CN114710477A - Method and device for executing command - Google Patents
Method and device for executing command Download PDFInfo
- Publication number
- CN114710477A CN114710477A CN202210285331.9A CN202210285331A CN114710477A CN 114710477 A CN114710477 A CN 114710477A CN 202210285331 A CN202210285331 A CN 202210285331A CN 114710477 A CN114710477 A CN 114710477A
- Authority
- CN
- China
- Prior art keywords
- cluster
- container
- command
- authentication
- executing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 116
- 238000004891 communication Methods 0.000 claims description 49
- 230000015654 memory Effects 0.000 claims description 24
- 238000012545 processing Methods 0.000 claims description 18
- 230000002688 persistence Effects 0.000 claims description 17
- 230000004044 response Effects 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 10
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 238000001514 detection method Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 239000000523 sample Substances 0.000 description 2
- 241000282326 Felis catus Species 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Abstract
The application provides a method and a device for executing a command, and relates to the technical field of cloud computing. The method comprises the following steps: receiving a first container command from a client; judging whether the first container command meets a preset condition or not; if the first container command meets a preset condition, creating a first process, wherein the first process and the target container share a name space; a first container command is executed inside the target container by a first process. The method may implement executing the container command inside the container.
Description
Technical Field
The present application relates to the field of cloud computing technologies, and in particular, to a method and an apparatus for executing a command.
Background
The container is a light-weight virtual machine on the operating system level, and provides a resource-independent running environment for application software and dependent components thereof. The components depended by the application software can be packaged into a reusable mirror image, and the mirror image operating environment does not share the memory, the CPU and the hard disk space with the main operating system, so that the independent relation between the process inside the container and the process outside the container is also ensured.
Currently, a client can execute a container command through Kubectl exec. The processing procedure of Kubectl exec in the client may include: the client may send a hypertext transfer protocol (HTTP) request to an Application Programming Interface (API) server, and after receiving the request, the API server may send a response message to the client, where the response message is used to indicate that the API server has been switched to the SPDY protocol, and the API server may execute a command outside the container using the SPDY protocol to debug the application.
In the implementation mode, the Kubectl exec calls an externally exposed interface of the API server to execute the container command, and the interface can only implement the command execution outside the container and cannot implement the command execution inside the container.
Disclosure of Invention
The application provides a method and a device for executing commands, which can execute container commands inside a container.
In a first aspect, the present application provides a method of executing a command, the method comprising: receiving a first container command from a client; judging whether the first container command meets a preset condition or not; if the first container command meets a preset condition, creating a first process, wherein the first process and the target container share a name space; the first container command is executed inside the target container by a first process.
According to the method for executing the command, the container command is executed in the target container through the process of creating the process sharing the namespace with the target container, the defect that the container command can only be executed outside the container in the prior art can be overcome, meanwhile, the first process can be created only by processing the container command meeting the preset condition, the container command is executed in the container through the first process, the first process is not established for all the container commands, and the performance consumption generated by the creation process can be reduced. In addition, there are certain container commands that must be executed outside the container, which commands can also be excluded by preset conditions.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
According to the method for executing the commands, the container commands which do not meet the preset conditions can be executed outside the container, the container commands which meet the preset conditions can be executed inside the container, switching between the inside and the outside of the container can be flexibly achieved through the preset conditions, and execution of the container commands is facilitated.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: receiving a request message for accessing the cluster from a client; determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is non-authentication or authentication, and the communication protocol is used for accessing the cluster; and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
The method for executing the command can determine different communication protocols according to different authentication types of the cluster before accessing the cluster, can adapt to various different rights-collecting scenes, and is wider in application range.
With reference to the first aspect, in some implementations of the first aspect, the determining an authentication type of a cluster includes: acquiring a port number of an Internet Protocol (IP) of a cluster; and determining the authentication type of the cluster according to the port number.
According to the method for executing the command, before accessing the cluster, the port number of the IP of the cluster can be detected, the authentication type of the cluster can be determined intelligently, and the efficiency of accessing the cluster can be improved.
With reference to the first aspect, in some implementation manners of the first aspect, the authentication type of the cluster is non-authentication, and the communication protocol is an SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
The method for executing the command, provided by the application, can be connected with the authentication cluster through the persistence protocol if the cluster needs authentication, can be connected with the authentication cluster through the SPDY protocol if the cluster does not need authentication, can be suitable for the authenticated cluster and can also be suitable for the non-authenticated cluster, the application range is wide, and meanwhile, the abnormal access condition caused by the fact that the authentication protocol is used for accessing the non-authenticated cluster can be avoided.
With reference to the first aspect, in certain implementations of the first aspect, the persistence protocol is WebSocket.
In a second aspect, the present application provides an apparatus for executing a command, the apparatus comprising a transceiver module and a processing module. The receiving and sending module is used for receiving a first container command from a client; the processing module is used for judging whether the first container command meets a preset condition or not; if the first container command meets a preset condition, creating a first process, wherein the first process and the target container share a name space; and executing the first container command inside the target container through the first process.
With reference to the second aspect, in some implementations of the second aspect, the processing module is further configured to: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
With reference to the second aspect, in some implementations of the second aspect, the transceiver module is further configured to: receiving a request message for accessing the cluster from a client; the processing module is further configured to: determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is non-authentication or authentication, and the communication protocol is used for accessing the cluster; the transceiver module is further configured to: and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
With reference to the second aspect, in some implementations of the second aspect, the processing module is further configured to: acquiring a port number of an Internet Protocol (IP) of a cluster; and determining the authentication type of the cluster according to the port number.
With reference to the second aspect, in some implementation manners of the second aspect, the authentication type of the cluster is non-authentication, and the communication protocol is SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
With reference to the second aspect, in some implementations of the second aspect, the persistence protocol is WebSocket.
In a third aspect, the present application provides an apparatus for executing a command, comprising a processor and a memory. The processor is configured to read instructions stored in the memory to perform the method of any one of the possible implementations of the first aspect.
Optionally, there are one or more processors and one or more memories.
Alternatively, the memory may be integrated with the processor, or provided separately from the processor.
In a specific implementation process, the memory may be a non-transient memory, such as a Read Only Memory (ROM), which may be integrated on the same chip as the processor, or may be separately disposed on different chips.
The means for executing the command in the third aspect may be a chip, the processor may be implemented by hardware or may be implemented by software, and when implemented by hardware, the processor may be a logic circuit, an integrated circuit, or the like; when implemented in software, the processor may be a general-purpose processor implemented by reading software code stored in a memory, which may be integrated with the processor, located external to the processor, or stand-alone.
In a fourth aspect, the present application provides a computer-readable storage medium having a computer program (also referred to as code, or instructions) which, when run on a computer, causes the computer to perform the method of any one of the possible implementations of the first aspect.
In a fifth aspect, the present application provides a computer program product comprising: computer program (also called code, or instructions), which when executed, causes a computer to perform the method of any of the possible implementations of the first aspect described above.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic diagram of a communication system to which embodiments of the present application are applicable;
FIG. 2 is a schematic flow chart diagram illustrating a method for executing a command according to an embodiment of the present disclosure;
FIG. 3 is a schematic flow chart diagram of another method for executing a command according to an embodiment of the present application;
fig. 4 is a schematic flow chart of a method for determining a communication protocol according to an embodiment of the present application;
FIG. 5 is a schematic block diagram of an apparatus for executing commands according to an embodiment of the present disclosure;
fig. 6 is a schematic block diagram of another apparatus for executing a command according to an embodiment of the present disclosure.
With the above figures, there are shown specific embodiments of the present application, which will be described in more detail below. The drawings and written description are not intended to limit the scope of the inventive concepts in any manner, but rather to illustrate the concepts of the application by those skilled in the art with reference to specific embodiments.
Detailed Description
The technical solution in the present application will be described below with reference to the accompanying drawings. It should be noted that the method and the apparatus for executing a command provided by the present application may be used in the technical field of cloud computing, and may also be used in any field other than the technical field of cloud computing. The method and the device for executing the command provided by the application are not limited to the application field.
For the convenience of understanding the embodiments of the present application, the related terms in the embodiments of the present application will be described first.
1、WebSocket
WebSocket is a persistent protocol, a browser can keep communication only by handshaking with a server once, and the WebSocket is an emerging protocol accompanied with the H5.
Features of websockets may include:
1) WebSocket is a protocol based on one of Transmission Control Protocols (TCP), and the handshake with the server is a duplication of HTTP.
2) Websocket is a full-duplex communication protocol, namely, a client can send messages to a server, and the server can also send messages to the client.
3) Websocket can realize continuous long connection.
2. Readiness detection
The readiness probe refers to a readiness probe in a Pod lifecycle (life cycle). There is an important correlation between readiness detection and service (service) scheduling.
Specifically, a service is a fixed ingress port provided by a dynamically, lifecycle Pod resource. The client does not directly access the Pod, but the service. The service is associated to each Pod resource using a tag selector.
However, a problem exists with this current implementation: when the API server newly creates a Pod and the new Pod just meets the selection condition of the service tag selector, the API server can immediately take the Pod as a backend object. When the API server receives the client's request, the API server may dispatch onto this new Pod. But as soon as the new Pod is created successfully, the service is associated to the backend, at which point the service in the Pod is very likely not ready yet. At this time, a request is scheduled, and a phenomenon that the service cannot be accessed occurs. Therefore, the API server can perform readiness detection on the Pod before the service associates the Pod so as to avoid the phenomenon that the service cannot be accessed.
For better understanding of the embodiments of the present application, a communication system to which the embodiments of the present application are applicable will be described first.
Fig. 1 shows a schematic diagram of a communication system 100. The communication system 100 includes an API server 101 and a client 102. The client 102 may execute the container command through Kubectl exec. Among them, Kubectl exec is a command line tool that operates the Kubernetes (k8s) cluster.
The processing procedure of Kubectl exec in the client 102 may include:
the client 102 may send an HTTP request, e.g., a GET request, to the API server 101 for requesting to obtain Pod information; and the POST request is used for requesting the called Pod sub-resource exec to execute the command in the container. After receiving the HTTP request, the API server 101 may send a response message to the client 102, where the response message is used to indicate that the API server 101 has switched to the SPDY protocol, and the API server 101 executes a command outside the container using the SPDY protocol to debug the application.
This implementation has two problems:
1) the Kubectl exec calls an interface exposed outside by the API server to execute the container command, and the interface can only realize the execution of the command outside the container and cannot realize the execution of the command inside the container.
2) The interface exposed to the outside by the API server can only execute commands on the cluster without authentication and cannot be applied to the cluster without authentication.
In view of this, embodiments of the present application provide a method and an apparatus for executing a command, which expand an interface of a server and can execute a container command inside a container through the interface. In a possible implementation, the container command may also be executed for an authenticated cluster.
Before describing the method and apparatus for executing commands provided in the embodiments of the present application, the following description is made.
In the embodiments of the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone, wherein A and B can be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of the singular or plural items. For example, at least one (one) of a, b, and c, may represent: a, or b, or c, or a and b, or a and c, or b and c, or a, b and c, wherein a, b and c can be single or multiple.
Fig. 2 is a schematic flow chart of a method 200 for executing a command according to an embodiment of the present disclosure, where the method 200 may be executed by a server, such as the API server 101 described above, but the embodiment of the present disclosure is not limited thereto.
As shown in fig. 2, the method 200 may include the steps of:
s201, receiving a first container command from a client.
The first container command may also be referred to as a first container instruction or a first instruction, which is not limited in this embodiment of the present application. The first container command refers to any command that can be executed at the container.
Illustratively, the format of the first container command may be as follows: a kubecect exec-it podName-c contaninername-n namespace-shell com.
The client may send a first container command to the server through the kubecect exec, and correspondingly, the server receives the first container command.
S202, judging whether the first container command meets a preset condition.
The preset condition may be used to distinguish whether the first container command is a simple command or a complex command. Simple commands may be understood as commands indicating less content, e.g., cat commands, tsef commands, etc. A complex command may be understood as a command that indicates more content, e.g. a command with a pipe character.
Illustratively, the preset condition may be with a pipe character. The server determines whether the first container command carries a pipe character.
S203, if the first container command meets the preset condition, a first process is created, and the first process and the target container share a namespace (namespace).
The first process is a process that executes a first container command. For example, the first process may be a shell process.
If the first container command meets the preset condition, the server may create a first process sharing a namespace with the target container for executing the first container command.
Optionally, based on the readiness detection method, when the server creates a Pod and the Pod is directly associated with the back end of the service, the first container command satisfies a preset condition, and the server may create a first process and schedule the first container command to the first process.
S204, executing a first container command in the target container through a first process.
According to the method for executing the command, the container command is executed in the target container by creating the process sharing the namespace with the target container, the defect that the container command can only be executed outside the container in the prior art can be solved, meanwhile, the first process can be created only by processing the container command meeting the preset condition, the container command is executed in the container through the first process, the first process is not established for all the container commands, and the performance consumption generated by the creation process can be reduced. In addition, there are certain container commands that must be executed outside the container, which may also be excluded by preset conditions.
Optionally, the method 200 may further include: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
If the first container command does not satisfy the preset condition, the server may execute the first container command based on the prior art.
Illustratively, FIG. 3 shows a schematic flow chart of a method 300 of executing a command. The method 300 may be performed by a server. As shown in fig. 3, the method 300 includes the steps of:
s301, receiving a first container command.
The server may receive the first container command from the client, which specifically refers to the above S201, and details are not described here.
S302, judging whether the first container command meets a preset condition.
The preset condition is used to distinguish whether the first container command is a simple command or a complex command, and reference may be specifically made to S202 described above, which is not described herein again.
If the first container command satisfies the preset condition, the server may execute S303. If the first container command does not satisfy the preset condition, the server may perform S304.
S303, if the first container command meets the preset condition, executing the first container command in the container.
If the first container command satisfies the predetermined condition, the server may execute the first container command through S203 and S204.
S304, if the first container command does not meet the preset condition, executing the first container command outside the container.
According to the method for executing the command, the container command which does not meet the preset condition can be executed outside the container, the container command which meets the preset condition can be executed inside the container, and the inside and the outside of the container can be flexibly switched through the preset condition, so that the execution of the container command is facilitated.
As an alternative embodiment, the method 200 may further include: receiving a request message of a client for accessing a cluster; determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is non-authentication or authentication, and the communication protocol is used for accessing the cluster; and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
The authentication type of the cluster is used to indicate whether the access cluster needs authentication. No authentication or no authentication is used to indicate that the access cluster does not need authentication, and authentication or authentication is used to indicate that the access cluster needs authentication. The authentication type of the cluster may also be referred to as an authentication identifier of the cluster, which is not limited in this embodiment of the application.
Communication protocol refers to the protocol used by the server to access the cluster. Such as SPDY protocol, persistence protocol (WebSocket), and the like.
The client may send a request message for accessing the cluster to the server, the server determines the authentication type of the cluster after receiving the request message to determine the communication protocol for accessing the cluster, and after determining the communication protocol for accessing the cluster, the client may send a response message to the client, which informs the client that the communication protocol required for accessing the cluster has been switched.
The method for executing the command provided by the embodiment of the application can determine different communication protocols according to different authentication types of the cluster before accessing the cluster, can adapt to various different rights collecting scenes, and is wider in application range.
Optionally, the determining the authentication type of the cluster includes: acquiring a port number of an internet protocol (internet protocol) IP of a cluster; and determining the authentication type of the cluster according to the port number.
The number of port numbers of the IP of the cluster may be at least one, and each port number may correspond to one application. Different port numbers of the same IP may correspond to different authentication types, and may also correspond to the same authentication type, which is not limited in the embodiment of the present application.
Illustratively, when the port number is 8080, the server may determine that the authentication type of the cluster is non-authentication. When the port number is 6443 or 4442, the server may determine the authentication type of the cluster as authentication.
The method for executing the command provided by the embodiment of the application can detect the port number of the IP of the cluster before accessing the cluster, intelligently determine the authentication type of the cluster, and improve the efficiency of accessing the cluster.
As an optional embodiment, the authentication type of the cluster is no authentication, and the communication protocol is SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
Fig. 4 shows a schematic flow diagram of a method 400 of determining a communication protocol. As shown in fig. 4, the method 400 includes:
s401, judging whether the cluster needs to be authenticated or not.
The server may automatically identify the authentication cluster. Before accessing the cluster, the server can judge whether the cluster needs to be authenticated. Specifically, the server may determine whether the cluster needs to be authenticated according to the authentication type of the cluster, which may specifically refer to the above description and is not described herein again.
If the cluster needs to be authenticated, the server may perform S402. If the cluster does not need to authenticate, the server may perform S403.
S402, if the cluster needs to be authenticated, determining the persistence protocol as a communication protocol.
If the cluster needs to be authenticated, the server can be connected with the authentication cluster through a persistence protocol.
Alternatively, the persistence protocol may be WebSocket.
S403, if the cluster does not need authentication, determining the SPDY protocol as a communication protocol.
If the cluster does not need to be authenticated, the server can be connected with the authentication cluster through the SPDY protocol.
The method for executing the command provided by the embodiment of the application can be connected with the authentication cluster through the persistence protocol if the cluster needs to be authenticated, can be connected with the authentication cluster through the SPDY protocol if the cluster does not need to be authenticated, can be suitable for the authenticated cluster and also can be suitable for the non-authenticated cluster, has a wide application range, and can avoid the abnormal access condition caused by using the authentication protocol to access the non-authenticated cluster.
The sequence numbers of the above processes do not mean the sequence of execution, and the execution sequence of each process should be determined by its function and inherent logic, and should not limit the implementation process of the embodiment of the present application.
The method for executing a command provided by the embodiment of the present application is described in detail above with reference to fig. 1 to 4, and the apparatus for executing a command provided by the embodiment of the present application is described in detail below with reference to fig. 5 and 6.
Fig. 5 illustrates an apparatus 500 for executing a command according to an embodiment of the present application. The apparatus 500 comprises: an acquisition module 510 and a processing module 520. Wherein the obtaining module 510 is configured to: receiving a first container command from a client; the processing module 520 is configured to: judging whether the first container command meets a preset condition or not; if the first container command meets a preset condition, creating a first process, wherein the first process and the target container share a name space; and executing the first container command inside the target container through the first process.
Optionally, the processing module 520 is further configured to: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
Optionally, the transceiver module 510 is further configured to: receiving a request message for accessing the cluster from a client; the processing module 520 is further configured to: determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is non-authentication or authentication, and the communication protocol is used for accessing the cluster; the transceiver module 510 is further configured to: and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
Optionally, the processing module 520 is further configured to: acquiring a port number of an Internet Protocol (IP) of a cluster; and determining the authentication type of the cluster according to the port number.
Optionally, the authentication type of the cluster is authentication-free, and the communication protocol is an SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
Optionally, the persistence protocol is WebSocket.
It should be appreciated that the apparatus 500 herein is embodied in the form of functional modules. The term module herein may refer to an Application Specific Integrated Circuit (ASIC), an electronic circuit, a processor (e.g., a shared, dedicated, or group processor) and memory that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable components that support the described functionality. In an alternative example, as can be understood by those skilled in the art, the apparatus 500 may be specifically a server in the foregoing embodiment, or the functions of the server in the foregoing embodiment may be integrated in the apparatus 500, and the apparatus 500 may be configured to perform each flow and/or step corresponding to the server in the foregoing method embodiment, and in order to avoid repetition, details are not described here again.
The apparatus 500 has functions of implementing corresponding steps executed by the server in the method 200, the method 300 or the method 400; the above functions may be implemented by hardware, or may be implemented by hardware executing corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
Fig. 6 illustrates an apparatus 600 for executing a command according to an embodiment of the present application. The apparatus 600 comprises: a processor 610, a transceiver 620, and a memory 630. Wherein the processor 610, the transceiver 620 and the memory 630 are in communication with each other via an internal connection path, the memory 630 is used for storing instructions, and the processor 610 is used for executing the instructions stored in the memory 630 to control the transceiver to transmit and/or receive signals.
It should be understood that the apparatus 600 may be used for executing each step and/or flow corresponding to the server in the above method embodiments. The memory 630 may optionally include both read-only memory and random access memory, and provides instructions and data to the processor 610. A portion of the memory 630 may also include non-volatile random access memory. For example, the memory 630 may also store device type information. The processor 610 may be configured to execute the instructions stored in the memory 630, and when the processor 610 executes the instructions stored in the memory 630, the processor 610 is configured to perform the steps and/or processes of the method embodiments corresponding to the server described above.
It should be understood that, in the embodiment of the present application, the processor 610 of the apparatus 600 may be a Central Processing Unit (CPU), and the processor 610 may also be other general processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The steps of a method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware processor, or may be implemented by a combination of hardware and software elements in a processor. The software elements may be located in ram, flash, rom, prom, or eprom, registers, among other storage media that are well known in the art. The storage medium is located in a memory, and a processor executes instructions in the memory, in combination with hardware thereof, to perform the steps of the above-described method. To avoid repetition, it is not described in detail here.
The present application provides a readable computer storage medium for storing a computer program for implementing the method corresponding to the server in the above embodiments.
The present application provides a computer program product comprising a computer program (also referred to as code, or instructions) which, when run on a computer, can perform the method corresponding to the server in the above embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (13)
1. A method of executing a command, comprising:
receiving a first container command from a client;
judging whether the first container command meets a preset condition or not;
if the first container command meets a preset condition, creating a first process, wherein the first process and a target container share a name space;
executing, by the first process, the first container command inside the target container.
2. The method of claim 1, further comprising:
and if the first container command does not meet the preset condition, executing the first container command outside the target container.
3. The method according to claim 1 or 2, characterized in that the method further comprises:
receiving a request message for accessing the cluster from the client;
determining an authentication type of the cluster;
determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is non-authentication or authentication, and the communication protocol is used for accessing the cluster;
sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
4. The method of claim 3, wherein the determining the authentication type of the cluster comprises:
acquiring a port number of an Internet Protocol (IP) of the cluster;
and determining the authentication type of the cluster according to the port number.
5. The method of claim 3, wherein the authentication type of the cluster is no authentication, and wherein the communication protocol is SPDY protocol; alternatively, the first and second electrodes may be,
the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
6. The method of claim 5, wherein the persistence protocol is WebSocket.
7. An apparatus for executing a command, comprising:
the receiving and sending module is used for receiving a first container command from the client;
the processing module is used for judging whether the first container command meets a preset condition or not; if the first container command meets a preset condition, creating a first process, wherein the first process and a target container share a namespace; and executing, by the first process, the first container command inside the target container.
8. The apparatus of claim 7, wherein the transceiver module is further configured to:
receiving a request message for accessing the cluster from the client;
the processing module is further configured to:
determining an authentication type of the cluster;
determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is non-authentication or authentication, and the communication protocol is used for accessing the cluster;
the transceiver module is further configured to:
sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
9. The apparatus of claim 8, wherein the authentication type of the cluster is no authentication, and wherein the communication protocol is SPDY; alternatively, the first and second electrodes may be,
the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
10. The apparatus of claim 9, wherein the persistence protocol is WebSocket.
11. An apparatus for executing a command, comprising: a processor coupled with a memory for storing a computer program that, when invoked by the processor, causes the apparatus to perform the method of any of claims 1 to 6.
12. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program comprising instructions for implementing the method according to any one of claims 1 to 6.
13. A computer program product comprising computer program code which, when run on a computer, causes the computer to carry out the method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210285331.9A CN114710477A (en) | 2022-03-23 | 2022-03-23 | Method and device for executing command |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210285331.9A CN114710477A (en) | 2022-03-23 | 2022-03-23 | Method and device for executing command |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114710477A true CN114710477A (en) | 2022-07-05 |
Family
ID=82168755
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210285331.9A Pending CN114710477A (en) | 2022-03-23 | 2022-03-23 | Method and device for executing command |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114710477A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103365758A (en) * | 2013-08-05 | 2013-10-23 | 北京搜狐新媒体信息技术有限公司 | Process monitoring method and system in virtualization environment |
| US20150074058A1 (en) * | 2012-05-14 | 2015-03-12 | Huawei Technologies Co., Ltd. | Container-based processing method, apparatus, and system |
| CN106844489A (en) * | 2016-12-24 | 2017-06-13 | 上海七牛信息技术有限公司 | A kind of file operation method, device and system |
| CN108667779A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of method and server of Telnet container |
| CN109525624A (en) * | 2017-09-20 | 2019-03-26 | 腾讯科技(深圳)有限公司 | A kind of container login method, device and storage medium |
| CN111935110A (en) * | 2020-07-24 | 2020-11-13 | 北京金山云网络技术有限公司 | Method and device for controlling permission of tenant to access container instance |
| CN112346817A (en) * | 2020-10-20 | 2021-02-09 | 北京健康之家科技有限公司 | Container starting method and device, storage medium and computer equipment |
| CN113836557A (en) * | 2021-09-27 | 2021-12-24 | 苏州浪潮智能科技有限公司 | Method and device for controlling process access in Docker container based on Apparmor |
-
2022
- 2022-03-23 CN CN202210285331.9A patent/CN114710477A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150074058A1 (en) * | 2012-05-14 | 2015-03-12 | Huawei Technologies Co., Ltd. | Container-based processing method, apparatus, and system |
| CN103365758A (en) * | 2013-08-05 | 2013-10-23 | 北京搜狐新媒体信息技术有限公司 | Process monitoring method and system in virtualization environment |
| CN106844489A (en) * | 2016-12-24 | 2017-06-13 | 上海七牛信息技术有限公司 | A kind of file operation method, device and system |
| CN108667779A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of method and server of Telnet container |
| CN109525624A (en) * | 2017-09-20 | 2019-03-26 | 腾讯科技(深圳)有限公司 | A kind of container login method, device and storage medium |
| CN111935110A (en) * | 2020-07-24 | 2020-11-13 | 北京金山云网络技术有限公司 | Method and device for controlling permission of tenant to access container instance |
| CN112346817A (en) * | 2020-10-20 | 2021-02-09 | 北京健康之家科技有限公司 | Container starting method and device, storage medium and computer equipment |
| CN113836557A (en) * | 2021-09-27 | 2021-12-24 | 苏州浪潮智能科技有限公司 | Method and device for controlling process access in Docker container based on Apparmor |
Non-Patent Citations (1)
| Title |
|---|
| 徐子晨等: "基于RISC-V架构的强化学习容器化方法研究", 计算机工程与科学, vol. 43, no. 2, 15 February 2021 (2021-02-15), pages 266 - 273 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109496418B (en) | File downloading method and device, and equipment/terminal/server | |
| US11853767B2 (en) | Inter-core data processing method, system on chip and electronic device | |
| CN105490917B (en) | Method and device for realizing sharing in application | |
| EP3163946A1 (en) | Information transmission method and apparatus, device, computer program and recording medium | |
| CN109831351B (en) | Link tracking method, device, terminal and storage medium | |
| CN110808877A (en) | Statistical analysis method and device based on interface response duration and computer equipment | |
| CN109711152A (en) | A kind of application keepalive method calculates equipment and storage medium | |
| CN109788251A (en) | Method for processing video frequency, device and storage medium | |
| CN110995817B (en) | Request callback method and device and client equipment | |
| CN110597643B (en) | Inter-core communication method, processor and electronic equipment | |
| CN110554912B (en) | Method and device for scheduling equipment to execute tasks | |
| CN114710477A (en) | Method and device for executing command | |
| CN110750744A (en) | Page presentation method and device | |
| CN113518431B (en) | Communication processing method, terminal, device and storage medium | |
| CN109032787A (en) | A kind of method for allocating tasks and device | |
| CN113485855A (en) | Memory sharing method and device, electronic equipment and readable storage medium | |
| CN112950447B (en) | Resource scheduling method, device, server and storage medium | |
| CN114024878A (en) | Data transmission method, device, medium and equipment | |
| CN109936586B (en) | Communication processing method and device | |
| CN116560879B (en) | Method and device for calling face recognition service, terminal equipment and storage medium | |
| CN116501450B (en) | Translation control method, binary translation method, instruction execution method and device | |
| CN117201518B (en) | Data transmission method, system, device, storage medium and electronic equipment | |
| CN113630282B (en) | Method and device for detecting server state | |
| CN112732568B (en) | System log acquisition method and device, storage medium and terminal | |
| CN110221928B (en) | Information recording method, information recording apparatus, terminal, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |