CN114615168A - Application level monitoring method and device, electronic equipment, storage medium and product - Google Patents
Application level monitoring method and device, electronic equipment, storage medium and product Download PDFInfo
- Publication number
- CN114615168A CN114615168A CN202210291662.3A CN202210291662A CN114615168A CN 114615168 A CN114615168 A CN 114615168A CN 202210291662 A CN202210291662 A CN 202210291662A CN 114615168 A CN114615168 A CN 114615168A
- Authority
- CN
- China
- Prior art keywords
- main service
- network flow
- service
- network
- network traffic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 88
- 238000000034 method Methods 0.000 title claims abstract description 70
- 238000005206 flow analysis Methods 0.000 claims abstract description 9
- 238000004458 analytical method Methods 0.000 claims description 41
- 238000004590 computer program Methods 0.000 claims description 27
- 239000000126 substance Substances 0.000 claims description 4
- 238000012806 monitoring device Methods 0.000 abstract description 7
- 238000004891 communication Methods 0.000 description 16
- 238000010586 diagram Methods 0.000 description 11
- 238000012545 processing Methods 0.000 description 11
- 238000005065 mining Methods 0.000 description 6
- 238000012423 maintenance Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 238000013473 artificial intelligence Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 239000011521 glass Substances 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 239000003795 chemical substances by application Substances 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0876—Network utilisation, e.g. volume of load or congestion level
Abstract
The invention discloses an application level monitoring method, an application level monitoring device, electronic equipment, a storage medium and a product. The method comprises the following steps: obtaining the network flow of the main service through the network flow analysis service; and sending the network flow of the main service to server-side equipment so that the server-side equipment monitors the main service according to the network flow of the main service. By using the method, the purpose of monitoring the main service application level index can be realized by capturing the network flow.
Description
Technical Field
The embodiment of the invention relates to the technical field of microservice cluster security, in particular to an application level monitoring method, an application level monitoring device, electronic equipment, a storage medium and a product.
Background
Service components in the Kubernetes microservice cluster, whether http service, database service or middleware service, need to monitor the working state of the service in real time, monitor whether the throughput response time of the service is normal, and whether the load needs to be adjusted during service invocation.
Traditional operation and maintenance monitoring tools focus more on infrastructure or single software security protection. At present, services and components of a plurality of enterprises are hosted in virtualization machines of private cloud, public cloud or mixed cloud, most manufacturers monitor service states from the aspect of application performance management, agents are developed for each type of service, application state information is collected, and generated logs are sent to a log analysis monitoring platform in a unified mode to complete a monitoring function.
However, a cloud platform cluster is different from a certain device or system, different types of components are arranged in the cluster, different types of communication protocols are arranged in the cluster, log standards are also different, a log format needs to be standardized, then massive logs need to be gathered, a large amount of workload is brought to upper-layer application analysis work, and fine monitoring and management of a specific application are difficult. Therefore, the monitoring of the kubernets micro-service cluster cannot be well realized by a log mode.
Disclosure of Invention
The invention provides an application level monitoring method, an application level monitoring device, electronic equipment, a storage medium and a product, which realize application level monitoring from the perspective of network flow and solve the problem that in the prior art, in the process of analyzing logs generated by application state information, the application level monitoring cannot be well finished because the log standards are not uniform and the unified analysis cannot be performed.
According to an aspect of the present invention, there is provided an application level monitoring method, including:
obtaining network flow information of the main service through a network flow analysis service;
and sending the network flow information of the main service to server-side equipment so that the server-side equipment monitors the main service according to the network flow information of the main service.
According to another aspect of the present invention, there is provided an application level monitoring method, comprising:
receiving network flow information of a main service sent by a client, wherein the network flow information of the main service is obtained through a network flow analysis service;
and monitoring the main service according to the network flow information.
According to another aspect of the present invention, there is provided an application level monitoring apparatus applied to a client device, including:
the acquisition module is used for acquiring network traffic information of the main service through the network traffic analysis service;
and the sending module is used for sending the network flow information of the main service to the server side equipment so that the server side equipment monitors the main service according to the network flow information of the main service.
According to another aspect of the present invention, there is provided an application level monitoring apparatus, applied to a server device, including:
the receiving module is used for receiving network traffic information of a main service sent by a client, wherein the network traffic information of the main service is acquired through a network traffic analysis service;
and the monitoring module is used for monitoring the main service according to the network flow information.
According to another aspect of the present invention, there is provided a client device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to enable the at least one processor to perform an application level monitoring method according to an aspect of the invention.
According to another aspect of the present invention, there is provided a server device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform an application level monitoring method according to another aspect of the invention.
According to another aspect of the present invention, there is provided a computer-readable storage medium storing computer instructions for causing a processor to implement the application level monitoring method according to any one of the embodiments of the present invention when the computer instructions are executed.
According to the technical scheme of the embodiment of the invention, the monitoring on various applications in the Kubernetes micro-service cluster is realized through the network flow of different application services acquired by the network flow analysis service. The problem that application level monitoring cannot be effectively realized due to the fact that log standards are not uniform in the prior art is solved, and the beneficial effect of effectively monitoring various applications in the Kubernets micro-service cluster is achieved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present invention, nor do they necessarily limit the scope of the invention. Other features of the present invention will become apparent from the following description.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of an application level monitoring method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of an application-level monitoring method according to a second embodiment of the present invention;
fig. 3 is a schematic diagram illustrating a message parsing in an application-level monitoring method according to a second embodiment of the present invention;
fig. 4 is a schematic structural diagram of an application level monitoring apparatus according to a third embodiment of the present invention;
fig. 5 is a schematic structural diagram of an application-level monitoring apparatus according to a fourth embodiment of the present invention;
fig. 6 is a schematic structural diagram of a client device according to a fifth embodiment of the present invention;
fig. 7 is a schematic structural diagram of a server device according to a fifth embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention. It should be understood that the various steps recited in the method embodiments of the present invention may be performed in a different order and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the invention is not limited in this respect.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It is noted that references to "a", "an", and "the" modifications in the present invention are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that reference to "one or more" unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present invention are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
Example one
Fig. 1 is a flowchart of an application-level monitoring method according to an embodiment of the present invention, where the method is applicable to monitoring various applications in a microservice cluster, and the method may be executed by an application-level monitoring apparatus, where the apparatus may be implemented by software and/or hardware and is generally integrated on a client device, and in this embodiment, the client device includes but is not limited to: computers, smart phones, etc.
As shown in fig. 1, an application level monitoring method provided in an embodiment of the present invention includes the following steps:
and S110, obtaining the network flow information of the main service through the network flow analysis service.
In this embodiment, various applications, i.e., main services, in the kubernets microservices cluster of the client device perform data transmission through different communication protocols, and different applications perform data transmission by using the communication protocols, i.e., generate network traffic. The different communication protocols may include mysql protocol, mongodb protocol, application layer, transport layer, network layer, etc. of TCP/IP network protocol stack.
The network traffic is an information amount passing through a network device or a transmission medium in a unit time, such as a number of messages, a number of packets, or a number of bytes.
In this embodiment, by deploying the network traffic analysis service in the kubernets micro-service cluster, the network traffic of the main service can be further obtained through the network traffic analysis service, the network traffic information is obtained through analysis of the network traffic, and the purpose of monitoring the application level index of the main service is achieved according to the network traffic information.
The network traffic information may be useful information obtained from network traffic. In this embodiment, first, the network traffic of the main service is obtained through the network traffic analysis service, and then the network traffic information is obtained through analysis from the network traffic.
Further, the network traffic analysis service is deployed in a deployable unit in a kubernets microservice cluster of the client device, the deployable unit further includes the main service, and the main service and the network traffic analysis service share a network and a storage.
Wherein, a Pod is the smallest deployable unit that can be created and managed in a kubernets microservices cluster, and each Pod is a group of containers which share the network and storage of the Pod. In this embodiment, each main service is respectively deployed in a corresponding Pod, one main service and one auxiliary service may be deployed in one Pod, the main service may be understood as an application service, and the auxiliary service may be a network traffic analysis service.
Among other things, a network traffic analysis service is a service that records, inspects, and analyzes network traffic for performance, security, or regular network operation and association purposes.
In this embodiment, since the containers share the network and the storage of the Pod, that is, the same network is shared between the main service and the network traffic analysis service, the network traffic analysis service may obtain the network traffic of the main service from the Pod, and further may analyze the network traffic of the main service to obtain the network traffic information.
Further, the obtaining of the network traffic information of the main service through the network traffic analysis service includes: acquiring a network traffic packet from the deployable unit through a network traffic analysis service; acquiring network flow information in the network flow packet, wherein the network flow information in the network flow packet comprises application data, a source address and a destination address of the network flow packet, a source address port and a destination address port, and information in a Tcp packet; matching the network flow information in the network flow packet with a corresponding preset rule, and determining a successfully matched network flow packet; decoding the successfully matched network traffic packet; and using the key information obtained after decoding as the network flow information of the main service.
The network traffic packet may be acquired from a deployable unit in a kubernets microservices cluster, that is, the traffic of the application container network card shared in the Pod is acquired.
In this embodiment, application data may be acquired from an application layer through a network traffic analysis service, a source address and a destination address of a network traffic packet may be acquired from a network layer, and a source address port and a destination address port of the network traffic packet and related information of a Tcp packet may be acquired from a transport layer. Wherein, the relevant information of the Tcp packet may be understood as upper layer information included in the Tcp, such as http application layer information.
In this embodiment, the preset rule may include a broad-spectrum rule and a refinement rule, and the refinement rule may be formed by combining a plurality of broad-spectrum rules. The flow packets can be coarsely screened through the broad-spectrum rules, and can be finely screened through the fine-grained rules. The preset rule may be determined according to the service to be monitored, the monitoring services corresponding to different traffic packets are different, and one main service may include a plurality of traffic packets. For example, the monitored traffic may be used to monitor whether the primary service has mining activity.
For example, if the monitoring service is monitoring whether the main service has a mining behavior, the corresponding preset rule may be a mining rule, the mining rule may be a refinement rule, and the composition of the mining rule may include a rule of a protocol and a rule of a service type. The rules for a business type may include, among other things, the codes for the mill, the mine pit, and the ore machine.
It can be understood that the preset rule may also be updated according to the service characteristics and the user requirements, and the update period may be set according to specific situations, for example, the update is performed in units of days, or in units of weeks.
In this embodiment, the key information obtained after decoding may be determined by the monitored service, and for example, if the monitored service is monitoring whether the main service has a mining behavior, the key information may include a control end IP, an ore machine IP, and the like.
S120, sending the network traffic information of the main service to server-side equipment so that the server-side equipment monitors the main service according to the network traffic information of the main service.
In this embodiment, after the network traffic information of the main service is formed into a message, the message may be sent to the server device in the form of a message, so that the server device monitors the main service by analyzing the network traffic information of the main service after receiving the message.
In an application level monitoring method provided in an embodiment of the present invention, network traffic information of a main service is obtained through a network traffic analysis service; and then sending the network flow information of the main service to server-side equipment so that the server-side equipment monitors the main service according to the network flow information of the main service. By utilizing the method, the flow analysis service can be used for replacing the solution of the self-telling log analysis of each service, the problems of false alarm and missing report can be basically eliminated, the service running state can be monitored in real time, the time for fault finding and positioning is greatly shortened, the workload of operation and maintenance personnel is reduced, and the overall operation and maintenance efficiency is improved.
Example two
Fig. 2 is a flowchart of an application-level monitoring method according to a second embodiment of the present invention, where the method is applicable to monitoring various applications in a microservice cluster, and the method may be executed by an application-level monitoring apparatus, where the apparatus may be implemented by software and/or hardware and is generally integrated on a server device, and in this embodiment, the server device includes but is not limited to: computers, smart phones, etc.
As shown in fig. 2, an application level monitoring method provided in the second embodiment of the present invention includes the following steps:
s210, receiving network flow information of the main service sent by the client, wherein the network flow information of the main service is obtained through a network flow analysis service.
The network traffic information of the main service is sent in the form of a message, that is, the message including the network traffic information of the main service is sent by the client.
In this embodiment, the network traffic analysis service is deployed in a deployable unit in a kubernets microservice cluster of the client device, and all services in one deployable unit can share a network, so that the network traffic analysis service and the main service are deployed in one deployable unit, a traffic packet of the main service can be obtained through the network traffic analysis service, and then the traffic packet can be analyzed, matched, and decoded to obtain network traffic information of the main service.
S220, monitoring the main service according to the network flow information.
In this embodiment, after receiving the network traffic information, the server device may determine the dynamic state of the main service according to the network traffic information, so as to achieve the purpose of monitoring the main service.
Specifically, the monitoring the main service according to the network traffic information includes: analyzing the network flow information; and determining the dynamic state of the main service according to the result obtained after analysis so as to realize the monitoring of the main service.
Wherein, the application protocols are different, and the analysis content of the network flow information is different.
Fig. 3 is a schematic diagram illustrating message parsing in an application-level monitoring method according to a second embodiment of the present invention, where an http protocol message format is parsed as shown in fig. 3, data content of an http protocol is composed of ASCII characters, and an ethernet header, an IP header, a TCP header, TCP data, and FCS check may be obtained by parsing SACII characters. The destination IP and the source IP can be analyzed according to the content shown in fig. 3, and the control relationship can be obtained according to the destination IP and the source IP, so that the dynamic state of the main service can be determined.
Further, after receiving the network traffic information of the main service, the server device may also store and display the network traffic information of the main service.
In the application level monitoring method provided by the second embodiment of the present invention, network traffic information of a main service sent by a client is received, the network traffic information of the main service is obtained through a network traffic analysis service, and then the main service is monitored according to the network traffic information. By utilizing the method, the purpose of monitoring the main service application level index can be realized by capturing the network flow, the problems of false alarm and missing report can be basically eliminated, the service operation state can be monitored in real time, the time for fault finding and positioning is greatly shortened, the workload of operation and maintenance personnel is reduced, and the overall operation and maintenance efficiency is improved.
EXAMPLE III
Fig. 4 is a schematic structural diagram of an application-level monitoring apparatus according to a third embodiment of the present invention, which can be applied to monitoring various applications in a microservice cluster, where the apparatus can be implemented by software and/or hardware and is generally integrated on a client device.
As shown in fig. 4, the apparatus includes: an obtaining module 110 and a sending module 120.
An obtaining module 110, configured to obtain network traffic information of a main service through a network traffic analysis service;
a sending module 120, configured to send the network traffic information of the main service to a server device, so that the server device monitors the main service according to the network traffic information of the main service.
In this embodiment, the apparatus first obtains network traffic information of a main service through the obtaining module 110, where the network traffic information is obtained through a network traffic analysis service; then, the network traffic information of the main service is sent to the server device through the sending module 120, so that the server device monitors the main service according to the network traffic information of the main service.
The embodiment provides an application level monitoring device, which can achieve the purpose of monitoring the application level indexes of the main service through capturing network traffic.
Further, the network traffic analysis service is deployed in a deployable unit in a kubernets microservice cluster of the client device, the deployable unit further includes the main service, and the main service and the network traffic analysis service share a network and a storage.
Further, the obtaining module 110 is specifically configured to: acquiring network flow information in the network flow packet, wherein the network flow information in the network flow packet comprises application data, a source address and a destination address of the network flow packet, a source address port and a destination address port, and information in a Tcp packet; matching the network flow information in the network flow packet with a corresponding preset rule, and determining a successfully matched network flow packet; decoding the successfully matched network traffic packet; and using the key information obtained after decoding as the network flow information of the main service.
The application level monitoring device can execute the application level monitoring method provided by the corresponding embodiment of the invention on the client equipment, and has the corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 5 is a schematic structural diagram of an application-level monitoring apparatus according to a fourth embodiment of the present invention, which is applicable to monitoring various applications in a microservice cluster, where the apparatus can be implemented by software and/or hardware and is generally integrated on a server device.
As shown in fig. 5, the apparatus includes: a receiving module 210 and a monitoring module 220.
A receiving module 210, configured to receive network traffic information of a main service sent by a client, where the network traffic information of the main service is obtained through a network traffic analysis service;
and a monitoring module 220, configured to monitor the main service according to the network traffic information.
In this embodiment, the apparatus first receives, through the receiving module 210, network traffic information of a main service sent by a client, where the network traffic information of the main service is obtained through a network traffic analysis service; the primary service is then monitored by monitoring module 220 based on the network traffic information.
The embodiment provides an application level monitoring device, which can achieve the purpose of monitoring the application level indexes of the main service through capturing network traffic.
Further, the monitoring module 210 is specifically configured to: analyzing the network flow information; and determining the dynamic state of the main service according to the result obtained after analysis so as to realize the monitoring of the main service.
The application level monitoring device can execute the application level monitoring method provided by the corresponding embodiment of the invention on the server side equipment, and has the corresponding functional modules and beneficial effects of the execution method.
EXAMPLE five
Fig. 6 shows a schematic structural diagram of the client device 10. Client devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The client device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 6, the client device 10 includes at least one processor 11, and a memory communicatively connected to the at least one processor 11, such as a Read Only Memory (ROM)12, a Random Access Memory (RAM)13, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 11 can perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM)12 or the computer program loaded from a storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data necessary for the operation of the client device 10 can also be stored. The processor 11, the ROM 12, and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
A number of components in the client device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, or the like; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. The processor 11 performs the various methods and processes described above, such as application level monitoring methods performed by clients.
In some embodiments, the application-level monitoring method performed by the client may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed on the client device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into the RAM 13 and executed by the processor 11, one or more steps of the application level monitoring method performed by the client described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured in any other suitable way (e.g. by means of firmware) as an application level monitoring method executed by the client.
Fig. 7 shows a schematic structural diagram of the client device 10. Client devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The client device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 7, the server device 20 includes at least one processor 21, and a memory communicatively connected to the at least one processor 21, such as a Read Only Memory (ROM)22, a Random Access Memory (RAM)23, and the like, wherein the memory stores a computer program executable by the at least one processor, and the processor 21 can perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM)22 or the computer program loaded from the storage unit 28 into the Random Access Memory (RAM) 23. In the RAM 23, various programs and data necessary for the operation of the server device 20 can also be stored. The processor 21, the ROM 22, and the RAM 23 are connected to each other via a bus 24. An input/output (I/O) interface 25 is also connected to bus 24.
A number of components in the server device 20 are connected to the I/O interface 25, including: an input unit 26 such as a keyboard, a mouse, etc.; an output unit 27 such as various types of displays, speakers, and the like; a storage unit 28, such as a magnetic disk, optical disk, or the like; and a communication unit 29 such as a network card, modem, wireless communication transceiver, etc. The communication unit 29 allows the electronic device 20 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The processor 21 may be any of various general purpose and/or special purpose processing components having processing and computing capabilities. Some examples of the processor 21 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, or the like. The processor 21 performs the various methods and processes described above, such as the application-level monitoring method performed by the server device.
In some embodiments, the application-level monitoring method performed by the server device may be implemented as a computer program tangibly embodied in a computer-readable storage medium, such as storage unit 28. In some embodiments, part or all of the computer program may be loaded and/or installed on the client device 20 via the ROM 22 and/or the communication unit 29. When the computer program is loaded into the RAM 23 and executed by the processor 21, one or more steps of the application level monitoring method performed by the server device described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured in any other suitable way (e.g. by means of firmware) as an application level monitoring method performed by the server device.
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Computer programs for implementing the methods of the present invention can be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be performed. A computer program can execute entirely on a machine, partly on a machine, as a stand-alone software package partly on a machine and partly on a remote machine or entirely on a remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user can be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present invention may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the desired results of the technical solution of the present invention can be achieved.
The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (12)
1. An application level monitoring method applied to a client device, the method comprising:
obtaining network flow information of the main service through a network flow analysis service;
and sending the network flow information of the main service to server-side equipment so that the server-side equipment monitors the main service according to the network flow information of the main service.
2. The method of claim 1, wherein the network traffic analysis service is deployed in a deployable unit in a Kubernets microservice cluster of the client device, wherein the deployable unit further comprises the primary service, and wherein the primary service and the network traffic analysis service share a network and a storage.
3. The method of claim 1, wherein obtaining the network traffic information of the primary service through the network traffic analysis service comprises:
acquiring a network traffic packet from the deployable unit through a network traffic analysis service;
acquiring network flow information in the network flow packet, wherein the network flow information in the network flow packet comprises application data, a source address and a destination address of the network flow packet, a source address port and a destination address port, and information in a Tcp packet;
matching the network flow information in the network flow packet with a corresponding preset rule, and determining a successfully matched network flow packet;
decoding the successfully matched network traffic packet;
and using the key information obtained after decoding as the network flow information of the main service.
4. An application level monitoring method is applied to a server device, and the method comprises the following steps:
receiving network flow information of a main service sent by a client, wherein the network flow information of the main service is obtained through a network flow analysis service;
and monitoring the main service according to the network flow information.
5. The method of claim 4, wherein the monitoring the primary service according to the network traffic information comprises:
analyzing the network flow information;
and determining the dynamic state of the main service according to the result obtained after analysis so as to realize the monitoring of the main service.
6. The method of claim 5, further comprising: and storing and displaying the network flow information.
7. An application level monitoring apparatus, applied to a client device, the apparatus comprising:
the acquisition module is used for acquiring network traffic information of the main service through the network traffic analysis service;
and the sending module is used for sending the network flow information of the main service to the server side equipment so that the server side equipment monitors the main service according to the network flow information of the main service.
8. An application level monitoring apparatus, applied to a server device, the apparatus comprising:
the receiving module is used for receiving network traffic information of a main service sent by a client, wherein the network traffic information of the main service is acquired through a network traffic analysis service;
and the monitoring module is used for monitoring the main service according to the network flow information.
9. A client device, the client device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the application level monitoring method of any one of claims 1-3.
10. A server device, wherein the server device comprises:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the application level monitoring method of any one of claims 4-6.
11. A computer-readable storage medium, characterized in that it stores computer instructions for causing a processor, when executed, to implement the application-level monitoring method of any one of claims 1-3, or to implement the application-level monitoring method of any one of claims 4-6.
12. A computer program product, characterized in that the computer program product comprises a computer program which, when being executed by a processor, implements the application level monitoring method according to any one of claims 1-3 or implements the application level monitoring method according to any one of claims 4-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210291662.3A CN114615168B (en) | 2022-03-22 | Application level monitoring method and device, electronic equipment, storage medium and product |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210291662.3A CN114615168B (en) | 2022-03-22 | Application level monitoring method and device, electronic equipment, storage medium and product |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114615168A true CN114615168A (en) | 2022-06-10 |
| CN114615168B CN114615168B (en) | 2024-05-17 |
Family
ID=
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017105300A1 (en) * | 2015-12-15 | 2017-06-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Network node and analytics arrangement and methods performed thereby for delivering a service to a wireless device |
| CN108039957A (en) * | 2017-11-10 | 2018-05-15 | 上海华讯网络系统有限公司 | Complex network flow bag intelligent analysis system |
| US20180287903A1 (en) * | 2017-03-29 | 2018-10-04 | Ca, Inc. | Adjusting monitoring based on inspection of network traffic |
| US10148619B1 (en) * | 2016-06-24 | 2018-12-04 | EMC IP Holding Company LLC | Identity-based application-level filtering of network traffic |
| CN111796910A (en) * | 2020-07-05 | 2020-10-20 | 江苏中创碳投低碳科技有限公司 | Method for solving low development management and deployment operation and maintenance efficiency of IT enterprise micro-service |
| CN111897641A (en) * | 2020-08-03 | 2020-11-06 | 海信电子科技(武汉)有限公司 | Micro-service monitoring and scheduling method and display equipment |
| CN111901203A (en) * | 2020-08-03 | 2020-11-06 | 北京启明星辰信息安全技术有限公司 | Method for capturing network flow and Kubernetes cluster |
| CN112199150A (en) * | 2020-08-13 | 2021-01-08 | 北京航空航天大学 | Online application dynamic capacity expansion and contraction method based on micro-service calling dependency perception |
| CN112291104A (en) * | 2020-12-30 | 2021-01-29 | 望海康信(北京)科技股份公司 | Micro-service automatic scaling system, method and corresponding equipment and storage medium |
| CN112564994A (en) * | 2019-09-25 | 2021-03-26 | 北大方正集团有限公司 | Flow monitoring method and device, cloud server and storage medium |
| CN112564967A (en) * | 2020-12-02 | 2021-03-26 | 杭州谐云科技有限公司 | Cloud service topology self-discovery method and system based on eBPF, electronic device and storage medium |
| CN113220420A (en) * | 2021-05-18 | 2021-08-06 | 北京百度网讯科技有限公司 | Service monitoring method, device, equipment, storage medium and computer program product |
| CN113542074A (en) * | 2021-08-04 | 2021-10-22 | 成都安恒信息技术有限公司 | Method and system for visually managing east-west network traffic of kubernets cluster |
| CN114143203A (en) * | 2021-11-05 | 2022-03-04 | 华东师范大学 | Kubernetes container network data packet index acquisition method and system based on dynamic service topological mapping |
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017105300A1 (en) * | 2015-12-15 | 2017-06-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Network node and analytics arrangement and methods performed thereby for delivering a service to a wireless device |
| US10148619B1 (en) * | 2016-06-24 | 2018-12-04 | EMC IP Holding Company LLC | Identity-based application-level filtering of network traffic |
| US20180287903A1 (en) * | 2017-03-29 | 2018-10-04 | Ca, Inc. | Adjusting monitoring based on inspection of network traffic |
| CN108039957A (en) * | 2017-11-10 | 2018-05-15 | 上海华讯网络系统有限公司 | Complex network flow bag intelligent analysis system |
| CN112564994A (en) * | 2019-09-25 | 2021-03-26 | 北大方正集团有限公司 | Flow monitoring method and device, cloud server and storage medium |
| CN111796910A (en) * | 2020-07-05 | 2020-10-20 | 江苏中创碳投低碳科技有限公司 | Method for solving low development management and deployment operation and maintenance efficiency of IT enterprise micro-service |
| CN111897641A (en) * | 2020-08-03 | 2020-11-06 | 海信电子科技(武汉)有限公司 | Micro-service monitoring and scheduling method and display equipment |
| CN111901203A (en) * | 2020-08-03 | 2020-11-06 | 北京启明星辰信息安全技术有限公司 | Method for capturing network flow and Kubernetes cluster |
| CN112199150A (en) * | 2020-08-13 | 2021-01-08 | 北京航空航天大学 | Online application dynamic capacity expansion and contraction method based on micro-service calling dependency perception |
| CN112564967A (en) * | 2020-12-02 | 2021-03-26 | 杭州谐云科技有限公司 | Cloud service topology self-discovery method and system based on eBPF, electronic device and storage medium |
| CN112291104A (en) * | 2020-12-30 | 2021-01-29 | 望海康信(北京)科技股份公司 | Micro-service automatic scaling system, method and corresponding equipment and storage medium |
| CN113220420A (en) * | 2021-05-18 | 2021-08-06 | 北京百度网讯科技有限公司 | Service monitoring method, device, equipment, storage medium and computer program product |
| CN113542074A (en) * | 2021-08-04 | 2021-10-22 | 成都安恒信息技术有限公司 | Method and system for visually managing east-west network traffic of kubernets cluster |
| CN114143203A (en) * | 2021-11-05 | 2022-03-04 | 华东师范大学 | Kubernetes container network data packet index acquisition method and system based on dynamic service topological mapping |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107809331B (en) | Method and device for identifying abnormal flow | |
| CN113342564B (en) | Log auditing method and device, electronic equipment and medium | |
| CN110347694B (en) | Equipment monitoring method, device and system based on Internet of things | |
| CN115529595A (en) | Method, device, equipment and medium for detecting abnormity of log data | |
| CN114697391A (en) | Data processing method, device, equipment and storage medium | |
| CN117176802B (en) | Full-link monitoring method and device for service request, electronic equipment and medium | |
| CN113656252B (en) | Fault positioning method, device, electronic equipment and storage medium | |
| CN113590437A (en) | Alarm information processing method, device, equipment and medium | |
| CN113760634A (en) | Data processing method and device | |
| CN114615168B (en) | Application level monitoring method and device, electronic equipment, storage medium and product | |
| CN114615168A (en) | Application level monitoring method and device, electronic equipment, storage medium and product | |
| CN115687406A (en) | Sampling method, device and equipment of call chain data and storage medium | |
| CN115496470A (en) | Full-link configuration data processing method and device and electronic equipment | |
| CN115604343A (en) | Data transmission method, system, electronic equipment and storage medium | |
| CN115102730A (en) | Integrated monitoring method for multiple devices | |
| CN115080363A (en) | System capacity evaluation method and device based on service log | |
| CN114218313A (en) | Data management method, device, electronic equipment, storage medium and product | |
| US10949232B2 (en) | Managing virtualized computing resources in a cloud computing environment | |
| CN113259878A (en) | Call bill settlement method, system, electronic device and computer readable storage medium | |
| CN116760741B (en) | Data state monitoring method, device, equipment and medium | |
| CN113794719B (en) | Network abnormal traffic analysis method and device based on elastic search technology and electronic equipment | |
| CN112596922B (en) | Communication management method, device, equipment and medium | |
| CN113595827B (en) | Cloud network monitoring method and device, electronic equipment and computer medium | |
| CN114691404A (en) | Service process monitoring method and device, electronic equipment, storage medium and product | |
| CN116501968A (en) | Method, device, electronic equipment and medium for subscribing internet of things data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |