CN115480877A - External exposure method and device of application service in multi-cluster environment - Google Patents

External exposure method and device of application service in multi-cluster environment Download PDF

Info

Publication number
CN115480877A
CN115480877A CN202211122347.4A CN202211122347A CN115480877A CN 115480877 A CN115480877 A CN 115480877A CN 202211122347 A CN202211122347 A CN 202211122347A CN 115480877 A CN115480877 A CN 115480877A
Authority
CN
China
Prior art keywords
domain name
service
application
cluster
customized
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211122347.4A
Other languages
Chinese (zh)
Inventor
曹兴明
何小锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingdong Technology Information Technology Co Ltd
Original Assignee
Jingdong Technology Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingdong Technology Information Technology Co Ltd filed Critical Jingdong Technology Information Technology Co Ltd
Priority to CN202211122347.4A priority Critical patent/CN115480877A/en
Publication of CN115480877A publication Critical patent/CN115480877A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • G06F9/4451User profiles; Roaming
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5077Logical partitioning of resources; Management or configuration of virtualized resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses an external exposure method and device of application services in a multi-cluster environment, and relates to the technical field of computers. One embodiment of the method comprises: in response to the application deployment operation, creating customized resources under the application namespace, wherein the customized resources comprise service information exposed by the application to the outside; responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information; and registering the access domain name into a domain name resolver, and storing the access domain name into a customized resource so as to expose the application service to the outside by accessing the domain name. According to the embodiment, after the application is deployed in the multi-cluster environment, the access domain name exposed to the outside is automatically generated for the application service, the deployed application can be accessed outside the cluster through the access domain name, the condition that the service cannot be accessed due to single-point failure is avoided, and the application service can be accessed more flexibly, conveniently and efficiently.

Description

External exposure method and device of application service in multi-cluster environment
Technical Field
The invention relates to the technical field of computers, in particular to an external exposure method and device of application services in a multi-cluster environment.
Background
Applications deployed on a kubernets cluster typically run on the private network of the kubernets cluster, and thus need to provide exposed ways of services to the outside to receive external access. Currently, there are several general ways to provide service access outside of a Kubernetes cluster:
1. based on the services of NodePort (node port) and LoadBalancer (load balancing) types of Kubernetes cluster, the method exposes the services by means of IP address + port;
2. services are exposed by means of domain names by means of the Ingress (API interface object that manages external access to services in the cluster) controller of a third party.
In the process of implementing the invention, the inventor finds that at least the following problems exist in the prior art:
for two service exposure modes based on NodePort and LoadBalancer, a user accesses a service in an IP address + port mode, a single point of failure may occur, and the service cannot be accessed, and the LoadBalancer mode generally provides the capability only by a cloud manufacturer. The method for providing service exposure by using Ingress needs to apply for a universal domain name for each kubernets cluster, and one universal domain name can only be resolved to one kubernets cluster, so that the method cannot be applied to a multi-cluster scene.
Disclosure of Invention
In view of this, embodiments of the present invention provide an external exposure method and apparatus for an application service in a multi-cluster environment, which can automatically generate an externally exposed access domain name for the application service after an application is deployed in a multi-kubernets cluster environment, and can access the deployed application by accessing the domain name outside the kubernets cluster, thereby avoiding a situation that a service cannot be accessed due to a single point of failure, and enabling access to the application service to be more flexible, convenient, and efficient.
To achieve the above object, according to an aspect of an embodiment of the present invention, there is provided an exposure method for application services in a multi-cluster environment, including:
in response to application deployment operation, creating customized resources under the namespace of the application, wherein the customized resources comprise service information exposed to the outside by the application;
responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information;
and registering the access domain name into a domain name resolver, and storing the access domain name into the customized resource so as to expose the application service to the outside through the access domain name.
Optionally, creating a customized resource under a namespace of the application, comprising: adding a customized resource configuration file under the application namespace, wherein the customized resource configuration file comprises service information required by generating customized resources; and creating customized resources according to the service information exposed to the outside by the application and the customized resource configuration file.
Optionally, the service information includes a service name, node port information corresponding to the service, name space information to which the service belongs in a cluster, and a cluster identifier; generating an access domain name of the application service according to the service information, comprising: and splicing the service name, the name space information of the service in the cluster, the cluster identifier, the universal domain name suffix and the node port information corresponding to the service according to a set domain name format to generate the access domain name of the application service, wherein the universal domain name suffix is the suffix of the universal domain name associated with the domain name resolver.
Optionally, registering the access domain name in a domain name resolver includes: and registering the mapping relation between the access address and the node port information of the service-deployed cluster and the access domain name into a domain name resolver according to the cluster identifier and the customized resource identifier as marks.
Optionally, saving the access domain name to the customized resource includes: and storing the access domain name and the service information into a state field of the customized resource.
Optionally, the method further comprises: and in response to the monitored deletion event of the customized resource, deleting the customized resource, searching a mapping relation record related to the customized resource from the domain name resolver according to the cluster identifier and the customized resource identifier, and deleting the mapping relation record.
According to another aspect of the embodiments of the present invention, there is provided an external exposure apparatus for application services in a multi-cluster environment, including:
the customized resource creating module is used for creating customized resources under the application namespace in response to application deployment operation, and the customized resources comprise service information exposed to the outside by the application;
the access domain name generation module is used for responding to the monitored creation event of the customized resource, generating an access domain name of the application service according to the service information and registering the access domain name into a domain name resolver;
and the access domain name publishing module is used for registering the access domain name into a domain name resolver and storing the access domain name into the customized resource so as to expose the application service to the outside through the access domain name.
Optionally, the customized resource creation module is further configured to: adding a customized resource configuration file under the application namespace, wherein the customized resource configuration file comprises service information required by the generation of customized resources; and creating customized resources according to the service information exposed to the outside by the application and the customized resource configuration file.
Optionally, the service information includes a service name, node port information corresponding to the service, name space information to which the service belongs in a cluster, and a cluster identifier; the access domain name generation module is further configured to: and splicing the service name, the name space information of the service in the cluster, the cluster identifier, the universal domain name suffix and the node port information corresponding to the service according to a set domain name format to generate the access domain name of the application service, wherein the universal domain name suffix is the suffix of the universal domain name associated with the domain name resolver.
Optionally, the access domain name generating module is further configured to: and registering the mapping relation between the access address and the node port information of the service-deployed cluster and the access domain name into a domain name resolver according to the cluster identifier and the customized resource identifier as marks.
Optionally, the access domain name issuing module is further configured to: and storing the access domain name and the service information into a state field of the customized resource.
Optionally, the system further includes a domain name deletion module, configured to: and in response to the monitoring of the deletion event of the customized resource, deleting the customized resource, searching a mapping relation record related to the customized resource from the domain name resolver according to the cluster identifier and the customized resource identifier, and deleting the mapping relation record.
According to another aspect of the embodiments of the present invention, there is provided an externally exposed electronic device for an application service in a multi-cluster environment, including: one or more processors; the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors implement the method for exposing the application service to the outside in the multi-cluster environment provided by the embodiment of the invention.
According to still another aspect of the embodiments of the present invention, there is provided a computer readable medium, on which a computer program is stored, which when executed by a processor, implements an external exposure method for an application service in a multi-cluster environment provided by the embodiments of the present invention.
One embodiment of the above invention has the following advantages or benefits: creating customized resources under the application namespace by responding to application deployment operation, wherein the customized resources comprise service information exposed by the application to the outside; responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information; the access domain name is registered in a domain name resolver and stored in the customized resource, so that the technical scheme of externally exposing the application service by accessing the domain name is realized, the externally exposed service information of the application is maintained by the customized resource, the domain name is generated according to the service information by monitoring the customized resource and is registered in the domain name resolver, the domain name can be resolved to a corresponding cluster, and the application service in the cluster is accessed through the domain name outside the Kubernets cluster. After the applications are deployed in the multi-Kubernetes cluster environment, the externally exposed access domain name is automatically generated for the application service, the deployed applications can be accessed outside the Kubernetes cluster through the access domain name, the condition that the services cannot be accessed due to single-point failure is avoided, and the access to the application service is more flexible, convenient and efficient.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a schematic diagram illustrating the main steps of an exposure method for application services in a multi-cluster environment according to an embodiment of the present invention;
FIG. 2 is a process diagram of an exposed external manner of generating an application service according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a domain name based application service access flow of an embodiment of the present invention;
FIG. 4 is a schematic block diagram of an exposed device for application services in a multi-cluster environment according to an embodiment of the present invention;
FIG. 5 is an exemplary system architecture diagram in which embodiments of the present invention may be applied;
fig. 6 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server of an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
In the technical scheme of the invention, the data acquisition, storage, use, processing and the like all conform to relevant regulations of national laws and regulations.
In order to solve the technical problem in the prior art, an embodiment of the present invention provides an external exposure method for an application service in a multi-cluster environment, and after an application is deployed in a multi-kubernets cluster environment, an externally exposed access domain name is automatically generated for the application service, so that the deployed application can be accessed outside the kubernets cluster through the access domain name. The technical scheme of the invention is suitable for the environment with one or more Kubernets clusters, and the application deployed on each cluster is exposed to the outside through a domain name. In the application mentioned in the solution of the present invention, a nodecort type service is already provided by default.
In the introduction of the embodiments of the present invention, the technical terms and explanations referred to are as follows:
kubernetes: a container arrangement tool of Google open source is popular in the field of container arrangement at present and is abbreviated as k8s;
CRD: it is a native Resource type built in kubernets and allows users to add a Custom API Resource type in kubernets, namely: defining self-defined resources;
CR: the system is called Custom Resource and is a specific Resource self-defined according to CRD;
domain name: the secondary domain names are made with wildcards (asterisks) to achieve that all secondary domain names point to the same IP address. For example: * Com resolves to 111.1.1.1, then all domain names ending with demo.com resolve to 111.1.1.1;
pod: kubernetes manages the smallest unit, programs must be deployed in containers to run, and containers must exist in the Pod. A Pod may be considered an enclosure of containers, one or more containers may be present in one Pod;
service: an application program running on a group of Pods is disclosed as an abstract method of a network service, and a request sent by a proxy client is transferred to one of a group of Pods in a backend.
Fig. 1 is a schematic diagram illustrating the main steps of an external exposure method for application services in a multi-cluster environment according to an embodiment of the present invention. As shown in fig. 1, the method for exposing application services to the outside in a multi-cluster environment according to an embodiment of the present invention mainly includes the following steps S101 to S103.
Step S101: in response to an application deployment operation, a custom resource is created under a namespace of the application, the custom resource including service information exposed to the outside by the application. When an application needs to be deployed in a kubernets cluster, a customized resource CR (which is a customized resource in k8 s) used for exposing a service access mode is created under the namespace of the application, and service information of a node port nodoport type required to be exposed by the application is recorded in the customized resource CR, wherein the service information at least comprises a service name, node port information nodoport corresponding to the service, namespace information namespace to which the service belongs in the cluster, a cluster identifier clusterId and the like.
According to an embodiment of the present invention, creating a customized resource under an application namespace may specifically include: adding a customized resource configuration file under an application namespace, wherein the customized resource configuration file comprises service information required by generating customized resources; and creating the customized resource according to the service information and the customized resource configuration file which are externally exposed by the application. In the embodiment of the present invention, the customized resource profile is, for example, a CRD, and parameters and parameter forms required by the construction of a customized resource CR are defined in the CRD, and relevant rules how to generate the customized resource CR according to the parameters, etc. In an embodiment of the invention, a CRD for service exposure may be predefined and a definition CRD (similar to a table structure) of such a customized resource may be added to the kubernets cluster, enabling the creation of this type of customized resource. The specification of CRD in Kubernetes includes fields of apiVersion, kind, metadata, spec, status, etc. The spec field describes the type, name, version number, and specific data structures involved of the resource that is desired to be customized. Defining an array in the spec field of the CRD, recording service information in the array, wherein each piece of service information at least comprises four elements of service name of the service, node port information NodePort, name space information namespace and cluster identification clusterId. The status field of the CRD defines an array in which the four elements of the service and the generated access domain name are recorded.
Step S102: and responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information. In the embodiment of the invention, a domain name controller is deployed in each Kubernetes cluster and used for monitoring operation events of the customized resource CR, generating an access domain name associated with the CR according to service information in the CR and registering the generated access domain name in a domain name resolver. The domain name resolver is used for storing and resolving domain names, recording domain name information, resolving the domain names, and routing access requests passing through the domain names to corresponding application services through the domain name resolver. In an embodiment of the invention, operational events of a customized resource are listened to by a domain name controller deployed in a cluster. When an application is deployed in a cluster, creation events for the customized resource are monitored. Accordingly, in other scenarios, update events or deletion events of the customized resource may also be monitored, and so on.
According to one embodiment of the present invention, generating an access domain name of an application service according to service information may specifically include: and splicing the service name, the name space information of the service in the cluster, the cluster identifier, the domain name suffix and the node port information corresponding to the service according to a set domain name format to generate the access domain name of the application service, wherein the domain name suffix is the suffix of the domain name associated with the domain name resolver. Wherein, the suffix of the domain name refers to the latter part of the domain name. In the embodiment of the invention, in order to realize the deployment of the application in the multi-cluster, the requests for accessing the same application can be forwarded to the domain name resolvers associated with the domain names through one externally resolvable domain name, and the requests are forwarded to the corresponding cluster through the domain name resolvers.
In an embodiment of the present invention, the preset domain name format is, for example: name.namespace.clusterid. < universal domain name suffix >: nodePort format. When the access domain name of the application service is generated according to the service information, the access domain name is generated by sequentially splicing the service name, the name space information namespace, the cluster identifier clusterId, the domain name suffix and the node port information nodoport according to the domain name format.
Step S103: and registering the access domain name into a domain name resolver, and storing the access domain name into a customized resource so as to expose the application service to the outside by accessing the domain name. After the access domain name is generated, the access domain name is written back to the customized resource CR, so that a user can acquire the access domain name through the CR, and the application service is exposed to the outside through the access domain name.
According to an embodiment of the present invention, when registering the access domain name in the domain name resolver, the registering may specifically include: and registering the mapping relation between the access address and the node port information of the service-deployed cluster and the access domain name into a domain name resolver according to the cluster identifier and the customized resource identifier as marks. The access address of the cluster where the service is deployed is an IP address of the cluster, and the customized resource identifier is, for example, a customized resource name. In the embodiment of the invention, for example, the mapping relationship between the IP + nodoport of the current kubernet cluster and the access domain name is registered or updated in the domain name resolver according to the cluster identifier clusterId + CR name.
According to an embodiment of the present invention, when the access domain name is saved in the customized resource, the access domain name and the service information may be specifically saved in a status field of the customized resource, that is, the access domain name and the service information are saved in a status field of the CR.
According to one embodiment of the present invention, the method may further include: and in response to the monitored deletion event of the customized resource, deleting the customized resource, searching a mapping relation record related to the customized resource from the domain name resolver according to the cluster identifier and the customized resource identifier, and deleting the mapping relation record. When a domain name controller deployed in the cluster monitors a deletion event of the customized resource, the customized resource is directly deleted, information such as an access domain name related to the customized resource is searched from a domain name resolver, and a corresponding record is deleted.
According to the embodiment of the invention, if the update event of the customized resource is monitored, the access domain name of the application service is regenerated according to the service information corresponding to the update event, the newly generated access domain name is used for replacing the previous access domain name, and the new access domain name is registered in the domain name resolver; and saving the newly generated access domain name into the customized resource so as to update the customized resource.
Fig. 2 is a process diagram of an external exposure manner for generating an application service according to an embodiment of the present invention. As shown in fig. 2, in the embodiment of the present invention, an externally resolvable domain name needs to be relied on, and a domain name controller is deployed in each kubernets cluster. A domain name resolver is deployed outside a Kubernetes cluster, the domain name resolver can be communicated with the network of each Kubernetes cluster node, and a domain name is resolved to the domain name resolver. The domain name controller can monitor a customized resource CR used for Service exposure, generate an access domain name associated with the CR according to Service information in the CR, and register the access domain name to the domain name resolver. The domain name resolver and the domain name storage and resolution manager can record domain name information and resolve the domain name. When application deployment is carried out in multiple clusters, a customized resource CR is created under namespace of the application deployed in each cluster, and service information required to be exposed by the application is recorded in the CR. After monitoring the customized resource creation event, the domain name controller of the cluster generates an access domain name according to the service information in the CR, writes the access domain name back into the CR and registers the access domain name into a domain name resolver. Wherein the domain name resolver is associated with the domain name.
Fig. 3 is a schematic diagram of a domain name based application service access flow according to an embodiment of the present invention. As shown in fig. 3, in one embodiment of the invention, the user of the application service accesses the application service by way of a domain name + port. When accessing application service, a request is sent to a domain name, the domain name forwards the request to a domain name resolver, the domain name resolver forwards the request to a corresponding Kubernets cluster node according to the mapping relation between the domain name and the cluster IP + NodePort, and then forwards the request to a Pod where the application is located according to an iptables rule, wherein communication between the pods on the nodes in the Kubernets cluster can be realized by means of the iptables rule of Linux.
Fig. 4 is a schematic block diagram of an external exposure device for application services in a multi-cluster environment according to an embodiment of the present invention. As shown in fig. 4, the apparatus 400 for exposing an application service to the outside in a multi-cluster environment according to an embodiment of the present invention mainly includes a customized resource creating module 401, an access domain name generating module 402, and an access domain name publishing module 403.
A customized resource creating module 401, configured to create a customized resource in a namespace of an application in response to an application deployment operation, where the customized resource includes service information exposed to the outside by the application;
an access domain name generating module 402, configured to generate an access domain name of an application service according to the service information in response to monitoring the creation event of the customized resource;
an access domain name publishing module 403, configured to register the access domain name in a domain name resolver, and store the access domain name in the customized resource, so as to expose the application service to the outside through the access domain name.
According to an embodiment of the invention, the customized resource creation module 401 may be further configured to: adding a customized resource configuration file under the application namespace, wherein the customized resource configuration file comprises service information required by generating customized resources; and creating customized resources according to the service information exposed to the outside by the application and the customized resource configuration file.
According to another embodiment of the present invention, the service information includes a service name, node port information corresponding to the service, name space information of the service in the cluster, and a cluster identifier; the access domain name generation module is further configured to: and splicing the service name, the name space information of the service in the cluster, the cluster identifier, the universal domain name suffix and the node port information corresponding to the service according to a set domain name format to generate the access domain name of the application service, wherein the universal domain name suffix is the suffix of the universal domain name associated with the domain name resolver.
According to yet another embodiment of the present invention, the access domain name generation module 402 may be further configured to: and registering the mapping relation between the access address and the node port information of the service-deployed cluster and the access domain name into a domain name resolver according to the cluster identifier and the customized resource identifier as marks.
According to another embodiment of the present invention, the access domain name issuing module 403 may be further configured to: and storing the access domain name and the service information into a state field of the customized resource.
According to another embodiment of the present invention, the apparatus 400 for exposing an application service to the outside in a multi-cluster environment of the embodiment of the present invention further includes a domain name deleting module (not shown in the figure) for: and in response to the monitored deletion event of the customized resource, deleting the customized resource, searching a mapping relation record related to the customized resource from the domain name resolver according to the cluster identifier and the customized resource identifier, and deleting the mapping relation record.
According to the technical scheme of the embodiment of the invention, the customized resources are created under the application name space by responding to the application deployment operation, and the customized resources comprise service information exposed by the application to the outside; responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information; the access domain name is registered in a domain name resolver and stored in a customized resource, so that the technical scheme of externally exposing the application service by accessing the domain name is adopted, the externally exposed service information of the application is maintained by the customized resource, the domain name is generated according to the service information by monitoring the customized resource and is registered in the domain name resolver, the domain name can be resolved to a corresponding cluster, and the application service in the cluster is accessed by the domain name outside the Kubernetes cluster. After the applications are deployed in the multi-Kubernetes cluster environment, the externally exposed access domain name is automatically generated for the application service, the deployed applications can be accessed outside the Kubernetes cluster through the access domain name, the condition that the services cannot be accessed due to single-point failure is avoided, and the access to the application service is more flexible, convenient and efficient.
Fig. 5 illustrates an exemplary system architecture 500 of an external exposure method for an application service in a multi-cluster environment or an external exposure device for an application service in a multi-cluster environment, to which an embodiment of the present invention may be applied.
As shown in fig. 5, the system architecture 500 may include terminal devices 501, 502, 503, a network 504, and a server 505. The network 504 serves to provide a medium for communication links between the terminal devices 501, 502, 503 and the server 505. Network 504 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 501, 502, 503 to interact with a server 505 over a network 504 to receive or send messages or the like. The terminal devices 501, 502, 503 may have various communication client applications installed thereon, such as a data listening application, a domain name resolution application, a data cluster, an application deployment application, etc. (for example only).
The terminal devices 501, 502, 503 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 505 may be a server providing various services, such as a background management server (for example only) providing support for application deployment operations initiated by users using the terminal devices 501, 502, 503. The background management server can respond to application deployment operation on received data such as an external exposure request of an application service and the like, and create customized resources under a namespace of the application, wherein the customized resources comprise service information of the external exposure of the application; responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information; and registering the access domain name into a domain name resolver, storing the access domain name into the customized resource, performing processing such as external exposure of the application service through the access domain name, and feeding back a processing result (such as the access domain name, which is only an example) to the terminal equipment.
It should be noted that the method for exposing the application service to the outside in the multi-cluster environment provided by the embodiment of the present invention is generally executed by the server 505, and accordingly, the apparatus for exposing the application service to the outside in the multi-cluster environment is generally disposed in the server 505.
It should be understood that the number of terminal devices, networks, and servers in fig. 5 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 6, shown is a block diagram of a computer system 600 suitable for use with a terminal device or server implementing embodiments of the present invention. The terminal device or the server shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 6, the computer system 600 includes a Central Processing Unit (CPU) 601 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the system 600 are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted in the storage section 608 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609 and/or installed from the removable medium 611. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 601.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present invention may be implemented by software or hardware. The described units or modules may also be provided in a processor, and may be described as: a processor includes a custom resource creation module, an access domain name generation module, and an access domain name publishing module. Where the names of such units or modules do not in some cases constitute a limitation on the units or modules themselves, for example, the custom resource creation module may also be described as a "module for creating custom resources under the namespace of an application in response to an application deployment operation.
As another aspect, the present invention also provides a computer-readable medium, which may be contained in the apparatus described in the above embodiments; or may be separate and not assembled into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: in response to an application deployment operation, creating a customized resource under a namespace of the application, wherein the customized resource comprises service information exposed to the outside by the application; responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information; and registering the access domain name into a domain name resolver, and storing the access domain name into the customized resource so as to expose the application service to the outside through the access domain name.
According to the technical scheme of the embodiment of the invention, the customized resources are created under the application name space by responding to the application deployment operation, and the customized resources comprise service information exposed by the application to the outside; responding to the monitored creation event of the customized resource, and generating an access domain name of the application service according to the service information; the access domain name is registered in a domain name resolver and stored in the customized resource, so that the technical scheme of externally exposing the application service by accessing the domain name is realized, the externally exposed service information of the application is maintained by the customized resource, the domain name is generated according to the service information by monitoring the customized resource and is registered in the domain name resolver, the domain name can be resolved to a corresponding cluster, and the application service in the cluster is accessed through the domain name outside the Kubernets cluster. After the applications are deployed in the multi-Kubernetes cluster environment, the externally exposed access domain name is automatically generated for the application service, the deployed applications can be accessed outside the Kubernetes cluster through the access domain name, the condition that the services cannot be accessed due to single-point failure is avoided, and the access to the application service is more flexible, convenient and efficient.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. An external exposure method for application services in a multi-cluster environment, comprising:
in response to an application deployment operation, creating a customized resource under a namespace of the application, wherein the customized resource comprises service information exposed to the outside by the application;
responding to the monitored creation event of the customized resource, generating an access domain name of the application service according to the service information, and registering the access domain name into a domain name resolver;
and storing the access domain name into the customized resource so as to expose the application service to the outside through the access domain name.
2. The method of claim 1, wherein creating a custom resource under a namespace of the application comprises:
adding a customized resource configuration file under the application namespace, wherein the customized resource configuration file comprises service information required by the generation of customized resources;
and creating customized resources according to the service information exposed to the outside by the application and the customized resource configuration file.
3. The method according to claim 1, wherein the service information includes a service name, node port information corresponding to the service, name space information of the service in the cluster, and a cluster identifier;
generating an access domain name of the application service according to the service information, comprising:
and splicing the service name, the name space information of the service in the cluster, the cluster identifier, the universal domain name suffix and the node port information corresponding to the service according to a set domain name format to generate the access domain name of the application service, wherein the universal domain name suffix is the suffix of the universal domain name associated with the domain name resolver.
4. The method of claim 3, wherein registering the access domain name in a domain name resolver comprises:
and registering the mapping relation between the access address and the node port information of the service-deployed cluster and the access domain name into a domain name resolver according to the cluster identifier and the customized resource identifier as marks.
5. The method of claim 1, wherein saving the access domain name to the customized resource comprises:
and storing the access domain name and the service information into a state field of the customized resource.
6. The method of claim 1, further comprising:
and in response to the monitored deletion event of the customized resource, deleting the customized resource, searching a mapping relation record related to the customized resource from the domain name resolver according to the cluster identifier and the customized resource identifier, and deleting the mapping relation record.
7. An apparatus for exposing application services to the outside in a multi-cluster environment, comprising:
the customized resource creating module is used for creating customized resources under the application namespace in response to application deployment operation, and the customized resources comprise service information exposed to the outside by the application;
the access domain name generation module is used for responding to the monitored creation event of the customized resource, generating an access domain name of the application service according to the service information and registering the access domain name into a domain name resolver;
and the access domain name publishing module is used for storing the access domain name into the customized resource so as to expose the application service to the outside through the access domain name.
8. The apparatus according to claim 7, wherein the service information includes a service name, node port information corresponding to the service, name space information to which the service belongs in a cluster, and a cluster identifier;
the access domain name generation module is further configured to:
and splicing the service name, the name space information of the service in the cluster, the cluster identifier, the universal domain name suffix and the node port information corresponding to the service according to a set domain name format to generate the access domain name of the application service, wherein the universal domain name suffix is the suffix of the universal domain name associated with the domain name resolver.
9. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-6.
10. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-6.
CN202211122347.4A 2022-09-15 2022-09-15 External exposure method and device of application service in multi-cluster environment Pending CN115480877A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211122347.4A CN115480877A (en) 2022-09-15 2022-09-15 External exposure method and device of application service in multi-cluster environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211122347.4A CN115480877A (en) 2022-09-15 2022-09-15 External exposure method and device of application service in multi-cluster environment

Publications (1)

Publication Number Publication Date
CN115480877A true CN115480877A (en) 2022-12-16

Family

ID=84392658

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211122347.4A Pending CN115480877A (en) 2022-09-15 2022-09-15 External exposure method and device of application service in multi-cluster environment

Country Status (1)

Country Link
CN (1) CN115480877A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116405462A (en) * 2023-06-07 2023-07-07 阿里巴巴(中国)有限公司 Domain name resolution method, container service system, computing device and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116405462A (en) * 2023-06-07 2023-07-07 阿里巴巴(中国)有限公司 Domain name resolution method, container service system, computing device and storage medium
CN116405462B (en) * 2023-06-07 2023-10-20 阿里巴巴(中国)有限公司 Domain name resolution method, container service system, computing device and storage medium

Similar Documents

Publication Publication Date Title
US11625281B2 (en) Serverless platform request routing
CN108712332B (en) Communication method, system and device
CN109245908B (en) Method and device for switching master cluster and slave cluster
CN111460129B (en) Method, device, electronic equipment and storage medium for generating identification
CN113495921A (en) Routing method and device of database cluster
CN111787126B (en) Container creation method, server, and storage medium
CN109729189B (en) Method and device for configuring domain name
WO2020024978A1 (en) Device, method, apparatus, and readable storage medium for virtual machine migration
CN115517009B (en) Cluster management method, cluster management device, storage medium and electronic equipment
CN113821352A (en) Remote service calling method and device
CN115480877A (en) External exposure method and device of application service in multi-cluster environment
CN111818145A (en) File transmission method, device, system, equipment and storage medium
CN114911518A (en) Cloud function application release management method, system, equipment and storage medium
CN114371914A (en) Container IP address configuration method and device, storage medium and electronic equipment
WO2024045646A1 (en) Method, apparatus and system for managing cluster access permission
CN113364887A (en) File downloading method based on FTP, proxy server and system
CN113050890A (en) Data migration method and device
CN110609656A (en) Storage management method, electronic device and computer program product
CN113296828A (en) Method, server and system for issuing application
CN112804366B (en) Method and device for resolving domain name
CN116737662A (en) Method, device, electronic equipment and storage medium for processing business data
CN111382953A (en) Dynamic process generation method and device
CN116155978A (en) Multi-registry adaptation method, device, electronic equipment and storage medium
CN113779412B (en) Message touch method, node and system based on blockchain network
CN110347505B (en) Access method and device supporting cross-network-segment scheduling and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination