CN111130892B - Enterprise-level microservice management system and method - Google Patents

Enterprise-level microservice management system and method Download PDF

Info

Publication number
CN111130892B
CN111130892B CN201911378944.1A CN201911378944A CN111130892B CN 111130892 B CN111130892 B CN 111130892B CN 201911378944 A CN201911378944 A CN 201911378944A CN 111130892 B CN111130892 B CN 111130892B
Authority
CN
China
Prior art keywords
service
micro
gateway
management
center
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911378944.1A
Other languages
Chinese (zh)
Other versions
CN111130892A (en
Inventor
余以志
秦文劭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Pudong Development Bank Co Ltd
Original Assignee
Shanghai Pudong Development Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Pudong Development Bank Co Ltd filed Critical Shanghai Pudong Development Bank Co Ltd
Priority to CN201911378944.1A priority Critical patent/CN111130892B/en
Publication of CN111130892A publication Critical patent/CN111130892A/en
Application granted granted Critical
Publication of CN111130892B publication Critical patent/CN111130892B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • H04L41/042Network management architectures or arrangements comprising distributed management centres cooperatively managing the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a management system and a method of enterprise-level microservice, wherein the system comprises: the service gateway is used for route forwarding with the micro service; the service administration platform is used for carrying out full life cycle management on the accessed micro-service, wherein the management comprises service standard management under a development and test environment and service operation state unified administration under a production environment; the registration center is used for registering and discovering the micro-service and recording and managing the mapping relation between the service and the service instance address; and the safety authentication center is used for verifying the identity of the service caller by using the key and Token and establishing the interaction between the service caller and the service provider through the service gateway after the verification is passed. The system and the method adopt a soft load mode, the performance is not limited by hardware equipment, a unified service management system is utilized to realize unified management on micro-services and traditional applications, and subsystems in the system operate independently and cooperate with each other, so that the system and the method have the characteristic of high cohesive loose coupling.

Description

Enterprise-level microservice management system and method
Technical Field
The invention relates to the technical field of enterprise-level microservices, in particular to a management system and a management method of enterprise-level microservices.
Background
Currently, existing enterprise application integration generally utilizes an Enterprise Service Bus (ESB) as a central Service Oriented Architecture (SOA); referring to fig. 1, a schematic diagram of an exemplary enterprise service bus logical architecture is shown. The enterprise service bus eliminates service logic, provides a standardized service management concept, is a bus type enterprise integration platform, realizes integration and interconnection among systems, and mainly has the functions of service unified management, service scheduling and routing, service protocol conversion, service monitoring and the like. The enterprise service bus typically performs load balancing and promotes its high availability and performance via F5. Under an enterprise service bus architecture, all service requestors are connected to the bus and then routed through the bus to the service provider. The bus completely shields the difference in the request calling process, and the transparency to the access service is realized.
With the rapid development of internet business and financial industry, micro-service architecture has become a development trend; the micro service architecture is actually a special SOA, and the design concept of the micro service architecture is derived from the division and the splitting of business modules involved in the project. As microservice architectures are proposed, a number of designs and implementations continue to emerge. Currently, the more common micro-Service architecture includes a decentralized micro-Service architecture (as shown in fig. 2) and a newly-appeared Service grid pattern (Service Mesh) architecture (as shown in fig. 3).
Fig. 2 is a schematic diagram of a decentralized microservice logic architecture in the prior art, where the decentralized microservice architecture is represented by a Spring closed technology system, and may include main components such as service discovery registration, configuration center, message bus, load balancing, circuit breaker, and data monitoring, and is used for mutual invocation of microservices; however, the Spring closed framework cannot solve heterogeneous problems between services, such as communication protocols, message formats, and the like, and cannot perform service management well.
Fig. 3 is a schematic diagram of a logic architecture of a service grid model in the prior art, where the service grid model integrates micro-service functions such as a service gateway into a sidecar by using a sidecar technology, deploys the sidecar and an application program as two independent processes in the same container, and shares resources with the application. The point-to-point communication among the micro services is realized through the mutual communication among the side workshops. In this mode, the microservice program only needs to implement the business function, but from the deployment perspective, since the sidecar and the microservice application are deployed together, the microservice program is invasive.
In summary, the three existing enterprise application integration schemes have the following disadvantages:
the enterprise service bus ESB is a mainstream architecture of the traditional application integration at present, but because the ESB uses F5 for load balancing, the upper limit of the performance is influenced by the performance of F5 hardware, and meanwhile, the ESB does not have the capability of elastic expansion and contraction as required, if the ESB is deployed according to a transaction peak, idle period resource waste is caused, and if the ESB is deployed according to daily transaction amount, a high-concurrency business scene cannot be met.
The decentralized micro-service architecture does not have cross-language heterogeneous integration capability and is not suitable for large-scale popularization and use of the whole enterprise. Meanwhile, the mainstream Spring closed technology only supports the Java language, so that micro-service development or modification cannot be carried out on projects which are not in the Java language, and some introduced manufacturer products do not have the conditions for micro-service modification. This situation results in a large number of inventory systems that cannot enjoy the advantages of the microservice architecture due to the inability to microservice retrofit.
The service grid micro-service architecture solves the problem of cross-language heterogeneity through side cars, but increases operation and maintenance difficulty due to the fact that each side car is deployed at each application end and is complex in function. Even if a control platform is additionally arranged to realize the unified management of the sidecars, the operation and maintenance difficulty is relieved to a certain extent, and the problem that a large number of programs with the same functions are scattered everywhere and are difficult to manage is not fundamentally solved. Meanwhile, since the sidecar and the service program share resources, once a problem occurs, the positioning is difficult.
Therefore, in the prior art, in the complex environment with traditional application and micro-service application, the communication between the traditional application, the micro-service and the communication between the traditional application and the micro-service cannot be supported, and the heterogeneous problems of communication protocols, message formats and the like exist, the micro-service development cost is high, the micro-service cannot be reconstructed for non-Java languages, a uniform service management system cannot be provided for the whole enterprise, the high-concurrency service scene of the internet cannot be supported, and the flexible expansion and contraction cannot be performed as required; therefore, a micro-service management scheme for enterprises is needed to overcome the above defects, realize the integration of the SOA and the micro-service architecture application program, achieve the integration target of online transaction, improve the adaptability of the application integration of the bank IT system, reduce the maintenance cost, and adapt to the rapid development of the banking industry.
Disclosure of Invention
In order to solve the problems, the invention provides a management system and a management method of enterprise-level micro services, which can support communication among traditional applications, micro services and between the traditional applications and the micro services, overcome heterogeneous problems of communication protocols, message formats and the like, greatly reduce the development cost of the micro services, improve the micro services of non-Java languages, provide a uniform service management system for the whole enterprise, support high-concurrency service scenes of the Internet and perform elastic expansion and contraction as required.
In an embodiment of the present invention, a management system for enterprise-level microservices is provided, including: the system comprises a service gateway, a service administration platform, a registration center and a security authentication center; wherein the content of the first and second substances,
the service gateway interacts with the service administration platform, the registration center and the security authentication center and is used for routing forwarding with the micro service;
the service administration platform is used for carrying out full life cycle management on the accessed micro-service, wherein the management comprises service specification management under a development and test environment and service operation state unified administration under a production environment;
the registration center is used for registering and discovering the micro-service and recording and managing the mapping relation between the service and the service instance address;
and the safety authentication center is used for verifying the identity of the service caller by using the key and Token, and establishing the interaction between the service caller and the service provider through the service gateway after the verification is passed.
Further, the system further comprises: and the operation and maintenance monitoring platform is interacted with the service gateway and is used for acquiring and processing the operation data, and displaying, alarming, tracking a link and troubleshooting the operation condition.
Further, the system further comprises: and the configuration center is interacted with the micro-service, is used for storing the static configuration of the micro-service before operation and system variables and/or service parameters which need to be adjusted in the operation process, and provides uniform parameter configuration for the accessed micro-service.
Furthermore, the service gateway is deployed in a distributed manner, is provided with an SDK and a sidecar development tool, performs elastic expansion according to the service requirement, performs load balancing in a software manner, and is also used for fusing degradation, service isolation, flow control and conversion of a communication protocol and a message format.
Further, the service administration platform performs service specification management in a development test environment, including:
under a development test environment, maintaining information including service definition and service release application, and synchronizing the information to the registration center for safety verification during service registration;
the service operation state unified management of the service management platform under the production environment comprises the following steps:
under a production environment, uniformly managing the configuration of the service gateway, synchronizing the configuration information data to the service gateway in real time by using a dynamic updating mechanism, and performing hot updating by the service gateway according to the configuration information; wherein the configuration information of the service gateway includes: load balancing strategy, flow control strategy, service isolation strategy, service fusing strategy, and configuration information for message protocol and format conversion.
Further, the registry is provided with a safety control strategy for identity authentication and authority control, and is matched with the service governance platform for offline governance, so that whether an offline submission application is submitted and whether registration to the registry is allowed or not is judged during automatic registration of the micro-service.
Further, the security authentication center is further configured to generate a Token according to the Token application provided by the service caller, after decrypting with the public key, and according to the identity information, and set an expiration date for the Token.
Further, the service gateway is further configured to interactively cooperate with a security authentication center when receiving a Token-carrying call request initiated by a service caller, perform Token verification after decryption by using a public key, and perform authentication according to authentication information synchronized by the service administration platform.
In an embodiment of the present invention, a method for managing enterprise-level microservices is provided, including:
constructing a management system of enterprise-level micro-services, wherein the management of the enterprise-level micro-services comprises the following steps: the system comprises a service gateway, a service management platform, a registration center and a security authentication center; the service gateway interacts with the service administration platform, the registration center and the security authentication center respectively;
utilizing the service gateway to carry out route forwarding with the micro service;
performing full life cycle management on the accessed micro-services by using the service management platform, wherein the full life cycle management comprises service specification management in a development and test environment and service operation state unified management in a production environment;
performing micro-service registration and micro-service discovery through the registration center, and recording and managing the mapping relation between the service and the service instance address;
and verifying the identity of the service caller by using the key and Token through the security authentication center, and establishing the interaction between the service caller and the service provider through the service gateway after the verification is passed.
Further, the method further comprises:
constructing an operation and maintenance monitoring platform, and interacting with the service gateway;
and the operation and maintenance monitoring platform is used for collecting and processing operation data, and displaying, alarming, link tracking and troubleshooting operation conditions.
Further, the method further comprises:
building a configuration center to interact with the micro-service;
and storing the static configuration of the micro-service before operation, and the system variable and/or the service parameter which need to be adjusted in the operation process by using the configuration center, and providing uniform parameter configuration for the accessed micro-service.
The management system and the management method of the enterprise-level microservice provided by the invention adopt a soft load mode, the performance is not limited by hardware equipment, the service gateway is deployed in a distributed mode and can be elastically stretched and contracted as required, and when the traffic is low, the resource waste is not caused and the problems of heterogeneous integration such as communication protocols, message formats and the like do not exist; meanwhile, a unified service management system is provided, unified management can be performed on micro services and traditional applications, and the subsystems run independently and cooperate with one another, so that the characteristic of high-cohesion loose coupling is achieved; the system and the method also provide simple and easy-to-use development tools such as the SDK, the sidecar and the like, and are convenient for cross-language integration; the whole scheme can reduce the maintenance cost and the development cost of the microservice in practical application.
Drawings
FIG. 1 is a schematic illustration of a service bus logical architecture of an exemplary enterprise of the prior art.
FIG. 2 is a schematic diagram of a decentralized microservice logic architecture of the prior art.
FIG. 3 is a schematic diagram of a prior art service grid schema logical architecture.
FIG. 4 is a diagram illustrating an architecture of a management system for enterprise-level microservices, according to an embodiment of the invention.
Fig. 5 is a schematic diagram of an architecture of a distributed service gateway according to an embodiment of the present invention.
Fig. 6 is a schematic diagram of a service administration platform according to an embodiment of the present invention.
Fig. 7 is a schematic diagram of a security authentication process according to an embodiment of the invention.
Fig. 8 is a schematic diagram of a full link tracking and real-time alarm process of an operation and maintenance monitoring platform according to an embodiment of the present invention.
FIG. 9 is a flowchart illustrating a method for managing enterprise-level microservices, according to an embodiment of the invention.
FIG. 10 is a flowchart illustrating a method for managing enterprise-level microservices, according to another embodiment of the present invention.
Detailed Description
The principles and spirit of the present invention will be described with reference to a number of exemplary embodiments. It is understood that these embodiments are given only to enable those skilled in the art to better understand and to implement the present invention, and do not limit the scope of the present invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
As will be appreciated by one skilled in the art, embodiments of the present invention may be embodied as a system, apparatus, device, method, or computer program product. Accordingly, the present disclosure may be embodied in the form of: entirely hardware, entirely software (including firmware, resident software, micro-code, etc.), or a combination of hardware and software.
According to the embodiment of the invention, a management system and a management method of enterprise-level microservices are provided. The system and the method establish a set of enterprise-level micro-service platform for managing enterprise-level micro-services, the platform takes a service gateway as a center, and a service administration platform, a registration center, a configuration center, a security authentication center and an operation and maintenance monitoring platform are set up in a matching way, and a centralized gateway mode that the interaction between a service caller and a service provider needs to pass through the service gateway is adopted. Meanwhile, in order to enable the traditional application to be capable of carrying out micro-service transformation and reducing the development cost, the SDK and a sidecar development tool are also provided.
The principles and spirit of the present invention are explained in detail below with reference to several representative embodiments of the invention.
FIG. 4 is a diagram of an architecture of a management system for enterprise-level microservices, in accordance with an embodiment of the present invention. As shown in fig. 4, the system includes: the system comprises a service gateway 100, a service administration platform 200, a registration center 300, a security authentication center 400, an operation and maintenance monitoring platform 500 and a configuration center 600; wherein, the first and the second end of the pipe are connected with each other,
the service gateway 100 interacts with the service administration platform 200, the registration center 300, the security authentication center 400 and the operation and maintenance monitoring platform 500, and is used for routing forwarding with the micro service 700;
the service administration platform 200 is used for carrying out full life cycle management on the accessed micro-service 700, wherein the management comprises service specification management under a development test environment and service operation state unified administration under a production environment;
the registry 300 is used for performing micro service registration and micro service discovery, and recording and managing the mapping relation between the service and the service instance address;
and the security authentication center 400 is configured to verify the identity of the service invoker by using the key and Token, and establish interaction between the service invoker and the service provider through the service gateway after the verification is passed.
And the operation and maintenance monitoring platform 500 is used for acquiring and processing operation data, and displaying, alarming, link tracking and troubleshooting operation conditions.
The configuration center 600 interacts with the micro service 700, and is configured to store static configuration of the micro service before operation, system variables and/or service parameters that need to be adjusted during operation, and provide uniform parameter configuration for the accessed micro service 700.
In one embodiment, each part of the management system of the enterprise-level microservice can independently run and interactively cooperate with each other through an API (application program interface) and the like.
In order to explain the above-described management system of enterprise-level microservices more clearly, each of the parts will be described in turn with reference to specific embodiments.
The service gateway 100:
service gateway 100 is the core operational component of the platform, the ultimate goal of which is to implement intelligent routing. Fig. 5 is a schematic diagram of an architecture of a distributed service gateway according to an embodiment of the present invention. As shown in fig. 5, the service gateway 100 is deployed in a distributed manner, and the SDK and the sidecar development tool are provided on the client side.
The service gateway 100 can perform elastic expansion and contraction according to the needs of the service, and perform load balancing in a software manner without being limited by hardware performance.
The calls between the microservices are routed through the service gateway 100.
The service gateway 100 has the functions of fusing degradation, service isolation, flow control and the like besides the basic routing function, is configured with strong adaptive capacity, and can convert a plurality of communication protocols and message formats; it may also interact with the security authentication center 400 to perform identity authentication and authorization for the request.
The enterprise-level microservice platform can provide SDK and sidecar development tools, so that repeated development of each application can be reduced, the size of the SDK/sidecar can be reduced as much as possible, and the updating frequency can be reduced. The functions of service registration and service renewal are realized at a service provider, and the function of load balancing to a specific gateway instance is realized at a service caller. The SDK and the sidecar development tool can also overcome the heterogeneous integration problem of different development languages, and facilitate cross-language integration.
Service governance platform 200:
fig. 6 is a schematic diagram of a service administration platform according to an embodiment of the present invention. As shown in FIG. 6, service administration platform 200 comprises two parts: a service administration platform 201 (development test), a service administration platform 202 (production); wherein, the first and the second end of the pipe are connected with each other,
in the development and test environment, the service administration platform 201 is used to maintain information including service definitions and service release applications, and synchronize the information to the registry 300 for security verification during service registration. That is, upon automatic registration of microservice 700, registry 300 can utilize the synchronized information for security verification.
In a production environment, the service administration platform 202 is configured to perform unified management on the configuration of the service gateway 100, synchronize configuration information data to the service gateway 100 in real time by using a dynamic update mechanism, and perform hot update by the service gateway 100 according to the configuration information; the service gateway configuration information of unified management comprises: load balancing strategy, flow control strategy, service isolation strategy, service fusing strategy, and configuration information for message protocol and format conversion.
The registry 300:
as shown in fig. 4 and 6, the registry 300 records and manages mapping relationships between services and service instance addresses, and provides functions of service registration, service discovery, health check, and the like.
The registry 300 synchronizes information such as a mapping relationship with the service gateway 100, and is used as a "brain" of the service gateway 100, and is provided with a security control policy for identity authentication and authority control, and performs offline administration cooperation with the service administration platform 200, and when the micro-service 700 is automatically registered, determines whether an offline release application is submitted and whether registration to the registry 300 is allowed.
Security authentication center 400:
fig. 7 is a schematic diagram of a security authentication process according to an embodiment of the present invention. In general, the accessed micro-services can be independently operated in a decentralized manner, and the platform becomes more vulnerable due to the increase of attack points in the open architecture, as shown in fig. 7, a security authentication center 400 provides the function of certificate and key management, and an expiration period can be set when Token is generated, and a Token beyond the expiration period will not be approved.
Before each request occurs, the service caller 810 needs to apply for Token to the security authentication center 400, the security authentication center 400 generates Token according to the identity information of an applicant, and the security of interactive information such as identity is ensured through an asymmetric encryption algorithm.
When receiving a call request carrying Token from the service caller 810, the service gateway 100 interacts with the security authentication center 400, performs Token verification after decrypting with the public key, and performs authentication according to the authentication information synchronized by the service administration platform 200. Finally, the service gateway 100 performs routing and forwarding, and sends the request information to the service provider 820.
The operation and maintenance monitoring platform 500:
fig. 8 is a schematic diagram of a full-link tracking and real-time alarm process of an operation and maintenance monitoring platform according to an embodiment of the present invention. As shown in fig. 8, the operation and maintenance monitoring platform 500 is configured to collect operation data through the service gateway 100, and transmit the operation data to the analysis and calculation module 520 through the message bus 510;
after the analysis and calculation, storing the analysis and calculation result in the memory 530, and displaying the service platform operation condition and the micro-service operation condition; the real-time warning module 540 is configured to perform a warning to notify corresponding staff when the analysis calculation result exceeds the warning threshold.
The operation and maintenance monitoring platform 500 can realize functions of real-time data monitoring, alarming, link tracking, troubleshooting and the like. The service gateway 100 serves as a service integration center of a management system of enterprise-level microservices and provides source data for the operation and maintenance monitoring platform, and the operation and maintenance monitoring platform 500 acquires data from the service gateway in real time through a distributed tracking technology and achieves real-time alarm through analysis and calculation of indexes such as response time, success rate and transaction amount. The alarm can be sent by mail, short message and other modes.
The configuration center 600:
the configuration center 600 manages all configuration information of micro-service applications in a unified manner, and realizes that different configuration values of the same program can adapt to different environments by storing static configuration of the service before operation and system variables and/or service parameters which need to be adjusted in the operation process.
The configuration center 600 supports the interfacing configuration and has security measures such as authority management, rollback, audit and the like.
The management system of the enterprise-level micro service provided by the invention can support the communication among traditional applications, micro services and the communication between the traditional applications and the micro services, overcomes the heterogeneous problems of communication protocols, message formats and the like, reduces the development cost of the micro services, can perform micro service transformation on non-Java languages, provides a uniform service management system for the whole enterprise, supports the high-concurrency service scene of the Internet and elastically stretches out and draws back as required; the system can realize integration of SOA and micro-service architecture application programs, achieves the aim of integration of online transaction, improves the application integration adaptability of the bank IT system, reduces maintenance cost, and adapts to rapid development of banking industry.
Having described the system of an exemplary embodiment of the present invention, a method of managing enterprise-level microservices of an exemplary embodiment of the present invention is described next with reference to fig. 9.
As shown in fig. 9, the method includes:
step S901, building a management system of enterprise-level microservice, where the management of enterprise-level microservice includes: the system comprises a service gateway, a service management platform, a registration center and a security authentication center; the service gateway interacts with the service administration platform, the registration center and the security authentication center respectively;
step S902, using the service gateway to perform route forwarding with the microservice;
step S903, using the service management platform to perform full life cycle management on the accessed micro-service, wherein the full life cycle management comprises service specification management in a development test environment and service operation state unified management in a production environment;
step S904, the registration center is used for carrying out micro-service registration and micro-service discovery, and the mapping relation between the service and the service instance address is recorded and managed;
step S905, the identity of the service caller is verified through the security authentication center by using the key and Token, and after the verification is passed, the interaction between the service caller and the service provider is established through the service gateway.
In one embodiment, as shown in fig. 10, the method further includes:
in step S901, the management system of the built enterprise-level microservice further includes: an operation and maintenance monitoring platform and a configuration center; the operation and maintenance monitoring platform interacts with the service gateway, and the configuration center interacts with the micro-service;
and step S906, collecting and processing the operation data by using the operation and maintenance monitoring platform, and displaying, alarming, link tracking and troubleshooting the operation condition.
Step S907, the configuration center is used for storing static configuration of the micro-service before operation and system variables and/or service parameters which need to be adjusted in the operation process, and providing uniform parameter configuration for the accessed micro-service.
It should be noted that although the operations of the method of the present invention have been described in the above embodiments and the accompanying drawings in a particular order, this does not require or imply that these operations must be performed in this particular order, or that all of the operations shown must be performed, to achieve the desired results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
The management system and the management method of the enterprise-level microservice provided by the invention adopt a soft load mode, the performance is not limited by hardware equipment, the service gateway is deployed in a distributed mode and can be elastically stretched and contracted as required, and when the traffic is low, the resource waste is not caused and the problems of heterogeneous integration such as communication protocols, message formats and the like do not exist; meanwhile, a unified service management system is provided, unified management can be performed on micro services and traditional applications, and the subsystems run independently and cooperate with one another, so that the characteristic of high-cohesion loose coupling is achieved; the system and the method also provide simple and easy-to-use development tools such as the SDK, the sidecar and the like, and are convenient for cross-language integration; the whole scheme can reduce the maintenance cost and the development cost of the microservice in practical application.
While the spirit and principles of the invention have been described with reference to several particular embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, nor is the division of aspects, which is for convenience only as the features in such aspects may not be combined to benefit. The invention is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (10)

1. A system for managing enterprise-level microservices, the system comprising: the system comprises a service gateway, a service management platform, a registration center and a security authentication center; wherein the content of the first and second substances,
the service gateway interacts with the service management platform, the registration center and the security authentication center, and is used for forwarding a route between the service gateway and the micro-service, converting the micro-service heterogeneous message, realizing the integration of an SOA (service oriented architecture) and a micro-service architecture application program, and achieving the integration of online transaction; the service gateway is deployed in a distributed mode, elastic expansion is carried out according to the service requirement, load balancing is carried out in a software mode, and an SDK (software development kit) and a sidecar development tool are arranged on one side of a client;
the service administration platform is used for carrying out full life cycle management on the accessed micro-service, wherein the management comprises service specification management under a development and test environment and service operation state unified administration under a production environment; maintaining information including service definition and service release application under a development test environment, and synchronizing the information to the registration center for safety verification during service registration; under a production environment, uniformly managing the configuration information of the service gateway, synchronizing the configuration information to the service gateway in real time by using a dynamic updating mechanism, and performing hot updating by the service gateway according to the configuration information; wherein the configuration information of the service gateway includes: load balancing strategy, flow control strategy, service isolation strategy, service fusing strategy, and configuration information for message protocol and format conversion;
the registration center is used for registering and discovering the micro-service and recording and managing the mapping relation between the service and the service instance address;
and the safety authentication center is used for verifying the identity of the service caller by using the key and Token, and establishing the interaction between the service caller and the service provider through the service gateway after the verification is passed.
2. The system for managing enterprise-wide microservice of claim 1, further comprising: and the operation and maintenance monitoring platform is interacted with the service gateway and is used for acquiring and processing the operation data, and displaying, alarming, tracking a link and troubleshooting the operation condition.
3. The system for managing enterprise-wide microservice of claim 1, further comprising: and the configuration center is interacted with the micro-service, is used for storing the static configuration of the micro-service before operation and the system variable and/or service parameter which needs to be adjusted in the operation process, and provides uniform parameter configuration for the accessed micro-service.
4. The system of claim 1, wherein the service gateway is further configured to perform fuse degradation, service isolation, flow control, and translation of communication protocols.
5. The system for managing enterprise-level microservices according to claim 1, wherein the registry is provided with security control policies for identity authentication and authority control, and cooperates with the service administration platform for offline administration, and when the microservices are automatically registered, whether the published applications are submitted offline and whether registration to the registry is allowed is determined.
6. The system according to claim 1, wherein the security certificate authority is further configured to generate a Token according to the identity information after decrypting the Token application provided by the service caller by using a public key, and set an expiration date for the Token.
7. The system of claim 6, wherein the service gateway is further configured to interact with a security authentication center when receiving a Token-carrying invocation request initiated by a service caller, perform Token verification after decryption by using a public key, and perform authentication according to authentication information synchronized by the service administration platform.
8. A method for managing enterprise-level microservices, the method comprising:
the management system of the enterprise-level micro service is set up, and comprises: the system comprises a service gateway, a service management platform, a registration center and a security authentication center; the service gateway is respectively interacted with the service administration platform, the registration center and the security authentication center;
the service gateway is used for carrying out routing forwarding with the micro-service, and conversion processing is carried out on the micro-service heterogeneous messages, so that integration of an SOA (service oriented architecture) and a micro-service architecture application program is realized, and online transaction integration is achieved; the service gateway is deployed in a distributed mode, elastic expansion is carried out according to the service requirement, load balancing is carried out in a software mode, and an SDK (software development kit) and a sidecar development tool are arranged on one side of a client;
performing full life cycle management on the accessed micro-services by using the service management platform, wherein the full life cycle management comprises service specification management in a development and test environment and service operation state unified management in a production environment; maintaining information including service definition and service release application under a development test environment, and synchronizing the information to the registration center for safety verification during service registration; under a production environment, uniformly managing the configuration information of the service gateway, synchronizing the configuration information to the service gateway in real time by using a dynamic updating mechanism, and performing hot updating by the service gateway according to the configuration information; wherein the configuration information of the service gateway includes: load balancing strategy, flow control strategy, service isolation strategy, service fusing strategy and configuration information for message protocol and format conversion;
performing micro-service registration and micro-service discovery through the registration center, and recording and managing the mapping relation between the service and the service instance address;
and verifying the identity of the service caller by using the key and Token through the security authentication center, and establishing the interaction between the service caller and the service provider through the service gateway after the verification is passed.
9. The method for managing enterprise-wide microservice of claim 8, further comprising:
constructing an operation and maintenance monitoring platform, and interacting with the service gateway;
and the operation and maintenance monitoring platform is used for collecting and processing operation data, and displaying, alarming, link tracking and troubleshooting the operation condition.
10. The method for managing enterprise-level microservices, according to claim 8, further comprising:
building a configuration center to interact with the micro-service;
and storing the static configuration of the micro-service before operation, and the system variable and/or the service parameter which need to be adjusted in the operation process by using the configuration center, and providing uniform parameter configuration for the accessed micro-service.
CN201911378944.1A 2019-12-27 2019-12-27 Enterprise-level microservice management system and method Active CN111130892B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911378944.1A CN111130892B (en) 2019-12-27 2019-12-27 Enterprise-level microservice management system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911378944.1A CN111130892B (en) 2019-12-27 2019-12-27 Enterprise-level microservice management system and method

Publications (2)

Publication Number Publication Date
CN111130892A CN111130892A (en) 2020-05-08
CN111130892B true CN111130892B (en) 2022-11-15

Family

ID=70504242

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911378944.1A Active CN111130892B (en) 2019-12-27 2019-12-27 Enterprise-level microservice management system and method

Country Status (1)

Country Link
CN (1) CN111130892B (en)

Families Citing this family (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111641706A (en) * 2020-05-28 2020-09-08 深圳壹账通智能科技有限公司 Micro service system creating method and device, electronic equipment and storage medium
CN111935286A (en) * 2020-08-12 2020-11-13 创意信息技术股份有限公司 Micro-service framework for software development and construction method thereof
CN112114857B (en) * 2020-09-15 2023-07-07 四川长虹智能制造技术有限公司 Front-end service management method, front-end server and website server
CN112217878A (en) * 2020-09-23 2021-01-12 上海维信荟智金融科技有限公司 High-concurrency request distribution method and system
CN112468340A (en) * 2020-11-24 2021-03-09 上海浦东发展银行股份有限公司 Pre-audit business data configuration system for multiple tenants
WO2022126103A1 (en) * 2020-12-07 2022-06-16 Global Business Software Development Technologies, Inc. Clearing house signaling
CN112612804B (en) * 2020-12-22 2023-03-31 新华三大数据技术有限公司 Service management parameter updating method and device
CN112597183A (en) * 2020-12-23 2021-04-02 深圳迅策科技有限公司 Data service platform based on micro-service system
CN112769828B (en) * 2021-01-11 2022-12-02 广西洪堡智链科技有限公司 Asynchronous microservice method based on sanic
CN112750044A (en) * 2021-01-21 2021-05-04 天元大数据信用管理有限公司 System and method for realizing risk compensation fund management based on micro-service
CN112910770B (en) * 2021-03-23 2022-11-29 深圳前海联动云软件科技有限公司 Distributed service gateway design method and system based on generalization call
CN113315820B (en) * 2021-05-20 2022-11-08 西安华讯科技有限责任公司 Method and device for constructing entity grid network
CN113326148A (en) * 2021-05-23 2021-08-31 城家酒店管理有限公司 Data interaction system based on micro-service
CN113301166B (en) * 2021-06-16 2023-04-07 杭州华橙软件技术有限公司 Service calling method and device, storage medium and electronic device
CN113347274A (en) * 2021-07-02 2021-09-03 大象慧云信息技术有限公司 Data processing system and method for micro-service
CN113472794B (en) * 2021-07-05 2023-08-15 福州数据技术研究院有限公司 Multi-application system authority unified management method based on micro-service and storage medium
CN117941335A (en) * 2021-09-27 2024-04-26 西门子股份公司 Knowledge distribution system, method, apparatus and computer readable medium
CN114035887A (en) * 2021-10-13 2022-02-11 北京能科瑞元数字技术有限公司 Micro-service one-stop type management and control platform based on container technology
CN113709707B (en) * 2021-10-29 2022-03-15 中兴通讯股份有限公司 Method and device for sidecar deployment in service grid, electronic equipment and storage medium
CN114500646B (en) * 2021-12-20 2024-04-26 上海浦东发展银行股份有限公司 Decentralizing ESB cloud platform system and service calling method thereof
CN114374735A (en) * 2021-12-30 2022-04-19 苏州中科先进技术研究院有限公司 Micro-service bus system and block data commanding and scheduling platform
CN114024826B (en) * 2022-01-05 2022-04-12 江苏博云科技股份有限公司 Application multi-active system based on service grid technology and used in distributed ESB scene
CN114666131A (en) * 2022-03-22 2022-06-24 阿里巴巴(中国)有限公司 Certificate management system, certificate management method and certificate management system construction method
CN115086311B (en) * 2022-04-28 2023-10-03 上海浦东发展银行股份有限公司 Management system of enterprise cross-system service based on cloud service bus
CN114978936A (en) * 2022-05-24 2022-08-30 身边云(北京)信息服务有限公司 Method, system and storage medium for upgrading shared service platform
CN115174592A (en) * 2022-06-28 2022-10-11 北京软通智慧科技有限公司 Enterprise-level data request forwarding system and method
CN115484155B (en) * 2022-08-15 2024-05-28 南京国电南自电网自动化有限公司 Management system for multi-web micro-service application
WO2024068023A1 (en) * 2022-09-30 2024-04-04 Lenovo (Singapore) Pte. Ltd. Inter-plane service based architecture in a wireless communications network
CN115756771B (en) * 2022-10-19 2023-09-29 中电金信软件有限公司 Micro-servitization front-end system, workflow scheduling method and device
CN115766601A (en) * 2022-11-09 2023-03-07 华能信息技术有限公司 Routing management method and system based on microservice
CN116032739A (en) * 2022-11-29 2023-04-28 北银金融科技有限责任公司 Multifunctional distributed side car system based on banking core
CN115964193B (en) * 2022-12-16 2023-08-15 上海浦东发展银行股份有限公司 Service calling method, computer equipment and storage medium for grid environment application

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107203376A (en) * 2017-04-11 2017-09-26 国网天津市电力公司信息通信公司 A kind of enterprise-level information system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11057393B2 (en) * 2018-03-02 2021-07-06 Cloudentity, Inc. Microservice architecture for identity and access management
CN109327477A (en) * 2018-12-06 2019-02-12 泰康保险集团股份有限公司 Authentication method, device and storage medium
CN109728974B (en) * 2018-12-27 2023-04-14 北京航天智造科技发展有限公司 Online interface debugging platform

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107203376A (en) * 2017-04-11 2017-09-26 国网天津市电力公司信息通信公司 A kind of enterprise-level information system

Also Published As

Publication number Publication date
CN111130892A (en) 2020-05-08

Similar Documents

Publication Publication Date Title
CN111130892B (en) Enterprise-level microservice management system and method
CN112488679B (en) Cross-link contract analysis method of blockchain, relay chain and cross-link system
CN109981789B (en) Micro service engine based on agent mode
CN101461213B (en) Communication network application activity monitoring and control
CN113079159B (en) Edge computing network system based on block chain
CN111800267B (en) Password service supporting system for unified management
CN110933187A (en) Internet of things data transmission system based on block chain consensus encryption mechanism
US8209412B2 (en) Methods for managing a plurality of devices using protectable communication protocol, including determination of marketing feedback to assess a response to an advertisement
CN110086652A (en) A kind of management system and its method for service network element in 5G core net
CN110111092B (en) Compatible system of payment channel
CN112612629A (en) Method and system for realizing component type data interface
CN113315832B (en) Cross-chain information synchronization method, system and device based on cloud cross-chain transfer protocol
CN112231741B (en) Data processing method, device, medium and electronic equipment based on block chain system
CN108111334B (en) Integration system and method of network application node
WO2020052140A1 (en) International energy network system and information processing method
CN107347089B (en) A kind of resource allocation methods of carrier-class cloud computing system
CN110138779A (en) A kind of Hadoop platform security control method based on multi-protocols reverse proxy
CN112434302A (en) Multitask collaboration vulnerability platform and construction method and service method thereof
CN113965434B (en) API gateway route realization method under cross-machine room scene
CN103001962A (en) Business support method and system
CN117728937B (en) Multi-class data encryption system and method based on cloud password unified service platform
CN114466038B (en) Communication protection system of electric power thing networking
CN115086311B (en) Management system of enterprise cross-system service based on cloud service bus
CN112783049B (en) Lamp networking remote control system based on little service
CN113886061A (en) Industry thing networking operation and maintenance platform

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant