CN113347239B - Communication request processing method, device, system, electronic equipment and storage medium - Google Patents

Communication request processing method, device, system, electronic equipment and storage medium Download PDF

Info

Publication number
CN113347239B
CN113347239B CN202110586958.3A CN202110586958A CN113347239B CN 113347239 B CN113347239 B CN 113347239B CN 202110586958 A CN202110586958 A CN 202110586958A CN 113347239 B CN113347239 B CN 113347239B
Authority
CN
China
Prior art keywords
address
target
communication request
communication
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110586958.3A
Other languages
Chinese (zh)
Other versions
CN113347239A (en
Inventor
王业通
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing QIYI Century Science and Technology Co Ltd
Original Assignee
Beijing QIYI Century Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing QIYI Century Science and Technology Co Ltd filed Critical Beijing QIYI Century Science and Technology Co Ltd
Priority to CN202110586958.3A priority Critical patent/CN113347239B/en
Publication of CN113347239A publication Critical patent/CN113347239A/en
Application granted granted Critical
Publication of CN113347239B publication Critical patent/CN113347239B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Abstract

The application discloses a communication request processing method, a device, a system, an electronic device and a storage medium. The method comprises the following steps: monitoring a communication request message between a client and a target cluster, and determining a target physical address corresponding to a target virtual address in an address set of the target cluster, wherein the address set comprises a virtual address of a container group and a physical address of a host machine, which have a corresponding relationship in the target cluster; and exposing a communication response message to the outside of the target cluster, wherein the communication response message carries the target physical address. According to the embodiment of the application, the communication request processing device is deployed in the target cluster, so that the mode of modifying a machine room in the prior art is replaced, and the task load of workers is saved. Meanwhile, the address set is deployed in the communication request processing device, and the communication request message can be actively responded directly based on the address set, so that the problem of intercommunication between the target cluster and an external client is solved on the premise of not transforming a machine room.

Description

Communication request processing method, device, system, electronic equipment and storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method, an apparatus, a system, an electronic device, and a storage medium for processing a communication request.
Background
Kubernets is an open source platform that can automate Linux container operations. It may help users to save many manual deployment and expansion operations of the application containerization process.
At present, when a client deployed outside kubernets needs to perform networking communication with a Pod inside the kubernets, an address of the Pod inside the kubernets and a physical address of a host where the Pod is located need to be exposed to a current network environment. Wherein, pod is the smallest unit of the target cluster, the containers are contained in Pod (container group), and one Pod has one pause container and several service containers.
However, one of the existing exposure methods is to establish a BGP networking, so that a Pod inside kubernets passes through a BGP (border gateway protocol) proxy, and then directly expose an address of the Pod and an address of a host in a network environment. Due to the problem of high packet loss rate of the BGP networking, the BGP networking cannot directly meet the requirements of large-scale machine rooms. Meanwhile, BGP networking is also faced with multi-line transformation of a machine room, which causes the task load of workers to increase. How to solve the problem of intercommunication between a Kubernetes container network and an external client under the premise of not transforming a machine room becomes a technical problem to be solved urgently in the field.
Disclosure of Invention
In order to solve the technical problem or at least partially solve the technical problem, the present application provides a communication request processing method, apparatus, system, electronic device and storage medium.
According to an aspect of an embodiment of the present application, there is provided a communication request processing method, including:
monitoring a communication request message between a client and a target cluster, wherein the communication request message is used for requesting a physical address of a host machine corresponding to a target virtual address;
determining a target physical address corresponding to the target virtual address in an address set of the target cluster, wherein the address set comprises a virtual address of a container group with a corresponding relation in the target cluster and a physical address of a host;
and exposing a communication response message to the outside of the target cluster, wherein the communication response message carries the target physical address.
An embodiment of the present application further provides a communication request processing apparatus, including:
the monitoring module is used for monitoring a communication request message between a client and a target cluster, wherein the communication request message is used for requesting a physical address of a host machine corresponding to a target virtual address;
the query module is used for determining a target physical address corresponding to the target virtual address in an address set of the target cluster, wherein the address set comprises a virtual address of a container group with a corresponding relation in the target cluster and a physical address of a host machine;
and the processing module is used for exposing a communication response message to the outside of the target cluster, wherein the communication response message carries the target physical address.
The embodiment of the application also provides a communication request processing system, which comprises a client, a target cluster and a communication request processing device;
the client is used for sending a communication request message to the target cluster when the target physical address corresponding to the target virtual address is not inquired in the cache table, wherein the communication request message is used for requesting the physical address of the host machine corresponding to the target virtual address;
the target program is deployed in the target cluster and is used for executing the method steps;
the client is further configured to receive a communication response message, where the communication response message carries the target physical address.
The memories finish the mutual communication through a communication bus; wherein: a memory for storing a computer program; a processor for executing the program stored in the memory to execute the steps of the method.
Embodiments of the present application further provide a computer program product containing instructions, which when executed on a computer, cause the computer to perform the steps of the above method.
Compared with the prior art, the technical scheme provided by the embodiment of the application has the following advantages: according to the method and the device, the corresponding relation between the physical address of the host machine in the target cluster and the virtual address of the container group is only needed to be stored in the address set, so that the physical address required by the communication request message can be obtained by directly utilizing the corresponding relation in the address set, and the communication request message is responded based on the obtained physical address. Therefore, the communication between the target cluster and the external network is realized under the condition of not modifying a machine room.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and, together with the description, serve to explain the principles of the application.
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art to obtain other drawings without inventive exercise.
Fig. 1 is a flowchart of a communication request processing method according to an embodiment of the present application;
fig. 2 is a schematic diagram of a communication request processing according to another embodiment of the present application;
fig. 3 is a flowchart of a communication request processing method according to another embodiment of the present application;
fig. 4 is a flowchart of a communication request processing method according to another embodiment of the present application;
fig. 5 is a block diagram of a communication request processing apparatus according to an embodiment of the present application;
fig. 6 is a schematic diagram of a communication request processing system according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the purpose, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be described clearly and completely with reference to the drawings in the embodiments of the present application, it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments, and the illustrative embodiments and descriptions thereof of the present application are used for explaining the present application and do not constitute a limitation to the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another similar entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The embodiment of the application provides a communication request processing method, a communication request processing device, a communication request processing system, electronic equipment and a storage medium. The method provided by the embodiment of the invention can be applied to any required electronic equipment, for example, the electronic equipment can be electronic equipment such as a server and a terminal, and the method is not particularly limited herein, and is hereinafter simply referred to as electronic equipment for convenience in description.
Fig. 1 is a schematic diagram of a communication request processing system provided in an embodiment of the present application, where the system may be implemented as part of or all of an electronic device through software, hardware, or a combination of the two. As shown in fig. 1, the system includes: comprises a client 10, a target cluster 20 and a communication request processing device 30; the communication request processing device may be a virtual program or an entity hardware device.
The communication request processing device 30 is deployed in the target cluster 20, and the deployment manner may be: the method comprises the following steps of directly deploying hosts in a target cluster or individually deploying the hosts in the target cluster. In addition, in the embodiment of the present application, an address set is also deployed in the communication request processing apparatus, where the address set includes: and the virtual address of the container group in the target cluster and the physical address of the physical machine where the container group is located are correspondingly stored in the address set.
In this embodiment, the client 10 is configured to send a communication request message to the target cluster 20 when a target physical address corresponding to the target virtual address is not queried in the cache table, where the communication request message is used to request a physical address of a host corresponding to the target virtual address.
A communication request processing device 30, configured to monitor a communication request packet between a client and a target cluster, where the communication request packet is used to request a physical address of a host corresponding to a target virtual address; determining a target physical address corresponding to a target virtual address in an address set of a target cluster, wherein the address set comprises the virtual address of a container group with a corresponding relation in the target cluster and the physical address of a host machine; and exposing a communication response message to the outside of the target cluster, wherein the communication response message carries the target physical address.
The client 10 is further configured to receive a communication response message, where the communication response message carries the target physical address.
In this embodiment, the client 10 is further configured to send the data packet to a host corresponding to the target physical address, so that the host forwards the data packet to a container group corresponding to the target virtual address.
In the communication request processing system provided in the embodiment of the present application, the communication request processing device is installed in the target cluster, and the communication request packet in the target cluster can be monitored by the communication request processing device, and an active response is performed on the communication request packet under the condition that the target virtual address carried in the communication request packet matches with the virtual address stored in the address set. Therefore, the data packet of the client can be normally sent to the host in the target cluster and then forwarded to the container through the route in the host, and the target cluster is communicated with an external network under the condition that a machine room is not modified.
The embodiment of the application provides a communication request processing method. Fig. 3 is a flowchart of a communication request processing method according to an embodiment of the present application, where as shown in fig. 3, the method is executed in the communication request processing apparatus described above, and the method includes:
step S11, monitoring a communication request message between the client and the target cluster, wherein the communication request message is used for requesting a physical address of a host machine corresponding to the target virtual address.
The method provided by the embodiment of the application is applied to a communication request processing device deployed in a target cluster, and the communication request processing device is used for monitoring a communication request message received by any host machine in the target cluster and actively responding according to the communication request message.
In this embodiment of the present application, a pacp library is provided in the communication request processing apparatus, and the pacp library includes a file descriptor created in advance, and it should be noted that the pacp library is a packet capture function library. And the file descriptor created in the pacp library is used for monitoring the communication request message in the target cluster.
And S12, determining a target physical address corresponding to the target virtual address in an address set of the target cluster, wherein the address set comprises the virtual address of a container group with a corresponding relation in the target cluster and the physical address of a host.
In the embodiment of the application, the address set comprises the virtual addresses of all the container groups in the corresponding storage target cluster and the physical addresses of the hosts, so that the target physical addresses corresponding to the target virtual addresses can be directly inquired from the address set on the basis. At this time, in the embodiment of the present application, the communication request processing apparatus is deployed on each host; alternatively, the communication request processing means is deployed in the target cluster separately.
For example, the target cluster includes: the system comprises a host machine A (a physical address M1), a host machine B (a physical address M2) and a host machine C (a physical address M3), wherein container groups a1 (a virtual address pod 1) and a2 (a virtual address pod 12) deployed on the host machine A, container groups B3 (a virtual address pod 3) and B4 (a virtual address pod 4) deployed on the host machine B, and container groups C5 (a virtual address pod 5) and C6 (a virtual address pod 6) deployed on the host machine C.
As an example, when the content of the address set in each communication request device is the same, the method may include: the physical address M1 and the virtual address Pod1, the virtual address Pod2 are correspondingly stored, the physical address M2 and the virtual address Pod3, the virtual address Pod4 are correspondingly stored, and the physical address M3 and the virtual address Pod5, the virtual address Pod6 are correspondingly stored.
In another embodiment of the present application, in a case where the communication request processing apparatus is deployed on each host, setting the address set in the communication request processing apparatus includes: the physical address of the host where the communication request processing device corresponding to the storage is located and the virtual address of the container group on the host are completely different.
Still taking the foregoing target cluster as an example, the address set of the communication request processing device in the host a includes: the physical address M1, the virtual address Pod1, and the virtual address Pod2 are stored correspondingly. The address set of the communication request processing apparatus in the host B includes: the physical address M2 is stored corresponding to the virtual address Pod3 and the virtual address Pod4. The address set of the communication request processing device in the host C includes: the physical address M3 is stored in association with the virtual addresses Pod5 and Pod6.
Or, in addition to the physical address of the host where the communication request processing device is located and the virtual address of the container group on the host, the address set may also store the physical addresses of other hosts and the virtual addresses of the container group on the other hosts. At this time, the corresponding stored physical address and virtual address in each address set are not identical.
Still taking the foregoing target cluster as an example, the address set of the communication request processing device in the host a includes: the physical address M1 and the virtual address Pod1, the virtual address Pod2 are correspondingly stored, and the physical address M2 and the virtual address Pod3, the virtual address Pod4 are correspondingly stored.
In this embodiment of the present application, when the communication request processing apparatus is deployed in the target cluster alone, the communication request processing apparatus actively responds to all communication request messages.
Or, in the case that the communication request processing device is deployed in each host, and the physical address and the virtual address stored in each address set are the same or not identical, any communication request processing device only needs to respond to a communication request packet whose own address set can match the target physical address. The communication response message can be replied in a broadcast manner, so that any one communication request processing device does not respond to the communication request message any more when receiving the communication response message sent by any other communication request processing device.
Or, when the physical address and the virtual address stored in each address set are completely different, the communication request processing device only actively responds to the communication request message related to the host where the communication request processing device is located.
And S13, exposing a communication response message to the outside of the target cluster, wherein the communication response message carries the target physical address.
In this embodiment of the present application, step S13, exposing the candidate physical address carried in the communication response message corresponding to the communication request message to the target cluster, includes the following steps C1 to C3:
and C1, generating an initial response message corresponding to the communication request message.
And step C2, carrying the target physical address in the initial response message to obtain a communication response message.
And step C3, exposing the communication response message to the outside of the target cluster.
In this embodiment of the present application, the step of exposing the communication response packet to the target cluster may be directly broadcasting the communication response packet outside the target cluster (in this case, the communication response packet may also be broadcast inside the target cluster); or, the communication response message may also be sent to the requester corresponding to the source address carried in the communication request message outside the target cluster, that is, the communication response message is sent to the requester (client) of the communication request message.
In this embodiment of the present application, in step S11, monitoring a communication request packet between a client and a target cluster includes: monitoring a communication message between a client and the target cluster, and determining an ARP message in the communication message as the communication request message.
In the embodiment of the present application, a main process of monitoring a communication packet between a client and a target cluster by a communication request processing apparatus is as follows: acquiring a communication message between a client and a target cluster; and analyzing the message content of the communication message to obtain an analysis result of the communication message, and determining the communication message as a communication request message when the analysis result is used for indicating that the communication message belongs to an ARP message.
It should be noted that various different types of message formats are provided in the communication request processing apparatus, such as a query type message format, an access type message format, and a response type message format.
Because the message formats corresponding to different message types are different, in the embodiment of the application, after the communication request processing device monitors the communication message, the message content of the communication message is detected, and the message format is acquired from the message content, so that whether the message format of the communication message is the same as that of the ARP message is determined, and if the message formats are the same, the communication message data is determined to belong to the ARP message.
In this embodiment, the communication request message is an ARP (Address Resolution Protocol) message. The Address Resolution Protocol (Address Resolution Protocol) is a network transmission Protocol which is very important in a network Protocol packet and has a very close relationship with a network card, and obtains a MAC Address by resolving an IP Address.
In the prior art, the mechanism for sending and responding the ARP message is as follows: if the client sends a data packet to a host, the client searches a physical address corresponding to the IP address of the host from an existing ARP cache table, and then directly writes the data packet into an Ethernet data frame to enable a network card to send the data packet. However, if the client does not find the physical address corresponding to the IP address, there is no way for the packet to be sent immediately. At this time, the client generates a communication request message (i.e., an ARP message used for querying a physical address of the host, where the ARP message carries a target IP address), and broadcasts the communication request message through the local area network. At this time, all hosts in the local area network receive the communication request message, and thus, for any host, if the target IP address carried in the ARP message is identical to the IP address of the host itself, an ARP reply message is returned, and the ARP reply message is used for notifying the requester of the MAC address of the requester itself. On the contrary, if the target IP address received by the host is not the own IP address, for example, when the target IP address is a Pod address deployed in the host, the host may not respond to the ARP packet.
In order to solve the problem of intercommunication between a kubernets container network and an external client, an address set is deployed in a communication request processing device in the embodiment of the application, and a virtual address of a container group and a physical address of a host are correspondingly stored in the address set. Finally, the intercommunication between the network of the target cluster and the external network can be realized on the premise of not influencing the performance of the service network.
As an example, as shown in fig. 2, the target cluster includes a host K1 and a host K2, where Pod1 and Pod2 are deployed in the host K1, and Pod3 and Pod4 are included in the host K3. And a communication request processing device L1 is deployed in the host machine K1, and a communication request processing device L2 is deployed in the host machine K2. Both the communication request processing device L1 and the communication request processing device L2 include the corresponding relationship between the virtual addresses of all the container groups in the target cluster and the physical addresses of the hosts.
In this scenario, when the client T needs to communicate with the Pod3, because the client T does not store the physical address of the host where the Pod3 to be accessed is located, the client T carries the target virtual address of the Pod3 (i.e., the address of the Pod 3) in the communication request message. And broadcasting the communication request message through the local area network, when the host K1 located in the target cluster receives the communication request message, the communication request processing device L1 deployed on the host K1 can simultaneously monitor the communication request message, (similarly, when the host K2 located in the target cluster receives the communication request message, the communication request processing device L2 deployed on the host K2 can also monitor the communication request message). At this time, the communication request processing device L1 queries whether a virtual address matching the target virtual address exists in the address set, and if so, obtains a physical address corresponding to the target virtual address, carries the physical address in a response message corresponding to the communication request message, and exposes the physical address to the outside of the target cluster.
In another embodiment of the present application, in order to ensure the communication security between the target cluster and the client, the security verification may be further performed on the communication request packet in step S12, which specifically includes the following steps B1 to B3:
and step B1, carrying out security verification on the communication request message.
And step B2, when the communication request message passes the verification, analyzing the target virtual address from the communication request message.
In an embodiment of the present application, the performing security verification on the communication request packet includes: and determining the message length corresponding to the message header in the communication request message, and then judging whether the message length corresponding to the message header is the same as the preset length or not, thereby completing the safety verification. In this case, when the message length is the same as the preset message length, it is determined that the communication request message passes verification; otherwise, the communication request message is not verified.
Or, in another embodiment of the present application, the performing security verification on the communication request packet includes: and detecting each parameter in the message header of the communication request message, and determining whether each parameter is in a legal value range. In this case, if each parameter of the message header is in the legal value domain, it is determined that the communication request message passes the verification; otherwise, the communication request message is not verified.
And step B3, determining a target physical address corresponding to the target virtual address in the address set of the target cluster.
In the embodiment of the application, because the communication request message is composed of the message header and the message content, the message header can be directly read after the communication request message is acquired.
It should be noted that, because the communication request processing apparatus needs to process the ARP packet and the header of the ARP packet carries the virtual address, when the packet length of the header is the same as the preset packet length, it is determined that the target virtual address is complete, and at this time, the target virtual address may be read from the header.
In the embodiment of the application, the security of the source of the communication request message can be determined by verifying the communication request message, if the communication request message fails to be verified, the security of the source of the communication request message is determined to be low, and the communication request message cannot be responded, so that the condition that the address of a target cluster is leaked is avoided.
On the basis of any one of the foregoing embodiments, the communication request processing method provided in the embodiment of the present application may further include the following steps:
and updating the address set based on the deployment relationship between the host and the container group.
In this embodiment of the present application, when any one of the host and the container group in the target cluster changes, the deployment relationship between the host and the container group also changes correspondingly, so that the correspondence between the physical address of the host in the address set and the virtual address of the container group can be updated based on the deployment relationship.
Any one of the host and the container group changes, which may include but is not limited to at least one of the following scenarios: a new container group is deployed in the host machine, a new deployment host machine is deployed in the target cluster, a container group on the new deployment host machine, and the like. The embodiment of the present application is not particularly limited to the reason why the deployment relationship changes.
It is understood that the triggering conditions for this step include, but are not limited to: and updating the deployment relationship. For example, but not limited to: timing update, update in response to an operation instruction of a user, and the like, which are not exhaustive.
After the step is triggered, whether the address set needs to be updated or not can be determined based on the deployment relationship between the host and the container group. That is, after the step is triggered, if the deployment relationship changes, the address set may be updated; or if the deployment relationship is not changed, invalid updating is not needed, so that system resources are saved.
In the embodiment of the present application, as shown in fig. 4, updating the address set based on the deployment relationship between the host and the container group specifically includes the following steps:
step S21, updating the physical address of each host machine and the virtual address of each container group in the current target cluster to obtain the deployment relationship between each host machine and each container group in the target cluster;
in the embodiment of the present application, obtaining the deployment relationship between the host and the container group may include, but is not limited to, at least one of the following manners:
(1) Periodically acquiring the deployment relationship between the host and the container group from the target cluster, for example: and acquiring the deployment relationship between the host machine and the container group at preset time intervals.
(2) Monitoring the updating information of the host machine and/or the container group in the target cluster, and acquiring the deployment relation between the host machine and the container group according to the updating information. The update information may be monitored by the communication request processing device after the target cluster is automatically updated, or monitored by the communication request processing device after the target cluster is manually updated by the worker. In addition, after the abnormal information in the target cluster is obtained, the change information of the host and/or the container group in the target cluster can be monitored.
In this embodiment of the application, the target cluster may update the container groups deployed in the host periodically, for example, update the number of the container groups deployed in the host, and the like, and after the target cluster completes updating the container groups deployed in the host, the communication request processing device may monitor the update information. Alternatively, after the worker manually updates the host/container group in the target cluster, the communication request processing device may listen to the update information.
(3) Randomly acquiring a deployment relationship between a host and a container group, for example: and acquiring the deployment relation between the host and the container group from the target cluster at irregular intervals.
(4) And the target cluster actively sends the update information to the communication request processing device, and the communication request processing device acquires the deployment relationship between the host machine and the container group according to the update information.
Wherein the address set comprises: the virtual address of each container group in the target cluster, and the physical address of the host machine corresponding to each virtual address. The address set is previously deployed in the communication request processing device by a developer or is automatically updated periodically.
As an example, when a new container group is deployed in the target cluster, or a container group in the target cluster is eliminated, the communication request processing device may listen to the update information, and the update information may include: the virtual address of the new container group and the physical address of the host corresponding to the new container group, or the virtual address of the eliminated container group and the physical address of the host corresponding to the eliminated container group. And then the communication request processing device acquires the deployment relationship between the host and the container group according to the updating information.
And S22, updating the corresponding relation between the virtual address of the container group in the address set and the physical address of the host machine based on the deployment relation.
In this embodiment of the present application, after obtaining the deployment relationship between the host and the container group, the communication request processing apparatus performs correspondence between the virtual address of the container group in the address set and the physical address of the host according to the deployment relationship.
In an embodiment of the present application, if each address set includes virtual addresses of all container groups in a corresponding storage target cluster and physical addresses of hosts (that is, each address set is the same), when the address sets are updated, each address set is updated synchronously, and each updated address set is the same.
In another embodiment of the present application, if the address set includes a correspondence between a virtual address of a container group in the target cluster and a physical address of the host (that is, each address set is different or not identical), when the address set is updated, only the address set corresponding to the physical address and the virtual address carried in the update information is updated. For example, address set 1 includes: the physical address M1, the virtual address Pod1, and the virtual address Pod2 are stored correspondingly. The address set 2 includes: and when the physical address carried in the update information is M2 and the Pod5 stored corresponding to the physical address M2, the address set 2 is updated only according to the update information, and the address set 1 is unchanged.
According to the embodiment of the application, the communication request message can be responded in time by updating the address set in real time, so that the communication efficiency between host machines is ensured, and the service quality is improved.
The method provided by the embodiment of the application further comprises the following steps: and in the address set of the target cluster, under the condition that a target physical address corresponding to the target virtual address is not obtained, adding the communication request message into a history message set, wherein the history message set is used for recording the history communication request message which is not matched with the corresponding physical address. The historical message set may be null, and in the case that the historical message set is null, it means that all the historical communication request messages have been responded.
According to the embodiment of the application, the communication request message which does not acquire the target physical address from the address set is added to the historical message set, and after the address set is updated, whether the target physical address corresponding to the target virtual address exists in the updated address set can be determined again. The specific process is as follows:
fig. 5 is a flowchart of a communication request processing method according to an embodiment of the present application, and as shown in fig. 5, the method may include the following steps:
step S31, based on the updated address set, carrying out address matching on the historical communication request message in the historical message set;
and after the address set is updated, acquiring a historical communication request message from the historical message set, acquiring a historical virtual address from the historical communication request message, and matching the historical virtual address with the address set.
And step S32, when the physical address matched with the historical virtual address is matched, exposing a communication response message corresponding to the historical communication request message to the outside of the target cluster.
In the embodiment of the application, a historical virtual address is obtained from a historical message set, the historical virtual address is matched with an address in an updated address set to obtain a physical address matched with the history, and the physical address is determined as a first historical virtual address.
Then, a first historical communication request message corresponding to the first historical virtual address is obtained from the historical communication request message. And carrying the matched physical address in a first communication response message corresponding to the first historical communication request message, and exposing the first communication response message to the outside of the target cluster.
In addition, as a possible implementation manner, the carrying of the matched physical address in the first communication response message corresponding to the first historical communication request message and the exposing of the first communication response message to the outside of the target cluster includes:
determining a target time for receiving the first historical communication request message and a current time, calculating a time difference according to the target time and the current time, and determining a message with the time difference falling into a preset validity period in the first historical communication request message as a second historical communication request message. Therefore, the unexpired message in the first historical communication request message is determined as the second historical communication request message.
After the second historical communication request message is determined, a communication response message corresponding to the second historical communication request message is constructed, a newly added physical address corresponding to the second historical virtual address is carried in the communication response message corresponding to the second historical communication request message, and the second communication response message is exposed out of the target cluster.
In this embodiment of the present application, after the history that is matched to the physical address is virtually determined to be the first virtual address, the first history communication request message corresponding to the first virtual address needs to be deleted from the history message set, so as to complete the update of the history message set.
In the embodiment of the application, after the updated address set is obtained, the historical communication request message still in the validity period is processed by using the address set, and a corresponding response message is generated. By the method, the client is not required to resend the communication request message under the condition that the client does not receive the response message in time, so that the communication efficiency between the host machines is improved.
As an example, a client a deployed outside a target cluster and a host B to be communicated with the client a are determined, the host B is deployed in the target cluster, and the host B is deployed with a communication request processing device, an address set is arranged in the device, and the address set includes physical addresses of all hosts in the target cluster and virtual addresses of container groups having corresponding relations with the physical addresses. Other host machines are also deployed in the target cluster.
Wherein the physical address corresponding to the client A is 0A-11-22-33-44-01; the virtual address of the pod3 in the host B is 192.168.1.2, and the physical address of the host B is 0A-11-22-33-44-02; wherein a pod is the smallest unit of a target cluster, the containers are contained in the pod, and one pod has one pause container and several service containers, and in short, a pod is a container group, and a container refers to a container alone.
When the Pod1 of the client a needs to communicate with the Pod3 of the host B, the address resolution protocol may obtain the physical address of the host B according to the virtual address of the Pod3 in the host B, and the following is a work flow:
(1) And inquiring the target virtual address of the target container group pod3 to be accessed based on the cache information set on the client A.
(2) And if the physical address corresponding to the target virtual address is not inquired in the cache information by the client A, generating a communication request message, and sending the communication request message to the target cluster, wherein the physical address of the client A and the target virtual address of the pod3 are both included in the communication request message.
(3) And if the communication request processing devices on other host machines in the target cluster receive the communication request message, the communication request processing devices on other host machines inquire whether a virtual address matched with the target virtual address of the pod3 exists in the local address set. If the communication request processing devices on other host machines inquire the target virtual address, the communication request processing devices on other host machines can acquire the target physical address corresponding to the virtual address, write the acquired target physical address into a communication response message, and feed back the communication response message to the client A.
(4) When the client a receives the communication response messages sent by other hosts in the target cluster, the virtual address of Pod3 in the host B and the physical address of the host B are used for mapping and stored in the cache information of the client a. Subsequently, the communication between the client A and the host B in the target cluster can be realized according to the physical address of the host B.
According to the embodiment of the application, the virtual address is obtained by monitoring the communication request message received by the host machine, and the virtual address corresponding to the virtual address is inquired from the address set, so that the problem of intercommunication between the container network and an external network is solved, and the service efficiency is improved. In addition, compared with the prior art, the network of the machine room does not need to be reconstructed. And development and testing of services can be carried out in advance, and the research and development period is shortened.
Fig. 6 is a block diagram of a communication request processing apparatus provided in an embodiment of the present application, where the apparatus may be implemented as part of or all of an electronic device through software, hardware, or a combination of the two. As shown in fig. 6, the apparatus includes:
a monitoring module 61, configured to monitor a communication request packet between a client and a target cluster, where the communication request packet is used to request a physical address of a host corresponding to a target virtual address;
a determining module 62, configured to determine, in an address set of the target cluster, a target physical address corresponding to the target virtual address, where the address set includes a virtual address of a container group having a correspondence relationship in the target cluster and a physical address of a host;
and the processing module 63 is configured to expose the communication response message to the outside of the target cluster, where the communication response message carries the target physical address.
In this embodiment of the present application, the monitoring module is specifically configured to monitor a communication packet between a client and a target cluster, and determine an ARP packet in the communication packet as a communication request packet.
In the embodiment of the present application, the determining module 62 includes:
the verification submodule is used for carrying out safety verification on the communication request message;
the analysis submodule is used for analyzing the target virtual address from the communication request message when the communication request message passes the verification;
and the determining submodule is used for determining a target physical address corresponding to the target virtual address in the address set of the target cluster.
In the embodiment of the application, the verification sub-module is used for determining the message length corresponding to the message header in the communication request message; the communication request message passes the verification, and the method comprises the following steps: the message length is the same as the preset message length.
In an embodiment of the present application, the apparatus further includes: and the updating module is used for updating the address set based on the deployment relation of the host machine and the container group.
In this embodiment of the present application, the updating module is specifically configured to update a physical address of each host in the current target cluster and a virtual address of each container group, so as to obtain a deployment relationship between each host and each container group in the target cluster; and updating the corresponding relation between the virtual address of the container group in the address set and the physical address of the host machine based on the deployment relation.
In an embodiment of the present application, the apparatus further includes: the matching module is used for carrying out address matching on the historical communication request message in the historical message set based on the updated address set; and when the physical address matched with the history is matched, exposing a communication response message corresponding to the history communication request message to the outside of the target cluster.
An embodiment of the present application further provides an electronic device, as shown in fig. 7, the electronic device may include: a processor 1501, a communication interface 1502, a memory 1503 and a communication bus 1504, wherein the processor 1501, the communication interface 1502 and the memory 1503 complete communication with each other through the communication bus 1504.
A memory 1503 for storing a computer program;
the processor 1501 is configured to implement the steps of any one of the method embodiments described above when executing the computer program stored in the memory 1503.
The communication bus mentioned in the above terminal may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this is not intended to represent only one bus or type of bus.
The communication interface is used for communication between the terminal and other equipment.
The Memory may include a Random Access Memory (RAM) or a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the Integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component.
In another embodiment provided by the present application, a computer-readable storage medium is further provided, which has instructions stored therein, and when the computer-readable storage medium runs on a computer, the computer is caused to execute the communication request processing method in any one of the above embodiments.
In yet another embodiment provided by the present application, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform the communication request processing method of any of the above embodiments.
In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware, or any combination thereof. When implemented in software, it may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The procedures or functions described in accordance with the embodiments of the application are all or partially generated when the computer program instructions are loaded and executed on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, digital subscriber line) or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk), among others.
The above description is only for the preferred embodiment of the present application, and is not intended to limit the scope of the present application. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application are included in the protection scope of the present application.
The above description is merely exemplary of the present application and is presented to enable those skilled in the art to understand and practice the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (11)

1. A method for processing a communication request, comprising:
monitoring a communication request message between a client and a target cluster, wherein the communication request message is used for requesting a physical address of a host machine corresponding to a target virtual address;
determining a target physical address corresponding to the target virtual address in an address set of the target cluster, wherein the address set comprises a virtual address of a container group with a corresponding relation in the target cluster and a physical address of a host;
and exposing a communication response message to the outside of the target cluster, wherein the communication response message carries the target physical address, so that the client sends a data packet to a host machine corresponding to the target physical address, and the host machine corresponding to the target physical address forwards the data packet to a container group corresponding to the target virtual address.
2. The method of claim 1, wherein intercepting the communication request message between the client and the target cluster comprises:
monitoring a communication message between the client and the target cluster, and determining an ARP message in the communication message as the communication request message.
3. The method of claim 2, wherein the determining, in the address set of the target cluster, a target physical address corresponding to the target virtual address comprises:
carrying out security verification on the communication request message;
when the communication request message passes the verification, the target virtual address is analyzed from the communication request message;
and determining a target physical address corresponding to the target virtual address in the address set of the target cluster.
4. The method according to claim 3, wherein the performing security verification on the communication request message comprises:
determining the message length corresponding to the message header in the communication request message;
and when the message length is the same as the preset message length, determining that the communication request message passes the verification.
5. The method according to any one of claims 1-4, further comprising:
and updating the address set based on the deployment relationship between the host and the container group.
6. The method according to claim 5, wherein the updating the address set based on the deployment relationship between the host and the container group comprises:
updating the physical address of each host machine and the virtual address of each container group in the current target cluster to obtain the deployment relationship between each host machine and each container group in the target cluster;
and updating the corresponding relation between the virtual address of the container group in the address set and the physical address of the host machine based on the deployment relation.
7. The method of claim 5, wherein after updating the set of addresses based on a deployment relationship of a host to a group of containers, the method further comprises:
based on the updated address set, carrying out address matching on the historical communication request message in the historical message set;
and when the physical address matched with the history is matched, exposing a communication response message corresponding to the history communication request message to the outside of the target cluster.
8. A communication request processing apparatus, comprising:
the monitoring module is used for monitoring a communication request message between a client and a target cluster, wherein the communication request message is used for requesting a physical address of a host machine corresponding to a target virtual address;
the query module is used for determining a target physical address corresponding to the target virtual address in an address set of the target cluster, wherein the address set comprises a virtual address of a container group and a physical address of a host machine, which have a corresponding relationship in the target cluster;
and the processing module is used for exposing a communication response message to the outside of the target cluster, wherein the communication response message carries the target physical address, so that the client sends a data packet to a host corresponding to the target physical address, and the host corresponding to the target physical address forwards the data packet to a container group corresponding to the target virtual address.
9. A communication request processing system is characterized by comprising a client, a target cluster and a communication request processing device;
the client is used for sending a communication request message to the target cluster when a target physical address corresponding to the target virtual address is not queried in the cache table, wherein the communication request message is used for requesting a physical address of a host machine corresponding to the target virtual address and is also used for sending a data packet to the host machine corresponding to the target physical address so that the host machine forwards the data packet to a container group corresponding to the target virtual address;
the communication request processing device, deployed in the target cluster, for performing the method steps of any one of claims 1 to 7;
the client is further configured to receive a communication response message, where the communication response message carries the target physical address.
10. A storage medium, characterized in that the storage medium comprises a stored program, wherein the program is operative to perform the method steps of any of the preceding claims 1 to 7.
11. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus; wherein:
a memory for storing a computer program;
a processor for performing the method steps of any one of claims 1-7 by executing a program stored on a memory.
CN202110586958.3A 2021-05-27 2021-05-27 Communication request processing method, device, system, electronic equipment and storage medium Active CN113347239B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110586958.3A CN113347239B (en) 2021-05-27 2021-05-27 Communication request processing method, device, system, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110586958.3A CN113347239B (en) 2021-05-27 2021-05-27 Communication request processing method, device, system, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113347239A CN113347239A (en) 2021-09-03
CN113347239B true CN113347239B (en) 2023-01-10

Family

ID=77471821

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110586958.3A Active CN113347239B (en) 2021-05-27 2021-05-27 Communication request processing method, device, system, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113347239B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107783913A (en) * 2016-08-31 2018-03-09 华为技术有限公司 A kind of resource access method and computer applied to computer
CN107209724B (en) * 2015-03-27 2020-02-14 华为技术有限公司 Data processing method, memory management unit and memory control equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9571300B2 (en) * 2014-04-28 2017-02-14 International Business Machines Corporation Reducing encapsulation overhead in overlay-based networks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107209724B (en) * 2015-03-27 2020-02-14 华为技术有限公司 Data processing method, memory management unit and memory control equipment
CN107783913A (en) * 2016-08-31 2018-03-09 华为技术有限公司 A kind of resource access method and computer applied to computer

Also Published As

Publication number Publication date
CN113347239A (en) 2021-09-03

Similar Documents

Publication Publication Date Title
CN110677405B (en) Data processing method and device, electronic equipment and storage medium
US20200382578A1 (en) Communication Method, System and Apparatus
CN112887444A (en) VPN (virtual private network) request processing method, client device and system
CN107360184B (en) Terminal equipment authentication method and device
JP2015525991A (en) Packet receiving method, deep packet inspection apparatus and system
CN109150741B (en) Message sending method and device, electronic equipment and storage medium
CN110830606A (en) Method and device for solving abnormal DNS cache and computer readable storage medium
CN113141405A (en) Service access method, middleware system, electronic device, and storage medium
CN113608865A (en) Flow control method, device, system, electronic equipment and storage medium
CN113347239B (en) Communication request processing method, device, system, electronic equipment and storage medium
CN117056920A (en) Information acquisition method and device, electronic equipment and storage medium
CN112367415B (en) Generation method and device of attribute information, electronic equipment and computer readable medium
CN110769462B (en) Network access control method and device
CN114338794A (en) Service message pushing method and device, electronic equipment and storage medium
CN109756543B (en) Decoupling system and method for program association
CN114006942A (en) Data processing method, system, electronic equipment and storage medium
CN114070624A (en) Message monitoring method and device, electronic equipment and medium
CN109688204B (en) File downloading method, node and terminal based on NDN (named data networking)
CN109729043B (en) Method, device and system for preventing attack message
CN114615235A (en) Method, device and computer program product for managing addresses of devices in a network
CN113923008B (en) Malicious website interception method, device, equipment and storage medium
CN111371602B (en) Alarm information processing method and equipment
CN113347040B (en) Configuration changing method and device and electronic equipment
CN113992583B (en) Table item maintenance method and device
CN117492933B (en) Data exchange method, device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant