CN114710477B - Method and device for executing command - Google Patents
Method and device for executing command Download PDFInfo
- Publication number
- CN114710477B CN114710477B CN202210285331.9A CN202210285331A CN114710477B CN 114710477 B CN114710477 B CN 114710477B CN 202210285331 A CN202210285331 A CN 202210285331A CN 114710477 B CN114710477 B CN 114710477B
- Authority
- CN
- China
- Prior art keywords
- container
- cluster
- command
- authentication
- protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 111
- 238000004891 communication Methods 0.000 claims description 48
- 230000002688 persistence Effects 0.000 claims description 17
- 238000012545 processing Methods 0.000 claims description 17
- 230000004044 response Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 11
- 230000006870 function Effects 0.000 description 7
- 238000001514 detection method Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 241000282326 Felis catus Species 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 239000000523 sample Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The application provides a method and a device for executing commands, and relates to the technical field of cloud computing. The method comprises the following steps: receiving a first container command from a client; judging whether the first container command meets a preset condition or not; if the first container command meets the preset condition, a first process is created, and the first process and the target container share a name space; the first container command is executed inside the target container by a first process. The method may enable execution of container commands inside a container.
Description
Technical Field
The present application relates to the field of cloud computing technologies, and in particular, to a method and an apparatus for executing a command.
Background
The container is a lightweight operating system-level virtual machine that provides a resource-independent operating environment for application software and its dependent components. The components on which the application software depends are packaged into a reusable mirror image, and the mirror image running environment does not share memory, CPU and hard disk space with the main operating system, so that the independent relationship between the processes inside the container and the processes outside the container is ensured.
Currently, the client can execute the container command through Kubectl exec. Kubectl exec the processing in the client may include: the client may send a hypertext transfer protocol (hyper text transfer protocol, HTTP) request to an application programming interface (application programming interface, API) server, which, upon receiving the request, may send a response message to the client indicating that the API server has switched to the SPDY protocol, which may use the SPDY protocol to execute commands outside of the container to debug the application.
In this implementation, kubectl exec calls the API server to execute the container command on the externally exposed interface, which can only execute the command outside the container, but cannot execute the command inside the container.
Disclosure of Invention
The application provides a method and a device for executing commands, which can execute container commands in a container.
In a first aspect, the present application provides a method of executing a command, the method comprising: receiving a first container command from a client; judging whether the first container command meets a preset condition or not; if the first container command meets the preset condition, a first process is created, and the first process and the target container share a name space; the first container command is executed inside the target container by a first process.
According to the method for executing the command, the process which shares the name space with the target container is used for executing the container command in the target container, the defect that the container command can only be executed outside the container in the prior art can be overcome, meanwhile, only the container command meeting the preset condition is processed, the first process can be created, the container command is executed in the container through the first process, the first process is not built for all the container commands, and the performance consumption generated by the creation process can be reduced. In addition, the presence of specific container commands must be performed outside the container, which commands can also be excluded by preset conditions.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
According to the method for executing the command, the container command which does not meet the preset condition can be executed outside the container, the container command which meets the preset condition can be executed inside the container, and the container command can be flexibly switched between inside and outside the container through the preset condition, so that the execution of the container command is facilitated.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: receiving a request message from a client for accessing a cluster; determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is no authentication or authentication, and the communication protocol is used for accessing the cluster; and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched.
The method for executing the command can determine different communication protocols according to different authentication types of the cluster before accessing the cluster, can adapt to various different weight-gathering scenes, and has wider application range.
With reference to the first aspect, in certain implementations of the first aspect, determining an authentication type of the cluster includes: acquiring a port number of an Internet Protocol (IP) of a cluster; and determining the authentication type of the cluster according to the port number.
The method for executing the command can detect the port number of the IP of the cluster before accessing the cluster, intelligently determine the authentication type of the cluster and improve the efficiency of accessing the cluster.
With reference to the first aspect, in certain implementations of the first aspect, the authentication type of the cluster is no authentication, and the communication protocol is an SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
The method for executing the command provided by the application can be connected with the authentication cluster through the persistence protocol if the cluster needs authentication, can be applicable to the authentication cluster and also applicable to the non-authentication cluster if the cluster does not need authentication, has a wider application range, and can avoid abnormal access of the non-authentication cluster due to the use of the authentication protocol.
With reference to the first aspect, in certain implementation manners of the first aspect, the persistence protocol is WebSocket.
In a second aspect, the present application provides an apparatus for executing a command, the apparatus comprising a transceiver module and a processing module. The receiving and transmitting module is used for receiving a first container command from the client; the processing module is used for judging whether the first container command meets the preset condition; if the first container command meets the preset condition, a first process is created, and the first process and the target container share a name space; and executing the first container command inside the target container through the first process.
With reference to the second aspect, in certain implementations of the second aspect, the processing module is further configured to: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
With reference to the second aspect, in certain implementations of the second aspect, the transceiver module is further configured to: receiving a request message from a client for accessing a cluster; the processing module is also used for: determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is no authentication or authentication, and the communication protocol is used for accessing the cluster; the transceiver module is also for: and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched.
With reference to the second aspect, in certain implementations of the second aspect, the processing module is further configured to: acquiring a port number of an Internet Protocol (IP) of a cluster; and determining the authentication type of the cluster according to the port number.
With reference to the second aspect, in some implementations of the second aspect, the authentication type of the cluster is no authentication, and the communication protocol is an SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
With reference to the second aspect, in some implementations of the second aspect, the persistence protocol is WebSocket.
In a third aspect, the present application provides an apparatus for executing a command, comprising a processor and a memory. The processor is configured to read instructions stored in the memory to perform the method according to any one of the possible implementations of the first aspect.
Optionally, the processor is one or more and the memory is one or more.
Alternatively, the memory may be integrated with the processor or the memory may be separate from the processor.
In a specific implementation process, the memory may be a non-transient (non-transitory) memory, for example, a Read Only Memory (ROM), which may be integrated on the same chip as the processor, or may be separately disposed on different chips.
The means for executing the command in the above third aspect may be a chip, and the processor may be implemented by hardware or software, and when implemented by hardware, the processor may be a logic circuit, an integrated circuit, or the like; when implemented in software, the processor may be a general-purpose processor, implemented by reading software code stored in a memory, which may be integrated in the processor, or may reside outside the processor, and exist separately.
In a fourth aspect, the present application provides a computer readable storage medium having a computer program (which may also be referred to as code, or instructions) which, when run on a computer, causes the computer to perform the method of any one of the possible implementations of the first aspect.
In a fifth aspect, the present application provides a computer program product comprising: a computer program (which may also be referred to as code, or instructions) which, when executed, causes a computer to perform the method of any one of the possible implementations of the first aspect.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic diagram of a communication system to which an embodiment of the present application is applicable;
FIG. 2 is a schematic flow chart of a method for executing commands according to an embodiment of the present application;
FIG. 3 is a schematic flow chart of another method for executing commands provided by an embodiment of the present application;
FIG. 4 is a schematic flow chart of a method for determining a communication protocol according to an embodiment of the present application;
FIG. 5 is a schematic block diagram of an apparatus for executing commands according to an embodiment of the present application;
fig. 6 is a schematic block diagram of another apparatus for executing commands according to an embodiment of the present application.
Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.
Detailed Description
The technical scheme of the application will be described below with reference to the accompanying drawings. It should be noted that the method and the device for executing the command provided by the application can be used in the technical field of cloud computing, and can also be used in any field except the technical field of cloud computing. The method and the device for executing the command provided by the application are not limited to the application field.
In order to facilitate understanding of the embodiments of the present application, related terms in the embodiments of the present application will be described first.
1、WebSocket
WebSocket is a persistent protocol, and a browser only needs to handshake with a server once to keep communication, and is an emerging protocol accompanied by H5 release.
The WebSocket may have features that include:
1) WebSocket is a protocol based on one of the transmission control protocols (transmission control protocol, TCP), and the handshake with the server is a duplicate of HTTP.
2) WebSocket is a full duplex communication protocol, i.e. a client can send messages to a server, which can also send messages to a client.
3) Websocket can achieve continuous long connections.
2. Readiness detection
The readiness detection refers to a readiness detection in the Pod lifecycle (lifecycle). Readiness probes and service (service) scheduling have significant relevance.
Specifically, service is a fixed portal port provided by Pod resources that are dynamically, lifecycle. The client does not directly access the Pod, but accesses the service. The service is associated to each Pod resource using a tag selector.
However, there is a problem with current implementations of this kind: when the API server newly creates a Pod and the new Pod exactly meets the selection condition of the service tag selector, the API server may immediately take the Pod as a back-end object. When the API server receives the client's request, the API server may dispatch onto this new Pod. But as soon as this new Pod is created successfully, it is associated to the backend by the service, at which point the service in the Pod is likely not ready yet. At this time, a request is scheduled, and a phenomenon that no service is accessed occurs. The API server will therefore detect the readiness of the Pod before the service associates the Pod to avoid accessing the service.
For a better understanding of the embodiments of the present application, a description will first be given of a communication system to which the embodiments of the present application are applied.
Fig. 1 shows a schematic diagram of a communication system 100. The communication system 100 includes an API server 101 and a client 102. Client 102 may execute the container command through Kubectl exec. Wherein Kubectl exec is a command line tool that operates a Kubernetes (k 8 s) cluster.
Kubectl exec the processing in the client 102 may include:
The client 102 may send an HTTP request, for example, a GET request, to the API server 101 for requesting to acquire Pod information; and the POST request is used for requesting to call the child resource exec of the Pod to execute the command in the container. After the API server 101 receives the HTTP request, a response message may be sent to the client 102, where the response message is used to indicate that the API server 101 has switched to the SPDY protocol, and the API server 101 uses the SPDY protocol to execute commands outside the container to debug the application.
This implementation has two problems:
1) Kubectl exec calls the API server to execute the container command by the externally exposed interface, and the interface can only execute the command outside the container and can not execute the command inside the container.
2) The externally exposed interface of the API server can only execute the command on the authentication-free cluster and cannot be applied to the authentication-free cluster.
In view of this, the embodiment of the application provides a method and a device for executing commands, which expand the interface of a server, and can execute container commands in a container through the interface. In one possible implementation, the container command may also be applied to authenticated cluster execution.
Before describing the method and apparatus for executing commands provided in the embodiments of the present application, the following description is made.
In the embodiments of the present application, "at least one" means one or more, and "a plurality" means two or more. "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: a alone, a and B together, and B alone, wherein a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, and c may represent: a, b, or c, or a and b, or a and c, or b and c, or a, b and c, wherein a, b and c can be single or multiple.
Fig. 2 is a schematic flowchart of a method 200 for executing commands according to an embodiment of the present application, where the method 200 may be executed by a server, such as the API server 101 described above, but the embodiment of the present application is not limited thereto.
As shown in fig. 2, the method 200 may include the steps of:
s201, a first container command from a client is received.
The first container command may also be referred to as a first container instruction or a first instruction, which is not limited by embodiments of the present application. The first container command refers to any command that can be executed at the container.
Illustratively, the format of the first container command may be as follows: kubectl exec-it podName-c containerName-N NAMESPACE-shell comand.
The client may send a first container command to the server via kubectl exec, which the server receives accordingly.
S202, judging whether the first container command meets the preset condition.
The preset condition may be used to distinguish whether the first container command is a simple command or a complex command. A simple command may be understood as a command that indicates less content, e.g., a cat command, tsef command, etc. A complex command may be understood as a command that indicates more, e.g., a command with a pipe.
The preset condition may be, for example, a pipe with a pipe symbol. The server determines whether the first container command carries a pipe.
S203, if the first container command meets the preset condition, a first process is created, and the first process and the target container share a namespace.
The first process is a process executing a first container command. For example, the first process may be a shell process.
If the first container command meets the preset condition, the server may create a first process that shares a namespace with the target container for executing the first container command.
Optionally, based on the readiness detection method, when the server builds a Pod and the Pod is directly associated with the service back end, the first container command satisfies a preset condition, and the server may create a first process and schedule the first container command to the first process.
S204, executing a first container command in the target container through a first process.
According to the method for executing the command, the process which shares the name space with the target container is used for executing the container command in the target container, the defect that in the prior art, the container command can only be executed outside the container can be overcome, meanwhile, only the container command meeting the preset condition is processed, the first process can be created, the container command is executed in the container through the first process, the first process is not built for all the container commands, and the performance consumption generated by the creation process can be reduced. In addition, the presence of specific container commands must be performed outside the container, which commands can also be excluded by preset conditions.
Optionally, the method 200 may further include: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
If the first container command does not meet the preset condition, the server may execute the first container command based on the prior art.
Illustratively, FIG. 3 shows a schematic flow chart of a method 300 of executing a command. The method 300 may be performed by a server. As shown in fig. 3, the method 300 includes the steps of:
s301, receiving a first container command.
The server may receive the first container command from the client, and reference may be made to S201 above, which is not described herein.
S302, judging whether the first container command meets the preset condition.
The preset condition is used to distinguish whether the first container command is a simple command or a complex command, and reference may be made to S202 described above, which is not repeated here.
If the first container command satisfies the preset condition, the server may execute S303. If the first container command does not satisfy the preset condition, the server may execute S304.
S303, executing the first container command in the container if the first container command meets the preset condition.
If the first container command meets the preset condition, the server may execute the first container command through S203 and S204 described above.
S304, if the first container command does not meet the preset condition, executing the first container command outside the container.
According to the method for executing the command, provided by the embodiment of the application, the container command which does not meet the preset condition can be executed outside the container, the container command which meets the preset condition can be executed inside the container, and the container command can be flexibly switched between inside and outside the container through the preset condition, so that the execution of the container command is facilitated.
As an alternative embodiment, the method 200 may further include: receiving a request message of a client for accessing a cluster; determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is no authentication or authentication, and the communication protocol is used for accessing the cluster; and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched.
The authentication type of the cluster is used to indicate whether the access cluster needs authentication or not. No authentication or no authentication is used to indicate that the access cluster does not need authentication, authentication or authentication is used to indicate that the access cluster needs authentication. The authentication type of the cluster may also be referred to as an authentication identifier of the cluster, which is not limited by the embodiment of the present application.
The communication protocol refers to a protocol used by the server to access the cluster. Such as the SPDY protocol, the persistence protocol (WebSocket), and so forth.
The client may send a request message for accessing the cluster to the server, and after receiving the request message, the server determines an authentication type of the cluster to determine a communication protocol of the access cluster, and after determining the communication protocol of the access cluster, may send a response message to the client, so as to inform the client that the client has been switched to a required communication protocol.
The method for executing the command provided by the embodiment of the application can determine different communication protocols according to different authentication types of the cluster before accessing the cluster, can adapt to a plurality of different weight-gathering scenes and has wider application range.
Optionally, determining the authentication type of the cluster includes: acquiring a port number of an internet protocol (internet protocol address) IP of the cluster; and determining the authentication type of the cluster according to the port number.
The number of port numbers of the IP of the cluster may be at least one, and each port number may correspond to one application. The different port numbers of the same IP may correspond to different authentication types, or may correspond to the same authentication type, which is not limited in the embodiment of the present application.
Illustratively, when the port number is 8080, the server may determine that the authentication type of the cluster is non-authentication. When the port number is 6443 or 4442, the server may determine that the authentication type of the cluster is authentication.
The method for executing the command provided by the embodiment of the application can detect the port number of the IP of the cluster before accessing the cluster, intelligently determine the authentication type of the cluster and improve the efficiency of accessing the cluster.
As an optional embodiment, the authentication type of the cluster is no authentication, and the communication protocol is SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
Fig. 4 shows a schematic flow chart of a method 400 of determining a communication protocol. As shown in fig. 4, the method 400 includes:
S401, judging whether the cluster needs authentication.
The server may automatically identify the authentication cluster. Before the server accesses the cluster, it can determine whether the cluster needs authentication. Specifically, the server may determine whether the cluster needs authentication through the authentication type of the cluster, and specific reference may be made to the above description, which is not repeated here.
If the cluster needs authentication, the server may execute S402. If the cluster does not need authentication, the server may perform S403.
S402, if the cluster needs authentication, determining the persistence protocol as a communication protocol.
If the cluster needs authentication, the server can be connected with the authentication cluster through a persistence protocol.
Alternatively, the persistence protocol may be WebSocket.
S403, if the cluster does not need to carry out authentication, determining the SPDY protocol as a communication protocol.
If the cluster does not need to be authenticated, the server can be connected with the authentication cluster through the SPDY protocol.
The method for executing the command provided by the embodiment of the application can be connected with the authentication cluster through the persistence protocol if the cluster needs authentication, can be applicable to the authentication cluster and also applicable to the non-authentication cluster if the cluster does not need authentication, has a wider application range, and can avoid abnormal access of the non-authentication cluster due to the use of the authentication protocol.
The sequence numbers of the above-mentioned processes do not mean the sequence of execution sequence, and the execution sequence of each process should be determined by its functions and internal logic, and should not constitute any limitation on the implementation process of the embodiment of the present application.
The method for executing commands provided by the embodiment of the present application is described in detail above with reference to fig. 1 to 4, and the device for executing commands provided by the embodiment of the present application will be described in detail below with reference to fig. 5 and 6.
Fig. 5 illustrates an apparatus 500 for executing commands according to an embodiment of the present application. The apparatus 500 includes: a transceiver module 510 and a processing module 520. Wherein, the transceiver module 510 is used for: receiving a first container command from a client; the processing module 520 is configured to: judging whether the first container command meets a preset condition or not; if the first container command meets the preset condition, a first process is created, and the first process and the target container share a name space; and executing the first container command inside the target container through the first process.
Optionally, the processing module 520 is further configured to: and if the first container command does not meet the preset condition, executing the first container command outside the target container.
Optionally, the transceiver module 510 is further configured to: receiving a request message from a client for accessing a cluster; the processing module 520 is further configured to: determining the authentication type of the cluster; determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is no authentication or authentication, and the communication protocol is used for accessing the cluster; the transceiver module 510 is further configured to: and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched.
Optionally, the processing module 520 is further configured to: acquiring a port number of an Internet Protocol (IP) of a cluster; and determining the authentication type of the cluster according to the port number.
Optionally, the authentication type of the cluster is no authentication, and the communication protocol is SPDY protocol; or the authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
Optionally, the persistence protocol is WebSocket.
It should be appreciated that the apparatus 500 herein is embodied in the form of functional modules. The term module herein may refer to an Application Specific Integrated Circuit (ASIC), an electronic circuit, a processor (e.g., a shared, dedicated, or group processor, etc.) and memory that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable components that support the described functionality. In an alternative example, it will be understood by those skilled in the art that the apparatus 500 may be specifically a server in the foregoing embodiment, or the functions of the server in the foregoing embodiment may be integrated in the apparatus 500, and the apparatus 500 may be used to perform each flow and/or step corresponding to the server in the foregoing method embodiment, which is not repeated herein.
The apparatus 500 has a function of implementing the corresponding steps performed by the server in the method 200, the method 300 or the method 400; the above functions may be implemented by hardware, or may be implemented by hardware executing corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
Fig. 6 illustrates an apparatus 600 for executing commands according to an embodiment of the present application. The apparatus 600 includes: a processor 610, a transceiver 620, and a memory 630. Wherein the processor 610, the transceiver 620 and the memory 630 communicate with each other through an internal connection path, the memory 630 is used for storing instructions, and the processor 610 is used for executing the instructions stored in the memory 630 to control the transceiver to transmit signals and/or receive signals.
It should be understood that the apparatus 600 may be used to perform the steps and/or flows corresponding to the server in the above-described method embodiments. The memory 630 may optionally include read-only memory and random access memory, and provide instructions and data to the processor 610. A portion of memory 630 may also include nonvolatile random access memory. For example, the memory 630 may also store information of the device type. The processor 610 may be configured to execute instructions stored in the memory 630 and, when the processor 610 executes instructions stored in the memory 630, the processor 610 is configured to perform the steps and/or processes of the method embodiments described above with respect to the server.
It should be appreciated that in embodiments of the present application, the processor 610 of the apparatus 600 may be a central processing unit (central processing unit, CPU), and the processor 610 may also be other general purpose processors, digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or by instructions in the form of software. The steps of the method disclosed in connection with the embodiments of the present application may be embodied directly in a hardware processor for execution, or in a combination of hardware and software elements in the processor for execution. The software elements may be located in a random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor executes instructions in the memory to perform the steps of the method described above in conjunction with its hardware. To avoid repetition, a detailed description is not provided herein.
The present application provides a readable computer storage medium for storing a computer program for implementing the method corresponding to the server in the above embodiment.
The present application provides a computer program product comprising a computer program (which may also be referred to as code, or instructions) which, when run on a computer, is able to perform the method corresponding to the server in the above embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided by the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (random access memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A method of executing a command, applied to a server, comprising:
Receiving a first container command from a client;
judging whether the first container command meets a preset condition or not;
if the first container command meets the preset condition, a first process is created, and the first process and the target container share a name space;
executing the first container command inside the target container by the first process;
If the first container command does not meet the preset condition, executing the first container command outside the target container;
The method further comprises the steps of:
receiving a request message from the client for accessing a cluster;
determining an authentication type of the cluster;
Determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is no authentication or authentication, and the communication protocol is used for accessing the cluster;
and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
2. The method of claim 1, wherein the determining the authentication type of the cluster comprises:
acquiring a port number of an Internet Protocol (IP) of the cluster;
and determining the authentication type of the cluster according to the port number.
3. The method of claim 1, wherein the authentication type of the cluster is no authentication and the communication protocol is an SPDY protocol; or alternatively
The authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
4. The method of claim 3, wherein the persistence protocol is WebSocket.
5. An apparatus for executing a command, applied to a server, comprising:
the receiving and transmitting module is used for receiving a first container command from the client;
The processing module is used for judging whether the first container command meets a preset condition or not; if the first container command meets the preset condition, a first process is created, and the first process and the target container share a name space; and executing, by the first process, the first container command inside the target container;
If the first container command does not meet the preset condition, executing the first container command outside the target container;
the transceiver module is further configured to:
receiving a request message from the client for accessing a cluster;
The processing module is further configured to:
determining an authentication type of the cluster;
Determining a communication protocol according to the authentication type of the cluster, wherein the authentication type is no authentication or authentication, and the communication protocol is used for accessing the cluster;
the transceiver module is further configured to:
and sending a response message to the client, wherein the response message is used for indicating that the communication protocol is switched to.
6. The apparatus of claim 5, wherein the authentication type of the cluster is no authentication and the communication protocol is an SPDY protocol; or alternatively
The authentication type of the cluster is authentication, and the communication protocol is a persistence protocol.
7. The apparatus of claim 6, wherein the persistence protocol is WebSocket.
8. An apparatus for executing a command, comprising: a processor coupled to a memory for storing a computer program which, when invoked by the processor, causes the apparatus to perform the method of any one of claims 1 to 4.
9. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when run on a computer, causes the computer to implement instructions for implementing the method according to any of claims 1 to 4.
10. A computer program product comprising computer program code for causing a computer to carry out the method according to any one of claims 1 to 4 when said computer program code is run on a computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210285331.9A CN114710477B (en) | 2022-03-23 | 2022-03-23 | Method and device for executing command |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210285331.9A CN114710477B (en) | 2022-03-23 | 2022-03-23 | Method and device for executing command |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114710477A CN114710477A (en) | 2022-07-05 |
| CN114710477B true CN114710477B (en) | 2024-04-30 |
Family
ID=82168755
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210285331.9A Active CN114710477B (en) | 2022-03-23 | 2022-03-23 | Method and device for executing command |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114710477B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103365758A (en) * | 2013-08-05 | 2013-10-23 | 北京搜狐新媒体信息技术有限公司 | Process monitoring method and system in virtualization environment |
| CN106844489A (en) * | 2016-12-24 | 2017-06-13 | 上海七牛信息技术有限公司 | A kind of file operation method, device and system |
| CN108667779A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of method and server of Telnet container |
| CN109525624A (en) * | 2017-09-20 | 2019-03-26 | 腾讯科技(深圳)有限公司 | A kind of container login method, device and storage medium |
| CN111935110A (en) * | 2020-07-24 | 2020-11-13 | 北京金山云网络技术有限公司 | Method and device for controlling permission of tenant to access container instance |
| CN112346817A (en) * | 2020-10-20 | 2021-02-09 | 北京健康之家科技有限公司 | Container starting method and device, storage medium and computer equipment |
| CN113836557A (en) * | 2021-09-27 | 2021-12-24 | 苏州浪潮智能科技有限公司 | Method and device for controlling process access in Docker container based on Apparmor |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102707990B (en) * | 2012-05-14 | 2015-04-08 | 华为技术有限公司 | Container based processing method and device |
-
2022
- 2022-03-23 CN CN202210285331.9A patent/CN114710477B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103365758A (en) * | 2013-08-05 | 2013-10-23 | 北京搜狐新媒体信息技术有限公司 | Process monitoring method and system in virtualization environment |
| CN106844489A (en) * | 2016-12-24 | 2017-06-13 | 上海七牛信息技术有限公司 | A kind of file operation method, device and system |
| CN108667779A (en) * | 2017-03-31 | 2018-10-16 | 华为技术有限公司 | A kind of method and server of Telnet container |
| CN109525624A (en) * | 2017-09-20 | 2019-03-26 | 腾讯科技(深圳)有限公司 | A kind of container login method, device and storage medium |
| CN111935110A (en) * | 2020-07-24 | 2020-11-13 | 北京金山云网络技术有限公司 | Method and device for controlling permission of tenant to access container instance |
| CN112346817A (en) * | 2020-10-20 | 2021-02-09 | 北京健康之家科技有限公司 | Container starting method and device, storage medium and computer equipment |
| CN113836557A (en) * | 2021-09-27 | 2021-12-24 | 苏州浪潮智能科技有限公司 | Method and device for controlling process access in Docker container based on Apparmor |
Non-Patent Citations (1)
| Title |
|---|
| 基于RISC-V架构的强化学习容器化方法研究;徐子晨等;计算机工程与科学;20210215;第43卷(第2期);第266-273页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114710477A (en) | 2022-07-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109496418B (en) | File downloading method and device, and equipment/terminal/server | |
| US11853767B2 (en) | Inter-core data processing method, system on chip and electronic device | |
| CN105490917B (en) | Method and device for realizing sharing in application | |
| EP3163946A1 (en) | Information transmission method and apparatus, device, computer program and recording medium | |
| EP3750061A1 (en) | Event to serverless function workflow instance mapping mechanism | |
| CN110750744A (en) | Page presentation method and device | |
| CN113518431B (en) | Communication processing method, terminal, device and storage medium | |
| CN110554912B (en) | Method and device for scheduling equipment to execute tasks | |
| CN112804301B (en) | Method and device for determining equipment state, gateway and storage medium | |
| CN116561013B (en) | Testing method and device based on target service framework, electronic equipment and medium | |
| CN114710477B (en) | Method and device for executing command | |
| CN108289165B (en) | Method and device for realizing camera control based on mobile phone and terminal equipment | |
| CN110245027B (en) | Inter-process communication method and device | |
| CN111309407A (en) | Processing method and device for integrated third-party library | |
| CN114025014B (en) | Asset detection method and device, electronic equipment and storage medium | |
| CN113485855B (en) | Memory sharing method and device, electronic equipment and readable storage medium | |
| CN105915639B (en) | Page access method and device | |
| CN112950447B (en) | Resource scheduling method, device, server and storage medium | |
| CN113779021A (en) | Data processing method, device, computer system and readable storage medium | |
| CN109936586B (en) | Communication processing method and device | |
| CN114024878A (en) | Data transmission method, device, medium and equipment | |
| CN109547276B (en) | Problem positioning method, terminal and storage medium | |
| CN108288135B (en) | System compatibility method and device, computer readable storage medium and electronic equipment | |
| CN114064221A (en) | Interrupt processing method, device, system, equipment and storage medium | |
| CN116560879B (en) | Method and device for calling face recognition service, terminal equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |