CN117793166A

CN117793166A - Session synchronization method and device between cloud gateway clusters

Info

Publication number: CN117793166A
Application number: CN202311658602.1A
Authority: CN
Inventors: 鲍才骏; 魏宇涛
Original assignee: China Construction Bank Corp
Current assignee: China Construction Bank Corp
Priority date: 2023-12-05
Filing date: 2023-12-05
Publication date: 2024-03-29

Abstract

The invention discloses a session synchronization method and a device between cloud gateway clusters, wherein the method comprises the following steps: inquiring whether a session corresponding to the session identification information exists in a session storage server according to the session identification information carried by the target session message; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client; receiving feedback from a session storage server: and according to the conversation operation result executed by the conversation synchronization type field of the target conversation message, feeding back to the target client through the target node. The method and the device are used for improving the session performance and high availability of the cloud gateway cluster and reducing the fault processing burden and processing cost of the cloud gateway cluster.

Description

Session synchronization method and device between cloud gateway clusters

Technical Field

The present invention relates to the field of cloud network technologies, and in particular, to a method and an apparatus for session synchronization between cloud gateway clusters.

Background

This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.

In a public cloud distributed architecture, when a client on the cloud accesses related services (such as a database and file storage) provided by the public cloud, a message is forwarded through a cloud gateway cluster. For a stateful cloud gateway cluster, when a client on the cloud first sends a request, a gateway cluster node responsible for forwarding records request information sent by the client and stores the request information as a session. When the client sends the same access request again, the gateway cluster node forwards according to the saved Session without re-establishing a TCP connection, typically designed as a Session of Tomcat.

At present, session synchronization between stateful cloud gateway clusters is typically performed between nodes within the clusters, and no session synchronization mechanism exists between the gateway clusters. The hidden danger exists in the way that once the gateway node in the cloud gateway cluster is in integral fault, the session established on the cluster is invalid, and the client needs to initiate a request again to establish a new session on a new gateway cluster, so that the rapid switching of the business among the clusters can not be realized.

The session synchronization scheme at the present stage is to perform session synchronization between nodes in a cluster, and although service migration can be realized when one or more nodes in the cluster fail, service switching between clusters cannot be realized when the whole gateway cluster fails.

Disclosure of Invention

The embodiment of the invention provides a session synchronization method between cloud gateway clusters, which is used for improving the session performance and high availability of the cloud gateway clusters and reducing the fault processing burden and processing cost of the cloud gateway clusters, and comprises the following steps:

inquiring whether a session corresponding to the session identification information exists in a session storage server according to the session identification information carried by the target session message; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session storage server stores: session information created by each node in different cloud gateway clusters; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client;

If the session corresponding to the session identification information exists in the session storage server, receiving feedback from the session storage server: according to the conversation operation result executed by the conversation synchronous type field of the target conversation message;

and feeding back the session and the session operation result to a target client.

The embodiment of the invention also provides a session synchronization device between cloud gateway clusters, which is used for improving the session performance and high availability of the cloud gateway clusters and reducing the fault processing burden and processing cost of the cloud gateway clusters, and comprises the following steps:

the session inquiry module is used for inquiring whether a session corresponding to the session identification information exists in the session storage server according to the session identification information carried by the target session message; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session storage server stores: session information created by each node in different cloud gateway clusters; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client;

The session receiving module is used for receiving feedback of the session storage server if the session corresponding to the session identification information exists in the session storage server: according to the conversation operation result executed by the conversation synchronous type field of the target conversation message;

and the session feedback module is used for feeding back the session and the session operation result to the target client.

The embodiment of the invention also provides computer equipment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the session synchronization method between the cloud gateway clusters when executing the computer program.

The embodiment of the invention also provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program, and the computer program realizes the session synchronization method between the cloud gateway clusters when being executed by a processor.

The embodiment of the invention also provides a computer program product, which comprises a computer program, wherein the computer program realizes the session synchronization method between the cloud gateway clusters when being executed by a processor.

In the embodiment of the invention, when a node in a cloud gateway cluster corresponding to a target client fails, the node in the cloud gateway cluster is determined: inquiring whether a session corresponding to the session identification information exists in a session storage server according to the session identification information carried by the target session message; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session storage server stores: session information created by each node in different cloud gateway clusters; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client; if the session corresponding to the session identification information exists in the session storage server, receiving feedback from the session storage server: according to the conversation operation result executed by the conversation synchronous type field of the target conversation message; and feeding back the session and the session operation result to the target client, wherein compared with the technical scheme in the prior art that service migration between nodes can be realized only when nodes in the cluster fail, the method can actively initiate a session request by the nodes redistributed to other cloud gateway clusters when the cloud gateway cluster fails wholly, thereby pulling the session of the original cloud gateway cluster from the session storage server, realizing service switching between different clusters when the whole cloud gateway cluster fails, avoiding the need of establishing new session requests again by a user, improving user experience, solving the problem that service switching between cloud cluster nodes cannot be realized when the whole cloud gateway cluster fails in the prior art, reducing the fault processing burden and processing cost of the cloud gateway cluster, and improving the session performance and high availability of the cloud gateway cluster.

Drawings

In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. In the drawings:

fig. 1 is a schematic architecture diagram of a session synchronization method between cloud gateway clusters in an embodiment of the present invention;

fig. 2 is a specific example diagram of an overall architecture of a server in a session synchronization method between cloud gateway clusters in an embodiment of the present invention;

fig. 3 is a specific exemplary diagram of a session synchronization method between cloud gateway clusters in an embodiment of the present invention;

fig. 4 is a specific exemplary diagram of a session synchronization method between cloud gateway clusters in an embodiment of the present invention;

fig. 5 is a specific exemplary diagram of a session synchronization method between cloud gateway clusters in an embodiment of the present invention;

fig. 6 is a specific exemplary diagram of a session synchronization method between cloud gateway clusters in an embodiment of the present invention;

Fig. 7 is a flow chart of a session synchronization method between cloud gateway clusters in an embodiment of the present invention;

fig. 8 is a schematic structural diagram of a session synchronization device between cloud gateway clusters in an embodiment of the present invention;

fig. 9 is a schematic diagram of a computer device for session synchronization between cloud gateway clusters in an embodiment of the present invention.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention will be described in further detail with reference to the accompanying drawings. The exemplary embodiments of the present invention and their descriptions herein are for the purpose of explaining the present invention, but are not to be construed as limiting the invention.

The term "and/or" is used herein to describe only one relationship, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist together, and B exists alone. In addition, the term "at least one" herein means any one of a plurality or any combination of at least two of a plurality, for example, including at least one of A, B, C, and may mean including any one or more elements selected from the group consisting of A, B and C.

In the description of the present specification, the terms "comprising," "including," "having," "containing," and the like are open-ended terms, meaning including, but not limited to. Reference to the terms "one embodiment," "a particular embodiment," "some embodiments," "for example," etc., means that a particular feature, structure, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. The sequence of steps involved in the embodiments is used to schematically illustrate the practice of the present application, and is not limited thereto and may be appropriately adjusted as desired.

The data acquisition, storage, use, processing and the like in the technical scheme meet the relevant regulations of national laws and regulations.

Embodiments of the present invention relate to the following terms, as explained below:

stateful services: the server needs to record the information requested by the client, so as to identify the identity of the client, process the request according to the identity of the user, and each request can use the previous request information by default.

Stateful cluster: when the reliability or performance of a single service is insufficient, multiple machines are required to build a cluster to jointly bear a certain service. For stateful clusters, machines within the cluster all have locally saved sessions and states that together provide the same service to the outside world. Once a machine is down, other machines in the cluster will proxy the tasks it is responsible for.

Cloud gateway cluster: when a client on the cloud accesses the cloud service, the cloud gateway cluster forwards the service. Cloud gateway cluster is a many-to-one virtualization technology, and the whole cluster provides services with the same virtual IP address.

Session synchronization between existing stateful cloud gateway clusters is typically performed between nodes within the cluster, and no session synchronization mechanism exists between the gateway clusters. The hidden danger exists in the way that once the gateway node in the cloud gateway cluster is in integral fault, the session established on the cluster is invalid, and the client needs to initiate a request again to establish a new session on a new gateway cluster, so that the rapid switching of the business among the clusters can not be realized.

In a distributed architecture, the more sophisticated session synchronization schemes for stateful clusters are: a session synchronization method based on instant copy, a session synchronization method based on database service, and a session synchronization method based on memory cache.

The implementation principle of the instant copy-based session synchronization scheme is as follows: each cluster node can copy the session information stored by itself to other nodes in the same cluster at regular time, and the nodes in the same cluster realize session synchronization in a multicast mode, namely, the nodes in the cluster synchronously broadcast the session data of itself to other nodes in the same cluster, and the session synchronization mode ensures high availability, but when the cluster node is large in scale, the synchronization mode not only consumes bandwidth, but also occupies a large amount of resources, and has lower efficiency and serious delay. Extensive broadcasting can affect performance.

The realization principle of the session synchronization method based on the database service is as follows: each node stores the session information into the database, and the nodes in the cluster uniformly acquire the session information from the database. The problem with this approach is that frequent access to the database can create a performance bottleneck.

The session synchronization method based on the memory cache memory is based on the principle that: the memories of the nodes are combined to form a memory pool, the session generated by any node can be put in the memory pool, and other nodes can acquire the session information. The problem with this approach is that the inability of the memory cache to fully utilize memory can create memory fragmentation and memory overflow can occur.

The three session synchronization schemes are all methods for performing session synchronization among the nodes in the cluster, and can realize service migration when one or more nodes in the cluster fail, but can not realize service switching among the clusters when the whole gateway cluster fails.

If the method is directly applied to the inter-cluster session synchronization, the three synchronization methods respectively have the following problems:

the method based on instant copy among clusters is generally carried out in a multicast mode, and session information needs to be mutually backed up in real time, so that the scale of the synchronous nodes is limited, the method is not suitable for the session synchronous scale among cloud gateway clusters, the processing burden of the gateway clusters is increased, and the performance of the gateway clusters is reduced.

The session synchronization method based on the database service causes performance bottleneck due to frequent access to the database, so that each node can frequently access to the database to acquire session information at any time aiming at the special condition of the integral fault of the cluster.

The memory fragmentation is caused by the memory cache-based mode, and the physical and scale limitation exists in the common memory of all the nodes of the cluster, and the cost is too high for the special case of performing session synchronization aiming at the integral fault of the cluster.

In order to solve the above problems, an embodiment of the present invention provides a session synchronization method between cloud gateway clusters, which is used to improve session performance and high availability of the cloud gateway clusters, reduce failure processing burden and processing cost of the cloud gateway clusters, and optimize a session synchronization scheme when an overall gateway cluster fails on the basis of ensuring that the clusters achieve session synchronization in a healthy state with normal efficiency, referring to fig. 7, where the method in this embodiment may include:

step 701: inquiring whether a session corresponding to the session identification information exists in a session storage server according to the session identification information carried by the target session message; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session storage server stores: session information created by each node in different cloud gateway clusters; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client;

Step 702: if the session corresponding to the session identification information exists in the session storage server, receiving feedback from the session storage server: according to the conversation operation result executed by the conversation synchronous type field of the target conversation message;

step 703: and feeding back the session and the session operation result to a target client.

In the embodiment of the invention, when a node in a cloud gateway cluster corresponding to a target client fails, the node in the cloud gateway cluster is determined: inquiring whether a session corresponding to the session identification information exists in a session storage server according to the session identification information carried by the target session message; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session storage server stores: session information created by each node in different cloud gateway clusters; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client; if the session corresponding to the session identification information exists in the session storage server, receiving feedback from the session storage server: according to the conversation operation result executed by the conversation synchronous type field of the target conversation message; and feeding back the session and the session operation result to the target client, wherein compared with the technical scheme in the prior art that service migration between nodes can be realized only when nodes in the cluster fail, the method can actively initiate a session request by the nodes redistributed to other cloud gateway clusters when the cloud gateway cluster fails wholly, thereby pulling the session of the original cloud gateway cluster from the session storage server, realizing service switching between different clusters when the whole cloud gateway cluster fails, avoiding the need of establishing new session requests again by a user, improving user experience, solving the problem that service switching between cloud cluster nodes cannot be realized when the whole cloud gateway cluster fails in the prior art, reducing the fault processing burden and processing cost of the cloud gateway cluster, and improving the session performance and high availability of the cloud gateway cluster. Attribute information and session identification information of a session created by a session message of a corresponding client; if the session corresponding to the session identification information exists in the session storage server, receiving feedback from the session storage server: according to the conversation operation result executed by the conversation synchronous type field of the target conversation message; and feeding back the session and the session operation result to the target client, wherein compared with the technical scheme in the prior art that service migration between nodes can be realized only when nodes in the cluster fail, the method can actively initiate a session request by the nodes redistributed to other cloud gateway clusters when the cloud gateway cluster fails wholly, thereby pulling the session of the original cloud gateway cluster from the session storage server, realizing service switching between different clusters when the whole cloud gateway cluster fails, avoiding the need of establishing new session requests again by a user, improving user experience, solving the problem that service switching between cloud cluster nodes cannot be realized when the whole cloud gateway cluster fails in the prior art, reducing the fault processing burden and processing cost of the cloud gateway cluster, and improving the session performance and high availability of the cloud gateway cluster.

In the embodiment of the invention, when the node in the cloud gateway cluster corresponding to the target client fails, the cloud gateway cluster realizes service migration by the following modes:

1. and inquiring whether a session corresponding to the session identification information exists in the session storage server according to the session identification information carried by the target session message. The session storage server stores session information created by each node in different cloud gateway clusters, wherein the session information is used for representing attribute information and session identification information of a session created by the node according to a session message of a corresponding client.

2. And if the session corresponding to the session identification information exists in the session storage server, receiving a session operation result which is fed back by the session storage server and is executed according to the session synchronization type field of the target session message. These session operation results include modifications, updates, etc. to the session.

3. And feeding back the session and the session operation result to a target client. Therefore, when the nodes in the cloud gateway cluster fail, the nodes which can be redistributed to other cloud gateway clusters actively initiate the session request, so that the session of the original cloud gateway cluster is pulled from the session storage server, and service forwarding is realized.

4. When the whole cloud gateway cluster fails, service switching among different clusters is realized, a user does not need to establish a new session request again, and user experience is improved. The method solves the problem that service switching among cloud cluster nodes cannot be realized when the whole cloud gateway cluster fails in the prior art, and reduces the failure processing burden and processing cost of the cloud gateway cluster.

5. The session performance and the high availability of the cloud gateway cluster are improved. By the method, the cloud gateway cluster can realize service migration when the node fails, so that the continuity and availability of the service are ensured.

In step 701, selecting a new node is not a function of session synchronization, but rather the cloud gateway cluster performs gateway cluster and machine selection using a hash method. Specifically, the cloud gateway cluster hashes five-tuple of the source mesh ip, the source mesh port and the protocol, so as to select a proper gateway and machine.

In step 701, the node queries whether a session corresponding to the session identification information exists in the session storage server according to the session identification information of the target session packet, which specifically may include the following two cases:

1. if the session corresponding to the session identification information exists in the session storage server, the session is successfully established, and the node can feed back the session and the session operation result to the target client according to the session operation result fed back by the session storage server;

2. If the session corresponding to the session identification information does not exist in the session storage server, the session is not successfully created, and the node can feed back the session and the session operation result to the target client according to the session operation result executed by the session synchronization type field of the target session message.

In step 702, when the destination node newly receiving the service receives the packet of the transmission data sent by the client, since the node has no corresponding session information, it will go to the session storage server to retrieve and pull according to the information (virtual private network Id, source ip, source port, destination ip, destination port, protocol). Thus, the target node can acquire the session information and store the session information in the own memory.

In step 702, when a session corresponding to the session identification information exists in the session storage server, the node may receive a session operation result fed back by the session storage server and executed according to a session synchronization type field of the target session packet, and may specifically include the following two cases:

1. if the value of the session synchronization type field of the target session message is "creation", it is indicated that the session needs to be created, and at this time, the node may feed back the session and the session operation result to the target client according to the session operation result fed back by the session storage server;

2. If the value of the session synchronization type field of the target session message is "updated", it indicates that the session already exists, and at this time, the node may feed back the session and the session operation result to the target client according to the session operation result fed back by the session storage server.

In step 703, after the gateway target node in the gateway cluster newly receiving the service successfully obtains the session information fed back by the session memory from the memory, the information may be stored in the own memory of the target node. Then, according to the session information, the target node can multiplex the original session and continue forwarding the message without the need for the client to re-establish a new session.

In step 703, when the node feeds back the session and the session operation result to the target client, the following two cases may be included:

1. if the node in the original cloud gateway cluster corresponding to the target client fails, the node can feed back the session and the session operation result to other nodes in the cloud gateway cluster which normally run and can access cloud services;

2. if the integral gateway cluster fails, the node can feed back the session and the session operation result to other nodes in the cloud gateway cluster which normally run and can access the cloud service.

In the implementation process, under the condition that all clusters are in a normal health state, session information is not needed to be backed up among all cloud gateway clusters. However, when a certain cluster fails as a whole, the access of the client to the cloud service will be automatically switched to a specific node of another cluster for forwarding according to a preset algorithm (for example, rules based on source IP, target IP, source port, target port, protocol quintuple hash, etc.). If the node does not have corresponding session information, it will acquire the corresponding session by sending a session request to the session storage server. This implementation ensures continuity and availability of services, maintaining normal operation of the service even in the event of failure of a certain cluster.

In the implementation, when a node in a cloud gateway cluster corresponding to a target client fails, determining that the node in the cloud gateway cluster is: receiving a target node of a target session message initiated by a target client to cloud service; after receiving the target session message initiated by the target client by the target node, inquiring whether a session corresponding to the session identification information exists in a session storage server according to the session identification information carried by the target session message; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session storage server stores: session information created by each node in different cloud gateway clusters; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client.

In one embodiment, the attribute information of the session includes: session source destination address, session source destination port and session protocol; the session identification information includes a session hash value; the session hash value corresponds to the client one by one.

In the implementation, a target client accesses cloud service through a cloud gateway cluster, when a node in an original cloud gateway cluster corresponding to the target client fails, the node in the cloud gateway cluster which receives a target session message of the cloud service initiated by the target client, and whether a session corresponding to the session identification information exists in a session storage server is inquired according to the session identification information carried by the target session message.

If the session information corresponding to the session identification information exists in the session storage server, the attribute information and the session identification information in the session information are sent to the target client, and the target client reinitiates a target session message for cloud service according to the received attribute information and the session identification information and sends the target session message to the nodes in the new cloud gateway cluster.

And after receiving a target session message for cloud service initiated by a target client, the nodes in the cloud gateway cluster inquire whether corresponding session information exists in a session storage server according to attribute information and session identification information in the message.

If the session storage server has the session information corresponding to the attribute information and the session identification information in the target session message, the session information is sent to the target client, and the target client re-initiates the target session message for the cloud service according to the received session information and sends the target session message to the node in the new cloud gateway cluster.

In one embodiment, the attribute information of the session includes: session source destination address, session source destination port and session protocol; the session identification information includes a session hash value; the session hash value corresponds to the client one by one. In an implementation process, the generation of the session hash value is based on a plurality of parameters of the session, including a virtual private network ID, a source IP address, a source port number, a destination IP address, a destination port number, and a protocol type. By means of these parameters, the session can be effectively characterized.

In one embodiment, each node in a different cloud gateway cluster is configured to:

creating session information corresponding to the client according to the acquired access link and session message of the cloud service initiated by the client;

and storing session information corresponding to the client in the node and the session storage server.

In an embodiment, when a client accesses a cloud service such as a database and a file storage for the first time, a node of a cloud gateway cluster through which the access link passes creates a session (corresponding session information) for the client and stores the session in a memory of a node of the machine, wherein the session includes information such as a source-destination address, a source-destination port, a protocol and the like; and simultaneously, the gateway node synchronously transmits the session information to a session storage server, and a session synchronization type field in the synchronization message is set as a corresponding code for session creation.

In the implementation process, when a client accesses a cloud service for the first time, such as a database or a file storage, a cloud gateway cluster node through which the access link passes creates a session (and correspondingly stores session information) for the client, and the session information is stored in a node memory. The session information includes information such as source address, destination address, source port, destination port, and protocol. And simultaneously, the gateway node sends the synchronous session information to a session storage server, and a session synchronous type field in the synchronous message is set as a corresponding session creation code.

In one embodiment, each node in a different cloud gateway cluster is further configured to:

when the session message sent by the client relates to the session adding and deleting operation, the same session adding and deleting operation is synchronously carried out on the session information corresponding to the client stored in the node.

In the embodiment, when the session information of the cluster node is updated, the cluster node firstly changes the session information stored by the local machine, synchronously sends the updated session information to the session storage server, adds a session synchronization type field in the synchronization message, and sets the session synchronization type field as a corresponding code for session update;

when the client side carries out the operation of triggering the deletion of the session, firstly, the gateway node clears the session stored by the node, synchronously sends a request for clearing the session information to the session storage server, adds a session synchronization type field in the synchronization message, and sets the session synchronization type field as a corresponding code for clearing the session.

In the embodiment, when a message request is sent to the session storage server, a field is added to the message based on the original session information, and the corresponding content in the field is "the corresponding code for clearing the session", so that when the storage server receives the message, how to operate the message information can be directly determined.

In the embodiment, when the session information of the cluster node is updated, the cluster node firstly changes the session information stored by the local machine, synchronously sends the updated session information to the session storage server, adds a session synchronization type field in the synchronization message, and sets the session synchronization type field as a corresponding code for session update; when the client side carries out the operation of triggering the deletion of the session, firstly, the gateway node clears the session stored by the node, synchronously sends a request for clearing the session information to the session storage server, adds a session synchronization type field in the synchronization message, and sets the session synchronization type field as a corresponding code for clearing the session.

In the above process, the session storage server can directly determine the operation to be performed after receiving the message containing the "session clear corresponding code". Specifically, if the "session synchronization type field" in the received message indicates that the session is updated, the session storage server will update the corresponding session information; if the session sync type field in the received message indicates that the session is cleared, the session storage server will delete the corresponding session information.

In addition, the embodiment also provides a convenient method for carrying out high-efficiency synchronous message transmission between the cluster node and the session storage server. The method utilizes the existing network communication protocol, and improves the synchronization efficiency by optimizing the format and transmission mode of the message. Specific implementations may include, but are not limited to, existing communication protocols using HTTP protocol, webSocket protocol, etc., or custom communication protocols as the case may be.

Through the description of the above embodiments, it can be clearly understood that the method can realize efficient synchronization between the cluster nodes and the session storage server, and ensures the real-time performance and consistency of session information. Meanwhile, by adding the fields of 'session synchronization type' and 'session clearing corresponding coding', the session storage server can accurately perform corresponding operation, and the problems of possible misoperation and inconsistent data are avoided.

In the implementation, after inquiring whether a session corresponding to the session identification information exists in a session storage server according to the session identification information carried by the session message, if the session corresponding to the session identification information exists in the session storage server, receiving feedback from the session storage server: and according to the conversation operation result executed by the conversation synchronization type field of the target conversation message.

In the implementation process, according to the session identification information carried by the session message, inquiring whether a session corresponding to the session identification information exists in the session storage server is a very important step. If the session corresponding to the session identification information exists in the session storage server, receiving a session operation result which is fed back by the session storage server and is executed according to the session synchronization type field of the target session message, and further promoting the whole process.

After receiving the session operation result fed back by the session storage server, the system executes corresponding operation according to the session synchronization type field of the target session message. This may include updating session information, sending messages, performing tasks, etc., depending on the value of the session sync type field.

By the implementation mode, the system can inquire the corresponding session in the session storage server according to the session identification information and execute corresponding operation according to the session synchronization type field of the target session message, so that the synchronization processing of the session is realized. Such a design enables the system to efficiently handle a large number of session requests and ensures accurate synchronization and handling of sessions.

In the embodiment, when the client accesses the same service again, the cluster node analyzes the session ID according to the session identification information, and when the node is found to have the session, the cluster node acquires the corresponding information according to the session ID; if the node is found to have no session information, the node actively accesses the session storage server according to the request information of the client, pulls the session on the session storage server for service forwarding, and sets the session synchronization type field in the message as well and sets the session synchronization type field as the corresponding code of the session request.

In the above embodiment, when the node of the present cluster finds that the session information does not exist, the session request message is actively sent to the session storage server, and the session pulled to the session storage server is forwarded.

In the above embodiment, when the node of the present cluster finds that the session information does not exist, the session request message is actively sent to the session storage server, and the session pulled to the session storage server is forwarded. Meanwhile, the node also stores the requested session information so that the session information can be directly acquired from the local next time, and the request is prevented from being sent to the session storage server again.

In addition, other nodes in the cluster can analyze the session ID according to the session identification information, if the node is found to have no session information, the node can actively access the session storage server according to the request information of the client, and the session on the session storage server is pulled for service forwarding. Thus, when the client accesses the same service again, any node in the cluster can analyze the session ID according to the session identification information and acquire the corresponding information according to the session ID, so that the session synchronization is realized.

It should be noted that, in the process of pulling the session information, the session synchronization type field is also set in the message, and is set as the corresponding code of the session request. The purpose of this is to ensure that the pulled session information is consistent with the session information of the node, so as to avoid the occurrence of an unsynchronized condition.

This way session synchronization between clusters can be achieved: if the client end which previously establishes the session on the cluster with abnormal health state accesses the cloud service corresponding to the session, the node of the gateway cluster which is redistributed according to the predefined algorithm (namely, the cluster group and the cluster determined by the hash algorithm) can obtain the session of the original gateway cluster by actively pulling from the session storage server to realize service forwarding.

This approach has the following advantages:

1. session synchronization among clusters is realized, and continuity and consistency of service are ensured. 2. When the client is redistributed to the new gateway cluster node, the session information of the original gateway cluster can be obtained in a mode of actively pulling from the session storage server, so that the problem of session loss is avoided. 3. The cluster group and the cluster are determined through a predefined algorithm, so that the correct allocation of the session and the reliability of forwarding are ensured. 4. The method is suitable for various cloud services, whether computing, storage or other types of services, and can realize session synchronization and business forwarding among clusters. In practical applications, this approach may enable cloud services of high availability, high scalability, and high concurrency. When a certain cluster fails, the session can be restored and continued on other healthy clusters, and the continuity and availability of the service are ensured. At the same time, this approach also supports the expansion of clusters, and when more computing or storage resources need to be added, new clusters can simply be added and sessions reassigned and forwarded according to predefined algorithms.

In one embodiment, the session synchronization type field of the session packet includes: session creation type, session update type, session clear type, and session request type;

the session storage server is configured to:

receiving session information of the client sent by different nodes;

when the session synchronous type field of the session message is the session creation type, storing the session information of the client;

when the session synchronous type field of the session message is a session update type, updating the session information of the client;

when the session synchronous type field of the session message is a session clearing type, deleting the session information of the client;

when the session synchronous type field of the session message is the session request type, determining session identification information corresponding to the session message of the client according to the session message of the client; and forwarding the stored session corresponding to the session identification information.

In the above embodiment, after receiving the session information, the session storage server first performs type analysis of the synchronization message, and if the type is a session creation type, stores the session; if the session is updated, updating session information including information such as an update time stamp of the session; if the session is of the session clearing type, clearing the session; if the session request type is the case, searching a corresponding session according to the session identification information according to the session request message, and returning the session information to the cluster node requesting the session information.

In one embodiment, the session storage server is further configured to:

traversing the stored session; after determining that the traversed session has timed out, the stored session is deleted.

In the above embodiment, the session storage server periodically cleans up the session information that is timed out to release the memory resource. Specifically, the session storage server traverses all the sessions in the memory, judges whether the session is overtime according to the current time, the latest updated time of the session and the aging time of the session, and if judging that the session information is overtime, clears the piece of session information.

In one embodiment, the session storage server is further configured to: detecting dialogue content of each session; after determining that the detected dialog content contains sensitive information, the session is marked as a high risk session.

In the above embodiment, the session storage server detects text content in the session through a natural language processing technology, and determines whether the text content contains sensitive information, such as sensitive topics related to politics, religions, ethnicities, and the like, or behaviors related to malicious attacks, fraud, and the like. If sensitive information is detected, the session storage server marks the session as a high risk session and notifies the risk control system to perform corresponding processing. Therefore, the propagation of sensitive information can be effectively prevented, and the legal rights and interests of enterprises or users are guaranteed.

In the implementation, after receiving feedback from the session storage server: and feeding back the session and the session operation result to the target client after the session operation result is executed according to the session synchronization type field of the target session message.

A specific embodiment is provided below to illustrate a specific application of the method of the present invention, where the embodiment provides a method for session synchronization between stateful cloud gateway clusters, where the cloud gateway clusters are stateful clusters, and the number of clusters is at least two, and the purpose of this embodiment is that: when the whole cloud gateway cluster is abnormal, the business borne by the cluster can be smoothly migrated to other cloud gateway clusters without the need of a user to reestablish a session, so that the continuity and reliability of the borne business are improved.

The embodiment comprises the following steps:

when a client accesses cloud services such as a database, file storage and the like for the first time, a node of a cloud gateway cluster through which the access link passes creates a session for the client and stores the session in a memory of a machine node, wherein the session comprises information such as a source-destination address, a source-destination port, a protocol and the like; simultaneously, the gateway node synchronously transmits the session information to a session storage server, and a session synchronization type field in a synchronization message is set as a corresponding code for session creation;

Step (2), when the session information of the cluster node is updated, the cluster node firstly changes the session information stored by the local machine, synchronously transmits the updated session information to a session storage server, adds a session synchronization type field in a synchronization message, and sets the session synchronization type field as a corresponding code for session updating;

when the client side carries out operation of triggering session deletion, firstly, the gateway node clears the session stored by the node, synchronously sends a request for clearing session information to a session storage server, adds a session synchronization type field in a synchronization message, and sets the session synchronization type field as a corresponding code for clearing the session;

step (4), when the client accesses the same service again, the cluster node analyzes the session ID according to the session identification information, and when the node is found to have the session, the cluster node acquires corresponding information according to the session ID; if the node is found to have no session information, the node actively accesses the session storage server according to the request information of the client, pulls the session on the session storage server for service forwarding, and sets the session synchronization type field in the message as well and sets the session synchronization type field as the corresponding code of the session request.

Step (5), after receiving the session information, the session storage server firstly analyzes the type of the synchronous message, and if the type is established, the session is stored; if the session is updated, updating session information including information such as an update time stamp of the session; if the session is of the session clearing type, clearing the session; if the session request type is the case, searching a corresponding session according to the session identification information according to the session request message, and returning the session information to the cluster node requesting the session information.

And (6) the session storage server periodically cleans up overtime session information to release the memory resources. Specifically, the session storage server traverses all the sessions in the memory, judges whether the session is overtime according to the current time, the latest updated time of the session and the aging time of the session, and if judging that the session information is overtime, clears the piece of session information.

The key points in the above steps are step (4) and step (5), namely when the node of the cluster finds that the session information does not exist, the node actively sends a session request message to the session storage server, and pulls the session on the session storage server to forward the service.

In addition, in the above specific embodiment, the method may further include the following steps:

when the cluster node fails and can not normally process the session information, the session storage server can be used as a standby node to take over the session information of the node, so that the continuity of the service is ensured. Specifically, when the cluster node fails, the session storage server can receive the notification of other cluster nodes, and transfer the session information from the failed node to the standby node, so that the normal operation of the service is ensured.

An index table can be established in the memory of the session storage server, the session ID is used as a key, the address of the session information in the memory is used as a value, and the efficiency of searching the session information is improved. Meanwhile, in order to prevent memory overflow, the session storage server may set a memory usage threshold, and when the memory usage exceeds the threshold, the session storage server may suspend accepting a new session request, or perform memory optimization operations, such as compressing, cleaning out expired session information, and the like.

To prevent single point failure, the session storage server may deploy multiple instances, implementing load balancing and fault tolerant processing. In particular, session storage servers of multiple instances may be deployed in different geographic locations or under different network environments, guaranteeing availability and stability of services. Meanwhile, the session storage server can regularly perform data backup and recovery operations, and reliability and integrity of data are ensured.

To improve the security of the service, the session storage server may take some security measures, such as encrypting storage and transmission of session information, restricting illegal access, etc. Meanwhile, the session storage server can set an access control strategy, and only authorized clients can access session information, so that unauthorized access and malicious attack are prevented.

This way session synchronization between clusters can be achieved: if the client end which establishes the session on the cluster with abnormal health state accesses the cloud service corresponding to the session, the node of the gateway cluster which is redistributed according to the predefined algorithm can acquire the session of the original gateway cluster in a mode of actively pulling from the session storage server to realize service forwarding.

Under the condition that the health states of all the clusters are normal, all the cloud gateway clusters do not need to mutually backup session information. When a certain cluster fails as a whole, the access of the client to the cloud service is forwarded by a certain node of another cluster according to a predefined algorithm, and when the node finds that no corresponding session exists, the node acquires the session by sending a session request to the session storage server.

On the basis of ensuring the session synchronization among the clusters, the method reduces the processing burden of the gateway clusters to the greatest extent and improves the high availability of the gateway clusters. And for the session synchronization of the nodes in the cluster, the instant session synchronization can still be realized in a multicast mode, and the method of the embodiment does not influence the normal session synchronization in the cluster.

In addition, this approach has the following advantages:

1. high efficiency: by adopting the active pulling mode, the gateway cluster node can quickly acquire the session information, so that excessive query operations on the session storage server are avoided, and the session acquisition efficiency is improved.

2. Reliability: because the session information is backed up in a plurality of gateway cluster nodes, even if a certain gateway cluster node fails, the session information is not lost, and the reliability and stability of the service are ensured.

3. Scalability: the method can be conveniently extended to more gateway cluster nodes, and only the pulling function of the session storage server is needed to be realized on the newly-added node.

4. Flexibility: for different service demands, the backup strategy of the session storage server can be adjusted according to actual conditions so as to meet the different service demands.

Of course, it is to be understood that other variations of the above detailed procedures are also possible, and all related variations should fall within the protection scope of the present invention.

As described above, the embodiment of the present invention can achieve the following technical effects:

1. an effective session synchronization method is provided for stateful cloud gateway clusters, and is not just synchronization of nodes in the clusters. The method can realize service switching among clusters when the whole cloud gateway cluster fails, a user does not need to establish a new session request again, and user experience is improved.

2. The gateway node adds session synchronization identification including session creation, session update, session cleaning and session request when sending the session to the session storage server, so that after the session storage server receives the message, different processing modes can be directly adopted according to the field, and the processing efficiency of the server is further improved.

3. Under the condition that the health states of all the clusters are normal, session information is not needed to be backed up among all the clusters, and when the whole gateway cluster fails, the node of the gateway cluster redistributed according to the predefined algorithm can actively initiate a session request, so that the session pulled to the original gateway cluster from the session storage server can realize service forwarding. On the basis of ensuring the session synchronization among the clusters, the processing burden of the gateway clusters is reduced to the greatest extent, and the high availability of the gateway clusters is improved. And for the session synchronization of the nodes in the cluster, the instant session synchronization can still be realized in a multicast mode, and the method of the embodiment does not influence the normal session synchronization in the cluster.

4. In addition, compared with the mode of establishing a session storage server, the method does not need to mutually backup session information in real time by means of instant copying among clusters, reduces the processing load of gateway clusters, and improves the session performance and high availability of the clusters.

In order to solve the following problems: the current cluster session synchronization technology is aimed at the synchronization of the node session in the cluster, and can realize service migration when one or a plurality of nodes in the cluster fail, but can not realize service switching among the clusters when the whole gateway cluster fails. Compared with the method of accessing the database or the public memory, the method has the advantages that when the health state of the cluster is normal, the server is not accessed frequently, but the required gateway cluster node actively initiates a session request to acquire information from the server, so that unnecessary session synchronization can be reduced.

The embodiment of the invention provides a session synchronization method among stateful cloud gateway clusters, which can realize service switching among clusters when the whole gateway cluster fails. The accuracy and the reliability of service cluster switching are improved, and the mutual switching among different cloud gateway clusters is facilitated. The embodiment reduces the processing burden of the gateway cluster to the greatest extent on the basis of ensuring the session synchronization among the clusters, and improves the high availability of the gateway cluster.

The embodiment of the invention also provides a session synchronization device between cloud gateway clusters, which is expressed by the following embodiment. Because the principle of the device for solving the problem is similar to that of the session synchronization method between the cloud gateway clusters, the implementation of the device can refer to the implementation of the session synchronization method between the cloud gateway clusters, and the repetition is omitted.

The embodiment of the invention also provides a session synchronization device between cloud gateway clusters, which is used for improving the session performance and high availability of the cloud gateway clusters and reducing the fault processing burden and processing cost of the cloud gateway clusters, as shown in fig. 8, and the device comprises:

a session query module 801, configured to query whether a session corresponding to session identification information exists in a session storage server according to session identification information carried by a target session packet; the node in the cloud gateway cluster is used for receiving a target session message initiated by the target client to cloud service when the node in the original cloud gateway cluster corresponding to the target client fails; the session storage server stores: session information created by each node in different cloud gateway clusters; the session information created by the node is used for representing attribute information and session identification information of the session created by the node according to the session message of the corresponding client;

A session receiving module 802, configured to receive feedback from the session storage server if a session corresponding to the session identification information exists in the session storage server: according to the conversation operation result executed by the conversation synchronous type field of the target conversation message;

and the session feedback module 803 is configured to feed back the session and the session operation result to the target client.

the session storage server is configured to:

receiving session information of the client sent by different nodes;

In one embodiment, the session storage server is further configured to:

A specific embodiment is given below to illustrate a specific application of the apparatus of the present invention, and the system architecture in this embodiment is as follows:

The session storage server can be located outside the cloud gateway clusters, and is communicated with each cloud gateway cluster through a link, and the overall architecture of the server is as shown in fig. 2, and mainly comprises:

session information receiving module: and receiving a session information message sent by any node in the cloud gateway cluster.

Session information processing module: and according to the session synchronization type and the session identification information, storing, updating or clearing, inquiring and other operations are carried out on the session information corresponding to the session synchronization message.

A session information sending module: and sending the corresponding session information to the gateway node of the request according to the session request.

Fig. 1 is an overall structural diagram: when a client on the cloud accesses the cloud service, the cloud gateway cluster forwards the service to the cloud service. The session request of the client is stored in the nodes of the cloud gateway cluster and is synchronized to the session memory; when the gateway cluster node finds that the node does not have the corresponding session information, a session request is sent to a session memory to pull the related information.

Fig. 2 is an overall architecture of a server, and mainly includes a session information receiving module, a session information processing module, and a session information sending module, where specific functions of each module may be as described above.

Fig. 3 is a flowchart of session synchronization of cloud gateway cluster nodes when a client first requests a cloud service: when a client accesses cloud services such as a database, file storage and the like for the first time, a session is created for the client by a node of a cloud gateway cluster through which the access link passes and is stored in a memory of a node of the machine; simultaneously, the gateway node synchronously transmits the session information to a session storage server, and a session synchronization type field in a synchronization message is set as a corresponding code for session creation; after receiving the session information, the session storage server performs type analysis discovery of the synchronous message to be a session creation type, and creates and stores a corresponding session according to a session creation request.

Fig. 4 is a flow chart of cloud gateway cluster node session synchronization when a client sends a session update request. When the session information of the cluster node is updated, the cluster node firstly changes the session information stored by the local machine, synchronously transmits the updated session information to a session storage server, adds a session synchronization type field in a synchronization message, and sets the session synchronization type field as a corresponding code for updating the session; after receiving the session information, the session storage server analyzes the type of the synchronous message to find that the synchronous message is of a session updating type, and updates the corresponding session according to the session identification information.

Fig. 5 is a flow chart of cloud gateway cluster node session synchronization when a client performs a session deletion operation. When the client side carries out operation of triggering session deletion, firstly, a gateway node clears the session stored by the node, synchronously sends a request for clearing session information to a session storage server, adds a session synchronization type field in a synchronization message, and sets the session synchronization type field as a corresponding code for clearing the session; after receiving the session information, the session storage server analyzes the type of the synchronous message to find that the type is a session clearing type, and clears the corresponding session according to the session identification information.

Fig. 6 is a flow chart of inter-cluster session synchronization by a session storage server when cloud gateway cluster node a fails overall, and the client's access is forwarded via nodes of the B-cluster according to a predefined algorithm. When the client accesses the same service again, the cluster node analyzes a session hash value according to the session identification information, and when the node is found to have the session, the cluster node acquires corresponding information according to the session hash value; firstly, session identification information comprises six items of virtual private network ID, source IP, source port, destination IP, destination port and message protocol. Together they constitute the identity of the session, and the session hash value is also obtained by the six terms through a hash algorithm.

If the node is found to have no session information, the node actively accesses the session storage server according to the request information of the client, pulls the session on the session storage server for service forwarding, and sets a session synchronization type field in the message as well and sets the session synchronization type field as a corresponding code of the session request;

after receiving the session information, the session storage server analyzes the type of the synchronous message to find out the type of the session request, searches the corresponding session according to the session identification information according to the session request message, and returns the session information to the cluster node requesting the session information.

Of course, it is understood that other variations of the detailed modules described above are possible, and all related variations should fall within the scope of the present invention.

The embodiment of the invention provides a computer device for realizing all or part of contents in a session synchronization method between cloud gateway clusters, which specifically comprises the following contents:

a processor (processor), a memory (memory), a communication interface (Communications Interface), and a bus; the processor, the memory and the communication interface complete communication with each other through the bus; the communication interface is used for realizing information transmission between related devices; the computer device may be a desktop computer, a tablet computer, a mobile terminal, or the like, and the embodiment is not limited thereto. In this embodiment, the computer device may be implemented with reference to an embodiment for implementing a session synchronization method between cloud gateway clusters and an embodiment for implementing a session synchronization device between cloud gateway clusters, and the contents of the embodiments are incorporated herein, and are not repeated here.

Fig. 9 is a schematic block diagram of a system configuration of a computer device 1000 of an embodiment of the present application. As shown in fig. 9, the computer device 1000 may include a central processor 1001 and a memory 1002; the memory 1002 is coupled to the central processor 1001. Notably, this fig. 9 is exemplary; other types of structures may also be used in addition to or in place of the structures to implement telecommunications functions or other functions.

In an embodiment, session synchronization functionality between cloud gateway clusters may be integrated into the central processor 1001. The central processor 1001 may be configured to control, among other things, the following:

when a node in a cloud gateway cluster corresponding to a target client fails, determining that the node in the cloud gateway cluster is: receiving a target node of a target session message initiated by a target client to cloud service; receiving the target session message initiated by a target client by the target node;

In another embodiment, the session synchronization device between the cloud gateway clusters may be configured separately from the central processor 1001, for example, the session synchronization device between the cloud gateway clusters may be configured as a chip connected to the central processor 1001, and the session synchronization function between the cloud gateway clusters is implemented by the control of the central processor.

As shown in fig. 9, the computer device 1000 may further include: a communication module 1003, an input unit 1004, an audio processor 1005, a display 1006, a power supply 1007. It is noted that the computer device 1000 need not include all of the components shown in fig. 9; in addition, the computer device 1000 may further include components not shown in fig. 9, to which reference is made to the related art.

As shown in fig. 9, the central processor 1001, sometimes also referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device, and the central processor 1001 receives input and controls the operation of the various components of the computer device 1000.

The memory 1002 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information about failure may be stored, and a program for executing the information may be stored. And the central processor 1001 can execute the program stored in the memory 1002 to realize information storage or processing, and the like.

The input unit 1004 provides input to the central processor 1001. The input unit 1004 is, for example, a key or a touch input device. The power supply 1007 is used to provide power to the computer device 1000. The display 1006 is used for displaying display objects such as images and characters. The display may be, for example, but not limited to, an LCD display.

The memory 1002 may be a solid state memory such as Read Only Memory (ROM), random Access Memory (RAM), SIM card, and the like. But also a memory which holds information even when powered down, can be selectively erased and provided with further data, an example of which is sometimes referred to as EPROM or the like. Memory 1002 may also be some other type of device. Memory 1002 includes a buffer memory 1021 (sometimes referred to as a buffer). The memory 1002 may include an application/function storage 1022, the application/function storage 1022 for storing application programs and function programs or for executing a flow of operations of the computer apparatus 1000 by the central processor 1001.

The memory 1002 may also include a data store 1023, the data store 1023 for storing data such as contacts, digital data, pictures, sounds, and/or any other data used by a computer device. The driver store 1024 of the memory 1002 can include various drivers for the computer device for communication functions and/or for performing other functions of the computer device (e.g., messaging applications, address book applications, etc.).

The communication module 1003 is a transmitter/receiver 1003 that transmits and receives signals via an antenna 1008. A communication module (transmitter/receiver) 1003 is coupled to the central processor 1001 to provide an input signal and receive an output signal, which may be the same as in the case of a conventional mobile communication terminal.

Based on different communication technologies, a plurality of communication modules 1003, such as a cellular network module, a bluetooth module, and/or a wireless lan module, etc., may be provided in the same computer device. The communication module (transmitter/receiver) 1003 is also coupled to a speaker 1009 and a microphone 1010 via an audio processor 1005 to provide audio output via the speaker 1009 and to receive audio input from the microphone 1010 to implement usual telecommunications functionality. The audio processor 1005 may include any suitable buffers, decoders, amplifiers and so forth. In addition, an audio processor 1005 is also coupled to the central processor 1001 so that sound can be recorded locally through the microphone 1010 and so that sound stored locally can be played through the speaker 1009.

It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the invention, and is not meant to limit the scope of the invention, but to limit the invention to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the invention are intended to be included within the scope of the invention.

Claims

1. The session synchronization method between cloud gateway clusters is characterized by being applied to nodes in the cloud gateway clusters and comprising the following steps:

2. The method of claim 1, wherein the attribute information of the session comprises: session source destination address, session source destination port and session protocol; the session identification information includes a session hash value; the session hash value corresponds to the client one by one.

3. The method of claim 1, wherein each node in a different cloud gateway cluster is to:

4. The method of claim 3, wherein each node in a different cloud gateway cluster is further to:

5. The method of claim 1, wherein the session synchronization type field of the session message comprises: session creation type, session update type, session clear type, and session request type;

the session storage server is configured to:

receiving session information of the client sent by different nodes;

6. The method of claim 1, wherein the session storage server is further configured to:

7. The session synchronization device between cloud gateway clusters is characterized by being applied to nodes in the cloud gateway clusters and comprising:

8. The apparatus of claim 7, wherein the attribute information of the session comprises: session source destination address, session source destination port and session protocol; the session identification information includes a session hash value; the session hash value corresponds to the client one by one.

9. The apparatus of claim 7, wherein each node in a different cloud gateway cluster is to:

10. The apparatus of claim 8, wherein each node in a different cloud gateway cluster is further to:

11. The apparatus of claim 7, wherein the session synchronization type field of the session message comprises: session creation type, session update type, session clear type, and session request type;

the session storage server is configured to:

receiving session information of the client sent by different nodes;

12. The apparatus of claim 7, wherein the session storage server is further to:

13. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 6 when executing the computer program.

14. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program which, when executed by a processor, implements the method of any of claims 1 to 6.

15. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the method of any of claims 1 to 6.