CN116781701A - Message processing method, device, electronic equipment and storage medium - Google Patents

Message processing method, device, electronic equipment and storage medium Download PDF

Info

Publication number
CN116781701A
CN116781701A CN202211100421.2A CN202211100421A CN116781701A CN 116781701 A CN116781701 A CN 116781701A CN 202211100421 A CN202211100421 A CN 202211100421A CN 116781701 A CN116781701 A CN 116781701A
Authority
CN
China
Prior art keywords
request
address
container
load balancing
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211100421.2A
Other languages
Chinese (zh)
Inventor
马奥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Suzhou Software Technology Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Suzhou Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Suzhou Software Technology Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202211100421.2A priority Critical patent/CN116781701A/en
Publication of CN116781701A publication Critical patent/CN116781701A/en
Pending legal-status Critical Current

Links

Landscapes

  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The message processing method provided by the embodiment of the disclosure is executed by a load balancing node, and comprises the following steps: receiving a first request sent by a client; determining a target container instance for distributing the first request according to the load balancing rule; modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance and the port number of the service port; and sending the second request to a container node where the target container instance is located. Here, the target container instance for distributing the first request is determined according to the load balancing rule, the IP address and the port number of the target container instance are directly determined during load balancing, the first request is written according to the determined IP address and port number to obtain the second request message, the second request message is directly sent out, the second request message is automatically routed to the target container instance, secondary load balancing and address modification in the request message are not needed, the sending speed of the request can be improved, and the response speed of the request is further improved.

Description

Message processing method, device, electronic equipment and storage medium
Technical Field
The disclosure relates to the field of cloud computing technology, and in particular, to a message processing method, a device, an electronic device and a storage medium.
Background
With the rapid development of cloud computing technology, more and more services and applications are provided by container clusters which are used for containerizing software applications, and the container clusters can be arranged by a container cluster arrangement system, so that continuous delivery, rapid deployment, intelligent operation and maintenance and the like of the container clusters are realized.
In the existing container arrangement system, the external service providing mode often relies on the nodes of the container arrangement system to forward loads, and cannot cope with large-scale generation requirements. When the number of external requests sent by the client is relatively large, there are problems of long processing time of the external requests, low access efficiency, and the like.
Disclosure of Invention
In view of this, an embodiment of the disclosure discloses a message processing method, a device, an electronic apparatus and a storage medium.
According to a first aspect of embodiments of the present disclosure, there is provided a message processing method performed by a load balancing node, the method comprising: receiving a first request sent by a client; determining a target container instance for distributing the first request according to a load balancing rule; modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance and the port number of the service port; and sending the second request to a container node where the target container instance is located.
In one embodiment, the method further comprises: receiving a first response to the second request; the source address of the first response is the IP address of the target container instance, and the target address of the first response is the IP address of the load balancing node; modifying the source address of the first response to the IP address of the load balancing node, and modifying the target address of the first response to the IP address of the client to obtain a second response; and sending the second response to the client.
In one embodiment, the method further comprises: obtaining deployment information of alternative container instances in one or more container nodes in a container cluster, wherein the deployment information comprises: the IP address of the one or more alternative container instances and the port number of the service port of the container node deployment.
In one embodiment, the obtaining deployment information for alternative container instances within one or more container nodes within a container cluster includes: receiving the deployment information broadcast by one or more container nodes in a container cluster; or, the controller of the receiving load balancing node obtains the deployment information from the server of the container cluster.
In a second aspect, embodiments of the present disclosure provide a message processing method performed by a container node, the method comprising: receiving a second request sent by a load balancing node; wherein the second request includes: the internet protocol IP address of the target container instance and the port number of the service port; the second request is generated and provided by the load balancing node based on the first request provided by the client; the target address of the first request points to the load balancing node; determining a network naming space of the target container instance according to the IP address of the target container instance and the port number of the service port; the second request is sent to a network namespace of the target container instance.
In one embodiment, the method further comprises: receiving the target container instance to send a first response based on the second request; the target address of the first response is the IP address of the load balancing node, and the source address is the IP address of the target container instance and the port number of the service port; sending the first response to the load balancing node, wherein the first response is used for the load balancing node to provide a second response to the client; the destination address of the second response is the IP address of the client, and the source address is the IP address of the load balancing node.
In a third aspect, an embodiment of the present disclosure provides a message processing method, performed by a controller of a load balancing node, the method including: monitoring deployment information, wherein the deployment information at least comprises: IP addresses and port numbers of service ports for one or more alternative container instances deployed by one or more container nodes within the container cluster; and sending the deployment information to a load balancing node, wherein the deployment information is used for the load balancing node to modify a target address of a first request received from a client to obtain a second request directly routed to a target container instance.
In a fourth aspect, an embodiment of the present disclosure provides a message processing apparatus, the apparatus including: the receiving module is used for receiving a first request sent by the client; a determining module for: determining a target container instance for distributing the first request according to a load balancing rule; a modification module for: modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance, the port numbers of the target container instance and the service port; and the sending module is used for sending the second request to the container node where the target container instance is located.
In a fifth aspect, embodiments of the present disclosure provide a message processing apparatus, the apparatus comprising: a receiving module for: receiving a second request sent by a load balancing node; wherein the second request includes: the internet protocol IP address of the target container instance and the port number of the service port; the second request is generated and provided by the load balancing node based on the first request provided by the client; the target address of the first request points to the load balancing node; a determining module for: determining a network naming space of the target container instance according to the IP address of the target container instance and the port number of the service port; and the sending module is used for sending the second request to the network naming space of the target container instance.
In a sixth aspect, embodiments of the present disclosure provide a message processing apparatus, the apparatus including: a monitoring module, configured to: monitoring deployment information, wherein the deployment information at least comprises: IP addresses and port numbers of service ports for one or more alternative container instances deployed by one or more container nodes within the container cluster; a sending module, configured to: and sending the deployment information to a load balancing node, wherein the deployment information is used for the load balancing node to modify a target address of a first request received from a client to obtain a second request directly routed to a target container instance.
In a seventh aspect, embodiments of the present disclosure provide an electronic device, including: a processor and a memory for storing a computer program capable of running on the processor; wherein the processor, when running the computer program, performs the steps of the method of one or more of the foregoing technical solutions.
In an eighth aspect, embodiments of the present disclosure provide a computer-readable storage medium having stored thereon computer-executable instructions; the computer-executable instructions, when executed by the processor, are capable of performing the method of one or more of the foregoing aspects.
According to the message processing method provided by the embodiment of the disclosure, the load balancing node determines the target container instance for distributing the first request according to the load balancing rule, directly determines the IP address and the port number of the target container instance during load balancing, writes the first request according to the determined IP address and the port number to obtain the second request message, directly sends the second request message out, and automatically routes the second request message to the target container instance.
Drawings
Fig. 1 is a flow chart of a message processing method according to an embodiment of the disclosure.
Fig. 2 is a flow chart of a message processing method according to an embodiment of the disclosure.
Fig. 3 is a flow chart of a message processing method according to an embodiment of the disclosure.
Fig. 4 is a flow chart of a message processing method according to an embodiment of the disclosure.
Fig. 5 is a flow chart of a message processing method according to an embodiment of the disclosure.
Fig. 6 is a flow chart of a message processing method of a container cluster according to an embodiment of the disclosure.
Fig. 7 is a schematic diagram of a message processing system according to an embodiment of the disclosure.
Fig. 8 is a flowchart of a request processing method according to an embodiment of the disclosure.
Fig. 9 is a flowchart of a request processing method according to an embodiment of the disclosure.
Fig. 10 is a schematic diagram of a message processing apparatus according to an embodiment of the disclosure.
Fig. 11 is a schematic diagram of a message processing apparatus according to an embodiment of the present disclosure.
Fig. 12 is a schematic diagram of a message processing apparatus according to an embodiment of the disclosure.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present disclosure more apparent, the present disclosure will be further described in detail with reference to the accompanying drawings, and the described embodiments should not be construed as limiting the present disclosure, and all other embodiments obtained by those skilled in the art without making inventive efforts are within the scope of protection of the present disclosure.
In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is to be understood that "some embodiments" can be the same subset or different subsets of all possible embodiments and can be combined with one another without conflict.
In the following description, the terms "first", "second", "third" and the like are merely used to distinguish similar objects and do not represent a particular ordering of the objects, it being understood that the "first", "second", "third" may be interchanged with a particular order or sequence, as permitted, to enable embodiments of the disclosure described herein to be practiced otherwise than as illustrated or described herein.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs. The terminology used herein is for the purpose of describing embodiments of the present disclosure only and is not intended to be limiting of the present disclosure.
For a better understanding of the disclosed embodiments, the following is a description of some example embodiments:
in one embodiment, as shown in fig. 6, a method of container cluster message processing may include: a host port (HostPort) mechanism, a node port (NodePort) mechanism, and a load balancing service (Load Balance Service) mechanism.
The host port mechanism maps the port of the container instance with the port of the container node, and receives the request sent by the client according to the IP address of the container node and the port of the container node.
The node port mechanism is used for receiving a request sent by a client according to a container node; and carrying out load balancing according to the kernel module of the container node, and forwarding the request to the target container instance.
The load balancing service mechanism performs first-layer load balancing through an equivalent multi-routing protocol according to the load balancing according to the addition of a load balancer outside the container cluster, receives a request sent by a client and forwards the request to a kernel forwarding module of a container node; and carrying out second-layer load balancing according to the kernel forwarding module, and forwarding the request to the target container instance. Wherein the load balancer may comprise a third party load balancer or a container cluster network plug-in, and the network plug-in may comprise: printed Calico network plug-ins (Calico), metal load balancers (MetalLB), and the like. The second tier load balancing may include a clustered internet protocol (ClusterIP) mechanism or a node port (nodebort) mechanism.
Here, the large-scale request cannot be handled by load balancing through the kernel of the container node, and two layers of load balancing are performed through the load balancing service (Load Balance Service) mechanism, so that the problems of uneven load and large network performance loss occur in the container.
As shown in fig. 1, an embodiment of the present disclosure provides a message processing method, which is performed by a load balancing node, the method including:
step S101: receiving a first request sent by a client;
step S102: determining a target container instance for distributing the first request according to a load balancing rule;
step S103: modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance and the port number of the service port;
step S104: and sending the second request to a container node where the target container instance is located.
In one embodiment, the load balancing node may be in a load balancing cluster (SLB, server Load Balance), which may uniformly distribute requests of external clients to a plurality of servers at the back end to perform processing according to load balancing rules.
Illustratively, the SLB may select the target container instance that responds to the first request according to a load balancing policy such as a polling policy and/or a random policy, and any method of the related art may be used to implement the load balancing specifically, which is not limited herein.
The target container instance may be in a container cluster that may be automatically deployed, expanded, and managed by a container orchestration system, which may include a Kubernetes cluster. The Kubernetes cluster performs the workload by placing the container instances on nodes, which include at least one node, which may be a virtual machine or a physical machine, including at least one container instance.
In one embodiment, the step S101 may include: setting one or more virtual load balancing node internet protocol (IP, internet Protocol) addresses as external client access addresses according to all container clusters; and receiving a first request sent to the load balancing node IP address by the client, wherein the source IP address of the first request is the client IP address, and the destination address of the first request is the load balancing node IP address.
In one embodiment, the first request may include: a client requests an operation or access to an application or service provided according to the container cluster.
In one embodiment, the load balancing rule in step S102 may include, but is not limited to, at least one of the following:
a polling rule that each request is assigned to a different target container instance in chronological order;
a weight rule, setting weight for each container node and/or container instance, and determining a target container instance for distributing the request according to the weight, wherein the higher the weight is, the more the container nodes and/or container instances are distributed with the request;
a random rule that randomly allocates a request to a target container instance;
the minimum weighted connection number rule counts the connection number of the container node and the container instance active state in real time, and distributes the newly added request to the target container instance with less active connection number according to the weight proportion;
The fastest response time rule assigns according to the response time of the container instance, preferentially assigns the request to the container instance with the fast response time, and the like.
In one embodiment, the step S103 may include: and modifying the target IP address in the target address of the first request into the IP address of the target container instance, modifying the target port in the target address of the first request into the port number of the service port of the target container instance, and modifying the target address of the first request to obtain a second request.
In one embodiment, the step S104 may include: and obtaining an optimal routing path from the load balancing node to the container node where the target container instance is located according to a dynamic routing protocol, and sending the second request to the container node where the target container instance is located according to the optimal routing path.
In this way, the load balancing node sends the second request through the optimal routing path obtained by the dynamic routing protocol, and compared with the sending according to the fixed static routing path, the second request can be sent through the optimal routing path, so that the speed and accuracy of sending the second request are improved.
In some embodiments, the method further comprises: and modifying the source address of the first request according to the IP address of the load balancing node to obtain the second request with the source address being the IP address of the load balancing node.
In one embodiment, the source address of the first request is a client IP address, and the source address of the first request is modified to be the IP address of the load balancing node, so as to obtain the second request.
In one embodiment, one or more load balancing nodes may be included in one load balancing cluster, and the IP address of the load balancing node may be the IP address of the load balancing node that processes the current first request and the second request. Thus, the source address of the second request is the IP address of the load balancing node, and the response of the second request can be conveniently returned to the same load balancing node for processing according to the source address of the second request.
When the load balancing nodes are provided, the load balancing node for processing the first request can be determined according to the service type of the first request, the source address of the first request is modified to be the IP address of the load balancing node to obtain the second request, and the same load balancing node can conveniently process the response of the second request and the second request.
As shown in fig. 2, in some embodiments, the method further comprises:
step S201: receiving a first response to the second request; the source address of the first response is the IP address of the target container instance, and the target address of the first response is the IP address of the load balancing node;
step S202: modifying the source address of the first response to the IP address of the load balancing node, and modifying the target address of the first response to the IP address of the client to obtain a second response;
step S203: and sending the second response to the client.
In one embodiment, the method further comprises: after the source address of the first request is modified according to the IP address of the load balancing node to obtain the second request, recording the IP address of the client of the source address of the first request;
receiving a first response to the second request;
modifying the source address of the first response to the IP address of the load balancing node, and modifying the target address of the first response to the IP address of the client to obtain a second response;
and sending the second response to the client according to the target address of the second response. Thus, the processing of the request message sent by the client is completed once.
In some embodiments, the method further comprises:
obtaining deployment information of alternative container instances in one or more container nodes in a container cluster, wherein the deployment information comprises: the IP address of the one or more alternative container instances and the port number of the service port of the container node deployment.
In one embodiment, the load balancing node may obtain deployment information of alternative container instances in one or more container nodes in the container cluster in real time; determining a target container instance for distributing the request according to the deployment information of the alternative container instance in real time through a load balancing rule; and modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance and the port number of the service port in the deployment information of the alternative container instance.
In one embodiment, a resilient scaling operation may be set within a container cluster according to a kubernetes cluster, which may include determining to increase or decrease the number of container instances according to a central processing unit (CPU, central processing unit) usage of a container node compared to a predetermined CPU usage threshold.
When the container cluster performs elastic telescoping operation, the deployment information of the alternative container examples in one or more container nodes in the container cluster is acquired through the load balancing node in real time, the deployment information of the newly added or reduced alternative container examples in the container node in the container cluster can be updated and acquired in time, and the load balancing node determines the target container examples of the allocation request according to the newly added or reduced alternative container examples, so that the coordination of the load balancing node and the container cluster is improved, and the efficiency of processing the request by the load balancing cluster and the container cluster is improved.
In some embodiments, the obtaining deployment information for alternative container instances within one or more container nodes within a container cluster comprises:
receiving the deployment information broadcast by one or more container nodes in a container cluster;
or,
and receiving the deployment information acquired from the server of the container cluster by the controller of the load balancing node.
In one embodiment, the deployment information broadcast by one or more container nodes within the receiving container cluster may include: the dynamic router broadcasts the deployment information of one or more container nodes in the container cluster to a load balancing node through a dynamic routing protocol, and the load balancing node receives the deployment information broadcast by the container nodes.
In one embodiment, the dynamic routing protocol may generate and maintain routing tables required for forwarding, automatically update the routing tables when the network topology changes, and is responsible for deciding the best routing path for data transmission. The load balancing node may receive the deployment information via a dynamic routing protocol when one or more container nodes add, modify, or delete one or more alternative container instances.
As shown in fig. 3, an embodiment of the present disclosure provides a message processing method, performed by a container node, the method including:
Step S301: receiving a second request sent by a load balancing node; wherein the second request includes: the internet protocol IP address of the target container instance and the port number of the service port; the second request is generated and provided by the load balancing node based on the first request provided by the client; the target address of the first request points to the load balancing node;
step S302: determining a network naming space of a target container instance according to the IP address of the target container instance and a port number of a service port;
step S303: the second request is sent to a network namespace of the target container instance.
In one embodiment, according to cloud computing techniques, multiple cloud virtual machines may be obtained according to physical machine virtualization, the physical machines or cloud virtual machines may be container nodes, and a container cluster may be formed according to the one or more container nodes.
For example, the container node may prestore a mapping relationship between the IP address and port number of each candidate container, and the identity of the network namespace of the corresponding candidate container. This is the case. The mapping relationship may be queried according to the IP address and the port number of the service port in step S302, to determine a network namespace of the target container instance.
The identification of the network namespaces may include, but is not limited to, names of the network namespaces.
One or more container instances may be deployed within a container node, the container instances within a container node sharing the operating system kernel of the container node in which they reside. The container may pack and isolate applications and execution environments together and may be used to develop, deliver, and deploy software or services.
Multiple container instances within a container node may be isolated from each other according to a namespace, which may enable the container instances to have independent network environments, such as network cards, routing tables, and/or firewalls, etc.
In one embodiment, requests for one or more container instances within a container node may be received by the container node in unison, wherein the requests may include a second request sent by a load balancing node.
In one embodiment, an extended berkeley packet filter (eBPF, extended Berkeley Packet Filter) procedure may be included in the container node, the eBPF procedure may process the data packet in the container node, with compilations and security, and the steps S302 and S303 may operate according to the eBPF procedure.
Meanwhile, the eBPF program processes the data packet before the data packet enters the kernel network protocol stack, and the eBPF program can work on a network card driving layer or a network interface controller (NIC, network interface controller) without processing the data packet through the kernel network protocol stack of the node, so that the workload of the kernel is reduced, the delay of container access is reduced, and the efficiency of container node data processing is improved.
In one embodiment, the method may include: obtaining deployment information of alternative container instances in a container node, wherein the deployment information can comprise: an IP address of an alternative container instance, a port number of a service port, and an identification of a network namespace of the alternative container instance; determining a network naming space of the target container instance from the obtained deployment information of the alternative container instance according to the IP address of the target container instance and the port number of the service port of the second request; the second request is sent to the network namespace of the target container instance.
In one embodiment, the eBPF program may obtain, from an extended berkeley packet filtering rule (eBPF MAP), an IP address of an alternative container instance within a container node, a port number of a service port, and an identification of a network namespace of the alternative container instance; wherein the identification of the network namespace may include a name of the network namespace and a network namespace path; wherein the deployment information may be obtained by an extended berkeley package filter Agent (eBPF Agent) and added to an eBPF MAP.
In one embodiment, the eBPF program determines a network namespace for the target container instance based on the IP address and the port number of the service port.
The eBPF program determines whether the network card in the network naming space of the target container instance is the same as the host network card of the container node where the eBPF program is located. If the network card of the network naming space of the target container instance is the same as the network card of the host computer of the container node, forwarding the second request directly according to the IP address and the service port number of the target container instance. And if the network card of the network naming space of the target container instance is different from the network card of the host computer of the container node, redirecting the second request to the network card of the network naming space of the target container instance according to the network naming space path.
In one embodiment, the method further comprises: the eBPF program determines whether to discard the second request according to a predetermined control rule in the eBPF MAP, the IP address of the second request and the port number of the service port.
In one embodiment, the control rules may include, but are not limited to, at least one of:
discarding the second request when the IP address of the second request is not in the IP address of the alternative container instance of the current container node;
And according to the communication protocol of the second request and the port number of the service port of the target container instance, determining whether to discard the second request.
Illustratively, when a domain name system (DNS, domain Name System) attack is present, the control rules in the MAP may be set to discard requests having a communication protocol of user datagram protocol (UDP, user Datagram Protocol) and a destination port number of 53.
Here, determining whether to discard the second request according to the control rule may filter the second request, and compared with directly forwarding the request, the method may discard the request in time when a security attack or a target container instance of the second request is not present in the container node, thereby improving efficiency of processing the request by the container node, and improving security of the container node and the container instance.
As shown in fig. 4, in some embodiments, the method further comprises:
step S401: receiving the target container instance to send a first response based on the second request; the target address of the first response is the IP address of the load balancing node, and the source address is the IP address of the target container instance and the port number of the service port;
step S402: sending the first response to the load balancing node, wherein the first response is used for the load balancing node to provide a second response to the client; the destination address of the second response is the IP address of the client, and the source address is the IP address of the load balancing node.
In one embodiment, the target container instance processes the second request and generates a first response to the second request, sending the first response; the eBPF program receives the target container instance, sends a first response based on the second request and sends the first response to the load balancing node.
In one embodiment, the method further comprises: after sending the second request to the network namespace of the target container instance, the connection state of the second request is recorded.
The connection state may include: a source IP address of the second request, a source service port, a communication protocol, an IP address of the target container instance, a port number of the service port of the target container instance, etc.
And sending a first response of the second request to the load balancing node according to the connection state of the second request. Wherein the connection state may be recorded in an eBPF MAP according to an eBPF procedure, which transmits the first response through the connection state obtained from the eBPF MAP.
In this way, the eBPF program can determine the target IP address of the first response, that is, the IP address of the load balancing node, according to the source IP address in the connection state of the second request, and forward the first response directly according to the IP address of the load balancing node before the first response is sent to the container node network namespace, without forwarding through the container node network namespace, and without analyzing and checking the target IP address in the first response, thereby improving the processing efficiency of the first response.
In some embodiments, the method further comprises:
broadcasting deployment information when the container node has an alternative container instance creation or address update; wherein the deployment information at least includes: the IP address of the alternative container instance and the port number of the service port.
In one embodiment, when the container node has an alternate container instance creation or address update, deployment information is broadcast to the load balancing node and network devices connected in the network between the container node and the load balancing node via a dynamic routing protocol according to a dynamic router.
Wherein the dynamic router may include a dynamic software router, the dynamic software router may be deployed in each container node, and the routing information of the dynamic software router of the container node may include: the next routing node for the IP address of the alternate container instance within the container node is the IP address of the container node.
In this way, compared with the situation that deployment information is not broadcast, the method and the device can facilitate the load balancing node and network equipment connected with the network between the container node and the load balancing node to timely acquire changed deployment information, so that the load balancing node can timely adjust load balancing rules according to the changed deployment information, the network equipment can timely update the routing table, request and response data can be transmitted more quickly, and the efficiency of processing the request and response data can be improved.
In some embodiments, the method further comprises:
the IP address of the alternative container instance, the port number of the service port, and the identification of the network namespace of the alternative container instance are stored locally.
In one embodiment, the method may include: and storing the IP address of the alternative container instance, the port number of the service port, the name of the network naming space of the alternative container instance and the network naming space path into the eBPF MAP according to the eBPF Agent.
In one embodiment, the eBPF program may execute a specific event in the kernel space, the eBPF MAP may store information in the eBPF MAP in the user space, and compile the eBPF program or modify a filtering rule in the eBPF MAP in the user space, so that the eBPF component may store or compile the information in the user space, reduce the load of the kernel space, and improve the message processing efficiency of the container node.
As shown in fig. 5, an embodiment of the present disclosure provides a message processing method, which is performed by a controller of a load balancing node, the method including:
step S501: monitoring deployment information, wherein the deployment information at least comprises: IP addresses and port numbers of service ports for one or more alternative container instances deployed by one or more container nodes within the container cluster;
Step S502: and sending the deployment information to a load balancing node, wherein the deployment information is used for the load balancing node to modify a target address of a first request received from a client to obtain a second request directly routed to a target container instance.
In one embodiment, the controller of the load balancing node may comprise a load balancing node Service controller (SLB-SVC, server Load Balance-Service).
In one embodiment, the method may include: monitoring deployment information of one or more alternative container instances in one or more container nodes in a container cluster, and sending the deployment information to a load balancing node. Therefore, the load balancing cluster can timely acquire the latest deployment information, cope with the change of the container cluster, and adjust the load balancing according to the latest deployment information, so that the load balancing efficiency is improved.
In one embodiment, the method may further comprise: monitoring deployment information of one or more container instances in one or more container nodes providing the same service function in the container cluster, wherein the container instances providing the same service function may comprise compositions according to different container instances in different container nodes in the container cluster.
In one embodiment, the load balancing node may send deployment information for one or more container instances in one or more container nodes providing the same service function to the load balancing cluster. The load balancing cluster may allocate an address of an external service access to one or more container instances providing the same service function, where the address of the external service access may include a load balancing node IP address and a load balancing node service port number.
In one embodiment, the controller of the load balancing node may further clear invalid deployment information from the configuration information of the load balancing cluster within a predetermined time range.
In this way, according to the controller of the load balancing node, by monitoring the deployment information in the container cluster and clearing the invalid deployment information in the configuration information in the load balancing cluster, compared with the load balancing cluster of the controller without the load balancing node, the load balancing cluster can timely acquire the deployment information of the container cluster and clear the invalid deployment information in the load balancing cluster when the container cluster is changed frequently, bidirectional synchronization of the container deployment information and the load balancing configuration information can be realized, and the accuracy of processing information of load balancing is improved.
In some embodiments, the listening for deployment information comprises:
receiving the deployment information from a server of a container cluster;
and/or monitoring the deployment information broadcasted by the container nodes in the container cluster.
In one embodiment, the controller of the load balancing node may monitor servers of container nodes in the container cluster, and delete deployment information of corresponding container instances in the container nodes when the container nodes are invalid.
In one embodiment, a system for message processing may be as shown in FIG. 7. Wherein the message processing system comprises: load balancing SLB cluster, load balancing node controller SLB-SVC, kubernetes cluster and container cluster. The kuubernets cluster may include a Kube-APIServer component, the container cluster may include one or more container nodes, the container cluster may include a dynamic software router, the dynamic software router may be deployed in a virtual machine where the container nodes are located, and the container nodes may further include: eBPF program, eBPF Agent, eBPF MAP, container instance and node kernel protocol stack.
In one embodiment, a method for message processing according to the message processing system may include:
Receiving a first request sent by a client according to the SLB cluster;
the SLB cluster determines a target container instance for distributing the first request according to a load balancing rule;
the SLB cluster modifies the target address of the first request according to the IP address of the target container instance and the port number of the service port and obtains a second request;
the SLB cluster sends the second request to a container node where the target container instance is located according to a dynamic routing protocol;
the container node receives a second request sent by the load balancing node;
determining a network naming space of a target container instance according to an eBPF program in the container node, an IP address of an alternative container instance in the container node, a port number of the service port and a network naming space identifier stored in an eBPF MAP, and an IP address of the target container instance and a port number of the service port which are included in a second request;
the second request is sent to the network namespace of the target container instance according to the eBPF procedure within the container node.
In one embodiment, the load balancing node controller SLB-SVC and the eBPF Agent can obtain deployment information of alternative container instances in the container nodes in the container cluster through a Kube-APIServer component in the kubernetes cluster.
In one embodiment, a flow of request processing may be as shown in fig. 8, and the steps may include:
step a1, a load balancing node receives a first request sent by a client;
step a2, the load balancing node determines a target container instance for distributing the first request according to a load balancing rule;
step a3, the load balancing node modifies the target address of the first request and obtains a second request according to the Internet Protocol (IP) address of the target container instance and the port number of the service port;
step a4, the load balancing node sends the second request to the container node where the target container instance is located;
step a5, the container node receives a second request sent by the load balancing node; wherein the second request includes: the internet protocol IP address of the target container instance and the port number of the service port; the second request is generated and provided by the load balancing node based on the first request provided by the client; the target address of the first request points to the load balancing node;
step a6, the container node determines the network naming space of the target container instance according to the IP address of the target container instance and the port number of the service port;
Step a7, the container node sends the second request to the network naming space of the target container instance;
step a8, the target container instance receives and processes the second request.
In one embodiment, the flow of processing of a response to a request may be as shown in fig. 9, and the steps may include:
step b1, the target container instance generates a first response according to the second request and sends the first response;
step b2, the container node receives the target container instance and sends a first response based on the second request; the target address of the first response is the IP address of the load balancing node, and the source address is the IP address of the target container instance and the port number of the service port;
step b3, the container node sends the first response to the load balancing node, wherein the first response is used for the load balancing node to provide a second response to the client; the target address of the second response is the IP address of the client and the source address is the IP address of the load balancing node;
step b4, the load balancing node receives a first response of the second request; the source address of the first response is the IP address of the target container instance, and the target address of the first response is the IP address of the load balancing node;
Step b5, the load balancing node modifies the source address of the first response to the IP address of the load balancing node, and modifies the target address of the first response to the IP address of the client to obtain a second response;
and b6, the load balancing node sends the second response to the client.
As shown in fig. 10, an embodiment of the present disclosure provides a message processing apparatus, including:
a receiving module 10, configured to receive a first request sent by a client;
a determining module 20 for: determining a target container instance for distributing the first request according to a load balancing rule;
a modification module 30 for: modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance and the port number of the service port;
and a sending module 40, configured to send the second request to a container node where the target container instance is located.
In one embodiment, the modification module 30 is further configured to: and modifying the source address of the first request according to the IP address of the load balancing node to obtain the second request with the source address being the IP address of the load balancing node.
In one implementation, the receiving module 10 is further configured to: receiving a first response to the second request; the source address of the first response is the IP address of the target container instance, and the target address of the first response is the IP address of the load balancing node; the modification module 30 is further configured to: modifying the source address of the first response to the IP address of the load balancing node, and modifying the target address of the first response to the IP address of the client to obtain a second response; the sending module 40 is further configured to: and sending the second response to the client.
In one embodiment, the apparatus further comprises: an acquisition module 50; the obtaining module 50 is configured to: obtaining deployment information of alternative container instances in one or more container nodes in a container cluster, wherein the deployment information comprises: the IP address of the one or more alternative container instances and the port number of the service port of the container node deployment.
In one embodiment, the receiving module 10 is further configured to receive the deployment information broadcast by one or more container nodes in the container cluster; or, the controller of the receiving load balancing node obtains the deployment information from the server of the container cluster.
As shown in fig. 11, an embodiment of the present disclosure provides a message processing apparatus, including:
a receiving module 110, configured to: receiving a second request sent by a load balancing node; wherein the second request includes: the internet protocol IP address of the target container instance and the port number of the service port; the second request is generated and provided by the load balancing node based on the first request provided by the client; the target address of the first request points to the load balancing node;
a determining module 120, configured to: determining a network naming space of the target container instance according to the IP address of the target container instance and the port number of the service port;
a sending module 130, configured to send the second request to a network namespace of the target container instance.
In one embodiment, the receiving module 110 is further configured to: receiving the target container instance to send a first response based on the second request; the target address of the first response is the IP address of the load balancing node, and the source address is the IP address of the target container instance and the port number of the service port; the sending module 130 is further configured to: sending the first response to the load balancing node, wherein the first response is used for the load balancing node to provide a second response to the client; the destination address of the second response is the IP address of the client, and the source address is the IP address of the load balancing node.
As shown in fig. 12, an embodiment of the present disclosure provides a message processing apparatus, including:
a listening module 310, configured to: monitoring deployment information, wherein the deployment information at least comprises: IP addresses and port numbers of service ports for one or more alternative container instances deployed by one or more container nodes within the container cluster;
a sending module 320, configured to: and sending the deployment information to a load balancing node, wherein the deployment information is used for the load balancing node to modify a target address of a first request received from a client to obtain a second request directly routed to a target container instance.
In one embodiment, the listening module 310 further includes: a receiving module 311, configured to receive the deployment information from a server of a container cluster; and/or, the monitoring module 310 is further configured to monitor the deployment information broadcasted by the container nodes in the container cluster.
It should be noted that, as those skilled in the art may understand, the methods provided in the embodiments of the present disclosure may be performed alone or together with some methods in the embodiments of the present disclosure or some methods in the related art.
The embodiment of the disclosure also provides an electronic device, which includes: a processor and a memory for storing a computer program capable of running on the processor, which when run performs the steps of the method of one or more of the preceding claims.
Embodiments of the present disclosure also provide a computer-readable storage medium storing computer-executable instructions that, when executed by a processor, enable implementation of the method according to one or more of the foregoing technical solutions.
The computer storage medium provided in this embodiment may be a non-transitory storage medium. In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above described device embodiments are only illustrative, e.g. the division of the units is only one logical function division, and there may be other divisions in practice, such as: multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. In addition, the various components shown or discussed may be coupled or directly coupled or communicatively coupled to each other via some interface, whether indirectly coupled or communicatively coupled to devices or units, whether electrically, mechanically, or otherwise.
The units described as separate units may or may not be physically separate, and units displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units; some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present disclosure may be integrated in one processing module, or each unit may be separately used as one unit, or two or more units may be integrated in one unit; the integrated units may be implemented in hardware or in hardware plus software functional units.
In some cases, the two technical features do not conflict, and a new method technical scheme can be combined.
In some cases, the above two technical features may be combined into a new device technical scheme without any conflict.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the above method embodiments may be implemented by hardware associated with program instructions, where the foregoing program may be stored in a computer readable storage medium, and when executed, the program performs steps including the above method embodiments; and the aforementioned storage medium includes: a mobile storage device, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk or an optical disk, or the like, which can store program codes.
The foregoing is merely specific embodiments of the disclosure, but the protection scope of the disclosure is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the disclosure, and it is intended to cover the scope of the disclosure. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.

Claims (12)

1. A method of message processing performed by a load balancing node, the method comprising:
receiving a first request sent by a client;
determining a target container instance for distributing the first request according to a load balancing rule;
modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance and the port number of the service port;
and sending the second request to a container node where the target container instance is located.
2. The method according to claim 1, wherein the method further comprises:
receiving a first response to the second request; the source address of the first response is the IP address of the target container instance, and the target address of the first response is the IP address of the load balancing node;
Modifying the source address of the first response to the IP address of the load balancing node, and modifying the target address of the first response to the IP address of the client to obtain a second response;
and sending the second response to the client.
3. The method according to any one of claims 1 to 2, further comprising:
obtaining deployment information of alternative container instances in one or more container nodes in a container cluster, wherein the deployment information comprises: the IP address of the one or more alternative container instances and the port number of the service port of the container node deployment.
4. The method of claim 3, wherein the obtaining deployment information for the one or more container node-within-container alternative container instances comprises:
receiving the deployment information broadcast by one or more container nodes in a container cluster;
or,
and receiving the deployment information acquired from the server of the container cluster by the controller of the load balancing node.
5. A method of message processing performed by a container node, the method comprising:
receiving a second request sent by a load balancing node; wherein the second request includes: the internet protocol IP address of the target container instance and the port number of the service port; the second request is generated and provided by the load balancing node based on the first request provided by the client; the target address of the first request points to the load balancing node;
Determining a network naming space of the target container instance according to the IP address of the target container instance and the port number of the service port;
the second request is sent to a network namespace of the target container instance.
6. The method of claim 5, wherein the method further comprises:
receiving the target container instance to send a first response based on the second request; the target address of the first response is the IP address of the load balancing node, and the source address is the IP address of the target container instance and the port number of the service port;
sending the first response to the load balancing node, wherein the first response is used for the load balancing node to provide a second response to the client; the destination address of the second response is the IP address of the client, and the source address is the IP address of the load balancing node.
7. A method of message processing performed by a controller of a load balancing node, the method comprising:
monitoring deployment information, wherein the deployment information at least comprises: IP addresses and port numbers of service ports for one or more alternative container instances deployed by one or more container nodes within the container cluster;
And sending the deployment information to a load balancing node, wherein the deployment information is used for the load balancing node to modify a target address of a first request received from a client to obtain a second request directly routed to a target container instance.
8. A message processing apparatus, the apparatus comprising:
the receiving module is used for receiving a first request sent by the client;
a determining module for: determining a target container instance for distributing the first request according to a load balancing rule;
a modification module for: modifying the target address of the first request and obtaining a second request according to the Internet Protocol (IP) address of the target container instance, the port numbers of the target container instance and the service port;
and the sending module is used for sending the second request to the container node where the target container instance is located.
9. A message processing apparatus, the apparatus comprising:
a receiving module for: receiving a second request sent by a load balancing node; wherein the second request includes: the internet protocol IP address of the target container instance and the port number of the service port; the second request is generated and provided by the load balancing node based on the first request provided by the client; the target address of the first request points to the load balancing node;
A determining module for: determining a network naming space of the target container instance according to the IP address of the target container instance and the port number of the service port;
and the sending module is used for sending the second request to the network naming space of the target container instance.
10. A message processing apparatus, the apparatus comprising:
a monitoring module, configured to: monitoring deployment information, wherein the deployment information at least comprises: IP addresses and port numbers of service ports for one or more alternative container instances deployed by one or more container nodes within the container cluster;
a sending module, configured to: and sending the deployment information to a load balancing node, wherein the deployment information is used for the load balancing node to modify a target address of a first request received from a client to obtain a second request directly routed to a target container instance.
11. An electronic device, the electronic device comprising: a processor and a memory for storing a computer program capable of running on the processor, wherein the processor performs the steps of the message processing method of any of claims 1 to 7 when the computer program is run.
12. A computer-readable storage medium, wherein the computer-readable storage medium stores computer-executable instructions; the computer executable instructions, when executed by a processor, are capable of implementing the message processing method of any one of claims 1 to 7.
CN202211100421.2A 2022-09-08 2022-09-08 Message processing method, device, electronic equipment and storage medium Pending CN116781701A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211100421.2A CN116781701A (en) 2022-09-08 2022-09-08 Message processing method, device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211100421.2A CN116781701A (en) 2022-09-08 2022-09-08 Message processing method, device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116781701A true CN116781701A (en) 2023-09-19

Family

ID=88006924

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211100421.2A Pending CN116781701A (en) 2022-09-08 2022-09-08 Message processing method, device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116781701A (en)

Similar Documents

Publication Publication Date Title
US10187459B2 (en) Distributed load balancing system, health check method, and service node
US10715485B2 (en) Managing dynamic IP address assignments
CN107078969B (en) Realize computer equipment, the system and method for load balancing
US10735499B2 (en) Virtual network interface multiplexing
JP6585837B2 (en) User migration
CN109981493B (en) Method and device for configuring virtual machine network
US7426560B2 (en) Method and system for managing quality of service in a network
EP2824872B1 (en) Host providing system and communication control method
US20140297890A1 (en) Dynamic network action based on dhcp notification
JP6106334B2 (en) Method, system and computer readable medium for performing advanced service routing
CN111614748A (en) Scalable peer-to-peer matching
JP2013090072A (en) Service provision system
US20130191477A1 (en) Mapping system, network, and method for adaptation of id/loc separation to datacenter for cloud computing
CN107517129B (en) Method and device for configuring uplink interface of equipment based on OpenStack
CN115174674A (en) Flow forwarding method
US7711780B1 (en) Method for distributed end-to-end dynamic horizontal scalability
CN109005071B (en) Decision deployment method and scheduling equipment
US10791088B1 (en) Methods for disaggregating subscribers via DHCP address translation and devices thereof
CN110636149A (en) Remote access method, device, router and storage medium
CN116781701A (en) Message processing method, device, electronic equipment and storage medium
CN116418724A (en) Service access method, device and load balancing system
US9537748B1 (en) Finding shortest path in multi-access nodes in cloud service
WO2020254838A1 (en) Large scale nat system
CN113746653B (en) Gateway configuration method, client, server and storage medium
WO2023216584A1 (en) Method for obtaining application-aware network identifier and related device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination