminal so that the resource management terminal creates public resource configuration information required by a micro server according to the resource acquisition request; carrying out authority adding processing on the public resource configuration information to generate the public resource configuration information after authority adding; and distributing the authorized public resource configuration information to the micro-service terminal.
In the embodiment of the invention, the public resource configuration information comprises sensitive field information, and the public resource configuration information is used for indicating that the sensitive field information in the public resource configuration information is in a non-encryption state for the micro-service terminal. The authorized public resource configuration information is used for indicating that sensitive field information in the public resource configuration information is in an encryption state for the micro-service terminal.
And 204, after the use permission is obtained, obtaining the public resource configuration information, and starting the service corresponding to the micro-service terminal according to the public resource configuration information.
In the embodiment of the invention, the public resource configuration information comprises sensitive field information, public resource information and basic configuration information.
In the embodiment of the present invention, step 204 may specifically include:
step 2041, sending a binding request to the resource management terminal, where the binding request is used to request to bind the public resource configuration information and the microserver terminal, so as to obtain the usage right.
Step 2042, according to the usage right, obtaining address information, wherein the address information is a uniform path for accessing sensitive field information, public resource information and basic configuration information.
In the embodiment of the invention, specifically, after a user operating the microserver manually clicks the binding button, the address information is automatically generated, wherein the address information is a uniform path for accessing sensitive field information, public resource information and basic configuration information. That is to say, after the public resource configuration information is bound with the micro server, a developer of the micro server needs to manually configure address information generated by binding in the micro server, where the address information includes a complete path for accessing the public resource configuration information, so that the micro server can pull corresponding resource configuration according to the address information when starting service, and connect to a corresponding public resource, such as a database.
Step 2043, sending the first token to the resource management terminal, and obtaining the sensitive field information from the address information according to the first token.
In the embodiment of the invention, after the address information is acquired according to the use permission, the micro-service end can start the service according to the normal flow, and the sensitive field information is acquired by the first token carried in the environment and the path carrying the access sensitive field in the address information when the service is started. For example, when the path for accessing the sensitive field includes the first storage system, the micro server obtains the sensitive field information from the first storage system (vault).
Further, the micro-server may also access the configured public resource information from the interface through the address information, obtain the basic configuration information from the second storage system (git), and perform the subsequent step 2044 to integrate the sensitive field information and the authorized public resource configuration information into the public resource configuration information according to the order of the priority from high to low, so as to start the service normally according to the public resource configuration information.
Step 2044, according to the sensitive field information and the public resource information and the basic configuration information obtained through the address information, determining public resource configuration information, and starting a service corresponding to the micro-service terminal according to the public resource configuration information.
In addition, the micro server is also used to modify the resource attribute information, specifically, the resource management end creates the common resource configuration information, and this common resource configuration information actually has all the necessary conditions used by the micro server, such as the user name and the password. However, after the micro server binds the public resource configuration information, the micro server can also dynamically adjust some resource attribute information which does not affect necessary connection according to the needs of the micro server.
In the technical scheme provided by the embodiment of the invention, a resource acquisition request is sent to a resource management terminal, so that the resource management terminal creates public resource configuration information required by a micro server terminal according to the resource acquisition request; carrying out authority adding processing on the public resource configuration information to generate the public resource configuration information after authority adding; the authorized public resource configuration information is distributed to the micro-service end, so that the micro-service end acquires the public resource configuration information after acquiring the use authority, the service corresponding to the micro-service end is started according to the public resource configuration information, the public resource configuration information can be distributed to the corresponding micro-service, the distribution efficiency of the public resource configuration information is improved, and the security of the system is improved by distributing the authorized public resource configuration information to the micro-service end.
Fig. 4 is a flowchart of a method for allocating common resource configuration information according to another embodiment of the present invention, as shown in fig. 3, the method includes:
step 301, the micro service end sends a resource acquisition request to the resource management end.
In the embodiment of the present invention, the specific execution process of step 301 may refer to step 201 described above.
Step 302, the resource management end receives a resource acquisition request sent by the micro server.
In the embodiment of the present invention, the specific implementation process of step 302 can refer to step 102.
Step 303, the resource management end creates public resource configuration information required by the micro server according to the resource acquisition request, wherein the public resource configuration information includes sensitive field information.
In the embodiment of the present invention, the specific implementation process of step 303 may refer to step 104.
And step 304, the resource management terminal stores the sensitive field information to the first storage system.
In the embodiment of the present invention, the specific implementation process of step 303 can be referred to as step 105 a.
And 305, storing the public resource information and the basic configuration information to a second storage system, wherein the security level of the first storage system is higher than that of the second storage system.
In the embodiment of the present invention, the specific implementation process of step 303 can be referred to as step 105 b.
And step 306, the resource management terminal performs authorization processing on the public resource configuration information to generate authorized public resource configuration information.
In the embodiment of the present invention, the specific implementation process of step 306 can be referred to as step 106.
And 307, the resource management terminal distributes the authorized public resource configuration information to the micro service terminal.
In the embodiment of the present invention, the specific implementation process of step 306 can refer to step 108 described above.
And 308, the micro service terminal sends a binding request to the resource management terminal, wherein the binding request is used for requesting to bind the public resource configuration information and the micro service terminal so as to obtain the use permission.
In the embodiment of the present invention, the specific implementation process of step 308 can refer to step 2041.
Step 309, the resource management end receives a binding request sent by the micro server end, and the binding request is used for requesting to bind the public resource configuration information and the micro server end so as to obtain the use permission.
In the embodiment of the present invention, the specific implementation process of step 309 can be referred to as step 109.
And step 310, the resource management terminal sets the use authority for the micro server terminal according to the binding request.
In the embodiment of the present invention, the specific implementation process of step 310 can be referred to as step 110.
311, the micro-server side acquires address information according to the use permission, wherein the address information comprises access sensitive field information, public resource information and a path of basic configuration information; sending a first token to a resource management end, and acquiring sensitive field information from address information according to the first token; and determining the public resource configuration information according to the sensitive field information and the public resource information and the basic configuration information acquired through the address information, and starting the service corresponding to the micro-service terminal according to the public resource configuration information.
In the embodiment of the present invention, the specific execution process of step 311 can refer to steps 2041 to 2044.
In the technical scheme provided by the embodiment of the invention, a resource acquisition request sent by a micro server is received, public resource configuration information required by the micro server is created according to the resource acquisition request, the public resource configuration information is subjected to privilege processing to generate the privileged public resource configuration information, the privileged public resource configuration information is distributed to the micro server, so that the micro server acquires the public resource configuration information after acquiring the use privilege, and starts the service corresponding to the micro server according to the public resource configuration information, the public resource configuration information can be distributed to the corresponding micro server, the distribution efficiency of the public resource configuration information is improved, and the security of the system is improved by distributing the privileged public resource configuration information to the micro server.
Fig. 5 is a schematic structural diagram of an apparatus for allocating common resource allocation information according to an embodiment of the present invention, as shown in fig. 5, the apparatus is applied to a resource management side, and the apparatus includes: a receiving module 11, a creating module 12, a first processing module 13 and an assigning module 14.
The receiving module 11 is configured to receive a resource obtaining request sent by a micro server.
The creating module 12 is configured to create the public resource configuration information required by the microserver according to the resource obtaining request.
The first processing module 13 is configured to perform authorization processing on the public resource configuration information, and generate authorized public resource configuration information.
The allocating module 14 is configured to allocate the authorized public resource configuration information to the micro server, so that the micro server obtains the public resource configuration information after obtaining the usage authorization, and starts a service corresponding to the micro server according to the public resource configuration information.
In this embodiment of the present invention, the resource obtaining request includes service information required by the micro server, and the creating module 12 of the apparatus is specifically configured to create, according to a pre-generated configuration information template and the service information required by the micro server, public resource configuration information required by the micro server.
In this embodiment of the present invention, the public resource configuration information includes sensitive field information, public resource information, and basic configuration information, and the apparatus further includes: a memory module 15.
The storage module 15 is used for storing the sensitive field information to a first storage system; storing the common resource information and the basic configuration information to a second storage system, wherein the security level of the first storage system is higher than that of the second storage system.
In the embodiment of the present invention, the public resource configuration information includes sensitive field information, public resource information, and basic configuration information, and the first processing module 13 of the apparatus is specifically configured to set a usage right for the sensitive field information, and generate the public resource configuration information with the right added according to the public resource information, the basic configuration information, and the sensitive field information with the usage right set.
In the embodiment of the present invention, the apparatus further includes: a permission module 16 is provided.
The receiving module 11 is further configured to receive a binding request sent by the micro server, where the binding request is used to request to bind the public resource configuration information and the micro server, so as to obtain a usage right;
and the permission setting module 16 is used for setting the use permission for the microserver according to the binding request.
In the technical scheme provided by the embodiment of the invention, a resource acquisition request sent by a micro server is received, public resource configuration information required by the micro server is created according to the resource acquisition request, the public resource configuration information is subjected to privilege processing to generate the privileged public resource configuration information, the privileged public resource configuration information is distributed to the micro server, so that the micro server acquires the public resource configuration information after acquiring the use privilege, the corresponding service of the micro server is started according to the public resource configuration information, the public resource configuration information can be distributed to the corresponding micro server, the distribution efficiency of the public resource configuration information is improved, and the security of the system is improved by distributing the privileged public resource configuration information to the micro server.
Fig. 6 is a schematic structural diagram of an apparatus for allocating common resource allocation information according to an embodiment of the present invention, as shown in fig. 6, the apparatus is applied to a microserver, and the apparatus includes: a sending module 21, an obtaining module 22 and a second processing module 23.
The sending module 21 is configured to send a resource acquisition request to a resource management end, so that the resource management end creates public resource configuration information required by the micro server according to the resource acquisition request, where the public resource configuration information includes sensitive field information, and the public resource configuration information is used to indicate that the sensitive field information in the public resource configuration information is in a non-encrypted state for the micro server; performing authorization processing on the public resource configuration information to generate authorized public resource configuration information; distributing the authorized public resource configuration information to the micro server, wherein the authorized public resource configuration information is used for indicating that sensitive field information in the public resource configuration information is in an encryption state for the micro server.
The obtaining module 22 is configured to obtain the public resource configuration information after obtaining the usage right.
The second processing module 23 is configured to start a service corresponding to the micro service end according to the common resource configuration information.
In the embodiment of the invention, the public resource configuration information comprises sensitive field information, public resource information and basic configuration information; the obtaining module 22 of the apparatus specifically includes: a sending sub-module 221, an obtaining sub-module 222, and a determining sub-module 223.
The sending submodule 221 is configured to send a binding request to the resource management terminal, where the binding request is used to request to bind the public resource configuration information and the micro server terminal, so as to obtain a usage right.
The obtaining sub-module 222 is configured to obtain address information according to the usage right, where the address information includes a path for accessing the sensitive field information, the public resource information, and the basic configuration information.
The determining submodule 223 is configured to determine the public resource configuration information according to the sensitive field information, the public resource information obtained through the address information, and the basic configuration information, and start a service corresponding to the micro service end according to the public resource configuration information.
In the technical scheme provided by the embodiment of the invention, a resource acquisition request is sent to a resource management end, so that the resource management end creates public resource configuration information required by the micro server according to the resource acquisition request; performing authorization processing on the public resource configuration information to generate authorized public resource configuration information; the authorized public resource configuration information is distributed to the micro server, so that the micro server acquires the public resource configuration information after acquiring the use authority, the service corresponding to the micro server is started according to the public resource configuration information, the public resource configuration information can be distributed to the corresponding micro service, the distribution efficiency of the public resource configuration information is improved, and the security of the system is improved by distributing the authorized public resource configuration information to the micro server.
An embodiment of the present invention provides a storage medium, where the storage medium includes a stored program, where, when the program runs, a device on which the storage medium is located is controlled to execute each step of the foregoing allocation method for common resource configuration information, and for specific description, reference may be made to the foregoing allocation method for common resource configuration information.
An embodiment of the present invention provides a computer device, including a memory and a processor, where the memory is used to store information including program instructions, and the processor is used to control execution of the program instructions, and the program instructions are loaded by the processor and executed to implement the steps of the above-mentioned method for allocating common resource configuration information. For a detailed description, reference may be made to the above embodiments of the allocation method of the common resource configuration information.
Fig. 7 is a schematic diagram of a computer device according to an embodiment of the present invention. As shown in fig. 7, the computer device 4 of this embodiment includes: the processor 41, the memory 42, and the computer program 43 stored in the memory 42 and capable of running on the processor 41, where the computer program 43 is executed by the processor 41 to implement the allocation method applied to the common resource configuration information in the embodiment, and in order to avoid repetition, details are not repeated here. Alternatively, the computer program is executed by the processor 41 to implement the functions of each model/unit in the allocation apparatus applied to the common resource allocation information in the embodiment, and for avoiding repetition, the details are not repeated herein.
The computer device 4 includes, but is not limited to, a processor 41, a memory 42. Those skilled in the art will appreciate that fig. 7 is merely an example of computer device 4 and is not intended to limit computer device 4 and may include more or fewer components than those shown, or some of the components may be combined, or different components, e.g., computer device 4 may also include input-output devices, network access devices, buses, etc.
The Processor 41 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The storage 42 may be an internal storage unit of the computer device 4, such as a hard disk or a memory of the computer device 4. The memory 42 may also be an external storage device of the computer device 4, such as a plug-in hard disk provided on the computer device 4, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like. Further, the memory 42 may also include both internal storage units of the computer device 4 and external storage devices. The memory 42 is used for storing computer programs and other programs and data required by the computer device 4. The memory 42 may also be used to temporarily store data that has been output or is to be output.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, a division of a unit is merely a logical division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The integrated unit implemented in the form of a software functional unit may be stored in a computer readable storage medium. The software functional unit is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) or a Processor (Processor) to execute some steps of the methods according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A method for allocating common resource configuration information, the method comprising:
receiving a resource acquisition request sent by a micro server;
establishing public resource configuration information required by the micro server according to the resource acquisition request;
performing authorization processing on the public resource configuration information to generate authorized public resource configuration information;
distributing the authorized public resource configuration information to the micro server so that the micro server acquires the public resource configuration information after acquiring the use authority, and starting the service corresponding to the micro server according to the public resource configuration information.
2. The method of claim 1, wherein the resource acquisition request includes service information required by the microserver;
the creating of the public resource configuration information required by the micro server according to the resource acquisition request comprises:
and creating public resource configuration information required by the micro server according to a pre-generated configuration information template and the service information required by the micro server.
3. The method of claim 1, wherein the common resource configuration information comprises sensitive field information;
after the creating the public resource configuration information required by the microserver according to the resource acquisition request, the method further comprises the following steps:
and storing the sensitive field information to a first storage system.
4. The method of claim 3, wherein the common resource configuration information further comprises common resource information and basic configuration information;
after the creating the public resource configuration information required by the microserver according to the resource acquisition request, the method further comprises the following steps:
storing the common resource information and the basic configuration information to a second storage system, wherein the security level of the first storage system is higher than that of the second storage system.
5. The method of claim 1, wherein the common resource configuration information comprises sensitive field information, common resource information, and base configuration information;
the step of performing authorization processing on the public resource configuration information to generate authorized public resource configuration information includes:
and setting the use authority for the sensitive field information, and generating the authorized public resource configuration information according to the public resource information, the basic configuration information and the sensitive field information with the use authority set.
6. The method of claim 5, further comprising, after the allocating the authorized common resource configuration information to the microserver:
receiving a binding request sent by the micro server, wherein the binding request is used for requesting to bind the public resource configuration information and the micro server so as to obtain the use permission;
and setting the use authority for the micro server according to the binding request.
7. An apparatus for allocating common resource configuration information, the apparatus comprising:
the receiving module is used for receiving a resource acquisition request sent by the micro server;
the creation module is used for creating public resource configuration information required by the micro server according to the resource acquisition request;
the first processing module is used for performing authorization processing on the public resource configuration information to generate authorized public resource configuration information;
the distribution module is used for distributing the public resource configuration information with the authority to the micro server so that the micro server can obtain the public resource configuration information after obtaining the use authority, and starts the service corresponding to the micro server according to the public resource configuration information.
8. The apparatus of claim 7, wherein the common resource configuration information comprises sensitive field information, common resource information, and base configuration information;
the first processing module is further configured to set a usage right for the sensitive field information, and generate the authorized public resource configuration information according to the public resource information, the basic configuration information, and the sensitive field information with the usage right set.
9. A storage medium, characterized in that the storage medium comprises a stored program, wherein when the program runs, a device in which the storage medium is located is controlled to execute the allocation method of the common resource configuration information according to any one of claims 1 to 6.
10. A computer device comprising a memory for storing information comprising program instructions and a processor for controlling the execution of the program instructions, characterized in that the program instructions are loaded and executed by the processor to implement the steps of the method of allocating common resource configuration information according to any one of claims 1 to 6.
CN202010899130.9A 2020-08-31 2020-08-31 Distribution method and device of public resource configuration information and computer equipment Pending CN112073232A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010899130.9A CN112073232A (en) 2020-08-31 2020-08-31 Distribution method and device of public resource configuration information and computer equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010899130.9A CN112073232A (en) 2020-08-31 2020-08-31 Distribution method and device of public resource configuration information and computer equipment

Publications (1)

Publication Number Publication Date
CN112073232A true CN112073232A (en) 2020-12-11

Family

ID=73666230

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010899130.9A Pending CN112073232A (en) 2020-08-31 2020-08-31 Distribution method and device of public resource configuration information and computer equipment

Country Status (1)

Country Link
CN (1) CN112073232A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104598263A (en) * 2014-12-04 2015-05-06 广州酷狗计算机科技有限公司 Application program operation method and configuration file generating method and device
US20170177319A1 (en) * 2015-12-21 2017-06-22 Quixey, Inc. Dependency-Aware Transformation Of Multi-Function Applications For On-Demand Execution
CN107172176A (en) * 2017-06-02 2017-09-15 美味不用等(上海)信息科技股份有限公司 APP method for connecting network, equipment and configuration server based on configuration management
CN109670325A (en) * 2018-12-21 2019-04-23 北京思源互联科技有限公司 A kind of devices and methods therefor of configuration file encryption and decryption
US20200059360A1 (en) * 2018-08-20 2020-02-20 Jpmorgan Chase Bank, N.A. System and method for service-to-service authentication
CN110933035A (en) * 2019-10-29 2020-03-27 杭州涂鸦信息技术有限公司 Configuration information transmission method, transmission system and storage device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104598263A (en) * 2014-12-04 2015-05-06 广州酷狗计算机科技有限公司 Application program operation method and configuration file generating method and device
US20170177319A1 (en) * 2015-12-21 2017-06-22 Quixey, Inc. Dependency-Aware Transformation Of Multi-Function Applications For On-Demand Execution
CN107172176A (en) * 2017-06-02 2017-09-15 美味不用等(上海)信息科技股份有限公司 APP method for connecting network, equipment and configuration server based on configuration management
US20200059360A1 (en) * 2018-08-20 2020-02-20 Jpmorgan Chase Bank, N.A. System and method for service-to-service authentication
CN109670325A (en) * 2018-12-21 2019-04-23 北京思源互联科技有限公司 A kind of devices and methods therefor of configuration file encryption and decryption
CN110933035A (en) * 2019-10-29 2020-03-27 杭州涂鸦信息技术有限公司 Configuration information transmission method, transmission system and storage device

Similar Documents

Publication Publication Date Title
WO2021218328A1 (en) Multi-tenant access service implementation method, apparatus and device, and storage medium
US9684505B2 (en) Development environment system, development environment apparatus, development environment providing method, and program
US6338138B1 (en) Network-based authentication of computer user
US8856889B2 (en) Methods and systems for generation of authorized virtual appliances
CN111062028B (en) Authority management method and device, storage medium and electronic equipment
CN109976914A (en) Method and apparatus for controlling resource access
US10656939B2 (en) Modeling lifetime of hybrid software application using application manifest
WO2018119589A1 (en) Account management method and apparatus, and account management system
CN113079164B (en) Remote control method and device for bastion machine resources, storage medium and terminal equipment
EP4033349A1 (en) Method and apparatus for generating mirror image file, and computer-readable storage medium
US11368291B2 (en) Mutually authenticated adaptive management interfaces for interaction with sensitive infrastructure
US11882154B2 (en) Template representation of security resources
US9032541B2 (en) Information processing system, information processing apparatus, and computer-readable storage medium
CN112073232A (en) Distribution method and device of public resource configuration information and computer equipment
JP7445685B2 (en) Open interface management methods, electronic devices, and storage media
CN114266072A (en) Authority distribution control method and device, electronic equipment and storage medium
CN112181599A (en) Model training method, device and storage medium
US8875300B1 (en) Method and apparatus for authenticating a request between tasks in an operating system
KR102436673B1 (en) Backup encryption system for files and folders in a virtual environment built on the basis of cloud infrastructure
KR102331899B1 (en) Method and system for remote terminal access through application of communication module during boot
US20230388311A1 (en) Network system and control method thereof
WO2023159900A1 (en) Remote development method and device
US8214499B2 (en) System and method for enabling software applications as a service in a non-intrusive manner
CN116244271A (en) Deployment method and device of distributed database, electronic equipment and readable medium
CN116954691A (en) Application program construction method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 100102 201 / F, block C, 2 lizezhong 2nd Road, Chaoyang District, Beijing

Applicant after: Beijing Shuidi Technology Group Co.,Ltd.

Address before: 100102 201 / F, block C, 2 lizezhong 2nd Road, Chaoyang District, Beijing

Applicant before: Beijing Health Home Technology Co.,Ltd.

CB02 Change of applicant information