CN114780976A - Container application script execution method, device and system, electronic equipment and medium - Google Patents

Container application script execution method, device and system, electronic equipment and medium Download PDF

Info

Publication number
CN114780976A
CN114780976A CN202210385962.8A CN202210385962A CN114780976A CN 114780976 A CN114780976 A CN 114780976A CN 202210385962 A CN202210385962 A CN 202210385962A CN 114780976 A CN114780976 A CN 114780976A
Authority
CN
China
Prior art keywords
container
application script
key
private key
script execution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210385962.8A
Other languages
Chinese (zh)
Inventor
单溪洋
何小锋
徐健康
白雄雄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingdong Technology Information Technology Co Ltd
Original Assignee
Jingdong Technology Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingdong Technology Information Technology Co Ltd filed Critical Jingdong Technology Information Technology Co Ltd
Priority to CN202210385962.8A priority Critical patent/CN114780976A/en
Publication of CN114780976A publication Critical patent/CN114780976A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Stored Programmes (AREA)

Abstract

The embodiment of the disclosure discloses a container application script execution method, a device, a system, an electronic device and a medium. One embodiment of the method comprises: in response to receiving a container application script execution request, acquiring a container private key, a springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier from a key management system; connecting the springboard machine corresponding to the springboard machine identifier through a private key of the springboard machine; sending the container private key and a container application script execution command corresponding to the container application script execution request to the trigger tripping machine, so that the trigger tripping machine is connected to the container through the container private key and then sends the container application script execution command to the container; and responding to a container application script execution result of the corresponding container application script execution command sent by the trigger skipping machine, and sending the container application script execution result to a request end of the corresponding container application script execution request. The embodiment relates to information security and container technology, improves the security of the container and avoids the process blockage of the container.

Description

Container application script execution method, device, system, electronic device and medium
Technical Field
Embodiments of the present disclosure relate to the field of computer technologies, and in particular, to a method, an apparatus, a system, an electronic device, and a medium for executing a container application script.
Background
The container technology is a light-weight virtualization technology. The application may be integrated into the container to run the application in the container. Currently, when executing an application script of an application deployed in a container, the following methods are generally adopted: an application script execution command (e.g., a kubernets command or a kubecect exec) is sent to the container, causing the container to execute the application script.
However, when executing an application script of an application deployed in a container in the above manner, there are often technical problems as follows: the method for sending the execution command to the container needs to use a password or a token, when the password or the token is leaked, the security of the container is poor, and when the memory resource of the container is insufficient, the thread creation is failed, so that the process of the container is blocked (the container hang is caused).
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Some embodiments of the present disclosure propose a container application script execution method, apparatus, system, electronic device, and computer readable medium to solve the technical problems noted in the background section above.
In a first aspect, some embodiments of the present disclosure provide a container application script execution method, applied to a container management platform, including: in response to receiving a container application script execution request, acquiring a container private key, a springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier from a key management system, wherein a container application corresponding to the container application script execution request is deployed in a container corresponding to the container private key; connecting the board jump machine corresponding to the board jump machine identifier through the board jump machine private key, wherein a board jump machine public key corresponding to the board jump machine private key is stored in the board jump machine; sending the container private key and a container application script execution command corresponding to the container application script execution request to the trigger tripping machine, so that the trigger tripping machine is connected to the container through the container private key and then sends the container application script execution command to the container, wherein a container public key corresponding to the container private key is stored in the container; and responding to a received container application script execution result corresponding to the container application script execution command sent by the trigger jump machine, and sending the container application script execution result to a request end corresponding to the container application script execution request.
Optionally, the sending the execution result of the container application script to the request end corresponding to the execution request of the container application script includes: sending key connection destruction information to the key management system, wherein the key connection destruction information represents and destroys key connection information corresponding to the container application script execution command in the key management system; and sending the execution result of the container application script to a request end corresponding to the execution request of the container application script.
Optionally, after the sending the execution result of the container application script to the request end corresponding to the execution request of the container application script, the method further includes: and sending the key connection destruction information to the key management system, wherein the key connection destruction information represents and destroys the key connection information corresponding to the container application script execution command in the key management system.
Optionally, the springboard identifier is randomly selected by the key management system from a springboard identifier set corresponding to the key management system in response to receiving a connection information obtaining request corresponding to the container application script execution request.
Optionally, the private key of the springboard machine is generated by the springboard machine through the following steps: responding to the fact that the current time is a preset cycle time, executing a locally stored springboard machine secret key generation script, and obtaining a springboard machine secret key, wherein the springboard machine secret key comprises the springboard machine private key and the springboard machine public key; and sending the private key of the springboard machine to the key management system.
In a second aspect, some embodiments of the present disclosure provide a container application script execution apparatus, applied to a container management platform, including: the system comprises an acquisition unit, a storage unit and a control unit, wherein the acquisition unit is configured to respond to a received container application script execution request, and acquire a container private key, a springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier from a key management system, wherein a container application corresponding to the container application script execution request is deployed in a container corresponding to the container private key; the connection unit is configured to connect the board jumper corresponding to the board jumper identifier through the board jumper private key, wherein the board jumper public key corresponding to the board jumper private key is stored in the board jumper; a first sending unit, configured to send the container private key and a container application script execution command corresponding to the container application script execution request to the trigger so that the trigger is connected to the container through the container private key and then sends the container application script execution command to the container, where a container public key corresponding to the container private key is stored in the container; and the second sending unit is configured to respond to the execution result of the container application script corresponding to the execution command of the container application script sent by the trigger to send the execution result of the container application script to a request end corresponding to the execution request of the container application script.
Optionally, the second sending unit is further configured to: sending key connection destruction information to the key management system, wherein the key connection destruction information represents and destroys key connection information corresponding to the container application script execution command in the key management system; and sending the execution result of the container application script to a request end corresponding to the execution request of the container application script.
Optionally, after the second sending unit, the apparatus further comprises: and a key connection destruction information sending unit configured to send key connection destruction information to the key management system, where the key connection destruction information represents key connection information corresponding to the container application script execution command in the key management system for destruction.
Optionally, the springboard identifier is randomly selected by the key management system from a springboard identifier set corresponding to the key management system in response to receiving a connection information obtaining request corresponding to the container application script execution request.
Optionally, the private key of the springboard machine is generated by the springboard machine through the following steps: responding to the fact that the current time is a preset cycle time, executing a locally stored springboard machine secret key generation script, and obtaining a springboard machine secret key, wherein the springboard machine secret key comprises the springboard machine private key and the springboard machine public key; and sending the private key of the springboard machine to the key management system.
In a third aspect, some embodiments of the present disclosure provide a container application script execution system, the system comprising: a container management platform configured to implement the method described in any of the implementations of the first aspect above; a trigger to jump configured to: generating a public key of the springboard machine and a private key of the springboard machine; sending the private key of the springboard machine to the key management system; receiving a container private key and a container application script execution command sent by the container management platform; connecting to the container through the container private key; sending the container application script execution command to the container; sending a received execution result of the container application script sent by the container to the container management platform; a key management system configured to: storing the private key of the board jumper sent by the board jumper; responding to a received key connection information acquisition request corresponding to the container application script execution request, and determining the identification of the springboard machine; generating a container public key and a container private key corresponding to the trigger mark; connecting to the container according to the received private key of the container corresponding to the container application script execution request; sending the container public key and the springboard machine identifier to the container; sending the private key of the container, the springboard machine identifier and the private key of the springboard machine corresponding to the springboard machine identifier to the container management platform; a container configured to: generating a public key and a private key; sending the private key to the key management system; storing a container public key and a springboard machine identifier sent by the key management system; responding to a received container application script execution command sent by the trigger skipping machine, and executing a container application script corresponding to the container application script execution command; and sending the obtained execution result of the container application script to the board jump machine.
Optionally, the container is further configured to: and responding to the completion of the storage of the container public key and the jumper machine identifier, and sending a storage result representing successful storage to the key management system.
Optionally, the key management system is further configured to: and responding to a storage result which is sent by the container and represents successful storage, and sending the private key of the container, the jumper machine identifier and the private key of the jumper machine corresponding to the jumper machine identifier to the container management platform.
In a fourth aspect, some embodiments of the present disclosure provide an electronic device, comprising: one or more processors; a storage device having one or more programs stored thereon, which when executed by one or more processors, cause the one or more processors to implement the method described in any of the implementations of the first aspect.
In a fifth aspect, some embodiments of the present disclosure provide a computer readable medium having a computer program stored thereon, wherein the program, when executed by a processor, implements the method described in any of the implementations of the first aspect.
The above embodiments of the present disclosure have the following advantages: by the container application script execution method of some embodiments of the present disclosure, the security of the container is improved, and process blocking of the container is avoided. In particular, the reasons for poor security of the container and process blockage of the container are: the way of sending the execution command to the container needs to use a password or a token, when the password or the token is leaked, the security of the container is poor, and when the memory resource of the container is insufficient, the way of sending the execution command to the container causes thread creation failure, thereby causing process blocking of the container (container hang). Based on this, in the container application script execution method of some embodiments of the present disclosure, first, in response to receiving a container application script execution request, a container private key, a springboard machine identifier, and a springboard machine private key corresponding to the springboard machine identifier are obtained from a key management system. And the container application corresponding to the container application script execution request is deployed in the container corresponding to the container private key. Therefore, when the container application script needs to be executed, the springboard machine identifier, the private key of the springboard machine connected to the springboard machine corresponding to the springboard machine identifier, and the private key of the container used for connecting the springboard machine corresponding to the springboard machine identifier to the container corresponding to the container application script execution request can be obtained from the key management system. And then, connecting the springboard machine corresponding to the springboard machine identifier through the private key of the springboard machine. And the springboard machine public key corresponding to the springboard machine private key is stored in the springboard machine. Therefore, the springboard machine public key corresponding to the springboard machine private key and stored in the springboard machine corresponding to the springboard machine identification can be connected to the springboard machine corresponding to the springboard machine identification. And then, sending the container private key and a container application script execution command corresponding to the container application script execution request to the trigger tripping machine, so that the trigger tripping machine is connected to the container through the container private key and then sends the container application script execution command to the container. Wherein, the container stores the container public key corresponding to the container private key. Therefore, the container private key sent to the board jumper can be used for the board jumper to be connected to the container through the received container private key and the container public key, stored in the container, of the corresponding container private key, so that the container executes the container application script execution command, and the execution result of the container application script after the container application script is executed is sent to the board jumper. And finally, responding to a received container application script execution result which is sent by the trigger jump and corresponds to the container application script execution command, and sending the container application script execution result to a request end corresponding to the container application script execution request. Therefore, after the execution result of the container application script sent by the springboard machine is received, the received execution result of the container application script is sent to the request end corresponding to the execution request of the container application script, so as to respond to the execution request of the container application script of the request end. And because the application script of the application deployed in the container is not executed by sending the execution command to the container, a password or a token is not required to be used, and the leakage of the password or the token is avoided. And because the application script of the application deployed in the container is not executed by sending the execution command to the container, even when the memory resources of the container are insufficient, the process blockage (container hang) of the container can be avoided. Thus, the safety of the container is improved, and the progress blockage of the container is avoided.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and components are not necessarily drawn to scale.
FIG. 1 is a schematic illustration of one application scenario of a container application script execution method, in accordance with some embodiments of the present disclosure;
FIG. 2 is a flow diagram of some embodiments of a container application script execution method according to the present disclosure;
FIG. 3 is a block diagram of some embodiments of a container application script execution system in accordance with the present disclosure;
FIG. 4 is a timing diagram of some embodiments of a container application script execution system in accordance with the present disclosure;
FIG. 5 is a block diagram of some embodiments of a container application script execution apparatus in accordance with the present disclosure;
FIG. 6 is a schematic block diagram of an electronic device suitable for use in implementing some embodiments of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the disclosure are shown in the drawings, it is to be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and the embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings. The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
FIG. 1 is a schematic illustration of one application scenario of a container application script execution method according to some embodiments of the present disclosure.
In the application scenario of fig. 1, first, the computing device 101 may obtain, from the key management system, a container private key 103, a trigger identification 104, and a trigger private key 105 corresponding to the trigger identification 104, in response to receiving the container application script execution request 102. The container application corresponding to the container application script execution request 102 is deployed in the container corresponding to the container private key 103. Then, the computing device 101 may connect, through the trigger private key 105, the trigger 106 corresponding to the trigger identifier 104. The trigger 106 stores a trigger public key corresponding to the trigger private key 105. Then, the computing device 101 may send the container private key 103 and the container application script execution command 107 corresponding to the container application script execution request 102 to the trigger tripping machine 106, so that the trigger tripping machine 106 sends the container application script execution command 107 to the container after being connected to the container through the container private key 103. Wherein, the container stores the container public key corresponding to the container private key 103. Finally, the computing device 101 may send the execution result 108 of the container application script to the request end 109 corresponding to the execution request 102 of the container application script in response to receiving the execution result 108 of the container application script corresponding to the execution command 107 of the container application script sent by the trigger 106.
The computing device 101 may be hardware or software. When the computing device is hardware, it may be implemented as a distributed cluster composed of multiple servers or terminal devices, or may be implemented as a single server or a single terminal device. When the computing device is embodied as software, it may be installed in the hardware devices enumerated above. It may be implemented, for example, as multiple software or software modules for providing distributed services, or as a single software or software module. And is not particularly limited herein.
It should be understood that the number of computing devices in FIG. 1 is merely illustrative. There may be any number of computing devices, as implementation needs dictate.
With continued reference to fig. 2, a flow 200 of some embodiments of a container application script execution method in accordance with the present disclosure is shown. The container application script execution method is applied to a container management platform and comprises the following steps:
step 201, in response to receiving the container application script execution request, obtaining a container private key, a springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier from a key management system.
In some embodiments, an executing agent (e.g., computing device 101 shown in fig. 1) of the container application script execution method may, in response to receiving the container application script execution request, obtain, from the key management system, the container private key, the jumper identification, and the jumper private key corresponding to the jumper identification via a wired connection or a wireless connection. And the container application corresponding to the container application script execution request is deployed in the container corresponding to the container private key. The container application script execution request may be a request for causing a container of the deployment container application to execute the container application script. The container application may be an application deployed in a container to run. The container may be a cluster of containers that deploy the container application. The container cluster may be a respective node device that deploys one or more containers. For example, the containers may be individual computing devices that deploy Docker containers. The container application script may be a script related to the container application. For example, the container application script may be a script that starts, stops, or restarts the container application. For another example, the container application script may be a script customized for the container application by the user. The container application script execution request may be sent by a computing device corresponding to a browser page or an application program interface after a user executes a container application script execution trigger operation through the browser page or the application program interface.
The key management system can be used for managing the public and private keys of the springboard machine connection container. The private key of the container may be a private key used for the springboard machine to identify the corresponding springboard machine connected to the container. The container private key may be generated by the key management system through an open-source toolkit in response to the connection information acquisition request of the execution principal. The connection information acquisition request may be a request for acquiring connection information, which is sent by the execution main body to the key management system. The connection information may be information required for establishing a connection, and may include the private key of the container, the identifier of the springboard machine, and the private key of the springboard machine. The toolkit may be a Java jar package, such as com. The trigger trip identifier may uniquely represent the trigger trip. For example, the trigger identifier may be an IP address of the trigger. The trigger identifier may be selected from a corresponding trigger identifier set in a polling manner in response to receiving a connection information acquisition request corresponding to the container application script execution request by the key management system. The set of trigger identifiers may be a set of trigger identifiers managed by the key management system. The private key of the board jumper machine can be generated by the board jumper machine through the following steps:
step one, responding to the fact that the current time is the preset cycle time, calling a secret key generation interface, and obtaining a secret key as a trigger jump secret key. The trigger tripping device secret key comprises the trigger tripping device private key and a trigger tripping device public key corresponding to the trigger tripping device private key. The key generation interface may be an interface of the key management system for generating a key. The period time may be at least one time previously set for generating the trigger key. For example, the above cycle time may be 8, 12 and 18 points per day.
And secondly, sending the private key of the springboard machine to the key management system.
Therefore, when the container application script needs to be executed, the springboard machine identifier, the private key of the springboard machine connected to the springboard machine corresponding to the springboard machine identifier, and the private key of the container used for connecting the springboard machine corresponding to the springboard machine identifier to the container corresponding to the container application script execution request can be obtained from the key management system.
Optionally, the trigger identifier may be randomly selected from a set of trigger identifiers corresponding to the key management system by the key management system in response to receiving a connection information acquisition request corresponding to the container application script execution request. Therefore, after the key management system receives the connection information acquisition request, one trigger mark is randomly selected and returned to the execution main body.
Optionally, the private key of the springboard machine is generated by the springboard machine through the following steps:
the method comprises the steps that in response to the fact that the current time is the preset cycle time, a locally-stored springboard machine key generation script is executed, and a springboard machine key is obtained. The trigger tripping machine key comprises the trigger tripping machine private key and the trigger tripping machine public key. The trigger tripping key generation script may be a script that is pre-stored in the trigger tripping and used for generating the trigger tripping key.
And secondly, sending the private key of the springboard machine to the key management system.
It should be noted that the wireless connection means may include, but is not limited to, a 3G/4G connection, a WiFi connection, a bluetooth connection, a WiMAX connection, a Zigbee connection, a uwb (ultra wideband) connection, and other wireless connection means now known or developed in the future.
And 202, connecting the springboard machine corresponding to the springboard machine identifier through the private key of the springboard machine.
In some embodiments, the execution subject may connect to the springboard machine through the springboard machine private key to identify the corresponding springboard machine. And the springboard machine public key corresponding to the springboard machine private key is stored in the springboard machine. In practice, the execution main body may send a connection request including the private key of the board jumper to the board jumper, so that the board jumper responds to the connection request of the execution main body after determining that the private key of the board jumper is matched with the public key of the board jumper. Therefore, the springboard machine public key corresponding to the springboard machine private key and stored in the springboard machine corresponding to the springboard machine identification can be connected to the springboard machine corresponding to the springboard machine identification.
And 203, sending the container private key and a container application script execution command corresponding to the container application script execution request to the board jump machine, so that the board jump machine is connected to the container through the container private key and then sends the container application script execution command to the container.
In some embodiments, the execution principal may send the container private key and a container application script execution command corresponding to the container application script execution request to the trigger so that the trigger is connected to the container through the container private key and then sends the container application script execution command to the container. Wherein, the container stores the container public key corresponding to the container private key. The container application script execution command may be a command for causing the container to execute a container application script corresponding to the container application script execution request. The trigger may send a connection request including the container private key to the container, so that the container responds to the connection request sent by the trigger after determining that the container private key matches the container public key. After receiving the container application script execution command, the container can execute the container application script to obtain a container application script execution result, and the container application script execution result is sent to the trigger, so that the trigger sends the container application script execution result to the execution main body. The execution result of the container application script may be a result indicating success or failure of the execution of the container application script execution command. Therefore, the container private key sent to the board jumper can be used for the board jumper to be connected to the container through the received container private key and the container public key, stored in the container, of the corresponding container private key, so that the container executes the container application script execution command, and the execution result of the container application script after the container application script is executed is sent to the board jumper.
And 204, responding to the execution result of the container application script of the corresponding container application script execution command sent by the trigger to send the execution result of the container application script to a request end of the corresponding container application script execution request.
In some embodiments, the execution main body may send the execution result of the container application script to a request end corresponding to the execution request of the container application script in response to receiving the execution result of the container application script corresponding to the execution command of the container application script sent by the trigger. The requesting end may be a computing device that sends the container application script execution request. In practice, the execution main body may send the execution result of the container application script to the request end in a wired connection manner or a wireless connection manner, so that the request end displays the execution result of the container application script. Therefore, after the execution result of the container application script sent by the springboard machine is received, the received execution result of the container application script is sent to the request end corresponding to the execution request of the container application script, so as to respond to the execution request of the container application script of the request end.
In some optional implementation manners of some embodiments, first, the executing main body may send the key connection destruction information to the key management system. The key connection destruction information may represent key connection information for destroying the container application script execution command in the key management system. The key connection information may be key related information required for establishing a connection, and may include, but is not limited to: the private key of the flasher machine, the public key of the container and the private key of the container. And after receiving the key connection destruction information, the key management system can delete the key connection information. Then, the execution result of the container application script may be sent to a request end corresponding to the execution request of the container application script. Therefore, before the execution result of the container application script is returned, the key management system destroys the key connection information used when the container application script is executed at this time, and further uses new key connection information when the container application script is executed next time.
Optionally, the executing body may further send the key connection destruction information to the key management system. And the key connection destruction information represents and destroys the key connection information of the execution command of the container application script in the key management system. Therefore, after the execution result of the container application script is returned, the key management system destroys the key connection information used when the container application script is executed at this time, and further uses new key connection information when the container application script is executed next time. It should be noted that, the key management system may further send container key connection destruction information to the container in response to deletion of the key connection information. The container key connection destruction information may represent container key connection information for destroying the execution command of the container application script in the container. The container key connection information may include, but is not limited to: the container public key.
The above embodiments of the present disclosure have the following beneficial effects: by the container application script execution method of some embodiments of the present disclosure, the security of the container is improved, and process blocking of the container is avoided. In particular, the reasons for poor security and process blockage of the container are: the method for sending the execution command to the container needs to use a password or a token, when the password or the token is leaked, the security of the container is poor, and when the memory resource of the container is insufficient, the thread creation is failed, so that the process of the container is blocked (the container hang is caused). Based on this, in the container application script execution method according to some embodiments of the present disclosure, first, in response to receiving a container application script execution request, a container private key, a trigger identifier, and a trigger private key corresponding to the trigger identifier are obtained from a key management system. And the container application corresponding to the container application script execution request is deployed in the container corresponding to the container private key. Therefore, when the container application script needs to be executed, the springboard machine identifier, the private key of the springboard machine for connecting to the springboard machine corresponding to the springboard machine identifier, and the private key of the container for connecting the springboard machine corresponding to the springboard machine identifier to the container corresponding to the container application script execution request can be obtained from the key management system. And then, connecting the springboard machine corresponding to the springboard machine identifier through the private key of the springboard machine. And the springboard machine public key corresponding to the springboard machine private key is stored in the springboard machine. Therefore, the springboard machine public key corresponding to the springboard machine private key and stored in the springboard machine corresponding to the springboard machine identification can be connected to the springboard machine corresponding to the springboard machine identification. And then, sending the container private key and a container application script execution command corresponding to the container application script execution request to the trigger, so that the trigger is connected to the container through the container private key and then sends the container application script execution command to the container. Wherein, the container stores the container public key corresponding to the container private key. Therefore, the container private key sent to the board jumper can be used for the board jumper to be connected to the container through the received container private key and the container public key of the corresponding container private key stored in the container, so that the container executes a container application script execution command, and a container application script execution result after the container application script is executed is sent to the board jumper. And finally, responding to a received container application script execution result which is sent by the trigger jump and corresponds to the container application script execution command, and sending the container application script execution result to a request end corresponding to the container application script execution request. Therefore, after the execution result of the container application script sent by the springboard machine is received, the received execution result of the container application script is sent to the request end corresponding to the execution request of the container application script, so as to respond to the execution request of the container application script of the request end. And because the application script of the application deployed in the container is not executed by sending the execution command to the container, a password or a token is not required to be used, and the leakage of the password or the token is avoided. And because the application script of the application deployed in the container is not executed by sending the execution command to the container, even when the memory resource of the container is insufficient, the process blocking of the container (container hang) can be avoided. Thus, the safety of the container is improved, and the progress blockage of the container is avoided.
With further reference to FIG. 3, an architectural diagram 300 of some embodiments of a container application script execution system is shown. The container application script execution system 300 includes:
the container management platform 301 is configured to implement the method described in step 201 and step 204 in the embodiments corresponding to fig. 2.
A trigger jump 302 configured to: generating a public key of the springboard machine and a private key of the springboard machine; sending the private key of the trigger to a key management system 303; receiving a container private key and a container application script execution command sent by the container management platform 301; connected to the container 304 by the container private key; sending the container application script execution command to the container 304; and sending the received execution result of the container application script sent by the container 304 to the container management platform 301.
In some embodiments, the springboard machine 302 may generate the springboard machine public key and the springboard machine private key in response to that the current time is a preset cycle time. Therefore, the public key of the springboard machine and the private key of the springboard machine for connecting the container management platform can be updated regularly.
A key management system 303 configured to: storing the private key of the springboard machine sent by the springboard machine 302; responding to a received key connection information acquisition request corresponding to the container application script execution request, and determining the identification of the springboard machine; generating a container public key and a container private key corresponding to the trigger mark; connecting to the container 304 according to the received private key of the container corresponding to the container application script execution request; sending the container public key and the springboard machine identifier to the container 304; and sending the private key of the container, the jumper identification and the private key of the jumper corresponding to the jumper identification to the container management platform 301.
In some optional implementation manners of some embodiments, the key management system 303 may send the container private key, the springboard machine identifier, and a springboard machine private key corresponding to the springboard machine identifier to the container management platform 301 through the following steps: in response to receiving the storage result indicating that the storage is successful, which is sent by the container 304, the private key of the container, the jumper identification, and the private key of the jumper corresponding to the jumper identification are sent to the container management platform 301.
A container 304 configured to: generating a public key and a private key; sending the private key to the key management system 303; storing the container public key and the springboard machine identifier sent by the key management system 303; in response to receiving the container application script execution command sent by the trigger 302, executing a container application script corresponding to the container application script execution command; the obtained execution result of the container application script is sent to the trigger tripping unit 302.
In some embodiments, the container 304 may generate a public key and a private key for the connection of the key management system 303 with the container 304 in response to the current time being a preset cycle time. The container 304 may call a key generation interface or execute a locally stored key generation script, resulting in a public key and a private key. The key generation script may be a script for generating a public key and a private key. The public key and the private key are used for the key management system 303 to connect to the container 304. The container application script may be a script of a container application stored in the container 304 in advance, or may be a script of a container application generated when a container application script execution command is executed. The container 304 may add the foregoing jumper identifier to an SSH (Secure Shell) whitelist to store the foregoing jumper identifier.
Optionally, the container 304 may further send a storage result indicating successful storage to the key management system in response to completion of storage of the container public key and the jumper identifier. The storage result of successful storage of the above token can be represented by any character or character string. For example, the storage result characterizing successful storage may be "success".
It should be noted that the container may be a distributed container cluster. The number of containers included in the container cluster is not limited.
As can be seen from fig. 3, the container application script execution system 300 in some embodiments corresponding to fig. 3 embodies the constitution of the container application script execution system. Thus, the container application script execution system of some embodiments, which is composed of a container management platform, a trigger, a key management system and a container, improves the security of the container and avoids the process blockage of the container.
With further reference to FIG. 4, a timing diagram of some embodiments of a container application script execution system is shown. The flow 400 of the container application script execution system, corresponding to those system embodiments shown in FIG. 3, includes the following steps:
step 401, the springboard machine generates a springboard machine public key and a springboard machine private key.
Step 402, the trigger sends the trigger private key to the key management system.
At step 403, the container generates a public key and a private key.
At step 404, the container sends the private key to the key management system.
Step 405, the container management platform receives a container application script execution request sent by a request end.
Step 406, the container management platform requests to obtain the private key of the container, the identifier of the springboard machine and the private key of the springboard machine corresponding to the identifier of the springboard machine from the key management system.
Step 407, the key management system determines the trigger identifier and generates a container public key and a container private key corresponding to the trigger identifier.
Step 408, the key management system connects to the container according to the received private key and sends the container public key and the springboard machine identification to the container.
Step 409, the container stores the received container public key and the springboard machine identifier.
Step 410, the key management system sends the private key of the container, the springboard machine identifier and the private key of the springboard machine corresponding to the springboard machine identifier to the container management platform.
And 411, the container management platform is connected to the trigger jump machine through the private key of the trigger jump machine, and sends the private key of the container and a container application script execution command corresponding to the container application script execution request to the trigger jump machine.
In step 412, the springboard machine connects to the container through the container private key and sends the container application script execution command to the container.
In step 413, the container application script corresponding to the container application script execution command is executed by the container.
And step 414, the container sends the obtained execution result of the container application script to the board jump machine.
And step 415, the trigger to jump sends the execution result of the received container application script to the container management platform.
Step 416, the container management platform sends the execution result of the container application script to the request end.
In some embodiments, the specific implementation and technical effects of steps 401 and 416 may refer to steps 201 and 204 in the embodiments corresponding to fig. 2 and those corresponding to fig. 3, which are not described herein again.
As can be seen from fig. 4, the flow 400 of the container application script execution system in some embodiments corresponding to fig. 4 embodies the interaction steps between the container management platform, the trigger, the key management system, and the container. Thus, the solutions described in these embodiments improve the safety of the container and avoid process blockages of the container.
With further reference to fig. 5, as an implementation of the methods shown in the above figures, the present disclosure provides some embodiments of a container application script execution apparatus, which correspond to those shown in fig. 2, and which may be applied in various electronic devices in particular.
As shown in fig. 5, the container application script execution apparatus 500 of some embodiments includes: an acquisition unit 501, a connection unit 502, a first transmission unit 503, and a second transmission unit 504. The obtaining unit 501 is configured to obtain, in response to receiving a container application script execution request, a container private key, a trigger identifier, and a trigger private key corresponding to the trigger identifier from a key management system, where a container application corresponding to the container application script execution request is deployed in a container corresponding to the container private key; the connection unit 502 is configured to connect the trigger to a trigger corresponding to the trigger identifier through the trigger private key, where the trigger public key corresponding to the trigger private key is stored in the trigger; the first sending unit 503 is configured to send the container private key and a container application script execution command corresponding to the container application script execution request to the trigger, so that the trigger sends the container application script execution command to the container after being connected to the container through the container private key, where a container public key corresponding to the container private key is stored in the container; the second sending unit 504 is configured to send an execution result of the container application script to a request end corresponding to the execution request of the container application script in response to receiving an execution result of the container application script corresponding to the execution command of the container application script sent by the trigger.
Optionally, the second sending unit 504 of the container application script executing apparatus 500 may be further configured to: sending key connection destruction information to the key management system, wherein the key connection destruction information represents and destroys key connection information corresponding to the container application script execution command in the key management system; and sending the execution result of the container application script to a request end corresponding to the execution request of the container application script.
Optionally, after the second sending unit 504, the container application script execution apparatus 500 may further include: a key connection destruction information sending unit (not shown in the figure) configured to send key connection destruction information to the key management system, wherein the key connection destruction information represents key connection information corresponding to the container application script execution command in the key management system for destruction.
Optionally, the springboard machine identifier is randomly selected by the key management system from a springboard machine identifier set corresponding to the key management system in response to receiving a connection information obtaining request corresponding to the container application script execution request.
Optionally, the private key of the springboard machine is generated by the springboard machine through the following steps: responding to the current time as preset cycle time, executing a locally stored springboard machine key generation script to obtain a springboard machine key, wherein the springboard machine key comprises the springboard machine private key and the springboard machine public key; and sending the private key of the springboard machine to the key management system.
It will be understood that the units described in the apparatus 500 correspond to the various steps in the method described with reference to fig. 2. Thus, the operations, features and advantages described above with respect to the method are also applicable to the apparatus 500 and the units included therein, and are not described herein again.
Referring now to FIG. 6, a block diagram of an electronic device (e.g., computing device 101 of FIG. 1)600 suitable for use in implementing some embodiments of the present disclosure is shown. The electronic device shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 6, electronic device 600 may include a processing means (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the electronic apparatus 600 are also stored. The processing device 601, the ROM 602, and the RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Generally, the following devices may be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, or the like; output devices 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, magnetic tape, hard disk, etc.; and a communication device 609. The communication means 609 may allow the electronic device 600 to communicate with other devices wirelessly or by wire to exchange data. While fig. 6 illustrates an electronic device 600 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 6 may represent one device or may represent multiple devices as desired.
In particular, according to some embodiments of the present disclosure, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, some embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In some such embodiments, the computer program may be downloaded and installed from a network through the communication device 609, or installed from the storage device 608, or installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of some embodiments of the present disclosure.
It should be noted that the computer readable medium described in some embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In some embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In some embodiments of the present disclosure, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may interconnect with any form or medium of digital data communication (e.g., a communications network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: in response to receiving a container application script execution request, acquiring a container private key, a springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier from a key management system, wherein a container application corresponding to the container application script execution request is deployed in a container corresponding to the container private key; connecting a springboard machine corresponding to the springboard machine identifier through the springboard machine private key, wherein a springboard machine public key corresponding to the springboard machine private key is stored in the springboard machine; sending the container private key and a container application script execution command corresponding to the container application script execution request to the trigger jump machine, so that the trigger jump machine is connected to the container through the container private key and then sends the container application script execution command to the container, wherein a container public key corresponding to the container private key is stored in the container; and responding to a received container application script execution result which is sent by the trigger jump and corresponds to the container application script execution command, and sending the container application script execution result to a request end corresponding to the container application script execution request.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in some embodiments of the present disclosure may be implemented by software, and may also be implemented by hardware. The described units may also be provided in a processor, and may be described as: a processor includes an acquisition unit, a connection unit, a first transmission unit, and a second transmission unit. Here, the names of these units do not constitute a limitation on the unit itself in some cases, and for example, the obtaining unit may also be described as "a unit that obtains, from the key management system, the container private key, the jumper id, and the jumper private key corresponding to the jumper id described above in response to receiving the container application script execution request.
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.

Claims (11)

1. A container application script execution method is applied to a container management platform and comprises the following steps:
in response to receiving a container application script execution request, acquiring a container private key, a springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier from a key management system, wherein a container application corresponding to the container application script execution request is deployed in a container corresponding to the container private key;
connecting a springboard machine corresponding to the springboard machine identifier through the springboard machine private key, wherein a springboard machine public key corresponding to the springboard machine private key is stored in the springboard machine;
sending the container private key and a container application script execution command corresponding to the container application script execution request to the trigger jump machine, so that the trigger jump machine is connected to the container through the container private key and then sends the container application script execution command to the container, wherein a container public key corresponding to the container private key is stored in the container;
and responding to a received container application script execution result which is sent by the trigger and corresponds to the container application script execution command, and sending the container application script execution result to a request end corresponding to the container application script execution request.
2. The method according to claim 1, wherein the sending the execution result of the container application script to a request end corresponding to the execution request of the container application script comprises:
sending key connection destruction information to the key management system, wherein the key connection destruction information represents and destroys key connection information corresponding to the container application script execution command in the key management system;
and sending the execution result of the container application script to a request end corresponding to the execution request of the container application script.
3. The method of claim 1, wherein after the sending the container application script execution result to a requestor corresponding to the container application script execution request, the method further comprises:
and sending the key connection destruction information to the key management system, wherein the key connection destruction information represents and destroys the key connection information corresponding to the container application script execution command in the key management system.
4. The method of claim 1, wherein the trigger identifier is randomly selected by the key management system from a set of trigger identifiers corresponding to the key management system in response to receiving a connection information acquisition request corresponding to the container application script execution request.
5. The method of one of claims 1 to 4, wherein the trigger private key is generated by the trigger by:
responding to the current time as preset cycle time, executing a locally stored springboard machine key generation script to obtain a springboard machine key, wherein the springboard machine key comprises a springboard machine private key and a springboard machine public key;
and sending the private key of the springboard machine to the key management system.
6. A container application script execution device is applied to a container management platform and comprises the following components:
the system comprises an acquisition unit and a control unit, wherein the acquisition unit is configured to acquire a container private key, a springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier from a key management system in response to receiving a container application script execution request, and a container application corresponding to the container application script execution request is deployed in a container corresponding to the container private key;
the connection unit is configured to connect the springboard machine corresponding to the springboard machine identifier through the springboard machine private key, wherein a springboard machine public key corresponding to the springboard machine private key is stored in the springboard machine;
the first sending unit is configured to send the container private key and a container application script execution command corresponding to the container application script execution request to the trigger to enable the trigger to send the container application script execution command to the container after being connected to the container through the container private key, wherein a container public key corresponding to the container private key is stored in the container;
the second sending unit is configured to respond to the received container application script execution result which is sent by the trigger and corresponds to the container application script execution command, and send the container application script execution result to a request end corresponding to the container application script execution request.
7. A container application script execution system comprising:
a container management platform configured to implement the method of any one of claims 1-5;
a trigger to jump configured to: generating a public key of the springboard machine and a private key of the springboard machine; sending the private key of the springboard machine to the key management system; receiving a container private key and a container application script execution command sent by the container management platform; connecting to the container through the container private key; sending the container application script execution command to the container; sending a received execution result of the container application script sent by the container to the container management platform;
a key management system configured to: storing the private key of the springboard machine sent by the springboard machine; responding to a received key connection information acquisition request corresponding to the container application script execution request, and determining the identification of the springboard machine; generating a container public key and a container private key corresponding to the trigger mark; connecting to the container according to the received private key of the container corresponding to the container application script execution request; sending the container public key and the springboard machine identifier to the container; sending the container private key, the springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier to the container management platform;
a container configured to: generating a public key and a private key; sending the private key to the key management system; storing a container public key and a springboard machine identifier sent by the key management system; responding to a received container application script execution command sent by the board jump machine, and executing a container application script corresponding to the container application script execution command; and sending the obtained execution result of the container application script to the board jump machine.
8. The system of claim 7, wherein the container is further configured to:
and responding to the completion of the storage of the container public key and the jumper identification, and sending a storage result representing successful storage to the key management system.
9. The system of claim 8, wherein the key management system is further configured to:
and responding to a storage result which is sent by the container and represents successful storage, and sending the container private key, the springboard machine identifier and a springboard machine private key corresponding to the springboard machine identifier to the container management platform.
10. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-5.
11. A computer-readable medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-5.
CN202210385962.8A 2022-04-13 2022-04-13 Container application script execution method, device and system, electronic equipment and medium Pending CN114780976A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210385962.8A CN114780976A (en) 2022-04-13 2022-04-13 Container application script execution method, device and system, electronic equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210385962.8A CN114780976A (en) 2022-04-13 2022-04-13 Container application script execution method, device and system, electronic equipment and medium

Publications (1)

Publication Number Publication Date
CN114780976A true CN114780976A (en) 2022-07-22

Family

ID=82429120

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210385962.8A Pending CN114780976A (en) 2022-04-13 2022-04-13 Container application script execution method, device and system, electronic equipment and medium

Country Status (1)

Country Link
CN (1) CN114780976A (en)

Similar Documents

Publication Publication Date Title
US20210297410A1 (en) Mec platform deployment method and apparatus
CN110311983B (en) Service request processing method, device and system, electronic equipment and storage medium
KR20200140943A (en) Secure configuration of cloud computing nodes
CN111090423B (en) Webhook framework system and method for realizing active calling and event triggering
CN109391673A (en) A kind of method, system and the terminal device of management update file
CN112866385B (en) Interface calling method and device, electronic equipment and storage medium
CN112416632B (en) Event communication method and device, electronic equipment and computer readable medium
CN113821352A (en) Remote service calling method and device
CN113595927A (en) Method and device for processing mirror flow in bypass mode
CN111161072A (en) Block chain-based random number generation method, equipment and storage medium
CN108764866B (en) Method and equipment for allocating resources and drawing resources
WO2024066374A1 (en) Service degradation method and apparatus, device, computer-readable medium and program product
CN115022106B (en) Group information processing method, device, equipment and medium
CN113553206B (en) Data event execution method and device, electronic equipment and computer readable medium
CN111030900A (en) Authentication-free login method and device and electronic equipment
CN115291973A (en) Method and device for connecting database by application on cloud, electronic equipment and storage medium
CN115941766A (en) Operation and maintenance data processing method and device
CN114780976A (en) Container application script execution method, device and system, electronic equipment and medium
CN115865974A (en) Edge device, cloud device, edge computing system and method, and storage medium
EP3293924B1 (en) Message processing method and device
CN114518909A (en) Authorization information configuration method, device, equipment and storage medium based on API gateway
CN112929453A (en) Method and device for sharing session data
CN110830528B (en) Method and device for controlling distributed timing switch
CN112463616A (en) Chaos testing method and device for Kubernetes container platform
CN114610343A (en) Application function implementation method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination