CN112306970A - Processing method, device, equipment and storage medium for container mirror image warehouse - Google Patents
Processing method, device, equipment and storage medium for container mirror image warehouse Download PDFInfo
- Publication number
- CN112306970A CN112306970A CN201910707965.7A CN201910707965A CN112306970A CN 112306970 A CN112306970 A CN 112306970A CN 201910707965 A CN201910707965 A CN 201910707965A CN 112306970 A CN112306970 A CN 112306970A
- Authority
- CN
- China
- Prior art keywords
- bucket
- image file
- client
- determining
- candidate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003672 processing method Methods 0.000 title abstract description 18
- 238000000034 method Methods 0.000 claims abstract description 42
- 238000012545 processing Methods 0.000 claims description 28
- 238000012795 verification Methods 0.000 claims description 8
- 238000013507 mapping Methods 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 3
- 230000006870 function Effects 0.000 description 10
- 238000004422 calculation algorithm Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 8
- 238000013475 authorization Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 230000004044 response Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 238000004806 packaging method and process Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 239000008186 active pharmaceutical agent Substances 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013070 change management Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000009827 uniform distribution Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/172—Caching, prefetching or hoarding of files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/13—File access structures, e.g. distributed indices
- G06F16/137—Hash-based
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a processing method, a device, equipment and a storage medium for a container mirror image warehouse. The method comprises the following steps: receiving a mirror image file uploaded by a client through a warehouse entrance; determining a storage bucket belonging to the same region as the client as a candidate storage bucket; determining a candidate bucket suitable for storing the image file as a target bucket; and storing the image file to a target storage bucket. Therefore, the image files are stored in different buckets, and the storage pressure of storing the image files in a single bucket is reduced. When the number of the image files stored in a single bucket is small, the searching speed of the image files searched by the user can be accelerated.
Description
Technical Field
The embodiment of the invention relates to the technical field of information storage, in particular to a processing method, a processing device, processing equipment and a storage medium for a container mirror image warehouse.
Background
With the rise and wide application of container technology, packaging and transmitting applications in a mirror image mode becomes a de facto standard of software distribution, but efficient distribution of mirror images in a container environment gradually becomes a bottleneck problem limiting cloud manufacturers to provide cloud services. The Docker Registry is currently the only open source version currently available to users.
In the implementation of the current registry distributed file system driver, only one bucket (bucket) is configured in one warehouse entry. As the number of image files stored increases, more and more image files are stored in the bucket. After determining the needed image file, when obtaining the image file from the bucket, the user needs to screen the image file from all the image files in the bucket. Therefore, as more and more image files are stored in the buckets, the user may retrieve the desired target file for a longer period of time.
Disclosure of Invention
The invention provides a processing method, a processing device, processing equipment and a storage medium of a container mirror image warehouse, and aims to solve the problem that the efficiency of retrieving mirror image files through a warehouse entry is lower and lower.
In a first aspect, an embodiment of the present invention provides a method for processing a container mirror warehouse, where the container mirror warehouse includes a warehouse entry and at least two buckets, and the buckets are deployed in at least two regions, where the method includes:
receiving the mirror image file uploaded by the client through the warehouse entrance;
determining a bucket belonging to the same region as the client as a candidate bucket;
determining a candidate bucket suitable for storing the image file as a target bucket;
and storing the image file to the target storage bucket.
On this basis, the bucket is configured with a first attribute, and the first attribute is used for representing the area for deploying the bucket;
the determining the buckets belonging to the same region as the client comprises:
determining an IP address of the client;
determining the area to which the IP address belongs;
and if the area for deploying the bucket comprises the area to which the IP address belongs, determining that the bucket is a candidate bucket.
On this basis, the determining a candidate bucket suitable for storing the image file comprises:
determining a bucket number for the candidate bucket;
determining a hash value of the image file;
matching the hash value with the bucket number;
and if the matching is successful, determining that the candidate bucket corresponding to the bucket number is a target bucket suitable for storing the image file.
On this basis, the matching the hash value with the bucket number includes:
establishing a hash ring by taking the barrel number of the candidate storage barrel as a node;
mapping the hash value onto the hash ring;
determining a barrel number closest to the hash value on the hash ring to serve as a target barrel number;
and taking the candidate bucket corresponding to the target bucket number as a target bucket for storing the image file.
On this basis, after storing the image file to the target bucket, the method further includes:
and storing the image file into a bucket outside the region.
On this basis, the storing the image file into a bucket outside the region includes:
storing the image file into all buckets outside the region;
alternatively, the first and second electrodes may be,
selecting one bucket from buckets deployed in each region except the region as a characteristic bucket;
and storing the image file into the characteristic storage bucket.
On this basis, before the receiving, through the warehouse entry, the image file uploaded by the client, the method further includes:
carrying out identity verification on the client;
and if the verification fails, forbidding the client to upload and download the image file.
In a second aspect, an embodiment of the present invention further provides a method for processing a container mirror warehouse, where the container mirror warehouse includes a warehouse entry and at least two buckets, and the buckets are deployed in at least two regions, where the method includes:
receiving a downloading instruction sent by a client through the warehouse entrance;
determining a mirror image file according to the downloading instruction;
determining candidate buckets belonging to the same region as the client;
determining a target bucket from the candidate buckets, wherein the target bucket is used for providing the image file to a client;
and sending the image file stored in the target storage bucket to the client.
In a third aspect, an embodiment of the present invention further provides a processing apparatus of a container mirror warehouse, where a container mirror warehouse includes a warehouse entry and at least two buckets, and the buckets are deployed in at least two regions, where the apparatus includes:
the mirror image file receiving module is used for receiving the mirror image file uploaded by the client through the warehouse entrance;
a candidate bucket first determining module, configured to determine a bucket belonging to the same region as the client as a candidate bucket;
a target bucket first determination module, configured to determine a candidate bucket suitable for storing the image file as a target bucket;
and the mirror image file storage module is used for storing the mirror image file to the target storage bucket.
On this basis, the candidate bucket first determination module includes:
an IP address determining submodule for determining the IP address of the client;
the area determining submodule is used for determining the area to which the IP address belongs;
and the candidate bucket determining submodule is used for determining the bucket as a candidate bucket if the area for deploying the bucket comprises the area to which the IP address belongs.
On this basis, the target bucket first determination module comprises:
a bucket number determination submodule for determining a bucket number of the candidate bucket;
the hash value determining submodule is used for determining the hash value of the image file;
a number matching submodule for matching the hash value with the bucket number;
and the first execution sub-module is used for determining that the candidate bucket corresponding to the bucket number is a target bucket suitable for storing the image file if the matching is successful.
On the basis, the number matching sub-module comprises:
a hash ring construction unit, configured to establish a hash ring with the bucket number of the candidate bucket as a node;
a hash value mapping unit, configured to map the hash value onto the hash ring;
a target bucket number determination unit configured to determine, on the hash ring, a bucket number closest to the hash value as a target bucket number;
and the target bucket determining unit is used for taking the candidate bucket corresponding to the target bucket number as the target bucket for storing the image file.
On this basis, still include:
and the synchronization module is used for storing the mirror image file into a storage bucket outside the region.
On this basis, the synchronization module comprises:
the first synchronization unit is used for storing the mirror image file into all storage buckets which are arranged outside the region;
alternatively, the first and second electrodes may be,
a characteristic bucket determination unit for selecting one bucket as a characteristic bucket from buckets deployed in each region other than the region;
and the characteristic bucket using unit is used for storing the image file into the characteristic bucket.
On this basis, still include:
the identity authentication module is used for authenticating the identity of the client;
and the second execution sub-module is used for forbidding the client to upload and download the image file if the verification fails.
In a fourth aspect, an embodiment of the present invention further provides a processing apparatus of a container mirror warehouse, where a container mirror warehouse includes a warehouse entry and at least two buckets, and the buckets are deployed in at least two regions, the apparatus includes:
the download instruction receiving module is used for receiving a download instruction sent by a client through the warehouse entrance;
the image file determining module is used for determining an image file according to the downloading instruction;
a second candidate bucket determining module, configured to determine a candidate bucket that belongs to the same region as the client;
a target bucket second determination module, configured to determine a target bucket from the candidate buckets, where the target bucket is used to provide the image file to the client;
and the image file sending module is used for sending the image file stored in the target storage bucket to the client.
In a fifth aspect, an embodiment of the present invention further provides an electronic device, including:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement a method of processing a container mirror repository as in any aspect.
In a sixth aspect, the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the processing method of the container mirror repository according to any aspect.
The embodiment of the invention configures a plurality of storage buckets for one warehouse entry, namely, the one-container mirror image warehouse comprises one warehouse entry and at least two storage buckets, and the storage buckets are deployed in at least two regions. The method comprises the steps of receiving an image file uploaded by a client through a warehouse entrance, determining a storage bucket belonging to the same region with the client as a candidate storage bucket, determining a candidate storage bucket suitable for storing the image file as a target storage bucket, and finally storing the image file to the target storage bucket. Therefore, the image files are stored in different buckets, and the storage pressure of storing the image files in a single bucket is reduced. When the number of the image files stored in a single bucket is small, the searching speed of the image files searched by the user can be accelerated.
Drawings
Fig. 1 is a flowchart of a processing method of a container mirror warehouse according to an embodiment of the present invention;
fig. 2A is a flowchart of a processing method of a container mirror warehouse according to a second embodiment of the present invention;
fig. 2B is a schematic diagram of a user uploading/downloading an image file according to a second embodiment of the present invention;
fig. 3 is a flowchart of a processing method of a container mirror warehouse according to a third embodiment of the present invention;
fig. 4 is a structural diagram of a processing apparatus of a container mirror storage according to a fourth embodiment of the present invention;
fig. 5 is a structural diagram of a processing apparatus of a container mirror storage according to a fifth embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to a sixth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a processing method of a container mirror warehouse according to an embodiment of the present invention. The embodiment is suitable for receiving the image file uploaded by the client through the warehouse entry and determining the scene of receiving and storing the image file by using a certain storage bucket. The method may be performed by a processing means of a container mirror repository, which may be implemented in software and/or hardware.
Taking the Docker Registry as an example, the container mirror repository includes a Registry component and an Index component. The Index component is mainly responsible for centrally managing user accounts, access rights, checking image files, distinguishing public and private repos (i.e., public namespaces), and the like, and is generally implemented by a public World Wide Web (Web) interface. The Registry component is mainly responsible for storing mirror image data, providing functions of uploading (Pull) and downloading (Push) mirror image files, and delegating an authorization part to index implementation.
When using docker to push/pull the mirror file, index determines whether the user account has the authority to use/modify the mirror file, after confirmation, the registry is responsible for saving the mirror or sending the mirror to the user in some way. Furthermore, the index can also indicate and request the registry address where a particular image file is stored. In addition, when only commands such as import exports (docker images) are run locally, no dependency is required to interact with Index/registry.
The Docker Hub is a cloud platform service provided by Docker corporation, and is used to distribute applications: the method comprises the steps of distribution of mirror image files, change management, user/team management and automatic life cycle workflow. In fact, the Docker Hub includes an implementation of the Index block functionality.
In this embodiment, the container mirror warehouse includes a warehouse entry and at least two buckets deployed in at least two regions.
In some techniques, when initializing a container mirror store, the name of a bucket (bucket) is determined and assigned to the function used for initialization, thereby causing a store entry to be associated with a bucket. In this embodiment, the names of buckets and the deployed regions are determined, buckets with the same deployed region are stored in a bucket list, different regions are stored in a region list, and the lists are assigned to functions used when initializing the container mirror repository. The container mirror storage comprises a storage entrance and at least two storage buckets, and the storage buckets are deployed in at least two regions.
The regions are divided according to actual conditions, such as country, region, province and the like. The division into areas is carried out according to the example, and the areas can be divided into Huadong areas, Huabei areas and Huanan areas. Of course, one or more buckets may be deployed for the same region.
Referring to fig. 1, the method specifically includes:
and S101, receiving the mirror image file uploaded by the client through the warehouse entrance.
The warehouse entry refers to a domain name, in this embodiment, the entry of the mirror image warehouse may be a domain name of "dockerhub.huya.com", in the implementation of the mirror image warehouse in the public cloud open source edition, mirror image warehouse addresses in different regions (east, north, south) need to be marked by using a plurality of domain names, and a plurality of corresponding authorized passwords also need to be set by a user. For example, registry. cn-hang zhou. aliyuncs. com/registry. cn-beijing. aliyuncs. com/egr. cn-shannzhen. aliyuncs. com. In this embodiment, only one domain name address entry of the mirror image warehouse, dockerhub.huya.com, is used, and the mirror image can be uploaded and downloaded through the one address and stored in different back-end storage buckets.
An image file is a file that needs to be stored in a certain bucket. It makes a series of specific files into a single file according to a certain format, so as to facilitate the downloading and use of users. The mirror image file comprises: a mirrored blob file and a manifest file. The mirror image manifest file is a metadata description file of each mirror image; the mirror image blob file refers to a file formed by packaging specific data of each layer after mirror image layering, and the format may be a tar packet or a compression packet in a tar + gzip format.
In one possible implementation, the user logs in to the client and fills in the domain name of the entry of the mirror repository, and uploads the mirror file through the repository entry.
And S102, determining a bucket belonging to the same region as the client as a candidate bucket.
When a user logs in a client, the area where the user is located can be determined by a hardware Address and an Internet Protocol Address (IP Address) of the client. The region in which the bucket is deployed has been determined by way of a list when the bucket is associated with a warehouse entry.
In a feasible implementation manner, the area where the client is located is determined through the information of the client, and the storage bucket belonging to the same area as the client is determined as a candidate storage bucket by querying the area where the storage bucket is deployed.
S103, determining candidate buckets suitable for storing the image file as target buckets.
The candidate buckets comprise a plurality of buckets, and one bucket is determined from the candidate buckets as a target bucket for storing the image file according to a certain mode.
Optionally, the file name of the mirror image file may be determined by analyzing the mirror image manifest file, and the target bucket may be determined from the candidate buckets by the file name.
In one possible implementation, the number of candidate buckets is determined, and the file name of the mirrored file is hashed according to the number, so as to determine a target bucket from the candidate buckets.
And S104, storing the mirror image file to the target storage bucket.
And after the target bucket is determined, storing the image file in the target bucket.
Therefore, a plurality of buckets can be deployed in one area, the same number of mirror images can be distributed and stored in different buckets, the pressure of a single bucket is reduced, and the speed of retrieving the mirror images is improved.
The embodiment of the invention configures a plurality of storage buckets for one warehouse entry, namely, the one-container mirror image warehouse comprises one warehouse entry and at least two storage buckets, and the storage buckets are deployed in at least two regions. The method comprises the steps of receiving an image file uploaded by a client through a warehouse entrance, determining a storage bucket belonging to the same region with the client as a candidate storage bucket, determining a candidate storage bucket suitable for storing the image file as a target storage bucket, and finally storing the image file to the target storage bucket. Therefore, the image files are stored in different buckets, and the storage pressure of storing the image files in a single bucket is reduced. When the number of the image files stored in a single bucket is small, the searching speed of the image files searched by the user can be accelerated. Meanwhile, only one warehouse entry is provided, so that only one address (domain name) of the warehouse entry needs to be memorized by a user when the user uploads and downloads the mirror image, and only one authorized password needs to be memorized by the user, thereby being greatly convenient for the user to use.
Example two
Fig. 2A is a flowchart of a processing method of a container mirror warehouse according to a second embodiment of the present invention. The embodiment is a refinement based on the first embodiment, and describes in detail how to determine the candidate bucket and the target bucket. Referring to fig. 2A, includes:
s201, identity authentication is carried out on the client.
In a possible implementation, the authentication process for the client includes four stages. Searching an authentication server, requesting a token, returning the token and verifying the token.
Finding an authentication server includes: the client side firstly sends a request to the Registry. If the request is not authorized, a response 401 is returned. The response includes three pieces of information, real, scope, and service specifically represents that the user can send a request to real using the information of scope and service.
The request token includes: and requesting a token from the authentication server to acquire the right to access the Repo resource. The client is required to be authorized by TLS or some way and this token will sign the account information if the key in the client certificate is associated with the account information. If a certificate is associated with multiple accounts, the client must specify account query parameters. The token returned is in JSON web token format and is signed with the private key of the authentication server. It will be appreciated that, first, configuring the authentication server allows non-verified clients to handshake. The client then sends an HTTP request to the authentication server to endpoint, encrypted with the client's TLS certificate (this certificate may be self-signed). Next, the server first checks the client certificate, extracts the child Key, and finds the user associated with it. The server then checks its list of rights controls, verifying whether the user has the usage rights of samlba/my-app repo under the registry service.
The return token includes: the server will form a JSON Web Token to sign and return.
The verification token includes: the token is encrypted by a symmetric algorithm, and then is decrypted by the same algorithm at the registration end to verify some information of the token. In the whole process, the Registry does not need to send a request to the authentication server. If so, it is only necessary to update the trusted public key list on the authentication server to verify the signature of the token or use other APIs to update the Repo resource record on the authentication server. The steps for verifying Token at the registration end are as follows:
1. the certificate issuer (iss client) is confirmed to be trusted. Typically issuer is the FQDN of the authentication server. iss, auth.
2. The validation Registry identifies the recipient of the token. aud registration. docker. com.
3. Checking that the current time is within the valid time range.
4. If the token can only be used once, it is checked whether the id value of JWT is present to avoid repeated applications of the token. Jti records are typically maintained in the registry for the duration of the token's validity to avoid repeated applications for tokens.
5. The permission to use a repo is checked and the access value contains the name of the repo and the operations that can be performed on the repo. (it is determined whether the token grants the user the required rights to the operation).
6. Verifying the validity of the token signature.
S202, judging whether the identity authentication is successful. If successful, go to step S204; if the failure is detected, step S203 is executed.
In a possible implementation, the client attempts to request the Registry and if the Registry requires rights authentication, it returns a 401 hypertext transfer protocol (HTTP) response that includes information on how authorization was obtained. The client sends a request to the authorization service center to request a signed JSON web token. The authorizing service center returns the token. The client retries the original request to the Registry end and embeds token in the head of the request. Registry authorizes the client and starts a Push/Pull session.
When the identity authentication is successful, i.e. the Registry authorizes the client and starts the session of Push/Pull, step S204 is performed. When the authentication fails, step S203 is executed.
And S203, prohibiting the client from uploading and downloading the image file.
When the identity authentication fails, the user does not have the right to carry out the operation of downloading and downloading the image file, and the client is prohibited from uploading and downloading the image file.
And S204, receiving the image file uploaded by the client through the warehouse entrance.
And when the identity authentication is successful, the user is indicated to have the authority to carry out the operation of downloading the image file, and the image file uploaded by the client is received through the warehouse entrance.
S205, determining the IP address of the client.
The IP address refers to an internet protocol address, which is also translated into an internet protocol address. The IP address is a uniform address format provided by the IP protocol, and it allocates a logical address to each network and each host on the internet, so as to mask the difference of physical addresses.
The server obtains a client request IP address, which commonly includes: a request header (such as x-forwarded-for and client-ip) and a remote _ addr parameter specified by the server according to the ip of the request TCP packet.
remote _ addr: the client IP address is the client IP address which is directly requested currently, exists in a TCP (Transmission control Protocol) request body, is automatically added when the HTTP is transmitted, and is not controlled by a request header. Therefore, when there is no proxy between the client and the server, it is most accurate and secure to obtain the client IP address through remote _ addr.
x-forwarded-for, XFF, is an HTTP request header field used to identify the most primitive IP address of a client connected to a Web server through an HTTP proxy or load balancing approach. Many proxy servers are added at the time of request forwarding. If a proxy server exists between the client and the server, the IP obtained by remote _ addr is the address of the proxy server, and is not the real IP address of the client. Therefore, a proxy server (typically a reverse proxy server) is required to forward the real client's IP address to the server, which is typically present in the XFF request header at the time of forwarding.
The client-IP and the XFF are also the real IP address added by the proxy server for forwarding the client request, and are also saved in the request header.
S206, determining the area to which the IP address belongs.
There are generally two methods for obtaining the corresponding regional information through the IP address:
1) the regional information corresponding to the IP is analyzed by self-writing a program, and a database is needed. Such as: and acquiring the area information corresponding to the IP address through the truthful IP database. The method has high maintenance cost and certain pressure on the server.
2) And inquiring to acquire the region information according to an Application Programming Interface (API) provided by a third party.
In one possible implementation, the area to which the client belongs is determined according to the IP address of the client.
S207, if the area where the storage bucket is deployed comprises the area where the IP address belongs, determining that the storage bucket is a candidate storage bucket.
The region in which the bucket is deployed has been determined by way of a list when the bucket is associated with a warehouse entry.
In a possible implementation manner, if the area in which the bucket is deployed includes an area to which the IP address of the client belongs, the bucket is determined to be a candidate bucket.
And S208, determining the bucket number of the candidate bucket.
When the candidate buckets are determined, the bucket number of each candidate bucket is determined, which may be a sequential number starting from 000.
S209, determining the hash value of the image file.
The file name of the mirror image file can be determined according to the mirror image manifest file of the mirror image file, and the hash value corresponding to the file name is determined.
The hash algorithm is a family of cryptographic hash functions, which are FIPS certified secure hash algorithms. An algorithm for calculating a fixed-length character string (also called a message digest) corresponding to a digital message. And if the input messages are different, the probability that the input messages correspond to different character strings is high. The hash algorithm may be SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
S210, matching the hash value with the barrel number.
And determining the barrel number of each candidate bucket, and performing hash remainder calculation on the hash value, wherein the remainder is set to be the number of the candidate buckets.
If the number of candidate buckets is determined to be 4, the number may be 000,001,002,003. And performing hash residue taking calculation on the hash value, and if the remainder is 2, storing the image file into a candidate bucket with the number of 002.
In a possible implementation, S210 may include the following steps:
s2101, taking the barrel number of the candidate storage barrel as a node, and establishing a hash ring.
Modulo the 32 th power of 2, this circle consisting of the 32 th power of 2 points is called a hash ring. The point directly above the circle represents 0, the first point to the right of point 0 represents 1, and so on, 2, 3, 4, 5, 6 …, up to 2321, that is to say the first point to the left of point 0 represents 232-1。
S2102, mapping the hash value onto the hash ring.
Determining a hash value of the image file, using the hash value to pair 232And performing modulus, and mapping the modulus value to the hash ring.
S2103, determining a bucket number closest to the hash value on the hash ring as a target bucket number.
After the position of the hash value on the hash ring is determined, the image file is moved on the hash ring in a clockwise or anticlockwise direction, and the bucket number of the first candidate bucket encountered by the image file is determined as the target bucket number.
S2104, the candidate bucket corresponding to the target bucket number is used as a target bucket for storing the image file.
And determining a candidate bucket corresponding to the target bucket number, and taking the candidate bucket as a target bucket for storing the image file.
On the basis of the above embodiment, a problem that the candidate buckets are unevenly distributed on the hash ring may occur. Virtual nodes may be added to the hash ring to solve the problem of achieving uniform distribution of candidate buckets over the hash ring by placing a real candidate bucket multiple times in the hash ring.
S211, if the matching is successful, determining that the candidate bucket corresponding to the bucket number is a target bucket suitable for storing the image file.
S212, storing the image file into a bucket outside the region.
Since the target bucket is determined from the buckets in the same region according to the IP address of the client, it may happen that the user logs in at a, uploads the image file, and the image file is stored in a certain bucket deployed at a. When a user logs in at the location B and wants to download the image file again, the server searches for the image file from the bucket deployed at the location B because the logged area is the location B. This presents a problem in that the image file cannot be found.
Therefore, it is necessary to synchronize the image file in buckets of other regions. In this embodiment, the underlying distributed file system ceph supports that synchronization of storage contents is realized by using a rgw multi-site remote multi-active bucket sync scheme, and storage buckets in different regions realize synchronization of storage contents.
The synchronization may include the following two ways.
The first is to store the image file in all buckets that are deployed outside of the locality.
Secondly, selecting one bucket from buckets deployed in each region except the region as a characteristic bucket; and storing the image file into the characteristic storage bucket.
Fig. 2B is a schematic diagram of a user uploading/downloading an image file according to a second embodiment of the present invention.
The mirror repository includes a "HUYA-DOCKERHUB" User (User) performing a login operation through a unique repository portal "dockerhub.huya.com", and after the User logs in, performing HTTP and reverse proxy web through a load balancing server (Nginx). The Registry component is mainly responsible for storing mirror image data and provides functions of uploading (Pull) and downloading (Push) mirror image files.
When a user uploads an image file through the portal, firstly, the area of the client is determined according to the IP address of the client which the user logs in, if the user is in the Guangdong region, the buckets deployed in the Guangdong region are determined from the buckets, and three buckets such as 'Gz-pro-1', 'Gz-pro-2' and 'Gz-pro-3' are deployed in the Guangdong region in the figure. And determining one of three buckets deployed in the Guangdong region for storing the image file according to the file name of the image file uploaded by the user. And storing the image file in the bucket after the determination.
When the user downloads the image file through the portal, firstly, the area of the client is determined according to the IP address of the client which the user logs in, if the user is in the Guangdong region, the buckets deployed in the Guangdong region are determined from the buckets, and three buckets such as 'Gz-pro-1', 'Gz-pro-2' and 'Gz-pro-3' are deployed in the Guangdong region in the figure. And determining a storage bucket for storing the image file from three storage buckets deployed in the Guangdong region according to the file name of the image file downloaded by the user. And downloading the image file from the storage bucket after the determination.
The embodiment of the invention configures a plurality of storage buckets for one warehouse entry, namely, the one-container mirror image warehouse comprises one warehouse entry and at least two storage buckets, and the storage buckets are deployed in at least two regions. The method comprises the steps of receiving an image file uploaded by a client through a warehouse entrance, determining a storage bucket belonging to the same region with the client as a candidate storage bucket, determining a candidate storage bucket suitable for storing the image file as a target storage bucket, and finally storing the image file to the target storage bucket. Therefore, the image files are stored in different buckets, and the storage pressure of storing the image files in a single bucket is reduced. When the number of the image files stored in a single bucket is small, the searching speed of the image files searched by the user can be accelerated. Meanwhile, only one warehouse entry is provided, so that only one address (domain name) of the warehouse entry needs to be memorized by a user when the user uploads and downloads the mirror image, and only one authorized password needs to be memorized by the user, thereby being greatly convenient for the user to use. On this basis, the use of a consistent hashing algorithm (hash ring) makes the use of buckets that store the image file more uniform.
EXAMPLE III
Fig. 3 is a flowchart of a processing method of a container mirror warehouse according to a third embodiment of the present invention. The embodiment is suitable for receiving a downloading instruction sent by a client through a warehouse entry, and finally determining a scene that a certain bucket provides the image file. The method may be performed by a processing means of a container mirror repository, which may be implemented in software and/or hardware. In this embodiment, the buckets may be stored by any one of the first and second embodiments. Referring to fig. 3, the method specifically includes:
s301, receiving a downloading instruction sent by a client through the warehouse entrance.
In a possible implementation, a user logs in to the client and fills in the domain name of the entry of the mirror repository. And after the verification of the warehouse entrance, receiving a downloading instruction sent by the client.
S302, determining the image file according to the downloading instruction.
The downloading instruction comprises the file name of the mirror image file which needs to be downloaded by the client.
And S303, determining candidate buckets belonging to the same region as the client.
In a feasible implementation manner, the area where the client is located is determined through the information of the client, and the storage bucket belonging to the same area as the client is determined as a candidate storage bucket by querying the area where the storage bucket is deployed.
S304, determining a target bucket from the candidate buckets, wherein the target bucket is used for providing the image file to the client.
The candidate buckets comprise a plurality of buckets, and one bucket is determined from the candidate buckets as a target bucket for storing the image file according to a certain mode.
Optionally, the file name of the mirror image file may be determined by analyzing the mirror image manifest file, and the target bucket may be determined from the candidate buckets by the file name.
In a possible implementation manner, the number of candidate buckets is determined, and the hash remainder processing is performed on the file name of the mirror file according to the number so as to determine a target bucket from the candidate buckets, and the client is connected to the target bucket so that the target bucket provides the mirror file to the client.
S305, sending the image file stored in the target storage bucket to the client.
And querying the image file in the target storage bucket so as to send the image file to the client.
The embodiment of the invention configures a plurality of storage buckets for one warehouse entry, namely, the one-container mirror image warehouse comprises one warehouse entry and at least two storage buckets, and the storage buckets are deployed in at least two regions. The method comprises the steps of receiving an image file uploaded by a client through a warehouse entrance, determining a storage bucket belonging to the same region with the client as a candidate storage bucket, determining a candidate storage bucket suitable for storing the image file as a target storage bucket, and finally storing the image file to the target storage bucket. Therefore, the image files are stored in different buckets, and the storage pressure of storing the image files in a single bucket is reduced. When the number of the image files stored in a single bucket is small, the searching speed of the image files searched by the user can be accelerated. Meanwhile, only one warehouse entry is provided, so that only one address (domain name) of the warehouse entry needs to be memorized by a user when the user uploads and downloads the mirror image, and only one authorized password needs to be memorized by the user, thereby being greatly convenient for the user to use.
Example four
Fig. 4 is a structural diagram of a processing apparatus of a container mirror storage according to a fourth embodiment of the present invention. The device includes: an image file receiving module 41, a candidate bucket first determining module 42, a target bucket first determining module 43, and an image file storage module 44. Wherein:
the image file receiving module 41 is configured to receive an image file uploaded by a client through the warehouse entry;
a candidate bucket first determining module 42, configured to determine a bucket belonging to the same region as the client as a candidate bucket;
a target bucket first determination module 43, configured to determine a candidate bucket suitable for storing the image file as a target bucket;
and an image file storage module 44, configured to store the image file to the target bucket.
The embodiment of the invention configures a plurality of storage buckets for one warehouse entry, namely, the one-container mirror image warehouse comprises one warehouse entry and at least two storage buckets, and the storage buckets are deployed in at least two regions. The method comprises the steps of receiving an image file uploaded by a client through a warehouse entrance, determining a storage bucket belonging to the same region with the client as a candidate storage bucket, determining a candidate storage bucket suitable for storing the image file as a target storage bucket, and finally storing the image file to the target storage bucket. Therefore, the image files are stored in different buckets, and the storage pressure of storing the image files in a single bucket is reduced. When the number of the image files stored in a single bucket is small, the searching speed of the image files searched by the user can be accelerated. Meanwhile, only one warehouse entry is provided, so that only one address (domain name) of the warehouse entry needs to be memorized by a user when the user uploads and downloads the mirror image, and only one authorized password needs to be memorized by the user, thereby being greatly convenient for the user to use.
On this basis, the candidate bucket first determination module 42 includes:
an IP address determining submodule for determining the IP address of the client;
the area determining submodule is used for determining the area to which the IP address belongs;
and the candidate bucket determining submodule is used for determining the bucket as a candidate bucket if the area for deploying the bucket comprises the area to which the IP address belongs.
On this basis, the target bucket first determination module 43 includes:
a bucket number determination submodule for determining a bucket number of the candidate bucket;
the hash value determining submodule is used for determining the hash value of the image file;
a number matching submodule for matching the hash value with the bucket number;
and the first execution sub-module is used for determining that the candidate bucket corresponding to the bucket number is a target bucket suitable for storing the image file if the matching is successful.
On the basis, the number matching sub-module comprises:
a hash ring construction unit, configured to establish a hash ring with the bucket number of the candidate bucket as a node;
a hash value mapping unit, configured to map the hash value onto the hash ring;
a target bucket number determination unit configured to determine, on the hash ring, a bucket number closest to the hash value as a target bucket number;
and the target bucket determining unit is used for taking the candidate bucket corresponding to the target bucket number as the target bucket for storing the image file.
On this basis, still include:
and the synchronization module is used for storing the mirror image file into a storage bucket outside the region.
On this basis, the synchronization module comprises:
the first synchronization unit is used for storing the mirror image file into all storage buckets which are arranged outside the region;
alternatively, the first and second electrodes may be,
a characteristic bucket determination unit for selecting one bucket as a characteristic bucket from buckets deployed in each region other than the region;
and the characteristic bucket using unit is used for storing the image file into the characteristic bucket.
On this basis, still include:
the identity authentication module is used for authenticating the identity of the client;
and the second execution sub-module is used for forbidding the client to upload and download the image file if the verification fails.
The processing apparatus of the container mirror storage provided in this embodiment may be used to execute the processing method of the container mirror storage provided in the first embodiment and the second embodiment, and has corresponding functions and beneficial effects.
EXAMPLE five
Fig. 5 is a structural diagram of a processing apparatus of a container mirror storage according to a fifth embodiment of the present invention. The device includes: a download instruction receiving module 51, an image file determining module 52, a candidate bucket second determining module 53, a target bucket second determining module 54, and an image file transmitting module 55. Wherein:
a download instruction receiving module 51, configured to receive a download instruction sent by a client through the warehouse entry;
an image file determining module 52, configured to determine an image file according to the download instruction;
a candidate bucket second determining module 53, configured to determine a candidate bucket belonging to the same region as the client;
a target bucket second determination module 54, configured to determine a target bucket from the candidate buckets, the target bucket being used to provide the image file to the client;
and an image file sending module 55, configured to send the image file stored in the target bucket to the client.
The embodiment of the invention configures a plurality of storage buckets for one warehouse entry, namely, the one-container mirror image warehouse comprises one warehouse entry and at least two storage buckets, and the storage buckets are deployed in at least two regions. The method comprises the steps of receiving an image file uploaded by a client through a warehouse entrance, determining a storage bucket belonging to the same region with the client as a candidate storage bucket, determining a candidate storage bucket suitable for storing the image file as a target storage bucket, and finally storing the image file to the target storage bucket. Therefore, the image files are stored in different buckets, and the storage pressure of storing the image files in a single bucket is reduced. When the number of the image files stored in a single bucket is small, the searching speed of the image files searched by the user can be accelerated. Meanwhile, only one warehouse entry is provided, so that only one address (domain name) of the warehouse entry needs to be memorized by a user when the user uploads and downloads the mirror image, and only one authorized password needs to be memorized by the user, thereby being greatly convenient for the user to use. On this basis, the use of a consistent hashing algorithm (hash ring) makes the use of buckets that store the image file more uniform.
EXAMPLE six
Fig. 6 is a schematic structural diagram of an electronic device according to a sixth embodiment of the present invention. As shown in fig. 6, the electronic apparatus includes a processor 60, a memory 61, a communication module 62, an input device 63, and an output device 64; the number of the processors 60 in the electronic device may be one or more, and one processor 60 is taken as an example in fig. 6; the processor 60, the memory 61, the communication module 62, the input device 63 and the output device 64 in the electronic apparatus may be connected by a bus or other means, and the bus connection is exemplified in fig. 6.
The memory 61 is used as a computer-readable storage medium for storing software programs, computer-executable programs, and modules, such as modules corresponding to the processing method of the container image repository in the first embodiment and the second embodiment (for example, the image file receiving module 41, the candidate bucket first determining module 42, the target bucket first determining module 43, and the image file storing module 44 in the processing apparatus of the container image repository). The third embodiment of the present invention is a module corresponding to a processing method of a container mirror repository (for example, a download instruction receiving module 51, an image file determining module 52, a candidate bucket second determining module 53, a target bucket second determining module 54, and an image file transmitting module 55 in a processing apparatus of a container mirror repository). The processor 60 executes various functional applications and data processing of the electronic device by executing software programs, instructions and modules stored in the memory 61, so as to implement the processing method of the container mirror repository.
The memory 61 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the electronic device, and the like. Further, the memory 61 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, the memory 61 may further include memory located remotely from the processor 60, which may be connected to the electronic device through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
And the communication module 62 is used for establishing connection with the display screen and realizing data interaction with the display screen. The input device 63 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic apparatus.
The electronic device provided in this embodiment may execute the processing method of the container mirror image warehouse provided in any embodiment of the present invention, and its corresponding functions and advantages are described in detail.
EXAMPLE five
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, perform a method for processing a container mirror repository, the method including:
receiving the mirror image file uploaded by the client through the warehouse entrance;
determining a bucket belonging to the same region as the client as a candidate bucket;
determining a candidate bucket suitable for storing the image file as a target bucket;
and storing the image file to the target storage bucket.
Alternatively, the first and second electrodes may be,
receiving a downloading instruction sent by a client through the warehouse entrance;
determining a mirror image file according to the downloading instruction;
determining candidate buckets belonging to the same region as the client;
determining a target bucket from the candidate buckets, wherein the target bucket is used for providing the image file to a client;
and sending the image file stored in the target storage bucket to the client.
Of course, the storage medium provided by the embodiment of the present invention contains computer-executable instructions, and the computer-executable instructions are not limited to the method operations described above, and may also perform related operations in the processing method of the container mirror repository provided by any embodiment of the present invention.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes instructions for enabling a computer electronic device (which may be a personal computer, a server, or a network electronic device) to execute the methods according to the embodiments of the present invention.
It should be noted that, in the embodiment of the processing apparatus of the container mirror warehouse, the included units and modules are only divided according to functional logic, but are not limited to the above division, as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (12)
1. A method of processing a container mirror warehouse, wherein a container mirror warehouse comprises a warehouse entry and at least two buckets, the buckets being deployed in at least two regions, the method comprising:
receiving the mirror image file uploaded by the client through the warehouse entrance;
determining a bucket belonging to the same region as the client as a candidate bucket;
determining a candidate bucket suitable for storing the image file as a target bucket;
and storing the image file to the target storage bucket.
2. The method of claim 1, wherein the bucket is configured with a first attribute that represents a region in which the bucket is deployed;
the determining the buckets belonging to the same region as the client comprises:
determining an IP address of the client;
determining the area to which the IP address belongs;
and if the area for deploying the bucket comprises the area to which the IP address belongs, determining that the bucket is a candidate bucket.
3. The method of claim 1, wherein determining the candidate bucket suitable for storing the image file comprises:
determining a bucket number for the candidate bucket;
determining a hash value of the image file;
matching the hash value with the bucket number;
and if the matching is successful, determining that the candidate bucket corresponding to the bucket number is a target bucket suitable for storing the image file.
4. The method of claim 3, wherein matching the hash value to the bucket number comprises:
establishing a hash ring by taking the barrel number of the candidate storage barrel as a node;
mapping the hash value onto the hash ring;
determining a barrel number closest to the hash value on the hash ring to serve as a target barrel number;
and taking the candidate bucket corresponding to the target bucket number as a target bucket for storing the image file.
5. The method according to any one of claims 1 to 4,
after storing the image file to the target bucket, the method further includes:
and storing the image file into a bucket outside the region.
6. The method of claim 5, wherein storing the image file in a bucket outside the locality comprises:
storing the image file into all buckets outside the region;
alternatively, the first and second electrodes may be,
selecting one bucket from buckets deployed in each region except the region as a characteristic bucket;
and storing the image file into the characteristic storage bucket.
7. The method according to any one of claims 1 to 4, wherein before receiving the image file uploaded by the client through the repository portal, the method further comprises:
carrying out identity verification on the client;
and if the verification fails, forbidding the client to upload and download the image file.
8. A method of processing a container mirror warehouse, wherein a container mirror warehouse comprises a warehouse entry and at least two buckets, the buckets being deployed in at least two regions, the method comprising:
receiving a downloading instruction sent by a client through the warehouse entrance;
determining a mirror image file according to the downloading instruction;
determining candidate buckets belonging to the same region as the client;
determining a target bucket from the candidate buckets, wherein the target bucket is used for providing the image file to a client;
and sending the image file stored in the target storage bucket to the client.
9. A container mirror storage processing apparatus, wherein a container mirror storage comprises a storage entrance and at least two buckets, the buckets being deployed in at least two regions, the apparatus comprising:
the mirror image file receiving module is used for receiving the mirror image file uploaded by the client through the warehouse entrance;
a candidate bucket first determining module, configured to determine a bucket belonging to the same region as the client as a candidate bucket;
a target bucket first determination module, configured to determine a candidate bucket suitable for storing the image file as a target bucket;
and the mirror image file storage module is used for storing the mirror image file to the target storage bucket.
10. A container mirror storage processing apparatus, wherein a container mirror storage comprises a storage entrance and at least two buckets, the buckets being deployed in at least two regions, the apparatus comprising:
the download instruction receiving module is used for receiving a download instruction sent by a client through the warehouse entrance;
the image file determining module is used for determining an image file according to the downloading instruction;
a second candidate bucket determining module, configured to determine a candidate bucket that belongs to the same region as the client;
a target bucket second determination module, configured to determine a target bucket from the candidate buckets, where the target bucket is used to provide the image file to the client;
and the image file sending module is used for sending the image file stored in the target storage bucket to the client.
11. An electronic device, comprising:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement a method of processing a container mirror store according to any of claims 1-8.
12. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a method of processing a container mirror repository according to any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910707965.7A CN112306970B (en) | 2019-08-01 | 2019-08-01 | Processing method, device, equipment and storage medium of container mirror warehouse |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910707965.7A CN112306970B (en) | 2019-08-01 | 2019-08-01 | Processing method, device, equipment and storage medium of container mirror warehouse |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112306970A true CN112306970A (en) | 2021-02-02 |
| CN112306970B CN112306970B (en) | 2024-04-19 |
Family
ID=74486278
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910707965.7A Active CN112306970B (en) | 2019-08-01 | 2019-08-01 | Processing method, device, equipment and storage medium of container mirror warehouse |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112306970B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113596162A (en) * | 2021-07-30 | 2021-11-02 | 北京快乐茄信息技术有限公司 | Mirror image file processing method and device, network equipment and storage medium |
| CN117032893A (en) * | 2023-08-14 | 2023-11-10 | 曙光云计算集团有限公司 | Container mirror image management method, device, equipment and medium |
| CN117353922A (en) * | 2023-12-06 | 2024-01-05 | 南京中孚信息技术有限公司 | Method, system, equipment and medium for verifying container mirror image signature in off-line state |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170364303A1 (en) * | 2016-06-17 | 2017-12-21 | Microsoft Technology Licensing, Llc. | Suggesting image files for deletion based on image file parameters |
| CN108228842A (en) * | 2018-01-08 | 2018-06-29 | 平安科技(深圳)有限公司 | Docker mirror sites file memory method, terminal, equipment and storage medium |
| CN109660639A (en) * | 2018-12-11 | 2019-04-19 | 深圳市网心科技有限公司 | A kind of data uploading method, equipment, system and medium |
-
2019
- 2019-08-01 CN CN201910707965.7A patent/CN112306970B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170364303A1 (en) * | 2016-06-17 | 2017-12-21 | Microsoft Technology Licensing, Llc. | Suggesting image files for deletion based on image file parameters |
| CN108228842A (en) * | 2018-01-08 | 2018-06-29 | 平安科技(深圳)有限公司 | Docker mirror sites file memory method, terminal, equipment and storage medium |
| CN109660639A (en) * | 2018-12-11 | 2019-04-19 | 深圳市网心科技有限公司 | A kind of data uploading method, equipment, system and medium |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113596162A (en) * | 2021-07-30 | 2021-11-02 | 北京快乐茄信息技术有限公司 | Mirror image file processing method and device, network equipment and storage medium |
| CN117032893A (en) * | 2023-08-14 | 2023-11-10 | 曙光云计算集团有限公司 | Container mirror image management method, device, equipment and medium |
| CN117353922A (en) * | 2023-12-06 | 2024-01-05 | 南京中孚信息技术有限公司 | Method, system, equipment and medium for verifying container mirror image signature in off-line state |
| CN117353922B (en) * | 2023-12-06 | 2024-03-22 | 南京中孚信息技术有限公司 | Method, system, equipment and medium for verifying container mirror image signature in off-line state |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112306970B (en) | 2024-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Omar et al. | Identity management in IoT networks using blockchain and smart contracts | |
| US11140177B2 (en) | Distributed data authentication and validation using blockchain | |
| US9356928B2 (en) | Mechanisms to use network session identifiers for software-as-a-service authentication | |
| US8196186B2 (en) | Security architecture for peer-to-peer storage system | |
| US8549326B2 (en) | Method and system for extending encrypting file system | |
| US9906371B2 (en) | Secure connection certificate verification | |
| US9258293B1 (en) | Safe and secure access to dynamic domain name systems | |
| KR102152360B1 (en) | System and method for providing data reliability based on blockchain for iot services | |
| US20160285832A1 (en) | Secure consumption of platform services by applications | |
| US9967290B2 (en) | Systems and methods for automating client-side discovery of public keys of external contacts that are secured by DANE using DNSSEC | |
| EP3188441A1 (en) | System and method for automating client-side synchronization of public keys of external contacts | |
| US10404472B2 (en) | Systems and methods for enabling trusted communications between entities | |
| CN112306970B (en) | Processing method, device, equipment and storage medium of container mirror warehouse | |
| Kokoris-Kogias et al. | Managing identities using blockchains and CoSi | |
| US11463431B2 (en) | System and method for public API authentication | |
| US8924725B2 (en) | Authenticated file handles for network file systems | |
| US11882117B1 (en) | System and method for device label scan based zero touch device onboarding and device directory service | |
| WO2022010978A1 (en) | Automation of user identity using network protocol providing secure granting or revocation of secured access rights | |
| US20240146533A1 (en) | Enhanced login processes using proprietary security and protocol for sharing and managing personal information | |
| CN109951481B (en) | Information processing method and system based on block chain network adjacent nodes | |
| CN114745145B (en) | Business data access method, device and equipment and computer storage medium | |
| Mtetwa et al. | Secure the internet of things software updates with ethereum blockchain | |
| KR102263053B1 (en) | A database structure capable of synchronizing data between devices in a local area network environment and a data synchronization method using the same | |
| Bryan et al. | Metalink/http: Mirrors and hashes | |
| WO2023242058A1 (en) | Certificate issuing for virtual network functions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |