Detailed Description
In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
First, partial terms or terminology appearing in the course of describing the embodiments of the application are applicable to the following explanation:
SaaS: software-as-a-Service, i.e., providing Software services over a network;
AOP: aspect Oriented Programming, section-oriented programming, is a technology for realizing unified maintenance of program functions through a precompilation mode and dynamic agents during running;
API: application Programming Interface, an application program interface, which is a predefined function or refers to the engagement of different components of a software system;
HTTP: hyperText Transfer Protocol, hyperText transfer protocol, is a rule specifying inter-communication between a browser and a Web server;
RPC: remote Procedure Call, remote procedure call, is a mechanism that enables communication between applications;
GRPC: google Remote Procedure Call Google remote procedure call, a mechanism that enables communication between applications;
DNS: domain NAME SERVICE, a Domain name system, which is a distributed database that maps Domain names and IP addresses to each other, can make people access the Internet more conveniently;
URL: uniform Resource Locator, a uniform resource locator, which is a uniform resource locator of the Web, may refer to a network address;
PB: protocol Buffers, protocol buffering, which is a light and efficient structured data storage format;
ETCD: is a highly available key-value storage system, mainly for shared configuration and service discovery.
According to an aspect of the embodiment of the application, a method embodiment of service processing is provided.
Alternatively, in the present embodiment, the above-described service processing method may be applied to a hardware environment constituted by the terminal 101 and the server 103 as shown in fig. 1. As shown in fig. 1, the server 103 is connected to the terminal 101 through a network, which may be used to provide services (such as game services, application services, etc.) to the terminal or clients installed on the terminal, and a database may be provided on the server or independent of the server, for providing data storage services to the server 103, where the network includes, but is not limited to: the terminal 101 is not limited to a PC, a mobile phone, a tablet computer, or the like. The service processing method according to the embodiment of the present application may be executed by the server 103, may be executed by the terminal 101, or may be executed by both the server 103 and the terminal 101. The service processing method performed by the terminal 101 according to the embodiment of the present application may also be performed by a client running on the terminal.
Fig. 2 is a flowchart of an alternative service processing method according to an embodiment of the present application, as shown in fig. 2, the method may include the steps of:
Step S202, receiving a target service request message of a target sub-object, wherein the target sub-object belongs to a target object in a plurality of objects commonly using a target system, and the target service request message is used for requesting to process a target service;
Step S204, using the target access domain name of the target service request message, obtaining the target object identification corresponding to the target object;
step S206, responding to the target service request message and processing the target service;
step S208, the processing result of the target service is stored in a target database corresponding to the target object identification.
Through the steps S202 to S208, a target service request message of a target sub-object is received by differentiating different tenants through an access domain name, where the target sub-object belongs to a target object of a plurality of objects that commonly use a target system, and the target service request message is used for requesting to process a target service; acquiring a target object identifier corresponding to a target object by using a target access domain name of a target service request message; responding to the target service request message, and processing the target service; the processing result of the target service is stored in the target database corresponding to the target object identifier, so that the technical effects of ensuring the safety of data and improving the use experience of tenants are realized, and the problem of data exposure caused by repeated tenant accounts in a multi-tenant service processing mode in the related technology is further solved.
In the technical solution provided in step S202, a target service request message of a target sub-object is received, where the target sub-object belongs to a target object of a plurality of objects that commonly use a target system, and the target service request message is used to request processing of a target service.
Multiple objects may commonly use a target system that may serve different objects. The target system may provide independent system services for itself for different objects.
For example, the customer service system (an example of a target system) may be a software platform for providing customer service for multiple companies (e.g., multiple insurance companies, an example of multiple objects), may be a multi-tenant system based on the SAAS mode, and may involve multiple functional services and information resources such as sessions, work orders, quality checks, customer profiles, insurance orders, and the like. From the perspective of the system platform, the customer service system can be regarded as a multi-tenant unified system, and from the perspective of the users of the security company (tenant), the customer service system perceives a system serving its own independent system.
There may be multiple sub-objects under each object, and each sub-object may correspond to an account under the object. Each child object may log into the target system using its corresponding account number. For example, for a target object of a plurality of objects that contains a plurality of sub-objects, the plurality of sub-objects may contain the target sub-object. The target sub-object may log onto a client of the target system using the target account number to use the services provided by the target system. The client may be running on a terminal device, such as a mobile terminal (e.g., a smart phone, etc.), a desktop, or other device capable of running the client.
The target sub-object may operate the system interface to trigger sending a target service request to the background of the target system, where the target service request is used to request processing of a target service, and the target service may be any service that may be provided by the target system, for example, quality inspection management, work order management, and so on.
For example, for a worker (target sub-object) of an insurance company (target object), after logging into a customer service management system, the customer service management system can be used to provide various functional services and information resources such as sessions, work orders, quality checks, customer data, insurance orders, and the like.
The target system may be a microservice system, which may run on one or more servers or cloud servers, e.g., deployed in accordance with the system architecture shown in fig. 3. The target system can construct and micro-service system to provide multiple services for the tenant.
The target system may comprise a gateway, which may be a service gateway, which may be a stand-alone device or may be a functional unit integrated in other devices, e.g. installed in other devices by means of an integrated component, chip or the like.
A target gateway (which may be a service gateway) in the target system may be communicatively connected to a terminal device of a target sub-object, and the target sub-object is configured to send a target service request message through the terminal device.
In the technical solution provided in step S204, a target access domain name of the target service request message is used to obtain a target object identifier corresponding to the target object.
Each service request message may correspond to an access domain name. For a plurality of objects commonly using the target system, the corresponding access domain names of the objects can be different, so that the operation and the safety precaution of the interiors of different objects are convenient.
For example, each insurance company may wish to be able to use a relatively independent access domain name to facilitate their internal operations and security, while different tenants may create different access domain names for them when they are created.
For different tenants, each tenant wants to be able to use a relatively independent access domain name, and thus the access domain name of different tenants is generally not duplicated. While for accounts of different tenants, each tenant wants to have an autonomous account system, i.e. to provide independent system services for itself. For example, if two tenants have workers of the same name, they do not wish to distinguish between them by means of XX1, XX2, but wish to identify their workers by XX, which can lead to account duplication. Therefore, different tenants can be well distinguished by accessing domain names, and data leakage is avoided.
After receiving the target service request message, the target system (e.g., a target gateway of the target system) may determine a target access domain name of the target service request message, which may be carried in the message. According to the target access domain name, a corresponding target object identifier, that is, an object identifier of a target object to which the target sub-object belongs, can be obtained.
It should be noted that, in the implementation of the access layer, URLs, accounts, or domain names may also be used to distinguish different tenants, and the manner of distinguishing different tenants by using the identifiers such as URLs, accounts, and the like is similar to the manner of distinguishing different tenants by using domain names, which is not described herein. The tenants are distinguished at the access layer through the domain name, so that different requests can be effectively distinguished and counted.
In the technical solution provided in step S206, the target service is processed in response to the target service request message.
In response to receiving the target service request message, the target system may process the target service for the target sub-object. The manner in which it is handled may be different for different services. For example, for a user to log in, it may be determined whether to allow his or her login by checking his or her account, password, etc. For other types of services, a service processing flow corresponding to the service may be adopted to perform service processing.
The data related to the business process may be data in a database corresponding to the target object identifier, that is, data of the target database.
For example, if the target service is to query a client data, the client data may be obtained from the target database, and the obtained client data may be returned to the client of the target sub-object.
In the technical scheme provided in step S208, the processing result of the target service is saved in the target database corresponding to the target object identifier.
For different services, it may correspond to different processing results.
For other services involving non-data processing, such as login and query, the processing result may be a service record, for example, for login services, the processing result may be a login record, where the login record may include at least one of the following: object identification (account) of the target sub-object, login time, login location, login terminal device identification, etc.
For other services related to data operations, the processing results may include: the business records may also include the results of the data operations. For example, for adding customer material, the processing results may include an add record, which may include, but is not limited to, at least one of: object identification (account) of the target sub-object, addition time, addition location, added terminal equipment identification, etc., and may further include: added customer material.
And storing the processing result of the target service into a target database corresponding to the target object identifier, namely, a database.
As an alternative embodiment, before receiving the target service request message of the target sub-object, the method further includes:
S11, receiving newly added object information for creating a target object, wherein the newly added object information comprises: a target object identifier and a target access domain name;
s12, creating a target object according to the newly added object information, and initializing basic information of the target object, wherein the basic information comprises: rights information.
An administrator of the target system may add an object, e.g., a new tenant, in the target system so that the object may use the target system.
Optionally, in this embodiment, a manager (for example, a product and an operator) of the target system performs the initialization of the user and the new tenant by means of the interface configuration, and configures and manages the user and the function information of the tenant system in steps.
For example, the administrator may create a new object (e.g., a new tenant) with one key, with a specific interface as shown in fig. 4. After clicking on save in the interface as shown in fig. 4, the manager's client may send new object information to the background (e.g., configuration management server), including: target object identification (tenant code) and target access domain name (tenant domain name), may further include: tenant name, company code (e.g., insurance company code).
The background server (e.g., configuration management server) may receive the newly added object information, create a target object from the newly added object information, and initialize basic information of the target object, wherein the basic information includes: rights information. The basic information of the initialization object may be determined according to input information received from the client.
For example, after inputting various information as shown in fig. 4 and clicking save, it enters into the tenant just created. The client displays an interface for initializing tenant basic information as shown in fig. 5 to initialize relevant basic information such as products, rights and the like, and after the corresponding configuration is completed, a new tenant user can go online for use as shown in fig. 6.
After the corresponding configuration is completed, the staff of the tenant can open the website and enter the system initialization account, so that the target system can be normally used.
Through the steps, a new object (a new tenant, for example, a new insurance company) can be quickly accessed, and related services (for example, customer service) can be provided for the new object, so that the problems that the number of initialization operations is large, the number of tables is large, and operation and maintenance are not facilitated in a manner of newly building the tenant in the related technology can be solved.
As an alternative embodiment, before receiving the target service request message of the target sub-object, the method further includes:
S21, loading object configuration information, wherein the object configuration information is used for indicating configuration information of each object in a plurality of objects, and the configuration information comprises: accessing a domain name and an object identifier;
s22, storing the object configuration information into a local cache of a target gateway, wherein the target gateway is a gateway for receiving the target service request message, and the target gateway is used for acquiring a target object identifier according to the object configuration information and the target access domain name.
In order to implement the identification conversion of the access domain name and the tenant identity, object configuration information may be defined first, and fields related to the object configuration information may include: the object identification and access domain name may further comprise at least one of: tenant name, tenant type, enablement status, system icon, system name, etc.
For example, to implement the identification conversion between the domain name and the tenant identity, the identity may be uniformly replaced by the gateway using an independent domain name. The gateway determines the tenant identification corresponding to the tenant domain name according to the locally cached tenant configuration information, and adds the tenant identification in the service request of the tenant.
Tenant configuration information may be first defined, where fields involved are tenant identification, tenant name, tenant type, enablement status, access domain name, system icon, system name, etc., as shown in table 1.
TABLE 1
| Fields | Description of the invention | Type(s) |
| code | Tenant identification | Character string |
| name | Tenant name | Character string |
| type | Type(s) | Digital number |
| status | Enable state | Digital number |
| domain | Accessing domain names | Character string |
| logo | System icons | Character string |
| name | System name | Character string |
After the gateway (e.g., target gateway) is booted, object configuration information (e.g., tenant configuration information) may be first loaded into the local cache. After receiving the service request message, the gateway may obtain, according to the object configuration information and the access domain name of the service request message, the object identifier corresponding to the access domain name.
It should be noted that, the service gateways corresponding to each of the plurality of objects may be the same gateway, may be different gateways, and are not specifically limited in this embodiment, and any network architecture manner that a gateway can complete receiving a service request message and converting an access domain name and an object identifier may be used in this embodiment.
As an optional embodiment, after obtaining the target object identifier corresponding to the target object using the target access domain name of the target service request message, the method further includes:
s31, determining a target authority corresponding to the target service request message;
S32, adding the target object identification into the target service request message under the condition that the target authority belongs to the authority range of the request allowed by the target sub-object;
and S33, sending the target service request message to a target agent platform, wherein the target agent platform is used for responding to the target service request message and processing the target service.
After receiving the service request, the gateway may perform authority verification to determine whether the authority of the service request meets the range of the permission request, in addition to acquiring the corresponding object identifier according to the access.
For the target gateway, it may first determine the target authority corresponding to the target service request message, and determine whether the target authority belongs to the authority range of the request allowed by the target sub-object. If the target rights belong to the scope of rights allowed to be requested by the target child object, the target gateway may add the target object identification to the target service request message, e.g., to the Header of the request message. If the target authority does not belong to the authority range of the request allowed by the target sub-object, access can be refused according to the rule, and a refusal response is returned to the client of the target sub-object, wherein the refusal response can also comprise the refusal reason.
Optionally, in this embodiment, the multi-tenant customer service system uses domain name replacement identifier to complete tenant identification and tenant identity verification in the access layer, so that tenant requests can be tracked and distinguished more effectively, a foundation is laid for post-customization and personalized services, and in addition, gray scale upgrading services are also facilitated for different tenants.
For example, when a request comes, the gateway may obtain a corresponding tenant identifier according to the domain name, check whether the authority of the request accords with the tenant request scope, add the corresponding tenant identifier to the request if the authority is legal, and reject access according to rules if the authority is illegal.
After adding the target object identifier to the target service request message, the target gateway may transmit the target service request message to which the target object identifier is added to the target agent platform, so that the target agent platform processes the target service in response to the target service request message.
As an alternative embodiment, sending the target service request message to the target agent platform includes:
S41, analyzing a target message identifier of a target service request message by using a target mapping relation, and determining a target application program interface corresponding to the target service request message, wherein the target mapping relation is used for representing a mapping relation between the application program interface for processing the service request message and the message identifier of the service request message;
S42, calling a target application program interface and sending a target service request message to a target seat platform.
The framework layer of the micro-services architecture may provide a variety of business services, and different business services may be provided by different applications of the framework layer. Different APIs of the framework layer may correspond to different business services.
In order to route an access request, it is necessary to parse the message identifier of the service request message and determine the API corresponding to the message identifier of the service request, that is, which API can process the requested service.
The message identifier of the service request message may be a resource identifier carried by the service request message, and may be used to locate a resource requested by the service request message, for example, may be a URL of the service request message. The API corresponding to the message identifier may be an API capable of providing the resource requested by the service request, where the resource may be a multimedia resource or another type of service resource.
It should be noted that, in this embodiment, the service processing method provided by using the message identifier as URL is described, and other types of message identifiers that can be used to determine the API for processing the service request message may be used in the present application.
Optionally, in this embodiment, after replacing the object identifier, the target gateway may perform route resolution using a target mapping relationship, where the target mapping relationship is used to represent a mapping relationship between an API for processing the service request message and the message identifier of the service request message. The result of the route resolution may be a target API corresponding to the target message identification of the target service request message, that is, an API that processes the target service request message. By invoking the target API, a target service request message may be transmitted to the target seat platform.
As an alternative embodiment, the method further comprises:
S51, periodically acquiring service description information, wherein the service description information is used for representing service provided by the application of the framework layer;
s52, analyzing the service description information to obtain updated information, wherein the updated information is used for representing the corresponding relation between the application program interface of the service and the message identifier;
and S53, updating the current mapping relation by using the updating information to obtain a target mapping relation.
Under the micro-service system in the related art, the access request route depends on analyzing the URL defined in the PB file, and the PB file is generally required to be loaded to analyze the URL. Therefore, the loading analysis needs to be reissued to be realized every time a new route is added, so that the gateway is unnecessarily reissued, and the normal use of the service is affected. Meanwhile, the front-end and back-end dependence is heavy, and the gateway cannot actively discover a new request route.
The target gateway can dynamically identify the routing strategy through service reflection, so that the problem of repeated release of the gateway is solved. The target gateway can trigger the re-release of the PB file by the original newly-added route to be converted into the periodic active analysis of the API and the corresponding URL in the service, and update the current mapping relation to obtain the latest mapping relation, so that the dependence of the analysis of the URL on the PB file is eliminated.
Alternatively, in this embodiment, the target gateway may periodically obtain service description information, where the service description information is used to indicate a service that can be provided by the application of the framework layer, and the service description information may also be used to indicate a service that is newly added by the application of the framework layer.
By parsing the service description information, update information can be obtained, where the update information is used to represent a correspondence between APIs of the service and the message identifier. For example, the service description information may be parsed, a URL corresponding to an API of the service may be constructed, or a URL corresponding to an API of the service may be newly added. The update information is used to update the current mapping relation in the gateway to obtain the latest mapping relation, which can be used for dynamic route analysis.
Optionally, in this embodiment, in the routing addressing of the request, service description information may be obtained through a reflection mode of the GRPC service, so as to dynamically discover a new route, and change the problem that the routing addressing mode in the related art is severely dependent on loading and parsing of the new route, from the original state that each iteration needs to be issued to the gateway, to change into a state that persistent service is issued once; the problems of release dependence of front and rear ends and difficulty in operation and maintenance are solved.
For example, a reflection attribute can be started in the GRPC service, then after a Channel is connected in the gateway, a description set- > service attribute information- > method description information of a file is obtained through a reflection method provided by the GRPC service, so that an API method and a corresponding URL in the service are analyzed step by step, and a mapping relation between the method and the URL is obtained, and protocol conversion and service call are provided.
To maintain dynamic flexibility and reduce performance loss, three resolution strategies can be combined: firstly, initializing and analyzing once when a system is started; then, actively resolving once every interval of time (e.g., ten minutes); finally, when the request comes, if the route is not in the cache, the active analysis is triggered. After each analysis, the routing information is stored in a local cache, so that dynamic routing can be realized, and decoupling of front-end and back-end release dependence can be realized.
As an alternative embodiment, after adding the target object identification to the target service request message, the method further comprises:
s61, when the protocol conversion is carried out on the target service request message, determining a target database corresponding to the target object identifier;
S62, setting the target database as a data source corresponding to the target service request message.
When the protocol conversion is performed on the target service request message (for example, the service request is converted into a GRPC request through HTTP protocol), the converted request can be intercepted through AOP, a data source is set according to the target object identification, namely, a target database corresponding to the target object identification is determined according to the target object identification, and the target database is set as the data source of the target service request message.
Optionally, in this embodiment, the data source may be automatically identified and set by the tenant identifier by using an AOP interception manner in the service implementation layer, so as to implement automatic database dropping of tenant data. By the implementation, development complexity can be greatly reduced, working efficiency of developers is improved, and probability of abnormal data caused by manpower is reduced. Meanwhile, the system is an independent database of each tenant physically, has high data isolation, and effectively meets the scene needs of specific industries (such as insurance industries).
For example, AOP dynamic data source switching may be performed when determining the data source of an operation. The downstream device of the gateway (e.g., the agent platform) may set the data source to a database corresponding to the tenant according to the tenant identification. When the service request is converted into a GRPC request through the HTTP protocol at the gateway, the data source can be set according to the tenant identification obtained before, and the dynamic switching of the data source is completed. After the automatic switching of the data sources, all business operations automatically fall into different tenant databases when the business operations are stored in the databases.
As an example of AOP switching, a customer service system under a micro-service architecture may provide an access proxy component for multiple databases that encapsulates the actual access links of the databases for individual tenants, presenting a database access to the seat platform. When the agent platform accesses the database data through the agent component, the agent component identifies the tenant identification in the request through AOP slicing and switches to the correct database link of the tenant, thereby realizing the access mode of the application layer (agent platform) database switching without perception.
In the aspect of data isolation, a shared database can be adopted, and a mode of separating the database and the table is realized according to tenant identification, and all tenant data in the mode can be uniformly stored in the same database and table, so that data abnormality is easy to be caused by errors of developers. Meanwhile, the bottom layer is completely dependent on the level of developers, and data operation among different tenants is unsafe. Moreover, the data cannot be effectively isolated in a database sharing mode, so that data exposure among different tenants is easy to cause. In some scenarios, such as when considering balanced storage of data, this approach may be employed.
The application also provides an optional embodiment, which provides a service processing method in the multi-tenant customer service system, wherein in the optional embodiment, the target system is the customer service system, the plurality of objects are a plurality of tenants, and the object identification is the tenant identification.
The target system may be a microservice system, and its system architecture may be as shown in fig. 7. The microservice system comprises: the system comprises a presentation layer, an interface access layer, a core service, a public service, a service monitoring layer and a resource layer, wherein the interface access layer is an access layer of the micro service system; the core service, public service and service monitoring are the service framework layer (realization layer) of the micro service system, so that the service logic of the core is realized; the resource layer is the data layer of the micro service system and is responsible for storing service data.
For the presentation layer, the presentation layer is disposed on a terminal device of a related person (for example, an agent person, a tenant, an operation and maintenance person, a manager, etc.), including: the system comprises a seat system front end, an instant messaging application applet and an operation and maintenance management front end, wherein the seat system front end is a PC end used by seat personnel and used for customer service daily actual work, such as replying to a customer's consultation, creating a work order, inquiring data and the like; the instant messaging application applet is an application applet used by a tenant and is a customer online customer service portal; the operation and maintenance management front end is a PC end used by operation and maintenance personnel, management personnel and the like, and is used for managing and monitoring actual working conditions of customer service, such as the working amount (for example, how many customers are served on the same day) and the working quality (for example, how much the good score is).
For the access layer, the access layer is arranged on a gateway (e.g. a service gateway) of the micro-service system, the access layer can comprise a plurality of interfaces, and part of interfaces in the plurality of interfaces can be in communication connection with the front end of the seat system, the instant messaging application applet, the operation and maintenance management front end and the like so as to receive and forward requests initiated by various components; meanwhile, the access layer also maintains the login state of B-end systems (front end of seat system, front end of operation and maintenance management) such as customer service, manager and the like.
The core services are the primary services that the framework layer can provide and may include, but are not limited to, at least one of the following: IM conversation, statistics report, customer information, conversation evaluation, quality service, a seat mat work list, real-time monitoring, data summarization, service configuration and the like to meet different service requirements of tenants, wherein the IM conversation service is mainly responsible for maintaining long links with WebSocket at the front end of an agent system and receiving and transmitting customer service messages (the messages sent by the agent are transmitted to a correct customer, and the messages sent by the customer are transmitted to the correct agent); the statistical report service is mainly responsible for the calculation of related reports of the daily workload and the working quality of the seat and provides the data visualization capability; the customer data service mainly provides the function of inquiring the relevant information of the customer by the agent, such as inquiring the history session record of the customer, the relevant work order of the customer, the purchased insurance policy of the customer, and the like; after customer service is finished, the session evaluation service mainly pushes questionnaire information such as satisfaction survey and the like to customers, and the service can effectively monitor the working quality of customer service; the quality service captures related sessions according to keywords in two modes of off-line spot check/on-line monitoring, such as session records related to keywords such as complaints, refunds and the like; the sitting mat work order service mainly provides the function of creating work order tracking customer questions; the real-time monitoring service is responsible for presenting the current total incoming line consultation quantity/each tenant incoming line consultation quantity/each seat incoming line consultation quantity in real time, and can effectively assist a seat manager to dynamically coordinate on-line seat manpower; the data summarizing service is mainly responsible for gathering the data in each tenant database, so that centralized statistics is facilitated; the service configuration service centrally maintains the configuration items related to the system, thereby being convenient for an administrator to maintain and manage the system.
The common services are conventional services that can be provided by the framework layer and may include, but are not limited to, at least one of: gateway, file service, timing service, notification service, wherein the gateway service is mainly responsible for authentication and request forwarding capability of the core; the file service is mainly responsible for storing data such as pictures/files in the system; the timing service mainly provides a distributed timing triggering function, and interfaces of other services can be scheduled at specified time or periodically through the timing service; the notification service encapsulates the touch-up function of mail/short message/enterprise instant messaging application and the like, and provides a unified interface for the core layer.
Service monitoring is used to monitor various services provided by the framework layer and may include, but is not limited to, at least one of: the system comprises a registration center, a service alarm, a log service, a management center and distributed services, wherein the registration center is a core system for registering addresses and service names of all micro services; the service alarm and log service provides an alarm for relevant developers in real time through enterprise instant messaging application for logs of the levels of ERROR, WARN and the like by collecting log files of each micro service; the management center is mainly responsible for the management and monitoring of each distributed service and the issuing of key configuration.
The resource layer stores data resources in the micro service system, and the storage modes used can include but are not limited to: mySQL, redis, mongodb, file. The seat system mainly adopts a very mature assembly in the industry, and the seat system performs relevant cluster configuration to ensure high availability and high performance.
The client system can realize the whole business function through the micro-service technology, API call is realized between services through GRPC, service discovery is managed by ETCD, middleware relates to message queues, kafka, redis and the like, and a database relates to MySQL, mongdb, elasticSearch and the like. The service provided by the customer service system can be horizontally expanded, and when the concurrency number is increased, the purpose of capacity expansion can be achieved by increasing the service nodes. The deployment can support virtual machines, containers and the like, and the corresponding capacity expansion and contraction control can be dynamically carried out according to the performance change by adopting a container deployment mode, so that the response is quick, and the cost is saved.
In connection with fig. 8, the flow of the service processing method in this alternative embodiment may include, but is not limited to, the following steps:
step 1, a manager of the customer service system creates a new tenant.
A manager of the customer service system can create a new tenant in a mode shown in fig. 4, and the configuration management server (or service node) can interact with a client of the manager to create the new tenant, so that the new tenant can be accessed by one key, and service online can be realized.
Step 2, initializing and loading configuration information of the tenant.
The configuration management server may interact with the agent platform and send an initialization message for the new tenant to the agent platform. The agent platform loads the configuration of the new tenant, and returns a response message to the configuration management server to complete the configuration of the new tenant.
And step 3, receiving a request of the tenant, processing the request of the tenant and responding.
The tenant or the staff of the tenant can log in the client of the customer service system through the account number, and the request is sent to the customer service system through triggering by operating the client.
The customer service system can realize isolation and differentiation of tenants in the access layer through the domain name, ensure that access requests can be tracked at the entrance, provide different service strategies for different tenants, and enable the tenants to perceive themselves as independent service systems, thereby greatly improving recognition and user experience.
The gateway of the customer service system may receive the tenant's request and replace the tenant identity by: and acquiring a corresponding tenant identifier according to the domain name, checking whether the authority of the request accords with the tenant request range, and adding the corresponding tenant identifier into the request if the authority accords with the tenant request range.
The customer service system can dynamically analyze the new URL route through a service reflection mechanism at the gateway layer, realize one-time release of the gateway layer, dynamically identify, decouple release dependence of front and rear ends and reduce operation and maintenance difficulty.
After replacing the tenant identification, the gateway can perform dynamic route analysis, determine an API for processing the service, and send the request to a downstream agent platform corresponding to the API.
When the request passes through the gateway, the system automatically distinguishes and identifies the tenant identification according to the domain name, the automatic switching of the data source is realized through the AOP technology, and in the specific service realization of the developer, the operation is as simple and direct as that of an independent database, so that the high isolation of the data can be realized, the development speed can be improved, the rapid iteration is realized, and the data security problem caused by the error of the developer is reduced.
When the request is converted into GRPC request through HTTP protocol at gateway, the agent platform can complete dynamic switching of data source, process service and drop library according to the tenant identification obtained before and through AOP interception technology. After the automatic switching of the data sources, all business operations automatically fall into different tenant databases when the business operations are stored in the databases.
After the service processing is completed, the agent platform can send a response message to the tenant through the gateway so as to inform the tenant of the service processing result.
Through the embodiment, the customer service system realizes multi-stage effective isolation from an access layer, an implementation layer and a data layer in a multi-tenant mode by means of independent domain names, gateway unified replacement identification, AOP dynamic data source switching, reflection automatic addressing routing and the like, and the non-perception and absolute data isolation are used for tenants; for customer service systems, the expansion and the capacity expansion are easy, and the maintenance are easy; for operation and maintenance, the tenant can be initialized by one-key new addition, so that the operation and maintenance are fast and efficient.
It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present application is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present application.
From the above description of the embodiments, it will be clear to those skilled in the art that the method according to the above embodiments may be implemented by means of software plus a necessary general hardware platform, or may of course be implemented by hardware, and in different scenarios, different embodiments may be adopted to ensure smooth implementation of the solution. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present application.
According to another aspect of the embodiment of the present application, there is also provided a service processing apparatus for implementing the above service processing method. Fig. 10 is a schematic diagram of an alternative service processing apparatus according to an embodiment of the present application, as shown in fig. 10, the apparatus may include:
(1) A first receiving unit 1002, configured to receive a target service request message of a target sub-object, where the target sub-object belongs to a target object of a plurality of objects that commonly use a target system, and the target service request message is used to request processing of a target service;
(2) A first obtaining unit 1004, configured to obtain a target object identifier corresponding to a target object by using a target access domain name of a target service request message;
(3) A processing unit 1006, configured to process the target service in response to the target service request message;
(4) And the first storage unit 1008 is configured to store the processing result of the target service in a target database corresponding to the target object identifier.
It should be noted that, the first receiving unit 1002 in this embodiment may be used to perform the above-mentioned step S202, the first obtaining unit 1004 in this embodiment may be used to perform the above-mentioned step S204, the processing unit 1006 in this embodiment may be used to perform the above-mentioned step S206, and the first storing unit 1008 in this embodiment may be used to perform the above-mentioned step S208.
Through the module, a mode of distinguishing different tenants through accessing domain names is adopted, and target service request information of target sub-objects is received, wherein the target sub-objects belong to target objects in a plurality of objects commonly using a target system, and the target service request information is used for requesting to process target services; acquiring a target object identifier corresponding to a target object by using a target access domain name of a target service request message; responding to the target service request message, and processing the target service; the processing result of the target service is stored in the target database corresponding to the target object identifier, so that the technical effects of ensuring the safety of data and improving the use experience of tenants are realized, and the problem of data exposure caused by repeated tenant accounts in a multi-tenant service processing mode in the related technology is further solved.
As an alternative embodiment, the above device further comprises:
(1) The loading unit is configured to load object configuration information before receiving a target service request message of a target sub-object, where the object configuration information is used to indicate configuration information of each object in the plurality of objects, and the configuration information includes: accessing a domain name and an object identifier;
(2) The second storage unit is used for storing the object configuration information into a local cache of a target gateway, wherein the target gateway is a gateway for receiving the target service request message, and the target gateway is used for acquiring a target object identifier according to the object configuration information and the target access domain name.
As an alternative embodiment, the above device further comprises:
(1) A first determining unit, configured to determine a target authority corresponding to the target service request message after acquiring a target object identifier corresponding to a target object using a target access domain name of the target service request message;
(2) An adding unit, configured to add the target object identifier to the target service request message when the target authority belongs to the authority range of the request allowed by the target sub-object;
(3) And the sending unit is used for sending the target service request message to a target agent platform, wherein the target agent platform is used for responding to the target service request message and processing the target service.
As an alternative embodiment, the transmitting unit comprises:
(1) The determining module is used for analyzing the target message identifier of the target service request message by using the target mapping relation, and determining the target application program interface corresponding to the target service request message, wherein the target mapping relation is used for representing the mapping relation between the application program interface for processing the service request message and the message identifier of the service request message;
(2) And the calling module is used for calling the target application program interface and sending the target service request message to the target seat platform.
As an alternative embodiment, the above device further comprises:
(1) A second obtaining unit, configured to obtain service description information periodically, where the service description information is used to represent a service provided by an application of the framework layer;
(2) The analysis unit is used for analyzing the service description information to obtain updated information, wherein the updated information is used for representing the corresponding relation between the application program interface of the service and the message identifier;
(3) And the updating unit is used for updating the current mapping relation by using the updating information to obtain the target mapping relation.
As an alternative embodiment, the above device further comprises:
(1) A second determining unit, configured to determine a target database corresponding to the target object identifier when performing protocol conversion on the target service request message after adding the target object identifier to the target service request message;
(2) And the setting unit is used for setting the target database as a data source corresponding to the target service request message.
As an alternative embodiment, the above device further comprises:
(1) A second receiving unit, configured to receive, before receiving the target service request message of the target sub-object, newly added object information for creating the target object, where the newly added object information includes: a target object identifier and a target access domain name;
(2) The creation unit is used for creating a target object according to the newly added object information and initializing basic information of the target object, wherein the basic information comprises: rights information.
It should be noted that the above modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to what is disclosed in the above embodiments. It should be noted that the above modules may be implemented in software or in hardware as part of the apparatus shown in fig. 1, where the hardware environment includes a network environment.
According to still another aspect of the embodiments of the present application, there is further provided an electronic device for implementing the above-mentioned service processing method, where the electronic device may be a server, a terminal, or a combination thereof.
Taking a server as an example, fig. 11 is a block diagram of a structure of a server according to an embodiment of the present application, as shown in fig. 11, the server may include: one or more (only one is shown in the figure) processors 1101, memory 1103, and transmission means 1105, as shown in fig. 11, the server may further comprise an input output device 1107.
The memory 1103 may be used to store software programs and modules, such as program instructions/modules corresponding to the service processing methods and apparatuses in the embodiments of the present application, and the processor 1101 executes the software programs and modules stored in the memory 1103, thereby executing various functional applications and data processing, that is, implementing the service processing methods described above. The memory 1103 can include high speed random access memory, and can also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, the memory 1103 may further include memory located remotely from the processor 1101, which may be connected to the server via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 1105 is used to receive or transmit data via a network, and may also be used for data transmission between the processor and the memory. Specific examples of the network described above may include wired networks and wireless networks. In one example, the transmission device 1105 includes a network adapter (Network Interface Controller, NIC) that may be connected to other network devices and routers via a network cable to communicate with the internet or a local area network. In one example, the transmission device 1105 is a Radio Frequency (RF) module for communicating with the internet wirelessly.
In particular, the memory 1103 is used to store applications.
The processor 1101 may call an application program stored in the memory 1103 by the transferring device 1105 to perform the steps of:
S1, receiving a target service request message of a target sub-object, wherein the target sub-object belongs to a target object in a plurality of objects commonly using a target system, and the target service request message is used for requesting to process target service;
S2, obtaining a target object identifier corresponding to the target object by using a target access domain name of the target service request message;
S3, responding to the target service request message and processing the target service;
And S4, storing the processing result of the target service into a target database corresponding to the target object identifier.
Alternatively, specific examples in this embodiment may refer to examples described in the foregoing embodiments, and this embodiment is not described herein.
It will be understood by those skilled in the art that the structure shown in fig. 11 is only schematic, and the device implementing the service processing method may also be a terminal, where the terminal may be a terminal device such as a smart phone (e.g. an Android Mobile phone, an iOS Mobile phone, etc.), a tablet computer, a palm computer, a Mobile internet device (Mobile INTERNET DEVICES, MID), a PAD, etc. Fig. 11 is not limited to the structure of the electronic device. For example, the terminal may also include more or fewer components (e.g., network interfaces, display devices, etc.) than shown in fig. 11, or have a different configuration than shown in fig. 11.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of the above embodiments may be implemented by a program for instructing a terminal device to execute in association with hardware, the program may be stored in a computer readable storage medium, and the storage medium may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic disk or optical disk, etc.
According to yet another aspect of an embodiment of the present application, there is also provided a storage medium. Alternatively, in the present embodiment, the above-described storage medium may be used for executing the program code of the service processing method.
Alternatively, in this embodiment, the storage medium may be located on at least one network device of the plurality of network devices in the network shown in the above embodiment.
Alternatively, in the present embodiment, the storage medium is configured to store program code for performing the steps of:
S1, receiving a target service request message of a target sub-object, wherein the target sub-object belongs to a target object in a plurality of objects commonly using a target system, and the target service request message is used for requesting to process target service;
S2, obtaining a target object identifier corresponding to the target object by using a target access domain name of the target service request message;
S3, responding to the target service request message and processing the target service;
And S4, storing the processing result of the target service into a target database corresponding to the target object identifier.
Alternatively, specific examples in this embodiment may refer to examples described in the foregoing embodiments, and this embodiment is not described herein.
Alternatively, in the present embodiment, the storage medium may include, but is not limited to: various media capable of storing program codes, such as a U disk, ROM, RAM, a mobile hard disk, a magnetic disk or an optical disk.
The foregoing embodiment numbers of the present application are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
The integrated units in the above embodiments may be stored in the above-described computer-readable storage medium if implemented in the form of software functional units and sold or used as separate products. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing one or more computer devices (which may be personal computers, servers or network devices, etc.) to perform all or part of the steps of the method described in the embodiments of the present application.
In the foregoing embodiments of the present application, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In several embodiments provided by the present application, it should be understood that the disclosed client may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, such as the division of the units, is merely a logical function division, and may be implemented in another manner, for example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The foregoing is merely a preferred embodiment of the present application and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present application, which are intended to be comprehended within the scope of the present application.