CN114844941A - Interface level service management method based on Istio and related device - Google Patents
Interface level service management method based on Istio and related device Download PDFInfo
- Publication number
- CN114844941A CN114844941A CN202210458695.2A CN202210458695A CN114844941A CN 114844941 A CN114844941 A CN 114844941A CN 202210458695 A CN202210458695 A CN 202210458695A CN 114844941 A CN114844941 A CN 114844941A
- Authority
- CN
- China
- Prior art keywords
- service
- interface
- envoy
- istio
- micro
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000007726 management method Methods 0.000 title claims description 14
- 238000000034 method Methods 0.000 claims abstract description 31
- 230000006870 function Effects 0.000 claims description 39
- 230000015654 memory Effects 0.000 claims description 23
- 238000009826 distribution Methods 0.000 claims description 9
- 238000012544 monitoring process Methods 0.000 claims description 6
- 101000741965 Homo sapiens Inactive tyrosine-protein kinase PRAG1 Proteins 0.000 claims description 4
- 102100038659 Inactive tyrosine-protein kinase PRAG1 Human genes 0.000 claims description 4
- 239000003795 chemical substances by application Substances 0.000 description 46
- 238000004891 communication Methods 0.000 description 12
- 238000012545 processing Methods 0.000 description 7
- 230000002776 aggregation Effects 0.000 description 4
- 238000004220 aggregation Methods 0.000 description 4
- 238000006243 chemical reaction Methods 0.000 description 4
- 230000000593 degrading effect Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000003860 storage Methods 0.000 description 4
- 239000008186 active pharmaceutical agent Substances 0.000 description 3
- 230000015556 catabolic process Effects 0.000 description 3
- 230000007547 defect Effects 0.000 description 3
- 238000006731 degradation reaction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000005034 decoration Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000005291 magnetic effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000011144 upstream manufacturing Methods 0.000 description 2
- 241000412611 Consul Species 0.000 description 1
- 241000287219 Serinus canaria Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000004931 aggregating effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/20—Traffic policing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/34—Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
An interface level service governance method based on Istio comprises the following steps: taking different bottom-layer platforms and an Istio service grid as an infrastructure; acquiring various Envoy agents in an Istio service grid, deploying each Envoy agent and a service application in the same Pod, and abstracting a micro service corresponding to the Pod of the same type; performing service discovery and traffic rule discovery on a plurality of bottom-layer platforms through a Pilot component; the improved xDS protocol in the Istio service grid includes Function discovery services of all interface service information, and service information and flow rules are issued to all Envoy agents through the Function discovery services, so as to implement flow control on the interface services of the micro-services. By adopting the technical scheme, the micro-service is finely managed, and the management flexibility is improved.
Description
[ technical field ] A method for producing a semiconductor device
The invention relates to the technical field of information, in particular to an interface level service management method based on Istio and a related device.
[ background of the invention ]
Due to the adoption of micro-service application and cloud native container technology, the requirement of people on service grids is promoted due to the high coupling degree of the prior business process and flow control rule. A service grid is a controller for communication between services, and with the development and deployment of more and more container applications, an enterprise may have hundreds of containers or tens of thousands of containers running, which becomes a great challenge for managing communication between the containers or services. In order to solve the above communication problems, a service grid represented by the isio is developed, which includes load balancing between services, traffic management, routing, operation condition monitoring, security policy, and authentication between services.
In the open source Istio scheme, the service governance capability of the micro-service level is realized, the flow governance is provided for the non-invasive flow governance capability of the user in an infrastructure mode, and the user only needs to pay attention to the development of own business logic and does not need to pay attention to the service access management.
However, the above-mentioned isto traffic governance policy is based on an instance level or a micro service level, and it is impossible to perform traffic governance on a certain interface in the instance level or the micro service instance. Illustratively, if a micro-service instance is an order center, where there are multiple interfaces, such as query of an order, order placement of an order, and the like, when the query interface request amount is large, the query of other interfaces is slow, and a fusing or degrading policy is used in the istio, the policy is applied to all interfaces of the whole micro-service instance, so that fusing or degrading is performed on all interfaces of the micro-service instance, and fine service governance cannot be achieved on the micro-service.
[ summary of the invention ]
Aiming at the defects in the prior art, the application aims to provide an interface level service treatment method and a related device based on Istio, so that the micro-service is finely treated, and the treatment flexibility is improved.
In order to achieve the purpose, the invention provides the following technical scheme:
in a first aspect, an interface level service governance method based on Istio is provided, which takes different underlying platforms and Istio service grids as an infrastructure, and is characterized by comprising the following steps:
acquiring various Envoy agents in the Istio service grid, deploying each Envoy agent and a service application in the same Pod, and abstracting a micro service corresponding to the Pod of the same type;
performing service discovery and traffic rule discovery on the bottom-layer platforms through the Pilot component;
the improved xDS protocol in the Istio service grid includes Function discovery services of all interface service information, and service information and flow rules are issued to all the Envoy agents through the Function discovery services, so as to implement flow control on the interface services of the micro services.
The invention is further configured to: the underlying platform includes one or more of Kubernets, Mesos, and CloudFoundry.
The invention is further configured to: the method comprises the following steps of performing service discovery and traffic rule discovery on a plurality of bottom-layer platforms through a Pilot component, wherein the method specifically comprises the following steps:
monitoring the bottom-layer platform through a platform adapter to obtain service information and traffic rules so as to convert the service information and the traffic rules into a format understandable by an Istio abstract model;
distributing service information and traffic rules to all the Envoy proxies via a modified xDS protocol based on their subscriptions.
The invention is further configured to: the issuing of the service information and the traffic rules to all the Envoy agents through the improved xDS protocol specifically includes:
and the Pilot component responds to the request of the discover request type initiated by the Envoy agent to carry out dynamic loading configuration, and if the configuration loading is successful, ACK is carried out, otherwise NACK is carried out.
The invention is further configured to: the improved xDS protocol includes Function discovery services of all interface service information, wherein the specific steps of invoking the interface services of the micro-service include:
issuing service information and flow rules to all the Envoy agents through the improved xDS protocol; the Envoy agent corresponding to the calling micro service checks whether interface information of the target micro service is configured in the bottom platform or not;
if the interface information of the target micro service does not exist in the underlying platform, intercepting the flow;
if the interface information of the target micro service exists in the bottom platform, the flow is released to reach a target Pod of the target micro service.
The invention is further configured to: the invoy agent corresponding to the calling micro service checks whether interface information of the target micro service is configured in the bottom platform, and the specific steps include:
whether the Pilot assembly configures target interface service information for all interfaces under the target micro service can be determined by controlling the on-off of a configuration switch;
and if the configuration switch is in the on state, configuring target interface service information for all the interfaces under the target micro service, otherwise, not configuring the target interface service information for all the interfaces under the target micro service.
The invention is further configured to: the interface service information of the Function discovery service comprises an interface name and a micro-service name to which the interface belongs.
In a second aspect, an interface level service governance device based on the isto is provided, which is characterized by comprising:
the deployment module is used for acquiring all the Envoy agents in the Istio service grid, deploying each Envoy agent and a service application in the same Pod, and abstracting a micro service corresponding to the Pod of the same type;
the discovery module is used for performing service discovery and traffic rule discovery on the bottom-layer platforms through the Pilot component;
and the distribution module is used for the improved xDS protocol in the Istio service grid to include Function discovery services of all interface service information, and issues service information and flow rules to all the Envoy agents through the Function discovery services so as to implement flow control on the interface services of the micro-services.
In a third aspect, a terminal device is provided, characterized in that it comprises a memory; one or more processors coupled with the memory; one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more application programs configured to perform the Istio-based interface level service governance method of any of claims 1-7.
In a fourth aspect, there is provided a computer readable medium, comprising one or more applications stored in the memory and configured to be executed by the one or more processors, the one or more applications configured to perform the Istio-based interface level service governance method according to any one of claims 1-7.
Compared with the prior art, the invention has the following advantages:
1. by corresponding each Pod of the same type, interface services of micro services and an Envoy agent one by one, adding Function discovery services on a standard improved xDS protocol, and configuring target interface service information to the Function discovery services when a configuration switch arranged on the micro services is started, the flow control on the interface level is realized, the defect that all interfaces of the micro services are fused or degraded due to the fusing or degrading strategy adopted in an Istio service grid is overcome, various fusing or degrading strategies can be configured on the interface services of the micro services, the mutual influence among different interface services of the same micro service is reduced to an acceptable range, and the more fine control on the micro services is realized;
2. the configuration switch is arranged on the micro service, the control on the Function discovery service work is realized by controlling the on-off of the configuration switch, when the configuration switch arranged on the micro service is closed, the Envoy agency stops configuring the target interface service information to the Function discovery service, the Function discovery service stops working, the coarse-grained and fine-grained service treatment mode switching is further realized, and the flexibility of flow treatment is improved.
[ description of the drawings ]
FIG. 1 is a flow chart of a method of service management according to the present embodiment;
FIG. 2 is a block diagram of the Pilot assembly of the present embodiment;
fig. 3 is a distribution flow chart of the improved xDS protocol of the present embodiment.
[ detailed description ] embodiments
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
As will be appreciated by those skilled in the art, a "terminal" as used herein includes both devices having a wireless signal receiver, which are devices having only a wireless signal receiver without transmit capability, and devices having receive and transmit hardware, which have devices having receive and transmit hardware capable of two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (PerSonal CommunicationS Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (PerSonal Digital ASSiStant), which may include a radio frequency receiver, a pager, internet/intranet access, web browser, notepad, calendar and/or GPS (Global PoSitioning SyStem) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal Device" may also be a communication terminal, a web terminal, a music/video playing terminal, such as a PDA, an MID (Mobile Internet Device) and/or a Mobile phone with music/video playing function, or a smart tv, a set-top box, etc.
As shown in fig. 1 and fig. 2, the interface level service governance method based on the isto disclosed in the present invention takes different underlying platforms and isto service grids as infrastructure, and includes:
performing service discovery and traffic rule discovery on the bottom-layer platforms through the Pilot component;
s1, acquiring all the Envoy agents in the Istio service grid, deploying each Envoy agent and the service application in the same Pod, and abstracting a micro service corresponding to the Pod of the same type;
specifically, the underlying platform includes one or more of kubernets, Mesos, and CloudFoundry; compared with the SDK mode of micro service, the Istio service grid provides the functions for users in a more portable and transparent mode, the users can also develop by adopting any language and frame, the users only need to concentrate on own service, and no administration logic needs to be embedded, so that the service administration of the micro service can be realized. That is, the Istio service grid provides users with non-intrusive traffic management capabilities in an infrastructure fashion.
The Istio service grid comprises a control plane and a data plane, wherein the data plane is formed by an Envoy agent and provides service discovery, flow management for intelligent routing and elastic functions. The Envoy agents are high performance agents developed in C + + for mediating inbound and outbound traffic for all services in the services grid. In the Istio service grid, the Envoy agent is used as a sidecar agent in the service grid. In this embodiment, the interface service corresponding to the micro service is deployed in the minimum unit of the same underlying platform.
S2, performing service discovery and traffic rule discovery on a plurality of bottom-layer platforms through the Pilot component;
specifically, the control plane includes a Pilot component, a Galley component, and a sitadel component, where the control plane is used to manage and configure an agent for routing, and the Pilot component monitors and acquires information and traffic rules from the underlying platform and converts them into a service discovery model of isio; meanwhile, the more important function of the Pilot component is to issue rules to the data plane, including traffic governance rules such as VirtualService, DestinationRule, Gateway, ServiceEntry, etc., the Pilot component is responsible for converting various rules into formats recognizable by the Envoy agents, and sending the rules to all the Envoy agents through a standard improved xDS protocol to guide all the Envoy agents to complete actions, so as to manage the traffic of high-level routing and fault processing, such as a/B testing and canary deployment. On communication, Envoy subscribes to Pilot's configuration resources through the gRPC in a streaming manner.
Rather than providing the traffic capability directly to the data plane, the Galley components provide support to other components on the control plane. The Galley component is used as a component responsible for configuration management, the correctness of the format and the content of the configuration information is verified, the configuration information is provided for the Pilot component and the Mixer component of the management plane for service use, and other Istio components only need to interact with the Galley component, so that the decoupling from the underlying platform is realized.
The Citadel component is the core security component of the Istio service grid, providing automatic generation, distribution, rotation, and revocation of keys and certificates.
S3, an improved xDS protocol in the Istio service grid comprises Function discovery services of all interface service information, and service information and flow rules are issued to all Envoy agents through the Function discovery services so as to realize flow control on the interface services of the micro-services.
Specifically, the modified xDS protocol is located at the top level of the Pilot component architecture, exposing the traffic policing capabilities of the Pilot component to the clients. The Pilot component provides a service discovery interface xDS API through xDS server, and the xDS server receives and maintains the connection of the Envoy proxy, and performs distribution of the xDS protocol configuration after corresponding improvement based on the resource name subscribed by the client. The improved xDS protocol is a transport protocol for dynamically acquiring configuration by the Envoy agent, and is also a bridge for connecting the Istio service grid with the Envoy agent.
Confirming a target micro service, and selecting a target Pod from the target micro service;
the Envoy agent corresponding to the target Pod intercepts the flow of the target Pod to confirm whether the Envoy agent is configured with target interface service information or not;
if the service information configured with the target interface is confirmed, the service information is released, otherwise, the interception is continued
The improved xDS protocol is a generic term of a type of discovery service, and includes a Lister discovery service, a Route discovery service, a Cluster discovery service, an Endpoint discovery service, and a Secret discovery service, and the Envoy agent can dynamically acquire the configurations of Lister, Route, Cluster, and Endpoint through the improved xDS protocol.
The Listener discovery service is used for controlling the Envoy agent to start port monitoring and configuring a layer L3 or a layer L4 filter, wherein the layer L3 is a network layer, the layer L4 is a transmission layer, and after a network connection arrives, the filter stack of the layer L3 starts processing. The Envoy proxy performs different proxy tasks according to the configuration of the Lister discovery service, wherein the proxy tasks include flow restriction, client authentication, HTTP connection management and TCP proxy.
Route discovery service, HTTP connection manager for Envoy proxy dynamically obtains Route configuration. The routing configuration includes HTTP header modifications, Virtual Hosts, and the individual routing entries defined by the Virtual Hosts.
The Cluster discovery service is used for dynamically acquiring Cluster information, and the Envoy agent generally abstracts upstream Cluster from Listener discovery service or Route discovery service to be used as a flow forwarding target.
And the Endpoint discovery service calls the Cluster members as Endpoint, and for each Cluster, the Envoy agent dynamically acquires the Endpoint through the EDS API. Therefore, the Endpoint discovery service is used as a preferable service discovery mechanism, and compared with routing with a load balancer resolved through DNS, the Envoy agent can definitely know the information of each upstream host, so that a more intelligent load balancing decision is made.
In this embodiment, a Function discovery service is newly added in the improved xDS protocol, the Function discovery service is information of each interface in an Endpoint, and interface service information of the Function discovery service includes an interface name and a micro-service name to which the interface belongs. Thus, the attributes in the Function discovery service may be used for fusing, demoting, and throttling at the interface level.
Optionally, in step S2, performing service discovery and traffic rule discovery on a plurality of underlying platforms through the control plane, the specific steps include:
monitoring a bottom-layer platform through a platform adapter to obtain service information and traffic rules so as to convert the service information and the traffic rules into a format understandable by an Istio abstract model;
an abstract aggregation layer is deployed between a platform adapter and an improved xDS protocol, the abstract aggregation layer can enable a Pilot component to support service discovery and flow rule discovery based on a plurality of different bottom-layer platforms, the abstract aggregation layer provides a uniform interface to the outside by aggregating services and configuration rules of different platforms, and further the Pilot component does not need to care about differences of the bottom-layer platforms, so that the functions of decoupling the bottom-layer platforms and the improved xDS protocol are achieved;
service information and traffic rules are distributed to all the Envoy proxies via the modified xDS protocol based on their subscriptions.
Specifically, the Pilot component comprises a platform adapter, an abstract aggregation layer and a modified xDS protocol. The platform adapter is responsible for monitoring the underlying platform and completing the conversion from the service model specific to the underlying platform to the Istio specification model, as an example, as follows:
conversion of service model: and converting the service models of different underlying platforms such as Kubernets, Consul and the like into service models of the Istio specification.
Conversion of service instance: such as a service instance model that converts kubernets Endpoint resources to the isto specification.
Conversion of configuration model in Istio: converting unstructured Custom Resource configuration rules of a Kubernetes platform into APIs such as Virtualservice, Gateway, ServiceEntry, DestinationRule and the like, and converting Kubernetes Ingress resources into Istio Gateway resources.
Optionally, as shown in fig. 3, in S3, the modified xDS protocol is used to issue the service information and the traffic rules to all Envoy agents, and the specific steps include:
the Pilot component responds to a request of a discover request type initiated by an Envoy agent to carry out dynamic loading configuration, if the configuration loading is successful, ACK is carried out, otherwise NACK is carried out;
specifically, the Envoy proxy initiates a request of the discover request type to the Pilot component; the server of the improved xDS protocol generates a response of a corresponding discovery response type according to the request; and the Envoy agent receives the response of the discovery response type to carry out dynamic loading configuration, if the configuration loading is successful, ACK is carried out, and otherwise NACK is carried out.
In this embodiment, when the underlying platform is kubernets, the isio service grid may be rapidly deployed on kubernets in the form of yaml files; wherein, the service discovery is responsible for the Pilot component of the Istio service grid, and the service registration mechanism is provided by Kubernets;
kubernetes is an open source platform for automatic container operation, provides a series of complete functions such as deployment and operation, resource scheduling, service discovery, dynamic expansion and the like for containerized application on the basis of Docker technology, and improves the convenience of large-scale container cluster management. The minimum unit on the Kubernetes infrastructure is a Pod, a micro service is abstracted from the Pod of the same class, and each Pod of the same class, the interface service of the micro service and the Envoy proxy are in one-to-one correspondence.
Specifically, in S3, the step of invoking the interface service of the micro service includes:
the service information and the flow rule are issued to all the Envoy agents through a further xDS protocol; the Envoy agent corresponding to the calling micro service checks whether interface information of the target micro service is configured in the bottom platform or not;
if the interface information of the target micro service does not exist in the bottom platform, the flow is intercepted;
and if the interface information of the target micro service exists in the bottom layer platform, the flow is released to reach a target Pod container of the target micro service.
Illustratively, when the interface service A of the micro-service is called, such as http:// serviceA:8080/list, a target Pod where the target interface service is located is obtained, an Envoy agent in the target Pod intercepts the flow to confirm whether the target interface service is configured with the target interface service information, so as to implement the service flow control of the interface level, wherein the service flow control includes gray level distribution and the like, and the gray level distribution refers to a distribution mode which can be smoothly transited between black and white. A/Btest can be carried out on the system, namely, a part of users continue to use the product characteristics A, a part of users start to use the product characteristics B, if the users B do not object the opinion, the range is gradually enlarged, all the users are migrated to the product characteristics B, so that the stability of the whole system is ensured, and the problems can be found and adjusted in the initial gray scale so as to ensure the influence degree of the users.
Specifically, if the call is performed between two micro services, the ServiceA calls the ServiceB, the ServiceA calls an interface of the ServiceB, if the ServiceB service turns on a switch for interface service governance, the flow rate of the ServiceA calling the ServiceB is intercepted by the Envoy agent of the ServiceA at first, and because the flow governance rule is fully issued, the flow rate rule also issued in the Envoy agent of the ServiceA checks whether the interface information of the ServiceB is configured in the cluster of the underlying platform, and if the flow rate is not configured, the flow rate is not sent to the Envoy agent of the ServiceB and the target Pod container; if the configuration exists, the ServiceB is found, and then the flow reaches the target Pod.
Whether the Pilot assembly configures target interface service information for all interfaces under target micro-service can be determined by controlling the on-off of the configuration switch, so that the flow control of the interface level is realized, the defect that fusing or degradation is found for all the interfaces of the micro-service due to the fusing or degradation strategy adopted in the Istio service grid is overcome, various fusing or degradation strategies can be configured for the interface service of the micro-service, the mutual influence among different interface services of the same micro-service is reduced to an acceptable range, and the more fine control of the micro-service is realized;
if the configuration switch is in an on state, configuring target interface service information for all interfaces under the target micro service, otherwise, not configuring the target interface service information for all interfaces under the target micro service, thereby realizing the switching of the coarse-grained and fine-grained service treatment modes and improving the flexibility of the system.
In this embodiment, an interface level service governance device based on the isto is provided, including:
the deployment module is used for acquiring all the Envoy agents in the Istio service grid, deploying each Envoy agent and the service application in the same Pod, and abstracting a micro service corresponding to the Pod of the same type;
the discovery module is used for performing service discovery and traffic rule discovery on a plurality of bottom-layer platforms through the Pilot component;
and the distribution module is used for the improved xDS protocol in the Istio service grid to include the Function discovery service of all interface service information, and the service information and the flow rule are issued to all Envoy agents through the Function discovery service so as to realize flow control on the interface service of the micro service.
The embodiment of the invention provides a terminal device, which can be a computer device. The terminal device in the present application may comprise one or more of the following components: a processor, a memory, and one or more applications, wherein the one or more applications may be stored in the memory and configured to be executed by the one or more processors, the one or more applications configured to perform the methods described in the above method embodiments applied to the terminal device.
A processor may include one or more processing cores. The processor connects various parts within the overall terminal device using various interfaces and lines, performs various functions of the terminal device and processes data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory, and calling data stored in the memory. Alternatively, the processor may be implemented in hardware using at least one of Digital Signal Processing (DSP), Field-Programmable Gate Array (FPGA), and Programmable logic Array (PL a). The processor can integrate one or a combination of a Central Processing Unit (CPU), a Graphic Processing Unit (GPU), a modem, and the like. Wherein, the CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing display content; the modem is used to handle wireless communications. It is to be understood that the modem may be implemented by a communication chip without being integrated into the processor.
The Memory may include a Random Access Memory (RAM) or a Read-Only Memory (Read-Only Memory). The memory may be used to store an instruction, a program, code, a set of codes, or a set of instructions. The memory may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for implementing at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing various method embodiments described below, and the like. The storage data area may also store data created by the terminal device in use, and the like.
Embodiments of the present invention also provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the method described in the above method embodiments applied to a terminal device. The storage medium includes, but is not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magneto-optical disks, ROMs (Read-Only memories), RAMs (Random AcceSS memories), EPROMs (EraSable Programmable Read-Only memories), EEPROMs (Electrically EraSable Programmable Read-Only memories), flash memories, magnetic cards, or optical cards. That is, a storage medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer). Which may be a read-only memory, magnetic or optical disk, or the like.
In summary, the interface level service management method based on the isto and the related device provided by the application have the following beneficial effects:
the method and the system have the advantages that each Pod of the same type, the interface service of the micro service and the Envoy agent are in one-to-one correspondence, the Function discovery service is newly added on the standard improved xDS protocol, and when the configuration switch arranged on the micro service is started, the target interface service information is configured on the Function discovery service to realize the flow control of the interface level.
Those of skill in the art will appreciate that various operations, methods, steps in the processes, acts, or solutions discussed in the present application may be alternated, modified, combined, or deleted. Further, various operations, methods, steps in the flows, which have been discussed in the present application, may be interchanged, modified, rearranged, decomposed, combined, or eliminated. Further, steps, measures, schemes in the various operations, methods, procedures disclosed in the prior art and the present invention can also be alternated, changed, rearranged, decomposed, combined, or deleted.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (10)
1. An interface level service management method based on Istio takes different bottom-layer platforms and Istio service grids as infrastructure, and is characterized by comprising the following steps:
acquiring various Envoy agents in the Istio service grid, deploying each Envoy agent and a service application in the same Pod, and abstracting a micro service corresponding to the Pod of the same type;
performing service discovery and traffic rule discovery on the bottom-layer platforms through the Pilot component;
the improved xDS protocol in the Istio service grid includes Function discovery services of all interface service information, and service information and flow rules are issued to all the Envoy agents through the Function discovery services, so as to implement flow control on the interface services of the micro services.
2. The Istio-based interface level service governance method according to claim 1, wherein the underlying platform comprises one or more of Kubernets, meso, and CloudFoundry.
3. The method for interface level service governance based on Istio of claim 2, wherein the service discovery and traffic rule discovery are performed on the plurality of underlying platforms by a Pilot component, and the specific steps comprise:
monitoring the bottom-layer platform through a platform adapter to obtain service information and traffic rules so as to convert the service information and the traffic rules into a format understandable by an Istio abstract model;
distributing service information and traffic rules to all the Envoy proxies via a modified xDS protocol based on their subscriptions.
4. The method according to claim 1, wherein the service information and the traffic rules are issued to all the Envoy agents through an improved xDS protocol, and the specific steps include:
and the Pilot component responds to the request of the discover request type initiated by the Envoy agent to carry out dynamic loading configuration, and if the configuration loading is successful, ACK is carried out, otherwise NACK is carried out.
5. The method of claim 1, wherein the modified xDS protocol includes Function discovery services for all interface service information, and wherein the specific step of invoking an interface service for micro-services includes:
issuing service information and flow rules to all the Envoy agents through the improved xDS protocol; the Envoy agent corresponding to the calling micro service checks whether interface information of the target micro service is configured in the bottom platform or not;
if the interface information of the target micro service does not exist in the underlying platform, intercepting the flow;
and if the interface information of the target micro service exists in the bottom platform, the flow is released to reach a target Pod of the target micro service.
6. The method according to claim 5, wherein the Envoy agent corresponding to the calling micro service checks whether interface information of the target micro service is configured in the underlying platform, and the specific steps include:
whether the Pilot assembly configures target interface service information for all interfaces under the target micro service can be determined by controlling the on-off of a configuration switch;
and if the configuration switch is in the on state, configuring target interface service information for all the interfaces under the target micro service, otherwise, not configuring the target interface service information for all the interfaces under the target micro service.
7. The method of claim 6, wherein the interface service information of the Function discovery service comprises an interface name and a micro-service name to which the interface belongs.
8. The utility model provides an interface level service governance device based on Istio which characterized in that includes:
a deployment module, configured to obtain each Envoy agent in the otion service grid, deploy each Envoy agent in the same Pod as a service application, and abstract a micro service corresponding to the Pod of the same type;
the discovery module is used for performing service discovery and traffic rule discovery on the bottom-layer platforms through the Pilot component;
and the distribution module is used for the improved xDS protocol in the Istio service grid to include Function discovery services of all interface service information, and issues service information and flow rules to all the Envoy agents through the Function discovery services so as to implement flow control on the interface services of the micro-services.
9. A terminal device, characterized in that it comprises a memory; one or more processors coupled with the memory; one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the one or more processors, the one or more application programs configured to perform the Istio based interface level service governance method of any one of claims 1-7.
10. A computer readable medium, comprising one or more applications stored in the memory and configured to be executed by the one or more processors, the one or more applications configured to perform the isio based interface level service governance method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210458695.2A CN114844941B (en) | 2022-04-27 | 2022-04-27 | Istio-based interface level service management method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210458695.2A CN114844941B (en) | 2022-04-27 | 2022-04-27 | Istio-based interface level service management method and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114844941A true CN114844941A (en) | 2022-08-02 |
| CN114844941B CN114844941B (en) | 2024-07-23 |
Family
ID=82567227
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210458695.2A Active CN114844941B (en) | 2022-04-27 | 2022-04-27 | Istio-based interface level service management method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114844941B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116048538A (en) * | 2023-01-13 | 2023-05-02 | 中科驭数(北京)科技有限公司 | Service grid deployment method and device for DPU |
| CN116886497A (en) * | 2023-07-28 | 2023-10-13 | 中科驭数(北京)科技有限公司 | Service grid business centralized proxy switching method and processing system based on DPU |
| CN117176819A (en) * | 2023-09-27 | 2023-12-05 | 中科驭数(北京)科技有限公司 | Service network service-based unloading method and device |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20130038090A (en) * | 2011-10-07 | 2013-04-17 | 주식회사 케이티 | Method for provisioning qos policy with offloaded traffic and apparatus thereof |
| US20180027080A1 (en) * | 2016-07-22 | 2018-01-25 | Cisco Technology, Inc. | Scaling service discovery in a micro-service environment |
| CN109981789A (en) * | 2019-04-03 | 2019-07-05 | 山东浪潮云信息技术有限公司 | A kind of micro services engine based on proxy mode |
| US20200162380A1 (en) * | 2018-11-19 | 2020-05-21 | International Business Machines Corporation | Controlling data communication between microservices |
| CN111277633A (en) * | 2020-01-13 | 2020-06-12 | 北京奇艺世纪科技有限公司 | Request processing method, server, electronic equipment and storage medium |
| CN112019444A (en) * | 2020-09-02 | 2020-12-01 | 广东省新一代通信与网络创新研究院 | 5G core network system based on Istio technology |
| US20210019194A1 (en) * | 2019-07-16 | 2021-01-21 | Cisco Technology, Inc. | Multi-cloud service mesh orchestration platform |
| CN113055421A (en) * | 2019-12-27 | 2021-06-29 | 南京亚信软件有限公司 | Service grid management method and system |
| US11153412B1 (en) * | 2020-08-26 | 2021-10-19 | Software Ag | Systems and/or methods for non-intrusive injection of context for service mesh applications |
| CN113765965A (en) * | 2020-08-21 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Service grid system generation method and device and service grid system |
| CN113938533A (en) * | 2021-10-15 | 2022-01-14 | 京东科技信息技术有限公司 | Communication method and device between applications, electronic equipment and computer readable medium |
| CN113949702A (en) * | 2021-08-30 | 2022-01-18 | 浪潮软件科技有限公司 | Multi-layer network protocol processing method and device for service grid |
-
2022
- 2022-04-27 CN CN202210458695.2A patent/CN114844941B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20130038090A (en) * | 2011-10-07 | 2013-04-17 | 주식회사 케이티 | Method for provisioning qos policy with offloaded traffic and apparatus thereof |
| US20180027080A1 (en) * | 2016-07-22 | 2018-01-25 | Cisco Technology, Inc. | Scaling service discovery in a micro-service environment |
| US20200162380A1 (en) * | 2018-11-19 | 2020-05-21 | International Business Machines Corporation | Controlling data communication between microservices |
| CN109981789A (en) * | 2019-04-03 | 2019-07-05 | 山东浪潮云信息技术有限公司 | A kind of micro services engine based on proxy mode |
| US20210019194A1 (en) * | 2019-07-16 | 2021-01-21 | Cisco Technology, Inc. | Multi-cloud service mesh orchestration platform |
| CN113055421A (en) * | 2019-12-27 | 2021-06-29 | 南京亚信软件有限公司 | Service grid management method and system |
| CN111277633A (en) * | 2020-01-13 | 2020-06-12 | 北京奇艺世纪科技有限公司 | Request processing method, server, electronic equipment and storage medium |
| CN113765965A (en) * | 2020-08-21 | 2021-12-07 | 北京沃东天骏信息技术有限公司 | Service grid system generation method and device and service grid system |
| US11153412B1 (en) * | 2020-08-26 | 2021-10-19 | Software Ag | Systems and/or methods for non-intrusive injection of context for service mesh applications |
| CN112019444A (en) * | 2020-09-02 | 2020-12-01 | 广东省新一代通信与网络创新研究院 | 5G core network system based on Istio technology |
| CN113949702A (en) * | 2021-08-30 | 2022-01-18 | 浪潮软件科技有限公司 | Multi-layer network protocol processing method and device for service grid |
| CN113938533A (en) * | 2021-10-15 | 2022-01-14 | 京东科技信息技术有限公司 | Communication method and device between applications, electronic equipment and computer readable medium |
Non-Patent Citations (1)
| Title |
|---|
| 杨平: "服务网格(Service Mesh)简介", 现代电视技术, pages 1 - 5 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116048538A (en) * | 2023-01-13 | 2023-05-02 | 中科驭数(北京)科技有限公司 | Service grid deployment method and device for DPU |
| CN116048538B (en) * | 2023-01-13 | 2023-11-28 | 中科驭数(北京)科技有限公司 | Service grid deployment method and device for DPU |
| CN116886497A (en) * | 2023-07-28 | 2023-10-13 | 中科驭数(北京)科技有限公司 | Service grid business centralized proxy switching method and processing system based on DPU |
| CN116886497B (en) * | 2023-07-28 | 2024-06-07 | 中科驭数(北京)科技有限公司 | Service grid business centralized proxy switching method and processing system based on DPU |
| CN117176819A (en) * | 2023-09-27 | 2023-12-05 | 中科驭数(北京)科技有限公司 | Service network service-based unloading method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114844941B (en) | 2024-07-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114844941B (en) | Istio-based interface level service management method and related device | |
| US8069209B1 (en) | Method for activating and deactivating client-side services from a distant server | |
| JP2010231759A (en) | Mobile terminal device including mobile cloud platform | |
| US8972593B2 (en) | Load sharing method, load sharing system and access server | |
| JP2009087361A (en) | System and method of creating and communicating with component-based wireless application | |
| AU5843299A (en) | Operating system for telecommunications | |
| CN111209127A (en) | Method for integrating Istio service grid by Dubbo frame | |
| KR20080068903A (en) | Method and apparatus regarding use of a service convergence fabric | |
| US20080159139A1 (en) | Method and system for a context manager for a converged services framework | |
| US20230284053A1 (en) | Integration of physical test environments with a cloud-native cellular core | |
| CN112953992A (en) | Network system, communication and networking method, device and storage medium | |
| CN112463325B (en) | Cloud native parameter mapping method, device, equipment and readable storage medium | |
| WO2022188509A1 (en) | Method and apparatus for task processing in distributed environment, and electronic device and medium | |
| KR20050112912A (en) | System and method for relaying data by use of socket applicaton program | |
| US20210203604A1 (en) | Load balancing method, device and system | |
| CN111787103A (en) | Path change matching method based on Kong gateway | |
| US12010012B2 (en) | Application-aware BGP path selection and forwarding | |
| CN116112560B (en) | Data uplink and proxy method and system based on Reactive mechanism | |
| CN110858842A (en) | Police system based on browser-server mode | |
| US20230139834A1 (en) | Asynchronous network inventory system | |
| WO2023078234A1 (en) | Method for controlling code execution on basis of distributed cloud network, and device and system | |
| WO2024012452A1 (en) | Network capability opening method and apparatus, and network device | |
| CN109743393B (en) | Broadcast cloud platform for transmitting instructions, real-time streams and file streams | |
| EP3873043A1 (en) | Load balancing method, device and system | |
| CN111488139B (en) | Cluster service secondary development method based on private network terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |