WO2021249268A1 - Method for creating service mesh instance, service mesh system, and multi-cluster system - Google Patents

Method for creating service mesh instance, service mesh system, and multi-cluster system Download PDF

Info

Publication number
WO2021249268A1
WO2021249268A1 PCT/CN2021/098052 CN2021098052W WO2021249268A1 WO 2021249268 A1 WO2021249268 A1 WO 2021249268A1 CN 2021098052 W CN2021098052 W CN 2021098052W WO 2021249268 A1 WO2021249268 A1 WO 2021249268A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
instance
grid
service grid
instances
Prior art date
Application number
PCT/CN2021/098052
Other languages
French (fr)
Chinese (zh)
Inventor
王夕宁
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2021249268A1 publication Critical patent/WO2021249268A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5072Grid computing

Definitions

  • the present disclosure relates to the field of computer technology, and in particular to a method for constructing a service grid instance, a service grid system, and a multi-cluster system.
  • Microservices refers to exposing data and functions as a set of loosely coupled API services, and then combining these API services to solve application requirements. With the help of microservices, organizations can quickly adapt to changing customer needs and provide combined services that can create a competitive advantage.
  • the service grid is a key part of the microservice infrastructure, which can implement calls between services and improve the flexibility and security of applications.
  • Existing service grid construction solutions usually build service grid instances in a microservice architecture to provide governance and traffic management capabilities for multiple services in the microservice architecture.
  • this approach has certain drawbacks, including: the control plane is A single point of failure and a single configuration error may cause the entire control and data plane to fail; the complexity of the control plane configuration requires user maintenance and management, which cannot be managed; the service grid instance is tightly coupled with the lifecycle management of the service runtime environment.
  • a technical problem to be solved by the present disclosure is to provide a service grid construction solution that can solve at least one of the above-mentioned drawbacks.
  • a method for constructing a service grid instance includes: creating a service grid instance in a first operating environment; and registering multiple service instances in a second operating environment to the service Grid instance; deploy the data plane components of the service grid instance to the second operating environment, and deploy the control plane components of the service grid instance that are used to provide strategies and/or configurations for the data plane components to the first operating environment , And deliver the parameters of the control plane component to the second operating environment, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component to implement calls between different service instances.
  • an application running method includes multiple service instances located in a second running environment.
  • the method includes: using data plane components deployed in the second running environment to implement different Calls between service instances, where the control plane components used to provide strategies and/or configurations for the data plane components are deployed in a first operating environment that is different from the second operating environment, and the data plane components and the control plane components constitute multiple A service grid instance of a service instance.
  • a service grid system including: one or more service grid instances, the service grid instances are used to implement calls between different service instances on multiple clusters, and the service grid
  • the data plane components of the grid instance are deployed on multiple clusters, and the control plane components of the service grid instance are deployed in the service grid system.
  • the control plane components are used to provide strategies and/or configurations for the data plane components, and the service grid system Distribute the parameters of the control plane component to multiple clusters, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component to implement calls between different service instances.
  • a multi-cluster system including: multiple clusters, each of which is deployed with one or more service instances; a cluster access controller, used to connect multiple clusters A service grid instance deployed in a service grid system; multiple agent containers, each agent container corresponds to a service instance, the service instance calls the corresponding agent container to communicate with the agent containers corresponding to other service instances; the agent container passes The access portal provided by the portal gateway component deployed in the service grid system obtains the parameters of the control plane component of the service instance.
  • a computing device including: a processor; and a memory on which executable code is stored.
  • the processor is caused to execute the first The method described in the aspect.
  • a non-transitory machine-readable storage medium having executable code stored thereon, and when the executable code is executed by a processor of an electronic device, the processor executes the above-mentioned The method described in one aspect.
  • the life cycle management of the service grid instance and the service runtime environment can be decoupled, which provides support for realizing the hosting of the service grid instance.
  • Fig. 1 shows a schematic principle diagram of a method for constructing a service grid instance according to an embodiment of the present disclosure
  • Figure 2 shows a schematic diagram of the structure of a service grid system and related components deployed in a multi-cluster environment according to an embodiment of the present disclosure
  • FIG. 3 shows a schematic diagram of deploying a proxy container and a process of a non-containerized application together according to an embodiment of the present disclosure
  • Fig. 4 shows a schematic structural diagram of a computing device according to an embodiment of the present disclosure.
  • the service grid is mainly composed of two key components: the data plane and the control plane.
  • the application service deployment is modified to include a dedicated agent component (corresponding to the agent container mentioned below, such as the Sidecar agent).
  • the data plane makes each service not directly call the service through the network, but call its local proxy component to communicate with proxy components in other services.
  • the proxy component encapsulates the complex logic of service-to-service exchange.
  • a group of interconnected proxy components in the service grid constitute the entire data plane.
  • the control plane is used to provide policies and/or configurations for the data plane.
  • the control plane is used to control the agent behavior on the entire service grid. It is possible to specify service routing rules and authentication strategies on the control plane as a whole, or to collect indicators and configure data plane parameters.
  • the communication between the data plane and the control plane is regulated through API definitions.
  • This disclosure proposes a managed service grid construction solution.
  • the life cycle of the service grid instance and the service runtime environment can be decoupled Management to realize the hosting of control plane components.
  • Fig. 1 shows a schematic principle diagram of a method for constructing a service grid instance according to an embodiment of the present disclosure.
  • the second operating environment refers to the operating environment in which the service instance is located, and multiple service instances can be deployed in the second operating environment.
  • the first operating environment is different from the second operating environment.
  • the first operating environment refers to the hosting environment of the service grid, that is, the environment used to create the service grid instance.
  • a service grid instance can be created in the first operating environment, and multiple service instances located in the second operating environment can be registered with the service grid instance.
  • the service grid instance mainly includes data plane components and control plane components.
  • the data plane component can be separated from the service grid instance, and the data plane component can be deployed in the second operating environment.
  • the control plane components used to provide policies and/or configurations for the data plane components are retained in the service grid instance, that is, the control plane components are deployed in the first operating environment.
  • the parameters of the control plane component are delivered to the second operating environment in a predetermined manner, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component to implement calls between different service instances.
  • the parameters of the updated control plane component can be issued to the second operating environment, so that the data plane component can follow the provision strategy and provision provided by the updated control plane component.
  • configuration to implement calls between different service instances can be performed by the user, or can be performed by the system that provides the service grid hosting service (the hosting service grid system described below).
  • the first operating environment may refer to a managed service grid system based on a public cloud, a private cloud, or a hybrid cloud, that is, the managed service grid system may be deployed on a public cloud, a private cloud, or a hybrid cloud.
  • the second operating environment may be a multi-cluster environment.
  • a cluster refers to a collection of logically grouped computer resources running as a unit, which can be an independent physical cluster or a logical cluster group containing multiple physical clusters, such as a Kubernetes cluster.
  • One or more service instances can be deployed in each cluster. All service instances deployed in a multi-cluster environment can form a complete application architecture (such as a microservice architecture).
  • the hosting service grid system provides external hosting services for service grid instances.
  • the method for constructing a service grid instance of the present disclosure can be executed by a managed service grid system, and a service grid instance can be created for service instances deployed on multiple clusters, so as to implement calls between different service instances.
  • the life cycle management of service grid instances and service runtime environments can be decoupled to a certain extent.
  • the configuration parameters of the control plane components can be set and updated by hosting, that is, the hosted service grid system can maintain the configuration of the control plane components without the need for users Maintain the configuration complexity of the control plane.
  • control plane components and data plane components are deployed in different operating environments, even if parameter configuration errors occur during the update of the control plane components, the data plane components can follow the strategy and/or configuration provided by the original control plane components without causing The entire data plane fails.
  • the service grid instance may also include a service registration controller and a service registration library.
  • the service registration controller and the service registration library are deployed in a managed service grid system, and a cluster access controller is also provided in a multi-cluster environment.
  • Multiple clusters can be connected to the service grid instance by the cluster access controller; different service instances on multiple clusters can be registered to the service grid instance by the service registration controller; different service instances on multiple clusters can be registered by the service registry
  • the service registration information of the service instance is managed in a unified manner.
  • the present disclosure can also deploy the ingress gateway component in the service grid instance to the first operating environment, and the ingress gateway component is used to provide an access portal for the data plane component.
  • the entry gateway component can be an access entry that provides control plane parameters to the data plane, and can be implemented by a load balancer in an intranet or a private network.
  • the data plane component may include multiple proxy containers, and each proxy container corresponds to a service instance.
  • the service instance can call the corresponding proxy container to communicate with the proxy container corresponding to other service instances, so as to implement calls between different service instances.
  • the proxy container can be deployed as an out-of-process Sidecar with application instances and is responsible for performing network-level operations and observing all inbound and outbound traffic.
  • Service instances can be divided into containerized applications and non-containerized application processes.
  • the proxy container can be deployed together with the container where the application of the service instance is located; for service instances belonging to the process of non-containerized applications, the node where the process is located can be registered as the working node of the second operating environment , Through the container runtime management environment in the second runtime environment to coordinate the interaction between the process and the agent container corresponding to the process.
  • the present disclosure can also deliver remote service grid metadata related to the configuration parameters of the service instance to the second operating environment, so that the components related to the service grid instance deployed in the second operating environment can be based on the remote service network Grid metadata is synchronized.
  • the method for constructing a service grid instance of the present disclosure can be executed by a service grid system for providing service grid hosting services.
  • the details involved in the present disclosure will be further described below in conjunction with the service grid system.
  • Fig. 2 shows a schematic diagram of the structure of a service grid system and related components deployed in a multi-cluster environment according to an embodiment of the present disclosure.
  • the service grid system 101 provides a capability for externally exposing the control plane of the service grid in a hosted manner.
  • a hosted service grid system 101 can construct multiple different service grid instances 102.
  • the service grid instance 102 is used to implement calls between different service instances on multiple clusters.
  • Each service grid instance 102 provides a complete service grid control plane 104 (corresponding to the control plane components mentioned above), and the data plane components of the service grid instance 102 are deployed on multiple clusters.
  • the service grid control plane 104 is used to provide policies and/or configurations for data plane components.
  • the service grid system 101 can deliver the parameters of the service grid control plane 104 to multiple clusters so that the data plane components can follow the control plane The provision strategy and/or configuration provided by the component to implement calls between different service instances.
  • the components related to the service grid instance 102 deployed on multiple clusters constitute a multi-cluster data plane.
  • the multi-cluster data plane includes a cluster access controller 108, and the cluster access controller 108 can connect multiple clusters to the service grid instance 101.
  • the service grid instance 102 can include a service registration controller 109 and a service registration library 110.
  • the service registration controller 109 can connect multiple clusters to the service grid instance 101.
  • the different service instances of are registered to the service grid instance 101.
  • the service registration controller 109 can simultaneously support unified discovery and registration of services across multiple clusters; each service in the cluster does not depend on other settings and supports any type of exposure mode.
  • the service grid instance 102 can manage routing rule definitions with a declarative API, thereby exposing service endpoints to the service registry in a declarative method.
  • service discovery refers to the process of locating service endpoints from the cluster according to the service name.
  • the service registry 110 can uniformly manage the service registration information of different service instances on multiple clusters. For example, the service registry 110 uniformly manages the registration service information processed by the service registration controller 109, and uniformly stores all the registration service information in a standardized manner.
  • the service grid instance 102 also includes a service grid controller 103 and a service grid entry gateway 105 (corresponding to the entry gateway component mentioned above).
  • the service grid controller 103 is used to set up a service grid control plane 104 and a service grid entry gateway 105, and the service grid entry gateway 105 is used to provide access to the service grid control plane 104 for multiple clusters.
  • the service grid controller 103 provides the ability to decouple the lifecycle management of the service grid instance and the service runtime environment; supports the dynamic creation of the service grid control plane 104 and the service grid entry gateway 105, and supports The configuration parameters of the service grid are dynamically synchronized to update the hosted service grid control plane 104 and the service grid entry gateway 105.
  • the service grid control plane 104 runs in the service grid system 101, provides traffic configuration and control options for agents in the service grid data plane, and can provide flexibility, load balancing, and traffic control functions.
  • the service grid entry gateway 105 is an access entry that provides the managed service grid control plane 104 to multiple clusters of the data plane, and is often implemented by a load balancer of an intranet or a private network.
  • the service grid instance 102 also includes a remote service grid controller 106, which is used to deliver remote service grid metadata 107 related to the configuration parameters of the service instance to multiple clusters, so as to be deployed on multiple clusters and services. Components related to the grid instance can be synchronized with the service grid instance 101 based on the remote service grid metadata 107.
  • the remote service grid controller 106 provides the ability to remotely distribute the remote service grid metadata 107 to the cluster in the service grid, and supports the dynamic synchronization update based on the configuration parameters of the service grid to be sent to the data plane.
  • Remote service grid metadata 107 on the cluster is used to dynamically synchronize the service grid related components and configuration parameters on the data plane multi-cluster to support the proxy container 111 to dynamically adjust with the change of the control plane parameters to ensure that the service grid entry gateway 105 connection capabilities.
  • Service instances deployed on multiple clusters can be divided into containerized application and non-containerized application processes.
  • the proxy container 111 can be deployed as an out-of-process Sidecar together with the application container 112 of the service instance, and is responsible for performing network-level operations and observing all inbound and outbound traffic.
  • the application container 112 refers to the container where the application of the service instance is located, and calls between applications are controlled by the proxy container 111 to intercept flow.
  • the process of non-containerized applications cannot be processed through containerization, and usually needs to share a host network with the proxy container 111.
  • the application process injector 113 deployed in a multi-cluster environment can register the node where the process is located as a worker node of the cluster, and coordinate the process and the process through the container runtime management environment in the cluster.
  • the agent container and application process can be deployed in a pod. After the node where the process is located is registered as a working node of the cluster, the Pod can use the network space and network resources of the node through the Host network.
  • the service grid controller 103 provides the ability to decouple the life cycle management of the service grid instance and the service runtime environment; supports the dynamic creation of the managed service grid control plane 104 and service grid entry The gateway 105 supports the dynamic and synchronous update of the managed service grid control plane 104 and the service grid entry gateway 105 based on the configuration parameters of the service grid; the service registration controller 109 supports the registration of different service instances on multiple clusters to one service network Lattice instances can support unified discovery and registration of services across multiple clusters; each service in the cluster does not depend on other settings and supports any type of exposure method; supports containerized applications and non-containerized applications through the application process injector 113 Unified management.
  • the present disclosure also proposes an application running method.
  • the application mentioned in this embodiment may refer to an application including multiple service instances, that is, an application based on a microservice architecture.
  • the operating environment where the multiple service instances are located is the second operating environment mentioned above.
  • the service grid construction scheme mentioned above can be used to construct corresponding service grid instances for these multiple service instances. For the construction process of the service grid instances, please refer to the relevant description above, which will not be repeated here.
  • the data plane components deployed in the second operating environment can be used to implement calls between different service instances.
  • the control plane component used to provide strategy and/or configuration for the data plane component is deployed in a first operating environment different from the second operating environment, and the data plane component and control The plane component constitutes a service grid instance for these multiple service instances.
  • the data plane component may include multiple proxy containers, and each proxy container corresponds to a service instance.
  • each proxy container corresponds to a service instance.
  • the service instance belonging to the caller can call the corresponding proxy container to communicate with the proxy container corresponding to the other service instances belonging to the callee.
  • the proxy container and service instance please refer to the relevant description above, which will not be repeated here.
  • the present disclosure also provides a multi-cluster system, including: multiple clusters, one or more service instances are deployed on each cluster, multiple clusters may refer to a cluster combination composed of more than one cluster, for example, it may refer to Cluster federation formed by multiple Kubernetes clusters; cluster access controller, used to connect multiple clusters to service grid instances deployed in the service grid system; multiple agent containers, each agent container corresponding to a service instance , The service instance calls the corresponding proxy container to communicate with the proxy container corresponding to other service instances; the proxy container obtains the parameters of the control plane component of the service instance through the access portal provided by the entry gateway component deployed in the service grid system.
  • the multi-cluster system also includes: application process injector, which is used to register the node where the process of non-containerized application is located as the working node of the cluster, and run through the container of the cluster.
  • application process injector which is used to register the node where the process of non-containerized application is located as the working node of the cluster, and run through the container of the cluster.
  • the time management environment coordinates the interaction between the process and the agent container corresponding to the process.
  • the multi-cluster system can also receive remote service grid metadata related to the configuration parameters of the service instance sent by the service grid system, and the components related to the service instance deployed in the multi-cluster system (such as cluster access controller, agent container) ) Synchronization can be based on remote service grid metadata.
  • remote service grid metadata related to the configuration parameters of the service instance sent by the service grid system
  • components related to the service instance deployed in the multi-cluster system such as cluster access controller, agent container
  • Fig. 4 shows a schematic structural diagram of a computing device that can be used to implement the above-mentioned method for constructing a service grid instance according to an embodiment of the present invention.
  • the computing device 400 includes a memory 410 and a processor 420.
  • the processor 420 may be a multi-core processor, or may include multiple processors.
  • the processor 420 may include a general-purpose main processor and one or more special co-processors, such as a graphics processing unit (GPU), a digital signal processor (DSP), and so on.
  • the processor 420 may be implemented using a customized circuit, such as an Application Specific Integrated Circuit (ASIC) or a Field Programmable Gate Array (FPGA, Field Programmable Gate Arrays).
  • ASIC Application Specific Integrated Circuit
  • FPGA Field Programmable Gate Arrays
  • the memory 410 may include various types of storage units, such as a system memory, a read only memory (ROM), and a permanent storage device.
  • the ROM may store static data or instructions required by the processor 420 or other modules of the computer.
  • the permanent storage device may be a readable and writable storage device.
  • the permanent storage device may be a non-volatile storage device that does not lose stored instructions and data even after the computer is powered off.
  • the permanent storage device adopts a large-capacity storage device (such as a magnetic or optical disk, flash memory) as the permanent storage device.
  • the permanent storage device may be a removable storage device (for example, a floppy disk, an optical drive).
  • the system memory can be a readable and writable storage device or a volatile readable and writable storage device, such as dynamic random access memory.
  • the system memory can store some or all of the instructions and data needed by the processor at runtime.
  • the memory 410 may include any combination of computer-readable storage media, including various types of semiconductor memory chips (DRAM, SRAM, SDRAM, flash memory, programmable read-only memory), and magnetic disks and/or optical disks may also be used.
  • the memory 410 may include a removable storage device that can be read and/or written, such as a compact disc (CD), a read-only digital versatile disc (for example, DVD-ROM, dual-layer DVD-ROM), Read-only Blu-ray discs, ultra-density discs, flash memory cards (such as SD cards, min SD cards, Micro-SD cards, etc.), magnetic floppy disks, etc.
  • a removable storage device such as a compact disc (CD), a read-only digital versatile disc (for example, DVD-ROM, dual-layer DVD-ROM), Read-only Blu-ray discs, ultra-density discs, flash memory cards (such as SD cards, min SD cards, Micro-SD cards, etc.), magnetic floppy disks, etc.
  • the computer-readable storage medium does not contain carrier waves and instantaneous electronic signals that are transmitted wirelessly or wiredly.
  • the memory 410 stores executable codes.
  • the processor 420 can be made to execute the method for constructing the service grid instance mentioned above.
  • the method according to the present invention can also be implemented as a computer program or computer program product.
  • the computer program or computer program product includes computer program code instructions for executing the above-mentioned steps defined in the above-mentioned method of the present invention.
  • the present invention can also be implemented as a non-transitory machine-readable storage medium (or computer-readable storage medium, or machine-readable storage medium) on which executable code (or computer program, or computer instruction code) is stored ), when the executable code (or computer program, or computer instruction code) is executed by the processor of the electronic device (or computing device, server, etc.), the processor is caused to execute each step of the above method according to the present invention .
  • each block in the flowchart or block diagram may represent a module, program segment, or part of the code, and the module, program segment, or part of the code contains one or more modules for realizing the specified logical function.
  • Executable instructions may also occur in a different order than marked in the drawings. For example, two consecutive blocks can actually be executed substantially in parallel, or they can sometimes be executed in the reverse order, depending on the functions involved.
  • each block in the block diagram and/or flowchart, and the combination of the blocks in the block diagram and/or flowchart can be implemented by a dedicated hardware-based system that performs the specified functions or operations Or it can be realized by a combination of dedicated hardware and computer instructions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Physics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

Disclosed are a method for creating a service mesh instance, a service mesh system, and a multi-cluster system. The method comprises: creating a service mesh instance in a first runtime environment; registering multiple service instances in a second runtime environment to the service mesh instance; and deploying a data plane component of the service mesh instance into the second runtime environment, deploying a control plane component, used for providing a strategy and/or a configuration for the data plane component, of the service mesh instance into the first runtime environment, and issuing parameters of the control plane component into the second runtime environment, so that the data plane component can implement invocation among different service instances by following the strategy and/or the configuration provided by the control plane component. Therefore, a service mesh instance and life cycle management of service runtime environments can be decoupled, thereby providing support for the implementation of hosting of the service mesh instance.

Description

服务网格实例的构建方法、服务网格系统以及多集群系统Construction method of service grid instance, service grid system and multi-cluster system
本申请要求2020年06月09日递交的申请号为202010516849.X、发明名称为“服务网格实例的构建方法、服务网格系统以及多集群系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application with the application number 202010516849.X and the invention title of "Service Grid Instance Construction Method, Service Grid System and Multi-cluster System" filed on June 9, 2020, and its entire contents Incorporated in this application by reference.
技术领域Technical field
本公开涉及计算机技术领域,特别是涉及一种服务网格实例的构建方法、服务网格系统以及多集群系统。The present disclosure relates to the field of computer technology, and in particular to a method for constructing a service grid instance, a service grid system, and a multi-cluster system.
背景技术Background technique
微服务是指将数据和功能公开为一组松散耦合的API服务方式,然后将这些API服务组合在一起以解决应用需求。借助微服务,组织可以快速适应不断变化的客户需求,并提供可创造竞争优势的组合服务。Microservices refers to exposing data and functions as a set of loosely coupled API services, and then combining these API services to solve application requirements. With the help of microservices, organizations can quickly adapt to changing customer needs and provide combined services that can create a competitive advantage.
随着应用功能复杂度增加以及越来越多的微服务,这些松散耦合的服务需要了解服务之间的依赖关系,以最大程度地减少以后进行更改的麻烦。As the complexity of application functions increases and there are more and more microservices, these loosely coupled services need to understand the dependencies between services to minimize the trouble of making changes in the future.
服务网格是微服务基础结构中的关键部分,可以实现服务之间的调用,提高应用程序的弹性和安全性。现有服务网格构建方案通常是在微服务架构内构建服务网格实例,以为微服务架构内的多个服务提供治理、流量管理能力,但这种方式存在一定的弊端,包括:控制平面是单点故障,单个配置错误可能会导致整个控制与数据平面失效;控制平面的配置复杂性需要用户维护管理,无法做到托管;服务网格实例与服务运行时环境的生命周期管理紧耦合。The service grid is a key part of the microservice infrastructure, which can implement calls between services and improve the flexibility and security of applications. Existing service grid construction solutions usually build service grid instances in a microservice architecture to provide governance and traffic management capabilities for multiple services in the microservice architecture. However, this approach has certain drawbacks, including: the control plane is A single point of failure and a single configuration error may cause the entire control and data plane to fail; the complexity of the control plane configuration requires user maintenance and management, which cannot be managed; the service grid instance is tightly coupled with the lifecycle management of the service runtime environment.
因此,需要一种能够解决上述至少一种弊端的服务网格构建方案。Therefore, there is a need for a service grid construction solution that can solve at least one of the above-mentioned drawbacks.
发明内容Summary of the invention
本公开要解决的一个技术问题是提供一种能够解决上述至少一种弊端的服务网格构建方案。A technical problem to be solved by the present disclosure is to provide a service grid construction solution that can solve at least one of the above-mentioned drawbacks.
根据本公开的第一个方面,提供了一种服务网格实例的构建方法,包括:在第一运行环境中创建服务网格实例;将位于第二运行环境中的多个服务实例注册到服务网格实例;将服务网格实例的数据平面组件部署到第二运行环境中,将服务网格实例的用于为数据平面组件提供策略和/或配置的控制平面组件部署到第一运行环境中,并将控制平面组件的参数下发到第二运行环境中,以使得数据平面组件能够遵循控制平面组件所提供的提供策略和/或配置,来实现不同服务实例之间的调用。According to a first aspect of the present disclosure, a method for constructing a service grid instance is provided, which includes: creating a service grid instance in a first operating environment; and registering multiple service instances in a second operating environment to the service Grid instance; deploy the data plane components of the service grid instance to the second operating environment, and deploy the control plane components of the service grid instance that are used to provide strategies and/or configurations for the data plane components to the first operating environment , And deliver the parameters of the control plane component to the second operating environment, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component to implement calls between different service instances.
根据本公开的第二个方面,还提供了一种应用运行方法,应用包括位于第二运行环境中的多个服务实例,该方法包括:利用部署在第二运行环境中的数据平面组件实现不同服务实例之间的调用,其中,用于为数据平面组件提供策略和/或配置的控制平面组件部署到不同于第二运行环境的第一运行环境中,数据平面组件和控制平面组件构成针对 多个服务实例的服务网格实例。According to a second aspect of the present disclosure, there is also provided an application running method. The application includes multiple service instances located in a second running environment. The method includes: using data plane components deployed in the second running environment to implement different Calls between service instances, where the control plane components used to provide strategies and/or configurations for the data plane components are deployed in a first operating environment that is different from the second operating environment, and the data plane components and the control plane components constitute multiple A service grid instance of a service instance.
根据本公开的第三个方面,还提供了一种服务网格系统,包括:一个或多个服务网格实例,服务网格实例用于实现多个集群上不同服务实例之间的调用,服务网格实例的数据平面组件部署在多个集群上,服务网格实例的控制平面组件部署在服务网格系统中,控制平面组件用于为数据平面组件提供策略和/或配置,服务网格系统将控制平面组件的参数下发给多个集群,以使得数据平面组件能够遵循控制平面组件所提供的提供策略和/或配置,来实现不同服务实例之间的调用。According to the third aspect of the present disclosure, a service grid system is also provided, including: one or more service grid instances, the service grid instances are used to implement calls between different service instances on multiple clusters, and the service grid The data plane components of the grid instance are deployed on multiple clusters, and the control plane components of the service grid instance are deployed in the service grid system. The control plane components are used to provide strategies and/or configurations for the data plane components, and the service grid system Distribute the parameters of the control plane component to multiple clusters, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component to implement calls between different service instances.
根据本公开的第四个方面,还提供了一种多集群系统,包括:多个集群,每个集群上部署一个或多个服务实例;集群接入控制器,用于将多个集群接入部署在服务网格系统中的服务网格实例;多个代理容器,每个代理容器对应一个服务实例,服务实例调用与之对应的代理容器与其他服务实例对应的代理容器进行通信;代理容器通过部署在服务网格系统中的入口网关组件提供的接入入口获取服务实例的控制平面组件的参数。According to the fourth aspect of the present disclosure, a multi-cluster system is also provided, including: multiple clusters, each of which is deployed with one or more service instances; a cluster access controller, used to connect multiple clusters A service grid instance deployed in a service grid system; multiple agent containers, each agent container corresponds to a service instance, the service instance calls the corresponding agent container to communicate with the agent containers corresponding to other service instances; the agent container passes The access portal provided by the portal gateway component deployed in the service grid system obtains the parameters of the control plane component of the service instance.
根据本公开的第五个方面,提供了一种计算设备,包括:处理器;以及存储器,其上存储有可执行代码,当可执行代码被处理器执行时,使处理器执行如上述第一方面所述的方法。According to a fifth aspect of the present disclosure, there is provided a computing device, including: a processor; and a memory on which executable code is stored. When the executable code is executed by the processor, the processor is caused to execute the first The method described in the aspect.
根据本公开的第六个方面,提供了一种非暂时性机器可读存储介质,其上存储有可执行代码,当可执行代码被电子设备的处理器执行时,使处理器执行如上述第一方面所述的方法。According to a sixth aspect of the present disclosure, there is provided a non-transitory machine-readable storage medium having executable code stored thereon, and when the executable code is executed by a processor of an electronic device, the processor executes the above-mentioned The method described in one aspect.
由此,通过将控制平面组件和数据平面组件部署在不同运行环境中,使得可以解耦服务网格实例与服务运行时环境的生命周期管理,为实现服务网格实例的托管提供了支持。Therefore, by deploying the control plane components and the data plane components in different operating environments, the life cycle management of the service grid instance and the service runtime environment can be decoupled, which provides support for realizing the hosting of the service grid instance.
附图说明Description of the drawings
通过结合附图对本公开示例性实施方式进行更详细的描述,本公开的上述以及其它目的、特征和优势将变得更加明显,其中,在本公开示例性实施方式中,相同的参考标号通常代表相同部件。Through a more detailed description of the exemplary embodiments of the present disclosure in conjunction with the accompanying drawings, the above and other objectives, features, and advantages of the present disclosure will become more apparent. Among them, in the exemplary embodiments of the present disclosure, the same reference numerals generally represent The same parts.
图1示出了根据本公开一个实施例的服务网格实例的构建方法的示意性原理图;Fig. 1 shows a schematic principle diagram of a method for constructing a service grid instance according to an embodiment of the present disclosure;
图2示出了根据本公开一个实施例的服务网格系统以及部署在多集群环境中的相关组件的结构示意意图;Figure 2 shows a schematic diagram of the structure of a service grid system and related components deployed in a multi-cluster environment according to an embodiment of the present disclosure;
图3示出了本公开一个实施例的将代理容器与非容器化应用的进程部署在一起的示意图;FIG. 3 shows a schematic diagram of deploying a proxy container and a process of a non-containerized application together according to an embodiment of the present disclosure;
图4示出了根据本公开一个实施例的计算设备的结构示意图。Fig. 4 shows a schematic structural diagram of a computing device according to an embodiment of the present disclosure.
具体实施方式detailed description
下面将参照附图更详细地描述本公开的优选实施方式。虽然附图中显示了本公开的优选实施方式,然而应该理解,可以以各种形式实现本公开而不应被这里阐述的实施方 式所限制。相反,提供这些实施方式是为了使本公开更加透彻和完整,并且能够将本公开的范围完整地传达给本领域的技术人员。Hereinafter, preferred embodiments of the present disclosure will be described in more detail with reference to the accompanying drawings. Although the preferred embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure can be implemented in various forms and should not be limited by the embodiments set forth herein. On the contrary, these embodiments are provided to make the present disclosure more thorough and complete, and to fully convey the scope of the present disclosure to those skilled in the art.
服务网格主要由两个关键的组件组成:数据平面和控制平面。The service grid is mainly composed of two key components: the data plane and the control plane.
在数据平面中,应用服务部署被修改为包括了一个专用的代理组件(对应于下文述及的代理容器,如Sidecar代理)。数据平面使得每个服务不是直接通过网络调用服务,而是调用其本地代理组件与其他服务中的代理组件进行通信。代理组件又封装了服务到服务交换的复杂逻辑。服务网格中的一组相互连接的代理组件构成了整个数据平面。In the data plane, the application service deployment is modified to include a dedicated agent component (corresponding to the agent container mentioned below, such as the Sidecar agent). The data plane makes each service not directly call the service through the network, but call its local proxy component to communicate with proxy components in other services. The proxy component encapsulates the complex logic of service-to-service exchange. A group of interconnected proxy components in the service grid constitute the entire data plane.
控制平面用于为数据平面提供策略和/或配置。换言之,控制平面用于控制整个服务网格上的代理行为。可以在控制平面上总体指定服务路由规则、身份验证策略,或者收集指标并配置数据平面的参数等。一般来说,数据平面和控制平面之间的通信是通过API定义进行规范的。The control plane is used to provide policies and/or configurations for the data plane. In other words, the control plane is used to control the agent behavior on the entire service grid. It is possible to specify service routing rules and authentication strategies on the control plane as a whole, or to collect indicators and configure data plane parameters. Generally speaking, the communication between the data plane and the control plane is regulated through API definitions.
本公开提出了一种托管式的服务网格构建方案,通过将服务网格的控制平面组件和数据平面组件部署在不同运行环境中,可以解耦服务网格实例与服务运行时环境的生命周期管理,实现控制平面组件的托管。This disclosure proposes a managed service grid construction solution. By deploying the control plane components and data plane components of the service grid in different operating environments, the life cycle of the service grid instance and the service runtime environment can be decoupled Management to realize the hosting of control plane components.
图1示出了根据本公开一个实施例的服务网格实例的构建方法的示意性原理图。参见图1,第二运行环境是指服务实例所处的运行环境,第二运行环境中可以部署多个服务实例。第一运行环境不同于第二运行环境。第一运行环境是指服务网格的托管环境,即用于创建服务网格实例的环境。Fig. 1 shows a schematic principle diagram of a method for constructing a service grid instance according to an embodiment of the present disclosure. Referring to Figure 1, the second operating environment refers to the operating environment in which the service instance is located, and multiple service instances can be deployed in the second operating environment. The first operating environment is different from the second operating environment. The first operating environment refers to the hosting environment of the service grid, that is, the environment used to create the service grid instance.
可以在第一运行环境中创建服务网格实例,并将位于第二运行环境中的多个服务实例注册到服务网格实例。A service grid instance can be created in the first operating environment, and multiple service instances located in the second operating environment can be registered with the service grid instance.
服务网格实例主要包括数据平面组件和控制平面组件。在本公开中,可以将数据平面组件从服务网格实例中拆分出去,将数据平面组件部署到第二运行环境中。将用于为数据平面组件提供策略和/或配置的控制平面组件保留在服务网格实例中,即将控制平面组件部署到第一运行环境中。并通过预定的方式将控制平面组件的参数下发到第二运行环境中,以使得数据平面组件能够遵循控制平面组件所提供的提供策略和/或配置,来实现不同服务实例之间的调用。The service grid instance mainly includes data plane components and control plane components. In the present disclosure, the data plane component can be separated from the service grid instance, and the data plane component can be deployed in the second operating environment. The control plane components used to provide policies and/or configurations for the data plane components are retained in the service grid instance, that is, the control plane components are deployed in the first operating environment. The parameters of the control plane component are delivered to the second operating environment in a predetermined manner, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component to implement calls between different service instances.
响应于第一运行环境中控制平面组件的更新,可以将更新后的控制平面组件的参数下发到第二运行环境中,以使得数据平面组件能够遵循更新后控制平面组件所提供的提供策略和/或配置,来实现不同服务实例之间的调用。其中,对控制平面组件进行更新的操作可以由用户执行,也可以由提供服务网格托管服务的系统(如下文述及的托管服务网格系统)执行。In response to the update of the control plane component in the first operating environment, the parameters of the updated control plane component can be issued to the second operating environment, so that the data plane component can follow the provision strategy and provision provided by the updated control plane component. / Or configuration to implement calls between different service instances. Among them, the operation of updating the control plane components can be performed by the user, or can be performed by the system that provides the service grid hosting service (the hosting service grid system described below).
作为示例,第一运行环境可以是指基于公有云、私有云或混合云的托管服务网格系统,即托管服务网格系统可以部署在公有云、私有云或混合云上。第二运行环境可以是多集群环境。集群是指作为一个单元运行的逻辑分组的计算机资源的集合,可以是一个 独立的物理集群,或者一个包含多个物理集群的逻辑集群组,如可以是指Kubernetes集群。每个集群中可以部署一个或多个服务实例。多集群环境中部署的所有服务实例可以构成一个完整的应用架构(如微服务架构)。As an example, the first operating environment may refer to a managed service grid system based on a public cloud, a private cloud, or a hybrid cloud, that is, the managed service grid system may be deployed on a public cloud, a private cloud, or a hybrid cloud. The second operating environment may be a multi-cluster environment. A cluster refers to a collection of logically grouped computer resources running as a unit, which can be an independent physical cluster or a logical cluster group containing multiple physical clusters, such as a Kubernetes cluster. One or more service instances can be deployed in each cluster. All service instances deployed in a multi-cluster environment can form a complete application architecture (such as a microservice architecture).
托管服务网格系统对外提供服务网格实例的托管服务。可以由托管服务网格系统执行本公开的服务网格实例的构建方法,针对部署在多个集群上的服务实例创建服务网格实例,以实现不同服务实例之间的调用。The hosting service grid system provides external hosting services for service grid instances. The method for constructing a service grid instance of the present disclosure can be executed by a managed service grid system, and a service grid instance can be created for service instances deployed on multiple clusters, so as to implement calls between different service instances.
通过将控制平面组件和数据平面组件部署在不同运行环境中,使得可以在一定程度上解耦服务网格实例与服务运行时环境的生命周期管理。以第二运行环境为托管服务网格系统为例,控制平面组件的配置参数的设定、更新可以通过托管的方式实现,即可以由托管服务网格系统维护控制平面组件的配置,而无需用户维护控制平面的配置复杂性。By deploying control plane components and data plane components in different operating environments, the life cycle management of service grid instances and service runtime environments can be decoupled to a certain extent. Taking the second operating environment as a hosted service grid system as an example, the configuration parameters of the control plane components can be set and updated by hosting, that is, the hosted service grid system can maintain the configuration of the control plane components without the need for users Maintain the configuration complexity of the control plane.
并且由于控制平面组件和数据平面组件部署在不同运行环境中,即使控制平面组件在更新时出现参数配置错误,数据平面组件也可以遵循原先控制平面组件所提供的策略和/或配置,不会导致整个数据平面失效。And because the control plane components and data plane components are deployed in different operating environments, even if parameter configuration errors occur during the update of the control plane components, the data plane components can follow the strategy and/or configuration provided by the original control plane components without causing The entire data plane fails.
以第一运行环境为托管服务网格系统,第二运行环境为多集群环境为例,服务网格实例还可以包括服务注册控制器和服务注册库。其中,服务注册控制器和服务注册库部署在托管服务网格系统中,多集群环境中还设有集群接入控制器。可以由集群接入控制器将多个集群接入服务网格实例;由服务注册控制器将多个集群上的不同服务实例注册到服务网格实例;由服务注册库对多个集群上的不同服务实例的服务注册信息进行统一管理。Taking the first operating environment as a hosted service grid system and the second operating environment as a multi-cluster environment as an example, the service grid instance may also include a service registration controller and a service registration library. Among them, the service registration controller and the service registration library are deployed in a managed service grid system, and a cluster access controller is also provided in a multi-cluster environment. Multiple clusters can be connected to the service grid instance by the cluster access controller; different service instances on multiple clusters can be registered to the service grid instance by the service registration controller; different service instances on multiple clusters can be registered by the service registry The service registration information of the service instance is managed in a unified manner.
本公开还可以将服务网格实例中的入口网关组件部署到第一运行环境中,入口网关组件用于为数据平面组件提供接入入口。例如,入口网关组件可以是将控制平面的参数提供给数据平面的接入入口,可以通过内网或私网的负载均衡器实现。The present disclosure can also deploy the ingress gateway component in the service grid instance to the first operating environment, and the ingress gateway component is used to provide an access portal for the data plane component. For example, the entry gateway component can be an access entry that provides control plane parameters to the data plane, and can be implemented by a load balancer in an intranet or a private network.
数据平面组件可以包括多个代理容器,每个代理容器对应一个服务实例。服务实例可以调用与之对应的代理容器与其他服务实例对应的代理容器进行通信,以实现不同服务实例之间的调用。The data plane component may include multiple proxy containers, and each proxy container corresponds to a service instance. The service instance can call the corresponding proxy container to communicate with the proxy container corresponding to other service instances, so as to implement calls between different service instances.
代理容器可以作为进程外Sidecar与应用实例一起部署,并负责执行网络级别操作并观察所有的入站和出站流量。服务实例可以分为容器化应用和非容器化应用的进程。对于属于容器化应用的服务实例,可以将代理容器与服务实例的应用所在容器部署在一起;对于属于非容器化应用的进程的服务实例,可以将进程所在节点注册为第二运行环境的工作节点,通过第二运行环境中的容器运行时管理环境协调进程和与该进程对应的代理容器之间的交互。The proxy container can be deployed as an out-of-process Sidecar with application instances and is responsible for performing network-level operations and observing all inbound and outbound traffic. Service instances can be divided into containerized applications and non-containerized application processes. For service instances belonging to containerized applications, the proxy container can be deployed together with the container where the application of the service instance is located; for service instances belonging to the process of non-containerized applications, the node where the process is located can be registered as the working node of the second operating environment , Through the container runtime management environment in the second runtime environment to coordinate the interaction between the process and the agent container corresponding to the process.
本公开还可以将与服务实例的配置参数相关的远程服务网格元数据下发到第二运行环境中,以便部署在第二运行环境中的与服务网格实例相关的组件能够基于远程服务网格元数据进行同步。The present disclosure can also deliver remote service grid metadata related to the configuration parameters of the service instance to the second operating environment, so that the components related to the service grid instance deployed in the second operating environment can be based on the remote service network Grid metadata is synchronized.
如上文所述,本公开的服务网格实例的构建方法可以由用于提供服务网格托管服务的服务网格系统执行。下面结合服务网格系统就本公开涉及的细节做进一步说明。As described above, the method for constructing a service grid instance of the present disclosure can be executed by a service grid system for providing service grid hosting services. The details involved in the present disclosure will be further described below in conjunction with the service grid system.
图2示出了根据本公开一个实施例的服务网格系统以及部署在多集群环境中的相关组件的结构示意意图。Fig. 2 shows a schematic diagram of the structure of a service grid system and related components deployed in a multi-cluster environment according to an embodiment of the present disclosure.
如图2所示,服务网格系统101提供了一种以托管的方式对外暴露服务网格的控制平面的能力,一个托管服务网格系统101可以构建多个不同的服务网格实例102。As shown in FIG. 2, the service grid system 101 provides a capability for externally exposing the control plane of the service grid in a hosted manner. A hosted service grid system 101 can construct multiple different service grid instances 102.
服务网格实例102用于实现多个集群上不同服务实例之间的调用。每一个服务网格实例102提供了完整的服务网格控制平面104(对应于上文述及的控制平面组件),服务网格实例102的数据平面组件部署在多个集群上。服务网格控制平面104用于为数据平面组件提供策略和/或配置,服务网格系统101可以将服务网格控制平面104的参数下发给多个集群,以使得数据平面组件能够遵循控制平面组件所提供的提供策略和/或配置,来实现不同服务实例之间的调用。The service grid instance 102 is used to implement calls between different service instances on multiple clusters. Each service grid instance 102 provides a complete service grid control plane 104 (corresponding to the control plane components mentioned above), and the data plane components of the service grid instance 102 are deployed on multiple clusters. The service grid control plane 104 is used to provide policies and/or configurations for data plane components. The service grid system 101 can deliver the parameters of the service grid control plane 104 to multiple clusters so that the data plane components can follow the control plane The provision strategy and/or configuration provided by the component to implement calls between different service instances.
部署在多个集群上的与服务网格实例102相关的组件构成了多集群数据平面。多集群数据平面中包括集群接入控制器108,可以由集群接入控制器108将多个集群接入服务网格实例101。服务网格实例102中可以包括服务注册控制器109和服务注册库110,响应于集群接入控制器108将多个集群接入服务网格实例101,服务注册控制器109可以将多个集群上的不同服务实例注册到服务网格实例101。服务注册控制器109同时能够支持跨多个集群的服务统一发现、注册;集群中的每个服务不依赖于其他设置,支持任意类型的暴露方式。作为示例,服务网格实例102可以以声明式API管理路由规则定义,由此可以以声明式方法暴露服务端点到服务注册库中。其中,服务发现是指从集群中根据服务名定位服务端点的过程。The components related to the service grid instance 102 deployed on multiple clusters constitute a multi-cluster data plane. The multi-cluster data plane includes a cluster access controller 108, and the cluster access controller 108 can connect multiple clusters to the service grid instance 101. The service grid instance 102 can include a service registration controller 109 and a service registration library 110. In response to the cluster access controller 108 connecting multiple clusters to the service grid instance 101, the service registration controller 109 can connect multiple clusters to the service grid instance 101. The different service instances of are registered to the service grid instance 101. The service registration controller 109 can simultaneously support unified discovery and registration of services across multiple clusters; each service in the cluster does not depend on other settings and supports any type of exposure mode. As an example, the service grid instance 102 can manage routing rule definitions with a declarative API, thereby exposing service endpoints to the service registry in a declarative method. Among them, service discovery refers to the process of locating service endpoints from the cluster according to the service name.
服务注册库110可以对多个集群上的不同服务实例的服务注册信息进行统一管理。例如,服务注册库110将服务注册控制器109处理的注册服务信息进行统一管理,以一种标准化的方式统一存储所有的注册服务信息。The service registry 110 can uniformly manage the service registration information of different service instances on multiple clusters. For example, the service registry 110 uniformly manages the registration service information processed by the service registration controller 109, and uniformly stores all the registration service information in a standardized manner.
服务网格实例102还包括服务网格控制器103和服务网格入口网关105(对应于上文述及的入口网关组件)。服务网格控制器103用于设置服务网格控制平面104和服务网格入口网关105,服务网格入口网关105用于为多个集群提供服务网格控制平面104的接入入口。The service grid instance 102 also includes a service grid controller 103 and a service grid entry gateway 105 (corresponding to the entry gateway component mentioned above). The service grid controller 103 is used to set up a service grid control plane 104 and a service grid entry gateway 105, and the service grid entry gateway 105 is used to provide access to the service grid control plane 104 for multiple clusters.
具体来说,服务网格控制器103提供了解耦服务网格实例与服务运行时环境的生命周期管理的能力;支持动态创建服务网格控制平面104与服务网格入口网关105,并支持基于服务网格的配置参数动态同步更新托管服务网格控制平面104与服务网格入口网关105。Specifically, the service grid controller 103 provides the ability to decouple the lifecycle management of the service grid instance and the service runtime environment; supports the dynamic creation of the service grid control plane 104 and the service grid entry gateway 105, and supports The configuration parameters of the service grid are dynamically synchronized to update the hosted service grid control plane 104 and the service grid entry gateway 105.
服务网格控制平面104运行于服务网格系统101中,为服务网格数据平面中的代理提供流量配置和控制选项,可提供弹性、负载平衡和流量控制功能。服务网格入口网关 105是将托管服务网格控制平面104提供给数据平面的多个集群的接入入口,往往以内网或私网的负载均衡器实现。The service grid control plane 104 runs in the service grid system 101, provides traffic configuration and control options for agents in the service grid data plane, and can provide flexibility, load balancing, and traffic control functions. The service grid entry gateway 105 is an access entry that provides the managed service grid control plane 104 to multiple clusters of the data plane, and is often implemented by a load balancer of an intranet or a private network.
服务网格实例102还包括远程服务网格控制器106,用于将与服务实例的配置参数相关的远程服务网格元数据107下发给多个集群,以便部署在多个集群上的与服务网格实例相关的组件能够基于远程服务网格元数据107与服务网格实例101进行同步。The service grid instance 102 also includes a remote service grid controller 106, which is used to deliver remote service grid metadata 107 related to the configuration parameters of the service instance to multiple clusters, so as to be deployed on multiple clusters and services. Components related to the grid instance can be synchronized with the service grid instance 101 based on the remote service grid metadata 107.
换言之,远程服务网格控制器106提供了一种远程将远程服务网格元数据107下发到服务网格内集群的能力,并支持基于服务网格的配置参数动态同步更新下发到数据平面集群上的远程服务网格元数据107。远程服务网格元数据107用于动态同步数据平面多集群上的服务网格相关组件和配置参数,以支持代理容器111能够随着控制平面的参数变更而动态调整,保证与服务网格入口网关105的连接能力。In other words, the remote service grid controller 106 provides the ability to remotely distribute the remote service grid metadata 107 to the cluster in the service grid, and supports the dynamic synchronization update based on the configuration parameters of the service grid to be sent to the data plane. Remote service grid metadata 107 on the cluster. The remote service grid metadata 107 is used to dynamically synchronize the service grid related components and configuration parameters on the data plane multi-cluster to support the proxy container 111 to dynamically adjust with the change of the control plane parameters to ensure that the service grid entry gateway 105 connection capabilities.
部署在多个集群上的服务实例可以分为容器化应用和非容器化应用的进程。对于属于容器化应用的服务实例,可以将代理容器111作为进程外Sidecar与服务实例的应用容器112一起部署,并负责执行网络级别操作并观察所有的入站和出站流量。其中应用容器112是指服务实例的应用所在的容器,应用之间的调用经过代理容器111截流控制。Service instances deployed on multiple clusters can be divided into containerized application and non-containerized application processes. For service instances belonging to containerized applications, the proxy container 111 can be deployed as an out-of-process Sidecar together with the application container 112 of the service instance, and is responsible for performing network-level operations and observing all inbound and outbound traffic. The application container 112 refers to the container where the application of the service instance is located, and calls between applications are controlled by the proxy container 111 to intercept flow.
非容器化应用的进程,不能通过容器化处理,通常需要与代理容器111共享一个主机网络。对于非容器化应用的进程的服务实例,可以由部署在多集群环境中的应用进程注入器113将进程所在节点注册为集群的工作节点,通过集群中的容器运行时管理环境协调进程和与该进程对应的代理容器111之间的交互。如图3所示,代理容器和应用进程可以部署在一个pod中,在将进程所在节点注册为集群的工作节点后,Pod可以通过Host网络使用节点的网络空间和网络资源。The process of non-containerized applications cannot be processed through containerization, and usually needs to share a host network with the proxy container 111. For service instances of processes of non-containerized applications, the application process injector 113 deployed in a multi-cluster environment can register the node where the process is located as a worker node of the cluster, and coordinate the process and the process through the container runtime management environment in the cluster. The interaction between the agent containers 111 corresponding to the process. As shown in Figure 3, the agent container and application process can be deployed in a pod. After the node where the process is located is registered as a working node of the cluster, the Pod can use the network space and network resources of the node through the Host network.
综上,通过服务网格控制器103与远程服务网格控制器106提出了一种支持多集群管理的托管服务网格的方法与系统,提供了一种高可用的方式实现跨集群的服务注册、服务发现与流量路由管理;通过服务网格控制器103提供了解耦服务网格实例与服务运行时环境的生命周期管理的能力;支持动态创建托管服务网格控制平面104与服务网格入口网关105,并支持基于服务网格的配置参数动态同步更新托管服务网格控制平面104与服务网格入口网关105;通过服务注册控制器109支持多个集群上的不同服务实例注册于一个服务网格实例,同时能够支持跨多个集群的服务统一发现注册;集群中的每个服务不依赖于其他设置,支持任意类型的暴露方式;通过应用进程注入器113支持容器化应用和非容器化应用的统一管理。In summary, through the service grid controller 103 and the remote service grid controller 106, a method and system for hosting service grids supporting multi-cluster management are proposed, and a highly available way to achieve cross-cluster service registration is provided. , Service discovery and traffic routing management; the service grid controller 103 provides the ability to decouple the life cycle management of the service grid instance and the service runtime environment; supports the dynamic creation of the managed service grid control plane 104 and service grid entry The gateway 105 supports the dynamic and synchronous update of the managed service grid control plane 104 and the service grid entry gateway 105 based on the configuration parameters of the service grid; the service registration controller 109 supports the registration of different service instances on multiple clusters to one service network Lattice instances can support unified discovery and registration of services across multiple clusters; each service in the cluster does not depend on other settings and supports any type of exposure method; supports containerized applications and non-containerized applications through the application process injector 113 Unified management.
本公开还提出了一种应用运行方法。本实施例述及的应用可以是指包括多个服务实例的应用,即基于微服务架构的应用。这多个服务实例所在的运行环境即为上文述及的第二运行环境。可以利用上文述及的服务网格构建方案为这多个服务实例构建对应的服务网格实例,关于服务网格实例的构建过程可以参见上文相关描述,此处不再赘述。The present disclosure also proposes an application running method. The application mentioned in this embodiment may refer to an application including multiple service instances, that is, an application based on a microservice architecture. The operating environment where the multiple service instances are located is the second operating environment mentioned above. The service grid construction scheme mentioned above can be used to construct corresponding service grid instances for these multiple service instances. For the construction process of the service grid instances, please refer to the relevant description above, which will not be repeated here.
在应用运行过程中,在需要进行服务实例之间的调用时,可以利用部署在第二运行 环境中的数据平面组件实现不同服务实例之间的调用。其中,如上文服务网格实例的构建方案所述,用于为数据平面组件提供策略和/或配置的控制平面组件部署到不同于第二运行环境的第一运行环境中,数据平面组件和控制平面组件构成针对这多个服务实例的服务网格实例。In the application running process, when calls between service instances are required, the data plane components deployed in the second operating environment can be used to implement calls between different service instances. Wherein, as described in the construction scheme of the service grid instance above, the control plane component used to provide strategy and/or configuration for the data plane component is deployed in a first operating environment different from the second operating environment, and the data plane component and control The plane component constitutes a service grid instance for these multiple service instances.
作为示例,数据平面组件可以包括多个代理容器,每个代理容器对应一个服务实例。在所述多个服务实例中某一服务实例需要调用其他服务实例时,属于调用方的服务实例可以调用与之对应的代理容器与属于被调用方的其他服务实例对应的代理容器进行通信。关于代理容器和服务实例可以参见上文相关描述,此处不再赘述。As an example, the data plane component may include multiple proxy containers, and each proxy container corresponds to a service instance. When a certain service instance of the multiple service instances needs to call another service instance, the service instance belonging to the caller can call the corresponding proxy container to communicate with the proxy container corresponding to the other service instances belonging to the callee. For the proxy container and service instance, please refer to the relevant description above, which will not be repeated here.
本公开还提供了一种多集群系统,包括:多个集群,每个集群上部署一个或多个服务实例,多个集群可以是指由多于一个的集群构成的集群组合,如可以是指多个Kubernetes集群所构成的集群联邦;集群接入控制器,用于将多个集群接入部署在服务网格系统中的服务网格实例;多个代理容器,每个代理容器对应一个服务实例,服务实例调用与之对应的代理容器与其他服务实例对应的代理容器进行通信;代理容器通过部署在服务网格系统中的入口网关组件提供的接入入口获取服务实例的控制平面组件的参数。The present disclosure also provides a multi-cluster system, including: multiple clusters, one or more service instances are deployed on each cluster, multiple clusters may refer to a cluster combination composed of more than one cluster, for example, it may refer to Cluster federation formed by multiple Kubernetes clusters; cluster access controller, used to connect multiple clusters to service grid instances deployed in the service grid system; multiple agent containers, each agent container corresponding to a service instance , The service instance calls the corresponding proxy container to communicate with the proxy container corresponding to other service instances; the proxy container obtains the parameters of the control plane component of the service instance through the access portal provided by the entry gateway component deployed in the service grid system.
应用实例分为容器化应用和非容器化应用的进程,多集群系统还包括:应用进程注入器,用于将非容器化应用的进程所在节点注册为集群的工作节点,通过所集群的容器运行时管理环境协调进程和与该进程对应的代理容器之间的交互。Application instances are divided into containerized application and non-containerized application processes. The multi-cluster system also includes: application process injector, which is used to register the node where the process of non-containerized application is located as the working node of the cluster, and run through the container of the cluster The time management environment coordinates the interaction between the process and the agent container corresponding to the process.
多集群系统还可以接收服务网格系统发送的与服务实例的配置参数相关的远程服务网格元数据,部署在多集群系统中的与服务实例相关的组件(如集群接入控制器、代理容器)可以基于远程服务网格元数据进行同步。关于多集群系统涉及的细节部分可以参见上文相关描述,此处不再赘述。The multi-cluster system can also receive remote service grid metadata related to the configuration parameters of the service instance sent by the service grid system, and the components related to the service instance deployed in the multi-cluster system (such as cluster access controller, agent container) ) Synchronization can be based on remote service grid metadata. For the details involved in the multi-cluster system, please refer to the relevant description above, which will not be repeated here.
图4示出了根据本发明一实施例可用于实现上述服务网格实例的构建方法的计算设备的结构示意图。Fig. 4 shows a schematic structural diagram of a computing device that can be used to implement the above-mentioned method for constructing a service grid instance according to an embodiment of the present invention.
参见图4,计算设备400包括存储器410和处理器420。Referring to FIG. 4, the computing device 400 includes a memory 410 and a processor 420.
处理器420可以是一个多核的处理器,也可以包含多个处理器。在一些实施例中,处理器420可以包含一个通用的主处理器以及一个或多个特殊的协处理器,例如图形处理器(GPU)、数字信号处理器(DSP)等等。在一些实施例中,处理器420可以使用定制的电路实现,例如特定用途集成电路(ASIC,Application Specific Integrated Circuit)或者现场可编程逻辑门阵列(FPGA,Field Programmable Gate Arrays)。The processor 420 may be a multi-core processor, or may include multiple processors. In some embodiments, the processor 420 may include a general-purpose main processor and one or more special co-processors, such as a graphics processing unit (GPU), a digital signal processor (DSP), and so on. In some embodiments, the processor 420 may be implemented using a customized circuit, such as an Application Specific Integrated Circuit (ASIC) or a Field Programmable Gate Array (FPGA, Field Programmable Gate Arrays).
存储器410可以包括各种类型的存储单元,例如系统内存、只读存储器(ROM),和永久存储装置。其中,ROM可以存储处理器420或者计算机的其他模块需要的静态数据或者指令。永久存储装置可以是可读写的存储装置。永久存储装置可以是即使计算机断电后也不会失去存储的指令和数据的非易失性存储设备。在一些实施方式中,永久性 存储装置采用大容量存储装置(例如磁或光盘、闪存)作为永久存储装置。另外一些实施方式中,永久性存储装置可以是可移除的存储设备(例如软盘、光驱)。系统内存可以是可读写存储设备或者易失性可读写存储设备,例如动态随机访问内存。系统内存可以存储一些或者所有处理器在运行时需要的指令和数据。此外,存储器410可以包括任意计算机可读存储媒介的组合,包括各种类型的半导体存储芯片(DRAM,SRAM,SDRAM,闪存,可编程只读存储器),磁盘和/或光盘也可以采用。在一些实施方式中,存储器410可以包括可读和/或写的可移除的存储设备,例如激光唱片(CD)、只读数字多功能光盘(例如DVD-ROM,双层DVD-ROM)、只读蓝光光盘、超密度光盘、闪存卡(例如SD卡、min SD卡、Micro-SD卡等等)、磁性软盘等等。计算机可读存储媒介不包含载波和通过无线或有线传输的瞬间电子信号。The memory 410 may include various types of storage units, such as a system memory, a read only memory (ROM), and a permanent storage device. Among them, the ROM may store static data or instructions required by the processor 420 or other modules of the computer. The permanent storage device may be a readable and writable storage device. The permanent storage device may be a non-volatile storage device that does not lose stored instructions and data even after the computer is powered off. In some embodiments, the permanent storage device adopts a large-capacity storage device (such as a magnetic or optical disk, flash memory) as the permanent storage device. In other embodiments, the permanent storage device may be a removable storage device (for example, a floppy disk, an optical drive). The system memory can be a readable and writable storage device or a volatile readable and writable storage device, such as dynamic random access memory. The system memory can store some or all of the instructions and data needed by the processor at runtime. In addition, the memory 410 may include any combination of computer-readable storage media, including various types of semiconductor memory chips (DRAM, SRAM, SDRAM, flash memory, programmable read-only memory), and magnetic disks and/or optical disks may also be used. In some embodiments, the memory 410 may include a removable storage device that can be read and/or written, such as a compact disc (CD), a read-only digital versatile disc (for example, DVD-ROM, dual-layer DVD-ROM), Read-only Blu-ray discs, ultra-density discs, flash memory cards (such as SD cards, min SD cards, Micro-SD cards, etc.), magnetic floppy disks, etc. The computer-readable storage medium does not contain carrier waves and instantaneous electronic signals that are transmitted wirelessly or wiredly.
存储器410上存储有可执行代码,当可执行代码被处理器420处理时,可以使处理器420执行上文述及的服务网格实例的构建方法。The memory 410 stores executable codes. When the executable codes are processed by the processor 420, the processor 420 can be made to execute the method for constructing the service grid instance mentioned above.
上文中已经参考附图详细描述了根据本发明的服务网格实例的构建方法、服务网格系统、应用运行方法以及多集群系统。The construction method of the service grid instance, the service grid system, the application operation method and the multi-cluster system according to the present invention have been described in detail above with reference to the accompanying drawings.
此外,根据本发明的方法还可以实现为一种计算机程序或计算机程序产品,该计算机程序或计算机程序产品包括用于执行本发明的上述方法中限定的上述各步骤的计算机程序代码指令。In addition, the method according to the present invention can also be implemented as a computer program or computer program product. The computer program or computer program product includes computer program code instructions for executing the above-mentioned steps defined in the above-mentioned method of the present invention.
或者,本发明还可以实施为一种非暂时性机器可读存储介质(或计算机可读存储介质、或机器可读存储介质),其上存储有可执行代码(或计算机程序、或计算机指令代码),当所述可执行代码(或计算机程序、或计算机指令代码)被电子设备(或计算设备、服务器等)的处理器执行时,使所述处理器执行根据本发明的上述方法的各个步骤。Alternatively, the present invention can also be implemented as a non-transitory machine-readable storage medium (or computer-readable storage medium, or machine-readable storage medium) on which executable code (or computer program, or computer instruction code) is stored ), when the executable code (or computer program, or computer instruction code) is executed by the processor of the electronic device (or computing device, server, etc.), the processor is caused to execute each step of the above method according to the present invention .
本领域技术人员还将明白的是,结合这里的公开所描述的各种示例性逻辑块、模块、电路和算法步骤可以被实现为电子硬件、计算机软件或两者的组合。Those skilled in the art will also understand that the various exemplary logic blocks, modules, circuits, and algorithm steps described in conjunction with the disclosure herein can be implemented as electronic hardware, computer software, or a combination of both.
附图中的流程图和框图显示了根据本发明的多个实施例的系统和方法的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段或代码的一部分,所述模块、程序段或代码的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的实现中,方框中所标记的功能也可以以不同于附图中所标记的顺序发生。例如,两个连续的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行规定的功能或操作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。The flowcharts and block diagrams in the accompanying drawings show the possible implementation architecture, functions, and operations of the system and method according to multiple embodiments of the present invention. In this regard, each block in the flowchart or block diagram may represent a module, program segment, or part of the code, and the module, program segment, or part of the code contains one or more modules for realizing the specified logical function. Executable instructions. It should also be noted that, in some alternative implementations, the functions marked in the blocks may also occur in a different order than marked in the drawings. For example, two consecutive blocks can actually be executed substantially in parallel, or they can sometimes be executed in the reverse order, depending on the functions involved. It should also be noted that each block in the block diagram and/or flowchart, and the combination of the blocks in the block diagram and/or flowchart, can be implemented by a dedicated hardware-based system that performs the specified functions or operations Or it can be realized by a combination of dedicated hardware and computer instructions.
以上已经描述了本发明的各实施例,上述说明是示例性的,并非穷尽性的,并且也不限于所披露的各实施例。在不偏离所说明的各实施例的范围和精神的情况下,对于本 技术领域的普通技术人员来说许多修改和变更都是显而易见的。本文中所用术语的选择,旨在最好地解释各实施例的原理、实际应用或对市场中的技术的改进,或者使本技术领域的其它普通技术人员能理解本文披露的各实施例。The embodiments of the present invention have been described above, and the above description is exemplary, not exhaustive, and is not limited to the disclosed embodiments. Without departing from the scope and spirit of the described embodiments, many modifications and changes are obvious to those of ordinary skill in the art. The choice of terms used herein is intended to best explain the principles, practical applications, or improvements to the technology in the market for each embodiment, or to enable those of ordinary skill in the art to understand the various embodiments disclosed herein.

Claims (18)

  1. 一种服务网格实例的构建方法,包括:A method for constructing a service grid instance includes:
    在第一运行环境中创建服务网格实例;Create a service grid instance in the first operating environment;
    将位于第二运行环境中的多个服务实例注册到所述服务网格实例;Register multiple service instances located in the second operating environment with the service grid instance;
    将所述服务网格实例的数据平面组件部署到所述第二运行环境中,将所述服务网格实例的用于为所述数据平面组件提供策略和/或配置的控制平面组件部署到所述第一运行环境中,并将所述控制平面组件的参数下发到所述第二运行环境中,以使得所述数据平面组件能够遵循所述控制平面组件所提供的提供策略和/或配置,来实现不同服务实例之间的调用。The data plane component of the service grid instance is deployed to the second operating environment, and the control plane component of the service grid instance used to provide policies and/or configurations for the data plane component is deployed to all In the first operating environment, and sending the parameters of the control plane component to the second operating environment, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component , To implement calls between different service instances.
  2. 根据权利要求1所述的方法,还包括:The method according to claim 1, further comprising:
    将所述服务网格实例中的入口网关组件部署到所述第一运行环境中,所述入口网关组件用于为所述数据平面组件提供接入入口。The ingress gateway component in the service grid instance is deployed in the first operating environment, and the ingress gateway component is used to provide an access portal for the data plane component.
  3. 根据权利要求1所述的方法,其中,The method of claim 1, wherein:
    所述数据平面组件包括多个代理容器,每个所述代理容器对应一个服务实例,所述服务实例调用与之对应的代理容器与其他服务实例对应的代理容器进行通信。The data plane component includes a plurality of proxy containers, each of the proxy containers corresponds to a service instance, and the service instance calls the corresponding proxy container to communicate with the proxy containers corresponding to other service instances.
  4. 根据权利要求3所述的方法,还包括:The method according to claim 3, further comprising:
    对于属于容器化应用的服务实例,将所述代理容器与所述服务实例的应用所在容器部署在一起;并且/或者For service instances belonging to containerized applications, deploy the proxy container and the container where the application of the service instance is located together; and/or
    对于属于非容器化应用的进程的服务实例,将所述进程所在节点注册为所述第二运行环境的工作节点,通过所述第二运行环境中的容器运行时管理环境协调所述进程和与该进程对应的代理容器之间的交互。For a service instance belonging to a process of a non-containerized application, the node where the process is located is registered as a working node of the second operating environment, and the process is coordinated with and with the container runtime management environment in the second operating environment. The interaction between the agent containers corresponding to the process.
  5. 根据权利要求1所述的方法,其中,The method of claim 1, wherein:
    所述第一运行环境为基于公有云、私有云或混合云的服务网格系统,所述第二运行环境为多集群环境。The first operating environment is a service grid system based on public cloud, private cloud or hybrid cloud, and the second operating environment is a multi-cluster environment.
  6. 根据权利要求5所述的方法,其中,所述服务网格实例还包括服务注册控制器和服务注册库,所述多集群环境中还设有集群接入控制器,所述将位于第二运行环境中的多个服务实例注册到所述服务网格实例的步骤包括:The method according to claim 5, wherein the service grid instance further includes a service registration controller and a service registration library, and a cluster access controller is also provided in the multi-cluster environment, and the service grid instance is located in the second operation The steps of registering multiple service instances in the environment to the service grid instance include:
    由所述集群接入控制器将多个集群接入所述服务网格实例;Connecting multiple clusters to the service grid instance by the cluster access controller;
    由所述服务注册控制器将所述多个集群上的不同服务实例注册到所述服务网格实例;Registering different service instances on the multiple clusters with the service grid instance by the service registration controller;
    由所述服务注册库对所述多个集群上的不同服务实例的服务注册信息进行统一管理。The service registration library performs unified management of service registration information of different service instances on the multiple clusters.
  7. 根据权利要求1所述的方法,还包括:The method according to claim 1, further comprising:
    将与所述服务实例的配置参数相关的远程服务网格元数据下发到所述第二运行环境中,以便部署在所述第二运行环境中的与所述服务网格实例相关的组件能够基于所述 远程服务网格元数据进行同步。Distribute the remote service grid metadata related to the configuration parameters of the service instance to the second operating environment, so that the components related to the service grid instance deployed in the second operating environment can Synchronize based on the remote service grid metadata.
  8. 一种应用运行方法,所述应用包括位于第二运行环境中的多个服务实例,该方法包括:An application operating method, the application including multiple service instances located in a second operating environment, the method including:
    利用部署在所述第二运行环境中的数据平面组件实现不同服务实例之间的调用,其中,用于为所述数据平面组件提供策略和/或配置的控制平面组件部署到不同于所述第二运行环境的第一运行环境中,所述数据平面组件和所述控制平面组件构成针对所述多个服务实例的服务网格实例。The data plane components deployed in the second operating environment are used to implement calls between different service instances, wherein the control plane components used to provide policies and/or configurations for the data plane components are deployed to be different from the first In the first operating environment of the second operating environment, the data plane component and the control plane component constitute a service grid instance for the multiple service instances.
  9. 根据权利要求8所述的方法,其中,The method according to claim 8, wherein:
    所述数据平面组件包括多个代理容器,每个所述代理容器对应一个服务实例,所述服务实例调用与之对应的代理容器与其他服务实例对应的代理容器进行通信。The data plane component includes a plurality of proxy containers, each of the proxy containers corresponds to a service instance, and the service instance calls the corresponding proxy container to communicate with the proxy containers corresponding to other service instances.
  10. 一种服务网格系统,包括:一个或多个服务网格实例,A service grid system includes: one or more service grid instances,
    服务网格实例用于实现多个集群上不同服务实例之间的调用,The service grid instance is used to implement calls between different service instances on multiple clusters,
    所述服务网格实例的数据平面组件部署在所述多个集群上,所述服务网格实例的控制平面组件部署在所述服务网格系统中,所述控制平面组件用于为所述数据平面组件提供策略和/或配置,The data plane component of the service grid instance is deployed on the multiple clusters, the control plane component of the service grid instance is deployed in the service grid system, and the control plane component is used to provide the data Plane components provide strategy and/or configuration,
    所述服务网格系统将所述控制平面组件的参数下发给所述多个集群,以使得所述数据平面组件能够遵循所述控制平面组件所提供的提供策略和/或配置,来实现不同服务实例之间的调用。The service grid system issues the parameters of the control plane component to the multiple clusters, so that the data plane component can follow the provision strategy and/or configuration provided by the control plane component to achieve different Calls between service instances.
  11. 根据权利要求10所述的服务网格系统,其中,The service grid system according to claim 10, wherein:
    所述服务网格实例还包括服务网格控制器和入口网关组件,所述服务网格控制器用于设置所述控制平面组件和所述入口网关组件,所述入口网关组件用于为所述多个集群提供所述控制平面组件的接入入口。The service grid instance further includes a service grid controller and an ingress gateway component, the service grid controller is used to set the control plane component and the ingress gateway component, and the ingress gateway component is used to provide services for the multiple A cluster provides access to the control plane components.
  12. 根据权利要求10所述的服务网格系统,其中,The service grid system according to claim 10, wherein:
    所述服务网格实例还包括远程服务网格控制器,用于将与所述服务实例的配置参数相关的远程服务网格元数据下发给所述多个集群,以便部署在所述多个集群上的与所述服务网格实例相关的组件能够基于所述远程服务网格元数据与所述服务网格实例进行同步。The service grid instance further includes a remote service grid controller, configured to deliver remote service grid metadata related to the configuration parameters of the service instance to the multiple clusters so as to be deployed in the multiple clusters. The components on the cluster related to the service grid instance can be synchronized with the service grid instance based on the remote service grid metadata.
  13. 根据权利要求10所述的服务网格系统,其中,The service grid system according to claim 10, wherein:
    所述服务网格实例还包括服务注册控制器和服务注册库,The service grid instance also includes a service registration controller and a service registration library,
    响应于部署在所述多个集群上的集群接入控制器将所述多个集群接入所述服务网格实例,所述服务注册控制器将所述多个集群上的不同服务实例注册到所述服务网格实例,所述服务注册库对所述多个集群上的不同服务实例的服务注册信息进行统一管理。In response to the cluster access controller deployed on the multiple clusters accessing the multiple clusters to the service grid instance, the service registration controller registers different service instances on the multiple clusters with For the service grid instance, the service registry database performs unified management of service registration information of different service instances on the multiple clusters.
  14. 一种多集群系统,包括:A multi-cluster system, including:
    多个集群,每个所述集群上部署一个或多个服务实例;Multiple clusters, one or more service instances are deployed on each of the clusters;
    集群接入控制器,用于将所述多个集群接入部署在服务网格系统中的服务网格实 例;A cluster access controller, configured to connect the multiple clusters to a service grid instance deployed in a service grid system;
    多个代理容器,每个所述代理容器对应一个服务实例,所述服务实例调用与之对应的代理容器与其他服务实例对应的代理容器进行通信;A plurality of agent containers, each of the agent containers corresponds to a service instance, and the service instance calls the corresponding agent container to communicate with the agent containers corresponding to other service instances;
    所述代理容器通过部署在服务网格系统中的入口网关组件提供的接入入口获取所述服务实例的控制平面组件的参数。The proxy container obtains the parameters of the control plane component of the service instance through the access portal provided by the portal gateway component deployed in the service grid system.
  15. 根据权利要求14所述的多集群系统,其中,应用实例分为容器化应用和非容器化应用的进程,所述多集群系统还包括:The multi-cluster system according to claim 14, wherein the application instances are divided into the process of containerized applications and non-containerized applications, and the multi-cluster system further comprises:
    应用进程注入器,用于将非容器化应用的进程所在节点注册为集群的工作节点,通过所集群的容器运行时管理环境协调所述进程和与该进程对应的代理容器之间的交互。The application process injector is used to register the node where the process of the non-containerized application is located as the working node of the cluster, and coordinate the interaction between the process and the agent container corresponding to the process through the container runtime management environment of the cluster.
  16. 根据权利要求14所述的多集群系统,其中,The multi-cluster system according to claim 14, wherein:
    所述多集群系统还接收所述服务网格系统发送的与所述服务实例的配置参数相关的远程服务网格元数据,部署在所述多集群系统中的与所述服务实例相关的组件基于所述远程服务网格元数据进行同步。The multi-cluster system also receives remote service grid metadata related to the configuration parameters of the service instance sent by the service grid system, and the components related to the service instance deployed in the multi-cluster system are based on The remote service grid metadata is synchronized.
  17. 一种计算设备,包括:A computing device including:
    处理器;以及Processor; and
    存储器,其上存储有可执行代码,当所述可执行代码被所述处理器执行时,使所述处理器执行如权利要求1至9中任何一项所述的方法。The memory has executable code stored thereon, and when the executable code is executed by the processor, the processor is caused to execute the method according to any one of claims 1 to 9.
  18. 一种非暂时性机器可读存储介质,其上存储有可执行代码,当所述可执行代码被电子设备的处理器执行时,使所述处理器执行如权利要求1至9中任何一项所述的方法。A non-transitory machine-readable storage medium with executable code stored thereon. When the executable code is executed by a processor of an electronic device, the processor is caused to execute any one of claims 1 to 9 The method described.
PCT/CN2021/098052 2020-06-09 2021-06-03 Method for creating service mesh instance, service mesh system, and multi-cluster system WO2021249268A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010516849.X 2020-06-09
CN202010516849.XA CN113296927A (en) 2020-06-09 2020-06-09 Construction method of service grid instance, service grid system and multi-cluster system

Publications (1)

Publication Number Publication Date
WO2021249268A1 true WO2021249268A1 (en) 2021-12-16

Family

ID=77318184

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/098052 WO2021249268A1 (en) 2020-06-09 2021-06-03 Method for creating service mesh instance, service mesh system, and multi-cluster system

Country Status (2)

Country Link
CN (1) CN113296927A (en)
WO (1) WO2021249268A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285889A (en) * 2021-12-21 2022-04-05 中国农业银行股份有限公司 Method, device and equipment for processing configuration information of application service
CN114579199A (en) * 2022-02-22 2022-06-03 阿里巴巴(中国)有限公司 Method, system and storage medium for extending proxy in service grid
CN114637549A (en) * 2022-02-22 2022-06-17 阿里巴巴(中国)有限公司 Data processing method, system and storage medium for service grid-based application
CN114666131A (en) * 2022-03-22 2022-06-24 阿里巴巴(中国)有限公司 Certificate management system, certificate management method and certificate management system construction method
CN114884956A (en) * 2022-07-05 2022-08-09 北京世纪好未来教育科技有限公司 Method and device for realizing multi-cluster architecture and multi-cluster architecture system
CN115174687A (en) * 2022-07-21 2022-10-11 亚信科技(中国)有限公司 Service calling method and device, electronic equipment and storage medium
CN115733746A (en) * 2022-11-09 2023-03-03 中科驭数(北京)科技有限公司 Service grid unit deployment method, device, equipment and storage medium
CN116107564A (en) * 2023-04-12 2023-05-12 中国人民解放军国防科技大学 Data-oriented cloud native software architecture and software platform
CN115733746B (en) * 2022-11-09 2024-06-07 中科驭数(北京)科技有限公司 Deployment method, device and equipment of service grid unit and storage medium

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113542437B (en) * 2021-09-16 2022-02-25 阿里云计算有限公司 Network system, network proxy method and device
CN113709707B (en) * 2021-10-29 2022-03-15 中兴通讯股份有限公司 Method and device for sidecar deployment in service grid, electronic equipment and storage medium
CN114143313B (en) * 2021-11-30 2024-03-19 招商局金融科技有限公司 Cluster communication device and method based on cloud protogenesis and related equipment
CN114745380B (en) * 2022-03-29 2024-02-06 阿里巴巴(中国)有限公司 Service grid-based cross-private network multi-cluster management method and device
CN115426257B (en) * 2022-07-29 2023-09-05 之江实验室 Multi-controller architecture and deployment method for service grid

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109450790A (en) * 2018-10-22 2019-03-08 北京交通大学 A kind of network service function chain wisdom Supply Method based on traffic aware
CN109617873A (en) * 2018-12-06 2019-04-12 中山大学 A kind of flow attacking system of defense based on SDN cloud security function services tree-model
CN109981789A (en) * 2019-04-03 2019-07-05 山东浪潮云信息技术有限公司 A kind of micro services engine based on proxy mode

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109450790A (en) * 2018-10-22 2019-03-08 北京交通大学 A kind of network service function chain wisdom Supply Method based on traffic aware
CN109617873A (en) * 2018-12-06 2019-04-12 中山大学 A kind of flow attacking system of defense based on SDN cloud security function services tree-model
CN109981789A (en) * 2019-04-03 2019-07-05 山东浪潮云信息技术有限公司 A kind of micro services engine based on proxy mode

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114285889A (en) * 2021-12-21 2022-04-05 中国农业银行股份有限公司 Method, device and equipment for processing configuration information of application service
CN114285889B (en) * 2021-12-21 2024-05-17 中国农业银行股份有限公司 Processing method, device and equipment for configuration information of application service
CN114579199A (en) * 2022-02-22 2022-06-03 阿里巴巴(中国)有限公司 Method, system and storage medium for extending proxy in service grid
CN114637549A (en) * 2022-02-22 2022-06-17 阿里巴巴(中国)有限公司 Data processing method, system and storage medium for service grid-based application
CN114579199B (en) * 2022-02-22 2024-04-26 阿里巴巴(中国)有限公司 Method, system and storage medium for expanding agent in service grid
CN114666131A (en) * 2022-03-22 2022-06-24 阿里巴巴(中国)有限公司 Certificate management system, certificate management method and certificate management system construction method
CN114884956A (en) * 2022-07-05 2022-08-09 北京世纪好未来教育科技有限公司 Method and device for realizing multi-cluster architecture and multi-cluster architecture system
CN114884956B (en) * 2022-07-05 2022-09-06 北京世纪好未来教育科技有限公司 Method and device for realizing multi-cluster architecture and multi-cluster architecture system
CN115174687A (en) * 2022-07-21 2022-10-11 亚信科技(中国)有限公司 Service calling method and device, electronic equipment and storage medium
CN115733746A (en) * 2022-11-09 2023-03-03 中科驭数(北京)科技有限公司 Service grid unit deployment method, device, equipment and storage medium
CN115733746B (en) * 2022-11-09 2024-06-07 中科驭数(北京)科技有限公司 Deployment method, device and equipment of service grid unit and storage medium
CN116107564A (en) * 2023-04-12 2023-05-12 中国人民解放军国防科技大学 Data-oriented cloud native software architecture and software platform

Also Published As

Publication number Publication date
CN113296927A (en) 2021-08-24

Similar Documents

Publication Publication Date Title
WO2021249268A1 (en) Method for creating service mesh instance, service mesh system, and multi-cluster system
US11157304B2 (en) System for peering container clusters running on different container orchestration systems
US10782950B2 (en) Function portability for services hubs using a function checkpoint
US20190082004A1 (en) Systems and methods for instantiating services on top of services
US11550641B2 (en) Extending the kubernetes API in-process
US9723110B2 (en) System and method for supporting a proxy model for across-domain messaging in a transactional middleware machine environment
CN109189334B (en) Block chain network service platform, capacity expansion method thereof and storage medium
US20070240171A1 (en) Device, Method, And Computer Program Product For Accessing A Non-Native Application Executing In Virtual Machine Environment
US9648084B2 (en) System and method for providing an in-memory data grid application container
WO2022252995A1 (en) Smart contract deployment method and apparatus
WO2023051232A1 (en) Computing cluster system, security authentication method, node device and storage medium
WO2021043124A1 (en) Kbroker distributed operating system, storage medium, and electronic device
CN111770130B (en) Method for efficient collaborative multiplexing of software and hardware resources in block chain distributed networking
CN113204353A (en) Big data platform assembly deployment method and device
CN112882792A (en) Information loading method, computer device and storage medium
US9106676B1 (en) Grid-based server messaging infrastructure
CN114826869A (en) Device management method and device management system
CN115378944B (en) Network system, service grid configuration method, storage medium and electronic equipment
CN112565340B (en) Service scheduling method, device, computer system and medium for distributed application
CN113259119B (en) Block chain message distribution method and device
CN114598700A (en) Communication method and communication system
CN109413209B (en) Dynamic load balancing method and system based on double queues and registration center
CN113923227A (en) Block chain message distribution method and device
CN110413381A (en) For the method and apparatus to application service container
US20230385121A1 (en) Techniques for cloud agnostic discovery of clusters of a containerized application orchestration infrastructure

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21821404

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21821404

Country of ref document: EP

Kind code of ref document: A1