CN116032806B - Flow dyeing method and system - Google Patents
Flow dyeing method and system Download PDFInfo
- Publication number
- CN116032806B CN116032806B CN202310302920.8A CN202310302920A CN116032806B CN 116032806 B CN116032806 B CN 116032806B CN 202310302920 A CN202310302920 A CN 202310302920A CN 116032806 B CN116032806 B CN 116032806B
- Authority
- CN
- China
- Prior art keywords
- dyeing
- flow
- instance
- traffic
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a flow dyeing method and a system, which belong to the technical field of digital information transmission, wherein the method comprises the following steps: acquiring an application instance and a side car instance; obtaining a flow dyeing rule; acquiring a transaction number and a hypertext transfer protocol of the traffic of the application instance; obtaining a dyeing identifier of the flow according to the flow dyeing rule and the transaction number; and saving the dyeing identification to a request head of the hypertext transfer protocol through a side car example. Based on a flow dyeing rule, dyeing the flow through a side car example, and realizing non-invasive flow dyeing without affecting an application example; by issuing the traffic dyeing rule, the traffic dyeing strategy can be flexibly changed, so that restarting the application instance and modifying the configuration parameters of the application instance or the agent are avoided; and the dyeing information is stored in the request head of the hypertext transfer protocol, so that extra flow expense is avoided, and the dyeing information is synchronously transmitted with the flow, thereby being beneficial to identification and transmission of the dyeing information.
Description
Technical Field
The invention relates to the technical field of digital information transmission, in particular to a flow dyeing method and a system.
Background
Traffic staining refers to the process of injecting staining labels in traffic messages and carrying out full-link transfer on the labels, which is a key element of such problems, and is one of the greatest challenges.
Flow staining is conventionally performed: at present, the flow dyeing is mainly realized by the following two methods.
1) The developer transmits the identification into the request in advance through the code, and the developer needs to transmit the dyeing identification to the next distributed application in the request processing process; and repeatedly executing the operations to realize the transfer of dyeing identifiers among a plurality of applications. The scheme not only involves additional development cost, but also involves higher cross-application team communication cost, and the link of marking the flow is not flexible. For example, at a certain time, the policy of the product is to flow to a lot of micro services according to the region, and the next time needs to flow to a lot of micro services according to the user information.
2) Through full link tracking technologies such as APM, an open source scheme such as skywaking, jeager is adopted. The developer can more conveniently use agents to realize the transfer of dyeing identification. However, in this scenario, the request for a certain region is dyed initially, because the request for changing the operation policy and the test policy changing scenario to a certain external channel needs to be dyed, this way needs to modify the agent related configuration codes, these configurations need to be restarted by the application and the agent, the application of the production environment needs to be restarted in a specific period of time, but cannot be restarted at any time, and each restart may bring new risks, and the production environment needs to adjust the dyeing policy in a flexible way without affecting the application.
The Sidecar (Sidecar) mode is a way to strip application functions from the application itself as a separate process or container. The Sidecar is attached to the host application to extend/enhance the functional characteristics while the Sidecar is loosely coupled to the host application; decoupling of functionality and application development may be achieved. There is therefore a need to develop a sidecar-based flow staining method.
Disclosure of Invention
Aiming at the technical problems in the prior art, the invention provides a flow dyeing method and a system, which are used for carrying out flow dyeing based on a side car and a dyeing rule, so as to realize non-invasion and flexible flow dyeing.
The invention discloses a flow dyeing method, which comprises the following steps: acquiring an application instance and a side car instance; obtaining a flow dyeing rule, wherein the flow dyeing rule comprises a dyeing identifier and a transaction number; acquiring a transaction number and a hypertext transfer protocol of the traffic of the application instance; obtaining a dyeing identifier of the flow according to the flow dyeing rule and the transaction number; and saving the dyeing identification to a request head of the hypertext transfer protocol through a side car example.
Preferably, the method of directing the outlet traffic of the application instance to the sidecar instance:
acquiring a process and an address of a side car instance;
obtaining a target address of the outlet flow of the application instance;
judging whether the request initiator of the flow is the side car instance or not;
if yes, forwarding the outlet flow according to the target address;
if not, the target address is saved and is used as a first target address, and the target address is modified into the address of the side car instance;
forwarding the exit traffic to the sidecar instance according to the target address;
setting a dyeing mark at a request head of a hypertext transfer protocol through the side car example;
and modifying the target address into a first target address, and forwarding the outlet traffic according to the target address.
Preferably, the method of directing traffic of an application instance to a sidecar instance:
based on eBPF, intercepting a function called fork, vfork, execve, clone by a system to obtain a process of the side car instance and an address thereof;
intercepting a system call connect function to obtain a process number of a calling party;
judging whether the initiator of the flow request is the side car instance or not according to the process number and the process information of the side car instance;
if not, the target address of the connect function is saved as a first target address; the connection address and the port of the connect function are modified into the address and the port of the side car instance;
establishing a first mapping of the quadruple of the outlet flow and the first target address;
forwarding the traffic to the sidecar instance through bpf_msg_redirect_hash;
setting a dyeing mark at a request head of a hypertext transfer protocol through the side car example;
intercepting system call get_locks to obtain connection applied to the sidecar;
obtaining a first target address according to the connected quadruple and the first mapping;
modifying the connected target address into a first target address, and forwarding the traffic according to the modified target address;
the saved first target address and the first mapping are cleared.
Preferably, the method for parsing the hypertext transfer protocol comprises the following steps:
after receiving the traffic of an application instance, obtaining a hypertext transfer protocol of the traffic through a side car instance of the application instance;
judging whether the hypertext transfer protocol has a dyeing identifier and a transaction number;
if not, setting a dyeing mark and a dyeing value for the hypertext transfer protocol according to a dyeing rule and a transaction number;
if so, obtaining a dyeing value according to the dyeing rule and the transaction number, storing a third mapping relation between the dyeing identification and the transaction number, and updating the dyeing value of the request head.
Preferably, the method for locating the transaction number and the dyeing identification thereof from the traffic comprises the following steps of;
step 501: reading a first flow message from the socket;
step 502: acquiring a request start index of a request header from the first flow message based on a BM string search algorithm;
step 503: searching for a request line feed symbol from a request start index to obtain a request head start symbol;
step 504: obtaining a reading length according to the occupied length of the transaction number and the size of the separator of the hypertext transfer protocol;
step 505: starting with a request header start character, acquiring the content with the read length, and acquiring a request header end character at the downstream of the content;
step 506: judging whether the content has a transaction number or not;
if yes, executing step 507 to obtain the transaction number, obtaining a dyeing identifier according to the stored third mapping relation between the dyeing identifier and the transaction number, and executing step 508;
step 508: inserting dyeing information into the request head according to the transaction number and the dyeing identification to obtain a second flow message;
if not, go to step 509: and taking the request header ending symbol as a request header starting symbol, executing step 504 until the request header is read, and forwarding the first flow message.
Preferably, in step 501, a portion of the first flow packet is saved through the first array;
in step 502, if the request start index cannot be obtained, forwarding the first flow message;
in step 503, if the request header start symbol cannot be obtained, storing the next part of the first flow message through the second group, and executing step 502 until the first flow message is read out;
in step 508, a third array for inserting dyeing information is established, and a second flow message for inserting dyeing information is obtained by replacing part of the first array in the first flow message with the third array; and marking that the four-element group of the first flow message or the second flow message is dyed to obtain a second mapping.
Preferably, according to the second mapping, judging whether the received flow message is dyed; if yes, forwarding the flow message; if not, go to step 502.
Preferably, the method for flow staining circulation comprises the following steps:
acquiring a first application instance and a first side vehicle instance thereof, a second application instance and a second side vehicle instance thereof;
the first side car example receives the inlet flow, and dyes the inlet flow according to the dyeing rule and the transaction number to obtain a second flow;
forwarding the second traffic to a first application instance by the first side instance;
the first application instance processes the second traffic to obtain a third traffic;
judging whether the request initiator of the third flow is a first side vehicle example or not;
if yes, forwarding the third flow to a second side vehicle instance or a second application instance;
if not, dyeing the third flow through the first side vehicle example;
the second side car example analyzes the dyeing information of the third flow, and obtains a fourth flow after updating the dyeing value;
forwarding the fourth traffic to a second application instance;
the second application instance processes the fourth flow to obtain a fifth flow;
the fifth traffic is directed to a second side vehicle instance, through which the fifth traffic is forwarded to a destination address.
The invention also provides a system for realizing the flow dyeing method, which comprises a dyeing management module, a flow analysis module and a dyeing module;
the dyeing management module is used for acquiring an application instance, a side car instance and a flow dyeing rule;
the flow analysis module is used for acquiring the transaction number and the hypertext transfer protocol of the flow of the application instance;
the dyeing module is used for obtaining the dyeing identification of the flow and the dyeing value thereof according to the flow dyeing rule and the transaction number, and storing the dyeing identification into the request head of the hypertext transfer protocol through the side car example.
Preferably, the system further comprises a traffic redirection module,
the traffic redirection module is to direct the egress traffic of the application instance to the sidecar instance.
Compared with the prior art, the invention has the beneficial effects that: based on a flow dyeing rule, dyeing the flow through a side car example, and realizing non-invasive flow dyeing without affecting an application example; by issuing the traffic dyeing rule, the traffic dyeing strategy can be flexibly changed, so that restarting the application instance and modifying the configuration parameters of the application instance or the agent are avoided; and the dyeing information is stored in the request head of the hypertext transfer protocol, so that extra flow expense is avoided, and the dyeing information is synchronously transmitted with the flow, thereby being beneficial to identification and transmission of the dyeing information.
Drawings
FIG. 1 is a flow chart of the flow dyeing method of the present invention;
FIG. 2 is a flow chart of an outlet traffic of an application instance directed to a sidecar instance;
FIG. 3 is a flow chart for locating transaction numbers from a hypertext transfer protocol;
FIG. 4 is a logical block diagram of a multi-application deployment of embodiment 1;
fig. 5 is a system logic block diagram of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The invention is described in further detail below with reference to the attached drawing figures:
a flow dyeing method, as shown in fig. 1, comprising:
step 101: and acquiring an application instance and a side car instance. Wherein, the side car (Sidecar) example and the application example have loose coupling, and the side car example is used for traffic forwarding and traffic dyeing of the application example.
Step 102: and obtaining a traffic dyeing rule, wherein the traffic dyeing rule comprises a dyeing identification and a transaction number. The traffic has a transaction number and a hypertext transfer protocol.
Step 103: transaction numbers and hypertext transfer protocol (Http) of traffic for the application instance are obtained. The transaction number of the traffic of the application instance is also called as the serial number of the service, and is the serial ID of the application instance for specifically processing the service.
Step 104: and obtaining the dyeing mark and the dyeing value of the flow according to the flow dyeing rule and the transaction number.
Specifically, the dyeing information adopts a dyeing mark, a serial number and a dyeing value, and the dyeing value is used for marking the circulation process of the flow; dynamic flow dyeing and classification can be realized through dyeing rules, and the dyeing rule template is: hc-traffic-key= function (request), for example, for classification of regional information, load uniformity classification, and the like. In one embodiment, the dye label has a key of hc-traffic-key and the serial number has a key of trans, but is not limited thereto.
Step 105: by way of a side car example, the staining identity is saved to/put into the request header of the hypertext transfer protocol.
Based on a flow dyeing rule, dyeing the flow through a side car example, and realizing non-invasive flow dyeing without affecting an application example; by issuing the traffic dyeing rule, the traffic dyeing strategy can be flexibly changed, so that restarting the application instance and modifying the configuration parameters of the application instance or the agent are avoided; and the dyeing information is stored in the request head of the hypertext transfer protocol, so that extra flow expense is avoided, and the dyeing information is synchronously transmitted with the flow, thereby being beneficial to identification and transmission of the dyeing information.
The traffic of the application instance includes ingress (inbound) traffic and egress (outbound). The inlet flow and the outlet flow can be forwarded and proxied through the side car example; as in fig. 2, for traffic that does not pass through a sidecar instance, the outlet traffic of the application instance may be directed to the sidecar instance:
step 201: and acquiring the process and the address of the side car instance. The process of the side car instance and its address can be obtained by intercepting the function of the system call fork, vfork, execve, clone based on the eBPF.
Step 202: and obtaining the target address of the outlet flow of the application instance. The intercept system may call connect functions to obtain the process number of the caller.
Step 203: and judging whether the request initiator of the outlet flow is the side car instance or not. The system call connect method can be intercepted, and whether a request initiator is the side car instance is judged according to whether the process number of the current system is the same as the process of the side car instance.
If yes, step 204: and forwarding the outlet traffic according to the target address. The request initiator of the outlet flow is a side car example, and the corresponding inlet flow of the outlet flow is normally forwarded through the side car example or is dyed, so that no additional processing is needed, namely, the inlet flow is not required to be redirected to the side car example.
If not, step 205: and storing the target address as a first target address, and modifying the target address into the address of the side car instance.
In this case, the inlet flow corresponding to the outlet flow does not pass the side car example, and dyeing is not performed. Specifically, a target address (ip, port) which can be connected functions is stored as a first target address (for example, a socket cookie is used for storage), and a connection address and a port of the connected functions are modified into an address and a port of a side car instance; the first mapping between the quadruple of the outlet flow and the first target address can be established, for example, by using the ebpf socket_ops program type, and when the tcp connection is established, the relationship between the quadruple and the socket is saved to the redirect_map. Wherein the first destination address is used to save the destination address of the outgoing traffic flowing to the next application instance.
Step 206: and forwarding the traffic to the side car instance according to the target address. For example, by calling a sending method such as sendmsg through an interception system, obtaining a socket from an application instance to a side car instance according to a quadruple for inquiring redirect_map, and forwarding the flow to the side car instance through bpf_msg_redirect_hash.
Step 207: and setting the dyeing mark at the request head of the hypertext transfer protocol through the side car example.
Step 208: and modifying the target address into a first target address, and forwarding the outlet traffic according to the target address. For example, intercept system calls get_locks, get connections applied to the sidecar; obtaining a first target address according to the connected quadruple and the first mapping; modifying the connected target address into a first target address, and forwarding the traffic according to the modified target address; and clearing the stored first target address and the first mapping to realize normal forwarding of the outlet traffic.
Step 209: intercepting close system call, cleaning related intermediate structure data such as redirect_map and timely cleaning intermediate state data.
The flow direction based on eBPF can bypass the complete protocol stack of the kernel, reduce the network path of flow forwarding, and minimize the resource utilization rate; while avoiding escape of the dyeing.
The method for analyzing the hypertext transfer protocol comprises the following steps:
step 301: after receiving the traffic of an application instance, obtaining a hypertext transfer protocol of the traffic through a side car instance of the application instance;
step 302: judging whether the hypertext transfer protocol has a dyeing identifier and a transaction number;
if not, step 303: setting a dyeing mark and a dyeing value for the hypertext transfer protocol according to a dyeing rule and a transaction number;
if so, step 304: and obtaining a dyeing value according to the dyeing rule and the transaction number, storing a third mapping relation between the dyeing identification and the transaction number, and updating the dyeing value of the request head. The third mapping relation can be used for quickly acquiring the dyeing identification according to the transaction number.
In one specific example, the third mapping relationship is as shown in table 1:
TABLE 1
| Transaction number (trans) | Dyeing label (hc-traffic-key) |
| 2023091000001 | Beijing |
And the association of the transaction number and the region information is realized through the third mapping relation, but the dyeing mode is not limited to the association.
In step 302, the transaction number and corresponding coloring identifier may be located from the hypertext transfer protocol based on the BM string search algorithm, as shown in fig. 3:
step 501: the first traffic message is read from a socket. The partial first traffic message may be saved by a first array char [ ].
Step 502: and acquiring a request start index (Start) of a request header from the first flow message based on a BM string search algorithm. For example, using a BM string search algorithm, a string with [ GET\POST\DELETE\PUT\OPTION ] is quickly found, identifying the request start index start. If the request starting index cannot be obtained, forwarding the first flow message.
Step 503: starting from the request start index start, the request linefeed is looked for at an interval speed of the linefeed interval size (start+2), and the request header start header is obtained.
The protocol has a certain format rule, and the efficiency can be further improved by taking the size of the line-feed interval as an index interval. If the request header start symbol cannot be obtained, the next part of the first flow message is saved through the second group, and step 502 is executed until the first flow message is read, and the first flow message is forwarded.
Step 504: and obtaining the reading length according to the occupied length of the transaction number and the size of the separator of the hypertext transfer protocol. The size of the separator as occupied length+3×http is taken as the read length.
Step 505: starting with a request header start character, acquiring the content with the read length, and acquiring a request header end character downstream of the content.
Step 506: and judging whether the content has a transaction number.
If yes, step 507 is executed to obtain the transaction number, and step 508 is executed to obtain the dyeing identifier according to the stored third mapping relationship between the dyeing identifier and the transaction number.
Step 508: and according to the transaction number and the dyeing identification, inserting corresponding dyeing information into the request head to obtain a second flow message inserted with the dyeing information. A third array new char of the inserted dyeing information can be established, and the second flow message of the inserted dyeing information is obtained by replacing part of the first array in the first flow message by the third array; and marking that the four-element group of the first flow message or the second flow message is dyed to obtain a second mapping. In one embodiment, the contents of the third array include: char [ head ] + dyeing content+char [ length-head ], wherein head is denoted as request header terminator and length-head is denoted as request header terminator length. The content of the third array can also be published to the network for other side car examples.
If not, go to step 509: and taking the request header ending symbol as a request header starting symbol, executing step 504 until the request header is read, and directly forwarding the flow/first flow message. And sequentially reading a section of content with a certain length from the request head, and carrying out transaction number analysis.
Step 510: when the next side vehicle example receives the flow message, a quadruple of the flow message is obtained, and according to the third mapping, the dyeing condition of the received flow message is obtained. And judging whether the flow message is dyed according to the third mapping.
If the flow message finishes dyeing, forwarding the flow message;
if the traffic message does not complete the dyeing, step 501 is executed to locate the transaction number and the corresponding dyeing identifier from the hypertext transfer protocol.
Example 1
In this embodiment, as shown in fig. 4, there are a plurality of applications: the system comprises an entrance application instance, an entrance connection instance, a first application instance, a first side instance, a second application instance, a second side instance, an Nth application instance and a dyeing management module for dyeing rule management.
Step 401: the entrance application instance is used for initiating the business flow, the entrance application is forwarded to the first application instance through the entrance side car instance, and the entrance side car instance dyes the business flow.
Step 402: the method comprises the steps that a first side vehicle instance receives inlet (inbound) flow, analyzes a hypertext transfer protocol and judges whether the inlet flow has a dyeing identifier and a transaction number or not; if not, dyeing the inlet flow according to the dyeing rule and the transaction number to obtain a second flow; if the dyeing rule exists, a dyeing value is obtained according to the dyeing rule and the transaction number, a third mapping relation between the dyeing identification and the transaction number is stored, the dyeing value of the request head is updated, and the second flow is obtained.
Step 403: and forwarding the second traffic to a first application instance through the first side instance.
Step 404: and the first application instance processes the second traffic to obtain a third traffic.
Step 405: and judging whether the request initiator of the third flow is a first side car example.
If yes, go to step 406: and forwarding the third flow to a second side car instance or a second application instance.
If not, go to step 407: the third flow is dyed by the first side vehicle example. By the mechanism of directing the exit flow to the side car instance, flow escape can be effectively avoided.
Step 408: and the second side car example analyzes the dyeing information of the third flow and obtains a fourth flow after updating the dyeing value.
Step 409: forwarding the fourth flow to the second application instance.
Step 410: the second application instance processes the fourth flow to obtain a fifth flow;
step 411: the fifth traffic is directed to a second side vehicle instance, through which the fifth traffic is forwarded to a destination address.
The embodiment realizes traffic dyeing and delivery of related services.
Example 2
The embodiment provides a system for implementing the flow dyeing method, as shown in fig. 5, which comprises a dyeing management module 1, a flow analysis module 2 and a dyeing module 3;
the dyeing management module 1 is used for acquiring or managing an application instance, a side car instance and a flow dyeing rule; the flow analysis module 2 is used for acquiring the transaction number and the hypertext transfer protocol of the application instance flow; the dyeing module 3 is used for obtaining the dyeing mark of the flow and the dyeing value thereof according to the dyeing rule, and setting the dyeing mark to the request head of the hypertext transfer protocol through a side car example.
The system further comprises a traffic redirection module 4, the traffic redirection module 4 being arranged to direct the outlet traffic of the application instance to the sidecar instance. The dyeing management module 1 is also used for issuing dyeing rules to the side car examples.
The invention decouples the flow dyeing and transferring process from the application, and realizes the flow dyeing in a non-invasive and more flexible way of the on-line environment. The technology based on the sidecar flow dyeing can further perform dyeing marking and transmission on the flow according to specific scene requirements in a mode of not affecting application.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, but various modifications and variations can be made to the present invention by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (9)
1. A method of flow staining, the method comprising:
acquiring an application instance and a side car instance;
obtaining a flow dyeing rule, wherein the flow dyeing rule comprises a dyeing identifier and a transaction number;
acquiring a transaction number and a hypertext transfer protocol of the traffic of the application instance;
obtaining a dyeing identifier of the flow according to the flow dyeing rule and the transaction number;
storing the dyeing identification to a request head of the hypertext transfer protocol through a side car example;
the method for directing the outlet traffic of the application instance to the side car instance comprises the following steps:
acquiring a process and an address of a side car instance;
obtaining a target address of the outlet flow of the application instance;
judging whether the request initiator of the flow is the side car instance or not;
if yes, forwarding the outlet flow according to the target address;
if not, the target address is saved and is used as a first target address, and the target address is modified into the address of the side car instance;
forwarding the exit traffic to the sidecar instance according to the target address;
setting a dyeing mark at a request head of a hypertext transfer protocol through the side car example;
and modifying the target address into a first target address, and forwarding the outlet traffic according to the target address.
2. The flow staining method according to claim 1 wherein the method of directing the outlet flow of the application instance to the sidecar instance specifically comprises:
based on eBPF, intercepting a function called fork, vfork, execve, clone by a system to obtain a process of the side car instance and an address thereof;
intercepting a system call connect function to obtain a process number of a calling party;
judging whether the initiator of the flow request is the side car instance or not according to the process number and the process information of the side car instance;
if not, the target address of the connect function is saved as a first target address; the connection address and the port of the connect function are modified into the address and the port of the side car instance;
establishing a first mapping of the quadruple of the outlet flow and the first target address;
forwarding the traffic to the sidecar instance through bpf_msg_redirect_hash;
setting a dyeing mark at a request head of a hypertext transfer protocol through the side car example;
intercepting system call get_locks to obtain connection applied to the sidecar;
obtaining a first target address according to the connected quadruple and the first mapping;
modifying the connected target address into a first target address, and forwarding the traffic according to the modified target address;
the saved first target address and the first mapping are cleared.
3. The traffic dyeing method according to claim 1, further comprising a method of parsing a hypertext transfer protocol:
after receiving the traffic of an application instance, obtaining a hypertext transfer protocol of the traffic through a side car instance of the application instance;
judging whether the hypertext transfer protocol has a dyeing identifier and a transaction number;
if not, setting a dyeing mark and a dyeing value for the hypertext transfer protocol according to a dyeing rule and a transaction number;
if so, obtaining a dyeing value according to the dyeing rule and the transaction number, storing a third mapping relation between the dyeing identification and the transaction number, and updating the dyeing value of the request head.
4. A method of traffic staining according to claim 3 wherein the method of locating the transaction number and staining identity from the hypertext transfer protocol comprises:
step 501: reading a first flow message from the socket;
step 502: acquiring a request start index of a request header from the first flow message based on a BM string search algorithm;
step 503: searching for a request line feed symbol from a request start index to obtain a request head start symbol;
step 504: obtaining a reading length according to the occupied length of the transaction number and the size of the separator of the hypertext transfer protocol;
step 505: starting with a request header start character, acquiring the content with the read length, and acquiring a request header end character at the downstream of the content;
step 506: judging whether the content has a transaction number or not;
if yes, executing step 507 to obtain the transaction number, obtaining a dyeing identifier according to the stored third mapping relation between the dyeing identifier and the transaction number, and executing step 508;
step 508: inserting dyeing information into the request head according to the transaction number and the dyeing identification to obtain a second flow message;
if not, go to step 509: and taking the request header ending symbol as a request header starting symbol, executing step 504 until the request header is read, and forwarding the first flow message.
5. The traffic dyeing method according to claim 4, wherein in step 501, a part of the first traffic message is saved by the first array;
in step 502, if the request start index cannot be obtained, forwarding the first flow message;
in step 503, if the request header start symbol cannot be obtained, storing the next part of the first flow message through the second group, and executing step 502 until the first flow message is read out;
in step 508, a third array for inserting dyeing information is established, and a second flow message for inserting dyeing information is obtained by replacing part of the first array in the first flow message with the third array; and marking that the four-element group of the first flow message or the second flow message is dyed to obtain a second mapping.
6. The traffic dyeing method according to claim 5, wherein whether the received traffic message is dyed is judged according to the third mapping;
if yes, forwarding the flow message;
if not, go to step 501.
7. The flow staining method of claim 1 wherein the flow staining method comprises:
acquiring a first application instance and a first side vehicle instance thereof, a second application instance and a second side vehicle instance thereof;
the first side car example receives the inlet flow, and dyes the inlet flow according to the dyeing rule and the transaction number to obtain a second flow;
forwarding the second traffic to a first application instance by the first side instance;
the first application instance processes the second traffic to obtain a third traffic;
judging whether the request initiator of the third flow is a first side vehicle example or not;
if yes, forwarding the third flow to a second side vehicle instance or a second application instance;
if not, dyeing the third flow through the first side vehicle example;
the second side car example analyzes the dyeing information of the third flow, and obtains a fourth flow after updating the dyeing value;
forwarding the fourth traffic to a second application instance;
the second application instance processes the fourth flow to obtain a fifth flow;
the fifth traffic is directed to a second side vehicle instance, through which the fifth traffic is forwarded to a destination address.
8. A flow dyeing system for implementing the flow dyeing method according to any one of claims 1 to 7, comprising a dyeing management module, a flow analysis module and a dyeing module;
the dyeing management module is used for acquiring an application instance, a side car instance and a flow dyeing rule;
the flow analysis module is used for acquiring the transaction number and the hypertext transfer protocol of the flow of the application instance;
the dyeing module is used for obtaining the dyeing identification of the flow according to the flow dyeing rule and the transaction number, and storing the dyeing identification to the request head of the hypertext transfer protocol through the side car example.
9. The system of claim 8, further comprising a flow redirection module,
the traffic redirection module is to direct traffic of the application instance to the sidecar instance.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310302920.8A CN116032806B (en) | 2023-03-27 | 2023-03-27 | Flow dyeing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310302920.8A CN116032806B (en) | 2023-03-27 | 2023-03-27 | Flow dyeing method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116032806A CN116032806A (en) | 2023-04-28 |
| CN116032806B true CN116032806B (en) | 2023-06-09 |
Family
ID=86079805
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310302920.8A Active CN116032806B (en) | 2023-03-27 | 2023-03-27 | Flow dyeing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116032806B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10623390B1 (en) * | 2017-08-24 | 2020-04-14 | Pivotal Software, Inc. | Sidecar-backed services for cloud computing platform |
| CN115022408A (en) * | 2022-06-07 | 2022-09-06 | 中国工商银行股份有限公司 | Data transmission method and device based on service grid and electronic equipment |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10951717B2 (en) * | 2018-10-10 | 2021-03-16 | Cisco Technology, Inc. | Differentiated services within a service mesh |
| US11570271B2 (en) * | 2019-04-10 | 2023-01-31 | Cisco Technology, Inc. | Differentiated smart sidecars in a service mesh |
| CN111176723B (en) * | 2019-12-31 | 2020-11-06 | 上海道客网络科技有限公司 | Service grid and link version based service multi-version release system and method |
| US11153412B1 (en) * | 2020-08-26 | 2021-10-19 | Software Ag | Systems and/or methods for non-intrusive injection of context for service mesh applications |
| CN113422794A (en) * | 2021-02-09 | 2021-09-21 | 阿里巴巴集团控股有限公司 | Traffic recording and playback processing method and device and electronic equipment |
| CN113612686A (en) * | 2021-06-29 | 2021-11-05 | 中国人民财产保险股份有限公司 | Traffic scheduling method and device and electronic equipment |
| CN115705198A (en) * | 2021-08-09 | 2023-02-17 | 华为云计算技术有限公司 | Node for operating a group of containers, system and method for managing a group of containers |
| CN114338160A (en) * | 2021-12-29 | 2022-04-12 | 中软信息系统工程有限公司 | Program access control method and device, electronic equipment and storage medium |
| CN115237443A (en) * | 2022-07-18 | 2022-10-25 | 中国科学院深圳先进技术研究院 | Consistency micro-service online updating method and device |
| CN115297158A (en) * | 2022-08-02 | 2022-11-04 | 成都市吉祥锐意科技有限公司 | Multi-tenant method and system based on service and flow dyeing |
| CN115567604A (en) * | 2022-09-21 | 2023-01-03 | 中国建设银行股份有限公司 | Service calling method based on micro-service system and server |
-
2023
- 2023-03-27 CN CN202310302920.8A patent/CN116032806B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10623390B1 (en) * | 2017-08-24 | 2020-04-14 | Pivotal Software, Inc. | Sidecar-backed services for cloud computing platform |
| CN115022408A (en) * | 2022-06-07 | 2022-09-06 | 中国工商银行股份有限公司 | Data transmission method and device based on service grid and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116032806A (en) | 2023-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7031314B2 (en) | Systems and methods for providing differentiated services within a network communication system | |
| EP2140636B1 (en) | A messaging system and method | |
| US7031338B2 (en) | System and method for the consolidation of data packets | |
| CN111328108B (en) | 5G service data processing method, device and distribution equipment | |
| CN105340217A (en) | Packet processing method, apparatus and system | |
| US20130185441A1 (en) | Mobile radio communication device and method of managing connectivity status for the same | |
| US7035619B1 (en) | System and method for integrating call detail records for a multiple network environment | |
| CN101207924A (en) | Method for processing multi-user connections in high speed grouped data terminal | |
| US20120202536A1 (en) | Short message forwarding method and mobile terminal | |
| CN101453520A (en) | System and method for detecting and blocking disturbance call | |
| US7394810B2 (en) | Layer 2 switch and method of processing expansion VLAN tag of layer 2 frame | |
| CN116032806B (en) | Flow dyeing method and system | |
| EP1917580B1 (en) | Peer-to-peer communication system | |
| CN109587082A (en) | A kind of asynchronous repeater system of message based on (SuSE) Linux OS and method | |
| KR100257563B1 (en) | Method for processing sms service of pcs | |
| CN101557354A (en) | Method for sending picture by client service personnel on line | |
| US20050055460A1 (en) | Network routing using a driver that is registered with both operating system and network processor | |
| CN101102277B (en) | Recognition control method and system for service data and recognition control device | |
| US6671828B1 (en) | Address routing in a protocol analyzer | |
| CN101764892A (en) | System for detection and interception of harassing call | |
| CN111865805B (en) | Multicast GRE message processing method and system | |
| CN101296270B (en) | Legal monitoring method, communication system, router and monitoring gateway | |
| CN112788116A (en) | Message forwarding method and device | |
| EP1564960A1 (en) | System and methods for providing differentiated services within a network communication system | |
| US6643368B1 (en) | Distributed control exchange |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |