CN116760834A

CN116760834A - Load balancing method, system, equipment and storage medium

Info

Publication number: CN116760834A
Application number: CN202310495744.4A
Authority: CN
Inventors: 彭彬彬; 黄吉旺
Original assignee: Jinan Inspur Data Technology Co Ltd
Current assignee: Jinan Inspur Data Technology Co Ltd
Priority date: 2023-04-27
Filing date: 2023-04-27
Publication date: 2023-09-15

Abstract

The invention discloses a load balancing method, which comprises the following steps: monitoring the state of the service in the cluster; responding to the monitoring that a new service in the cluster is created, and acquiring a back-end pod group, a load balancing strategy and a service IP corresponding to the new service; establishing a key value pair by taking the service IP as a key value, and recording the key value pair into a map by using a back-end pod group, a load balancing strategy and the accessed times as value values; and responding to the received data packet, inquiring the accessed times, the load balancing strategy and the back-end pod groups corresponding to the service to be accessed in the map according to the service IP carried in the data packet, and forwarding the data packet to one pod in the back-end pod groups based on the corresponding accessed times and the load balancing strategy. The invention also discloses a system, computer equipment and a readable storage medium. According to the scheme, the load balancing strategy is directly inquired after the data traffic is received, so that the load balancing strategy of the service to be accessed is finished before the data packet enters the kernel protocol stack, and the network forwarding efficiency is greatly improved.

Description

Load balancing method, system, equipment and storage medium

Technical Field

The present invention relates to the field of clusters, and in particular, to a load balancing method, system, device, and storage medium.

Background

The current container cloud platform is mostly based on kubernetes (k 8 s) framework, and provides a functional system with application management as a core for users. A set of Pod (minimum management unit of kubernetes schedule, consisting of 1 or more containers) is created for a particular service through k8s, and an external service is provided through a service. service load balancing is mainly achieved through kube-proxy processes on nodes. Taking kube-proxy of an ipvs (IP virtual server) mode as an example, when Service load balancing is implemented, an ipvs0 network card is created in a host machine, and the network card configures the IPs of all services. The flow sequentially passes through a kernel processing function and an iptables (IP information packet filtering) module, finally reaches an ipvs module, and specific load balancing operation is completed in the ipvs module, and the default load balancing strategy is polling. However, the iptables or the ipvs rule needs to pass through a lengthy linux operating system kernel network protocol stack, and the efficiency is relatively low, which causes a certain network delay, and cannot fully meet the application access requirements of high bandwidth and low delay.

Disclosure of Invention

In view of this, in order to overcome at least one aspect of the above-mentioned problems, an embodiment of the present invention proposes a load balancing method, including the following steps:

monitoring the state of the service in the cluster;

responding to the monitoring that a new service in a cluster is created, and acquiring a back-end pod group, a load balancing strategy and a service IP corresponding to the new service;

the service IP is used as a key value, and the back-end pod group, the load balancing strategy and the accessed times are used as value values to create key value pairs and recorded into a map;

and responding to the received data packet, inquiring the accessed times, the load balancing strategy and the back-end pod groups corresponding to the service to be accessed in the map according to the service IP carried in the data packet, and forwarding the data packet to one pod in the back-end pod groups based on the corresponding accessed times and the load balancing strategy.

In some embodiments, further comprising:

and in response to monitoring that the service in the cluster is updated, acquiring updated information and updating the corresponding value in the map by utilizing the updated information.

In some embodiments, in response to receiving a data packet, querying, in the map, the number of accesses, the load balancing policy, and the backend pod group corresponding to a service to be accessed according to a service IP carried in the data packet, and forwarding the data packet to one of the pods in the backend pod group based on the corresponding number of accesses and the load balancing policy, further including:

creating an ebpf program and mounting the ebpf program to a preset position of a cluster;

receiving the data packet by utilizing the ebpf program and inquiring the map based on the service IP carried in the data packet so as to forward the data packet to one pod in the back-end pod group;

and updating the accessed times corresponding to the service to be accessed in the map.

In some embodiments, receiving the data packet using the ebpf program and querying the map based on a service IP carried in the data packet to forward the data packet to one of the set of backend pods further comprises:

performing remainder taking operation on the accessed times and the number of the pod in the back-end pod group;

and forwarding the data packet to the pod corresponding to the value obtained after the remainder taking operation.

In some embodiments, creating and mounting the ebpf program to a preset location of the cluster further comprises:

mounting the ebpf program to a socket layer of the cluster kernel;

and receiving a data packet corresponding to east-west access by utilizing the ebpf program of the socket layer.

mounting the ebpf program to an XDP position of the cluster kernel;

and receiving a data packet corresponding to the north-south access by using the ebpf program of the XDP position.

In some embodiments, further comprising:

in response to detecting that the service is deleted, the corresponding key-value pair in the map is deleted.

Based on the same inventive concept, according to another aspect of the present invention, an embodiment of the present invention further provides a load balancing system, including:

the monitoring module is configured to monitor the state of the service in the cluster;

the acquisition module is configured to respond to the fact that a new service in the cluster is established, and acquire a back-end pod group, a load balancing strategy and a service IP corresponding to the new service;

the recording module is configured to establish a key value pair by taking the service IP as a key value, the back-end pod group, the load balancing strategy and the accessed times as a value and record the key value pair into a map;

the receiving module is configured to respond to the received data packet, inquire the accessed times, the load balancing strategy and the back-end pod groups corresponding to the service to be accessed in the map according to the service IP carried in the data packet, and forward the data packet to one pod in the back-end pod groups based on the corresponding accessed times and the load balancing strategy.

Based on the same inventive concept, according to another aspect of the present invention, an embodiment of the present invention further provides a computer apparatus, including:

at least one processor; and

a memory storing a computer program executable on the processor, the processor executing the program to perform the steps of:

monitoring the state of the service in the cluster;

In some embodiments, further comprising:

mounting the ebpf program to a socket layer of the cluster kernel;

mounting the ebpf program to an XDP position of the cluster kernel;

In some embodiments, further comprising:

Based on the same inventive concept, according to another aspect of the present invention, there is also provided a computer-readable storage medium storing a computer program which, when executed by a processor, performs the steps of:

monitoring the state of the service in the cluster;

In some embodiments, further comprising:

mounting the ebpf program to a socket layer of the cluster kernel;

mounting the ebpf program to an XDP position of the cluster kernel;

In some embodiments, further comprising:

The invention has one of the following beneficial technical effects: according to the scheme, when the data traffic is received, the load balancing strategy is directly inquired, so that the load balancing strategy of the service to be accessed is finished before the data packet enters the kernel protocol stack, and the network forwarding efficiency is greatly improved.

Drawings

In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are necessary for the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention and that other embodiments may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a flow chart of a load balancing method according to an embodiment of the present invention;

fig. 2 is a flow chart of a load balancing method according to an embodiment of the present invention;

FIG. 3 is a flow path of a conventional implementation;

FIG. 4 is a flow path for an ebpf-based program implementation;

fig. 5 is a schematic structural diagram of a load balancing system according to an embodiment of the present invention;

FIG. 6 is a schematic diagram of a computer device according to an embodiment of the present invention;

fig. 7 is a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention will be described in further detail with reference to the accompanying drawings.

It should be noted that, in the embodiments of the present invention, all the expressions "first" and "second" are used to distinguish two entities with the same name but different entities or different parameters, and it is noted that the "first" and "second" are only used for convenience of expression, and should not be construed as limiting the embodiments of the present invention, and the following embodiments are not described one by one.

In an embodiment of the present invention, kubernetes (k 8 s): the open source container arrangement framework with the largest using amount of the container cloud platform can realize automatic dispatching, expansion, fault recovery and the like of containers.

pod: the smallest management unit of kubernetes scheduling consists of 1 or more containers that share namespaces of processes, networks, etc.

ebpf: a user-written program capable of running in a Linux kernel is essentially a virtual machine running in a kernel mode, so that a user can load a technology for running a user-defined program in the kernel, and the user and the kernel can interact data as required to manage the behavior of the kernel at any time.

iptables: the information packet filtering system in the Linux operating system kernel can realize the operations of receiving, forwarding, deleting and the like of the data packet according to specific matching conditions.

ipvs: and the fourth layer of the network protocol stack of the Linux kernel is operated to provide load balancing capability.

Service: a service resource in k8s, through which a particular set of Pod can be accessed, provides load balancing functionality.

According to an aspect of the present invention, an embodiment of the present invention proposes a load balancing method, as shown in fig. 1, which may include the steps of:

s1, monitoring the state of a service in a cluster;

s2, responding to the fact that a new service in the cluster is established, and acquiring a back-end pod group, a load balancing strategy and a service IP corresponding to the new service;

s3, establishing a key value pair by taking the service IP as a key value, and recording the key value pair into a map by taking the back-end pod group, the load balancing strategy and the accessed times as value values;

s4, responding to the received data packet, inquiring the accessed times, the load balancing strategy and the back-end pod groups corresponding to the service to be accessed in the map according to the service IP carried in the data packet, and forwarding the data packet to one pod in the back-end pod groups based on the corresponding accessed times and the load balancing strategy.

According to the scheme, when the data traffic is received, the load balancing strategy is directly inquired, so that the load balancing strategy of the service to be accessed is finished before the data packet enters the kernel protocol stack, and the network forwarding efficiency is greatly improved.

In some embodiments, further comprising:

Specifically, as shown in fig. 2, a program listening to the API Server and a map named index may be created at the time of initialization. Thus, the change of the resources in k8s can be monitored. For example, it may be monitored that a new service (service) is created, at this time, service detailed information may be obtained, and the load balancing policy, the corresponding pod group and the number of accesses of the current service are resolved from the annotation information of the service, and then a key value pair is created by using the service IP as a key value, where the load balancing policy, the corresponding pod group and the number of accesses are stored in the map. If it is monitored that the service in the cluster is updated, the updated information is acquired, and then the corresponding value in the map is updated by using the updated information, for example, if the load balancing policy of a service is updated, the corresponding value is updated in the map based on the IP of the service.

mounting the ebpf program to a socket layer of the cluster kernel;

mounting the ebpf program to an XDP position of the cluster kernel;

Specifically, as shown in fig. 2, writing an ebpf program, reading the index map, and mounting the ebpf program to a socket layer and an XDP position of a node kernel in the cluster. If the load balancing policy is polling, when a node or Pod in the cluster initiates east-west access through a service, the traffic first enters a socket layer, where the index map is queried according to the IP of the service to be accessed of the data packet, the number of accessed times in the value obtained at this time is 0, and if 3 rear-end pods corresponding to the service exist, the remainder taking operation is performed by using 0 and Pod array length to obtain 0, namely, the 1 st Pod in the Pod array is taken at this time. After the back-end Pod selection is completed, the accessed times in the value are added with 1 and updated to the index map. And inquiring index map when accessing the service next time, wherein the accessed times in the obtained value is 1, and obtaining 1 by taking the remainder of the length of the Pod array, namely taking the 2 nd Pod in the Pod array, and the like, so that the load balancing strategy of a polling mode can be realized. When the outside of the cluster initiates the north-south access through the nodeprot, the external traffic reaches the XDP mounting point after reaching the network card, and is consistent with the processing logic at the socket.

Thus, as shown in fig. 3 and fig. 4, by installing the ebpf program on the kernel path, the traffic is changed from the original requirement to a socket mount point (XDP mount point) to DNAT PodIP by sequentially passing through the IPVS0 network card, XDP, alloc_skb, GRO, TC ingress, raw pre routing, connrack, mangle PREROUTING, nat pre routing, mangle INPUT, nat INPUT, filter INPUT, IPVS module, DNAT PodIP, thereby bypassing the unnecessary operating system kernel network protocol stack.

In some embodiments, further comprising:

Specifically, when a service is deleted, the corresponding record in the index map is cleaned up.

The proposal of the invention acquires the detailed information of the k8s service resource by monitoring the API Server, and updates the specific map according to the load balancing strategy of the service. And E, mounting the ebpf program on the node, triggering the ebpf program mounted on the node to query the map to determine the back-end Pod by accessing the service, and finishing the polling load balancing strategy of the service before the data packet enters the kernel protocol stack, thereby greatly improving the network forwarding efficiency.

Based on the same inventive concept, according to another aspect of the present invention, there is further provided a load balancing system 400, as shown in fig. 5, including:

a monitoring module 401 configured to monitor a state of a service in the cluster;

an obtaining module 402, configured to obtain a back-end pod group, a load balancing policy and a service IP corresponding to a new service in a cluster in response to monitoring that the new service is created;

a recording module 403, configured to create a key value pair with the service IP as a key value, the backend pod group, the load balancing policy, and the number of times of being accessed as a value, and record the key value pair in a map;

and the receiving module 404 is configured to respond to the received data packet, query the accessed times, the load balancing policy and the back-end pod groups corresponding to the service to be accessed in the map according to the service IP carried in the data packet, and forward the data packet to one pod in the back-end pod groups based on the corresponding accessed times and the load balancing policy.

In some embodiments, the acquisition module 402 is further configured to:

In some embodiments, the receiving module 404 is further configured to:

In some embodiments, the receiving module 404 is further configured to: :

mounting the ebpf program to a socket layer of the cluster kernel;

In some embodiments, the receiving module 404 is further configured to:

mounting the ebpf program to an XDP position of the cluster kernel;

In some embodiments, the listening module 401 is further configured to:

Based on the same inventive concept, according to another aspect of the present invention, as shown in fig. 6, an embodiment of the present invention further provides a computer apparatus 501, including:

at least one processor 520; and

the memory 510, the memory 510 stores a computer program 511 executable on a processor, and the processor 520 executes the program to perform the steps of:

monitoring the state of the service in the cluster;

In some embodiments, further comprising:

mounting the ebpf program to a socket layer of the cluster kernel;

mounting the ebpf program to an XDP position of the cluster kernel;

In some embodiments, further comprising:

Based on the same inventive concept, according to another aspect of the present invention, as shown in fig. 7, an embodiment of the present invention further provides a computer-readable storage medium 601, the computer-readable storage medium 601 storing a computer program 610, the computer program 610 when executed by a processor performing the steps of:

monitoring the state of the service in the cluster;

In some embodiments, further comprising:

mounting the ebpf program to a socket layer of the cluster kernel;

mounting the ebpf program to an XDP position of the cluster kernel;

In some embodiments, further comprising:

Finally, it should be noted that, as will be appreciated by those skilled in the art, all or part of the procedures in implementing the methods of the embodiments described above may be implemented by a computer program for instructing relevant hardware, and the program may be stored in a computer readable storage medium, and the program may include the procedures of the embodiments of the methods described above when executed.

Further, it should be appreciated that the computer-readable storage medium (e.g., memory) herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory.

Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.

The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.

It should be understood that as used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.

The foregoing embodiment of the present invention has been disclosed with reference to the number of embodiments for the purpose of description only, and does not represent the advantages or disadvantages of the embodiments.

It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program for instructing relevant hardware, and the program may be stored in a computer readable storage medium, where the storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.

Those of ordinary skill in the art will appreciate that: the above discussion of any embodiment is merely exemplary and is not intended to imply that the scope of the disclosure of embodiments of the invention, including the claims, is limited to such examples; combinations of features of the above embodiments or in different embodiments are also possible within the idea of an embodiment of the invention, and many other variations of the different aspects of the embodiments of the invention as described above exist, which are not provided in detail for the sake of brevity. Therefore, any omission, modification, equivalent replacement, improvement, etc. of the embodiments should be included in the protection scope of the embodiments of the present invention.

Claims

1. A method of load balancing comprising the steps of:

monitoring the state of the service in the cluster;

2. The method as recited in claim 1, further comprising:

3. The method of claim 1, wherein in response to receiving a data packet, querying the map for the number of accesses, the load balancing policy, and the backend pod set corresponding to a service to be accessed according to a service IP carried in the data packet, and forwarding the data packet to one of the backend pod sets based on the corresponding number of accesses and the load balancing policy, further comprising:

4. The method of claim 3, wherein receiving the data packet using the ebpf program and querying the map to forward the data packet to one of the set of backend pods based on a service IP carried in the data packet, further comprises:

5. The method of claim 3, wherein creating the ebpf program and mounting to a preset location of a cluster further comprises:

mounting the ebpf program to a socket layer of the cluster kernel;

6. The method of claim 3, wherein creating the ebpf program and mounting to a preset location of a cluster further comprises:

mounting the ebpf program to an XDP position of the cluster kernel;

7. The method as recited in claim 1, further comprising:

8. A load balancing system, comprising:

9. A computer device, comprising:

at least one processor; and

a memory storing a computer program executable on the processor, wherein the processor performs the steps of the method of any one of claims 1-7 when the program is executed.

10. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor performs the steps of the method according to any one of claims 1-7.