技术领域Technical field
本发明涉及服务器领域,特别涉及一种业务数据处理方法、Kubernetes集群及计算机可读存储介质。The invention relates to the field of servers, and in particular to a business data processing method, a Kubernetes cluster and a computer-readable storage medium.
背景技术Background technique
Kubernetes集群是一种高性能的集群系统,能够高效部署容器应用。相关技术中,Kubernetes集群中部署的容器应用仅能满足一个业务网的业务需求,当有新的业务网也需使用该容器应用时,则需要另外部署Kubernetes集群,容易造成集群资源的浪费。Kubernetes cluster is a high-performance cluster system that can efficiently deploy container applications. In related technologies, the container application deployed in the Kubernetes cluster can only meet the business needs of one business network. When a new business network also needs to use the container application, an additional Kubernetes cluster needs to be deployed, which can easily cause a waste of cluster resources.
发明内容Contents of the invention
本发明的目的是提供一种业务数据处理方法、Kubernetes集群及计算机可读存储介质,可通过多流量入口装置的转发,实现多业务网对同一Kubernetes集群中的容器应用进行访问,无需在新增业务网时重新部署Kubernetes集群,可有效提升集群资源的利用率。The purpose of the present invention is to provide a business data processing method, a Kubernetes cluster and a computer-readable storage medium, which can realize multi-service network access to container applications in the same Kubernetes cluster through the forwarding of a multi-traffic entrance device, without the need to add a new Redeploying the Kubernetes cluster during the business network can effectively improve the utilization of cluster resources.
为解决上述技术问题,本发明提供一种业务数据处理方法,应用于Kubernetes集群,所述方法包括:In order to solve the above technical problems, the present invention provides a business data processing method, which is applied to Kubernetes cluster. The method includes:
控制节点在接收到客户端的业务数据时,确定所述业务数据所属的业务网,并将所述业务数据转发至所述业务网对应的流量入口装置;When receiving the service data from the client, the control node determines the service network to which the service data belongs, and forwards the service data to the traffic entrance device corresponding to the service network;
所述流量入口装置确定所述业务数据对应的负载节点,并将所述业务数据转发至所述负载节点,以使所述负载节点中的容器应用处理所述业务数据。The traffic entry device determines the load node corresponding to the service data, and forwards the service data to the load node, so that the container application in the load node processes the service data.
可选地,所述流量入口装置确定所述业务数据对应的负载节点,并将所述业务数据转发至所述负载节点,包括:Optionally, the traffic entry device determines the load node corresponding to the service data, and forwards the service data to the load node, including:
所述流量入口装置利用负载均衡服务查找所述业务数据对应的空闲负载节点,并将所述业务数据转发至所述空闲负载节点。The traffic entry device uses the load balancing service to find the idle load node corresponding to the business data, and forwards the business data to the idle load node.
可选地,所述负载均衡服务为Haproxy。Optionally, the load balancing service is Haproxy.
可选地,所述流量入口装置包含多个工作节点,在控制节点接收客户端的业务数据之前,还包括:Optionally, the traffic entry device includes multiple working nodes. Before the control node receives the client's service data, it also includes:
所述流量入口装置配置Keepalived服务及虚拟IP地址,以使所述Keepalived服务实时检测所述工作节点的工作状态,并将所述虚拟IP地址映射至任一正常工作的目标工作节点;The traffic inlet device is configured with a Keepalived service and a virtual IP address, so that the Keepalived service detects the working status of the working node in real time and maps the virtual IP address to any normally working target working node;
将所述虚拟IP地址与所述目标工作节点的映射关系保存至所述控制节点,并向对应的业务网的目标客户端提供所述虚拟IP地址,以使所述目标客户端利用所述虚拟IP地址发送所述业务数据;Save the mapping relationship between the virtual IP address and the target working node to the control node, and provide the virtual IP address to the target client of the corresponding service network, so that the target client can use the virtual IP address. The IP address sends the service data;
相应的,所述确定所述业务数据所属的业务网,并将所述业务数据转发至所述业务网对应的流量入口装置,包括:Correspondingly, determining the service network to which the service data belongs and forwarding the service data to the traffic entrance device corresponding to the service network includes:
所述控制节点提取所述业务数据的目标IP地址,并根据所述映射关系查找所述目标IP地址对应的目标工作节点;The control node extracts the target IP address of the service data, and searches for the target working node corresponding to the target IP address according to the mapping relationship;
将所述业务数据转发至所述目标工作节点。Forward the service data to the target working node.
可选地,在所述流量入口装置配置Keepalived服务及虚拟IP地址之前,还包括:Optionally, before configuring the Keepalived service and virtual IP address on the traffic inlet device, it also includes:
所述集群控制节点获取所述业务网的数量;The cluster control node obtains the number of the service networks;
根据所述数量对所述负载节点进行分组,并将每组负载节点设置为所述流量入口装置,将每一所述流量入口装置中的负载节点设置为所述工作节点。The load nodes are grouped according to the number, each group of load nodes is set as the traffic inlet device, and the load node in each of the traffic inlet devices is set as the working node.
本发明还提供一种Kubernetes集群,包括:控制节点、流量入口装置及负载节点,其中,The present invention also provides a Kubernetes cluster, including: a control node, a traffic entry device and a load node, wherein,
所述控制节点,用于在接收到客户端的业务数据时,确定所述业务数据所属的业务网,并将所述业务数据转发至所述业务网对应的流量入口装置;The control node is configured to determine the service network to which the service data belongs when receiving service data from the client, and forward the service data to the traffic entrance device corresponding to the service network;
所述流量入口装置,用于确定所述业务数据对应的负载节点,并将所述业务数据转发至所述负载节点;The traffic entrance device is used to determine the load node corresponding to the service data and forward the service data to the load node;
所述负载节点,用于利用容器应用处理所述业务数据。The load node is used to process the business data using container applications.
可选地,optionally,
所述流量入口装置,还用于利用负载均衡服务查找所述业务数据对应的空闲负载节点,并将所述业务数据转发至所述空闲负载节点。The traffic entrance device is also configured to use a load balancing service to find an idle load node corresponding to the business data, and forward the business data to the idle load node.
可选地,所述负载均衡服务为Haproxy。Optionally, the load balancing service is Haproxy.
可选地,所述流量入口装置包含多个工作节点,其中,Optionally, the traffic inlet device includes multiple working nodes, wherein,
所述流量入口装置,还用于配置Keepalived服务及虚拟IP地址,以使所述Keepalived服务实时检测所述工作节点的工作状态,并将所述虚拟IP地址映射至任一正常工作的目标工作节点;将所述虚拟IP地址与所述目标工作节点的映射关系保存至所述控制节点,并向对应的业务网的目标客户端提供所述虚拟IP地址,以使所述目标客户端利用所述虚拟IP地址发送所述业务数据;The traffic entrance device is also used to configure the Keepalived service and the virtual IP address, so that the Keepalived service detects the working status of the working node in real time, and maps the virtual IP address to any normally working target working node. ; Save the mapping relationship between the virtual IP address and the target working node to the control node, and provide the virtual IP address to the target client of the corresponding service network, so that the target client can use the The virtual IP address sends the service data;
相应的,所述控制节点,还用于提取所述业务数据的目标IP地址,并根据所述映射关系查找所述目标IP地址对应的目标工作节点;将所述业务数据转发至所述目标工作节点。Correspondingly, the control node is also used to extract the target IP address of the business data, and find the target working node corresponding to the target IP address according to the mapping relationship; forward the business data to the target working node. node.
本发明还提供一种计算机可读存储介质,所述计算机可读存储介质中存储有计算机可执行指令,所述计算机可执行指令被处理器加载并执行时,实现如上述所述的业务数据处理方法。The present invention also provides a computer-readable storage medium. Computer-executable instructions are stored in the computer-readable storage medium. When the computer-executable instructions are loaded and executed by a processor, the business data processing as described above is realized. method.
本发明提供一种业务数据处理方法,应用于Kubernetes集群,所述方法包括:控制节点在接收到客户端的业务数据时,确定所述业务数据所属的业务网,并将所述业务数据转发至所述业务网对应的流量入口装置;所述流量入口装置确定所述业务数据对应的负载节点,并将所述业务数据转发至所述负载节点,以使所述负载节点中的容器应用处理所述业务数据。The present invention provides a business data processing method, which is applied to a Kubernetes cluster. The method includes: when a control node receives business data from a client, it determines the business network to which the business data belongs, and forwards the business data to the business data. The traffic inlet device corresponding to the business network; the traffic inlet device determines the load node corresponding to the business data, and forwards the business data to the load node, so that the container application in the load node processes the business data.
可见,本发明中的控制节点在接收到客户端的业务数据时,首先会确定该业务数据所来自的业务网以及该业务网所对应的流量入口装置,并将业务数据转发至该流量入口装置,由于每一业务网均有对应的流量入口装置,因此本发明可通过为业务网增设对应流量入口装置的方式,实现多业务网访问同一Kubernetes集群的效果;此外,流量入口装置在接收到业务数据后,便会将业务数据转发至对应的负载节点,以使负载节点中的容器应用处理业务数据,换句话说,本发明可通过多流量入口装置的转发,实现多业务网对同一Kubernetes集群中的容器应用进行访问,无需在新增业务网时重新部署Kubernetes集群,可有效提升集群资源的利用率。本发明还提供一种Kubernetes集群和计算机可读存储介质,具有上述有益效果。It can be seen that when the control node in the present invention receives the client's service data, it will first determine the service network from which the service data comes and the traffic entrance device corresponding to the service network, and forward the service data to the traffic entrance device. Since each service network has a corresponding traffic entrance device, the present invention can achieve the effect of multiple service networks accessing the same Kubernetes cluster by adding a corresponding traffic entrance device to the service network; in addition, the traffic entrance device receives business data Then, the business data will be forwarded to the corresponding load node, so that the container application in the load node processes the business data. In other words, the present invention can realize the multi-service network to the same Kubernetes cluster through the forwarding of multiple traffic entry devices. Container applications can be accessed without having to redeploy the Kubernetes cluster when a new business network is added, which can effectively improve the utilization of cluster resources. The present invention also provides a Kubernetes cluster and a computer-readable storage medium, which have the above beneficial effects.
附图说明Description of the drawings
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据提供的附图获得其他的附图。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings in the following description are only These are embodiments of the present invention. For those of ordinary skill in the art, other drawings can be obtained based on the provided drawings without exerting creative efforts.
图1为本发明实施例所提供的一种业务数据处理方法的流程图;Figure 1 is a flow chart of a business data processing method provided by an embodiment of the present invention;
图2为本发明实施例所提供的一种Kubernetes集群的结构框图;Figure 2 is a structural block diagram of a Kubernetes cluster provided by an embodiment of the present invention;
图3为本发明实施例所提供的另一种Kubernetes集群的结构框图。Figure 3 is a structural block diagram of another Kubernetes cluster provided by an embodiment of the present invention.
具体实施方式Detailed ways
为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments These are some embodiments of the present invention, rather than all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts fall within the scope of protection of the present invention.
Kubernetes集群是一种高性能的集群系统,能够高效部署容器应用。相关技术中,Kubernetes集群中部署的容器应用仅能满足一个业务网的业务需求,当有新的业务网也需使用该容器应用时,则需要另外部署Kubernetes集群,容易造成集群资源的浪费。有鉴于此,本发明实施例提供一种业务数据处理方法,可通过多流量入口装置的转发,实现多业务网对同一Kubernetes集群中的容器应用进行访问,无需在新增业务网时重新部署Kubernetes集群,可有效提升集群资源的利用率。请参考图1,图1为本发明实施例所提供的一种业务数据处理方法的流程图,该方法应用于Kubernetes集群,可以包括:Kubernetes cluster is a high-performance cluster system that can efficiently deploy container applications. In related technologies, the container application deployed in the Kubernetes cluster can only meet the business needs of one business network. When a new business network also needs to use the container application, an additional Kubernetes cluster needs to be deployed, which can easily cause a waste of cluster resources. In view of this, embodiments of the present invention provide a business data processing method that enables multiple business networks to access container applications in the same Kubernetes cluster through the forwarding of multiple traffic entry devices, without the need to redeploy Kubernetes when a new business network is added. Clustering can effectively improve the utilization of cluster resources. Please refer to Figure 1. Figure 1 is a flow chart of a business data processing method provided by an embodiment of the present invention. This method is applied to a Kubernetes cluster and may include:
S101、控制节点在接收到客户端的业务数据时,确定业务数据所属的业务网,并将业务数据转发至业务网对应的流量入口装置。S101. When receiving the service data from the client, the control node determines the service network to which the service data belongs, and forwards the service data to the traffic entrance device corresponding to the service network.
本发明实施例每一业务网增设了对应的流量入口装置,该装置负责将业务数据转发至对应的容器应用,以实现客户端对容器应用的访问。本发明实施例并不限定业务网以及流量入口装置的数量,由于业务网与流量入口装置一一对应,因此业务网与流量入口装置的数量相同,可根据实际应用需求进行设置。换而言之,在本发明实施例中,若出现新增的业务网,只需要新增对应的流量入口装置即可,无需重新部署Kubernetes集群,能够有效提升Kubernetes集群资源的利用率并避免资源浪费。In the embodiment of the present invention, each service network is equipped with a corresponding traffic entrance device, which is responsible for forwarding service data to the corresponding container application, so as to realize the client's access to the container application. The embodiments of the present invention do not limit the number of service networks and traffic inlet devices. Since service networks and traffic inlet devices correspond one-to-one, the number of service networks and traffic inlet devices is the same and can be set according to actual application requirements. In other words, in the embodiment of the present invention, if a new business network appears, only the corresponding traffic entrance device needs to be added, and there is no need to redeploy the Kubernetes cluster, which can effectively improve the utilization of Kubernetes cluster resources and avoid resource infringement. waste.
进一步,控制节点为Kubernetes集群中负责组件运行及整个集群容器控制管理的节点,在传输业务数据方面,控制节点通常直接将业务数据传输至对应的负载节点(即容器应用所在的节点)。而在本发明实施中,控制节点在接收到业务数据后,会主动确定业务数据所属的业务网,并将业务数据传输至该业务网对应的流量入口装置。由于同一业务网的客户端通常具有相同的网段信息,因此可根据业务数据中源IP地址的网段信息,确定业务数据所属的业务网。当然,为便于客户端访问,也可以直接向同一业务网的客户端提供该业务网对应流量入口装置的IP地址,进而控制节点便可根据业务数据中目标IP地址,确定对应的业务网及流量入口装置。Furthermore, the control node is the node in the Kubernetes cluster that is responsible for component operation and the control and management of the entire cluster container. In terms of transmitting business data, the control node usually directly transmits the business data to the corresponding load node (that is, the node where the container application is located). In the implementation of the present invention, after receiving the service data, the control node will actively determine the service network to which the service data belongs, and transmit the service data to the traffic entry device corresponding to the service network. Since clients in the same service network usually have the same network segment information, the service network to which the service data belongs can be determined based on the network segment information of the source IP address in the service data. Of course, in order to facilitate client access, the IP address of the traffic entrance device corresponding to the business network can also be directly provided to the client of the same business network, and then the control node can determine the corresponding business network and traffic based on the target IP address in the business data. Entrance device.
进一步,本发明实施例并不限定流量入口装置的具体结构,该装置可由一个工作节点组成,也可以由多个工作节点组成,其中该工作节点用于接收业务数据,确定业务数据对应的负载节点,并通过路由转发的方式将业务数据转发至对应的额负载节点。在本发明实施例中,由于流量入口装置为客户端与容器应用之间的数据通路上的重要环节,需提供足够的冗余,因此流量入口装置可由多个工作节点组成。本发明实施例并不限定各流量入口装置中的工作节点数量,各流量入口装置中的工作节点数量可以不同,且当该数量越大时,则流量入口装置的性能越强,具体的数量可根据实际应用需求进行设置。进一步,本发明实施例并不限定流量入口装置向目标业务网客户端提供的IP地址,既可以是某个工作节点的IP地址,也可以为一个虚拟IP地址,该虚拟IP地址可映射至任一正常工作的工作节点上,并在原映射工作节点出现异常时,自动切换至另一正常工作的工作节点上。若工作节点能够稳定工作,则流量入口装置可将工作节点的IP地址作为目标客户端访问容器应用的IP地址;若工作节点可能出现宕机等异常情况,则流量入口装置也可以向目标客户端提供虚拟IP地址。在本发明实施例,为避免某一工作节点出现宕机等异常情况,导致客户端无法访问容器应用的情况,可在流量入口装置中设置一个虚拟IP地址。具体的,可在流量入口装置中设置Keepalived服务,其中Keepalived服务是Linux下一个轻量级的高可用解决方案。该服务可实时检测个工作节点的工作情况,并将虚拟IP地址映射至任一正常工作的工作节点上;若虚拟IP地址原映射的工作节点出现异常,则Keepalived服务可将虚拟IP地址映射至其他正常工作的工作节点上,确保流量入口装置高可用。需要说明的是,上述描述仅对Keepalived服务的工作模式进行简单描述,其具体的工作过程请参考Keepalived服务的相关技术。进一步,可以理解的是,在Keepalived服务确定虚拟IP地址与工作节点的映射关系后,流量入口装置便可将该映射关系保存至控制节点,以便控制节点通过映射关系进行流量转发。Furthermore, the embodiment of the present invention does not limit the specific structure of the traffic inlet device. The device may be composed of one working node or multiple working nodes, where the working node is used to receive business data and determine the load node corresponding to the business data. , and forward the business data to the corresponding load node through routing and forwarding. In the embodiment of the present invention, since the traffic inlet device is an important link in the data path between the client and the container application and needs to provide sufficient redundancy, the traffic inlet device may be composed of multiple working nodes. The embodiment of the present invention does not limit the number of working nodes in each flow inlet device. The number of working nodes in each flow inlet device can be different, and when the number is larger, the performance of the flow inlet device will be stronger. The specific number can be Set according to actual application requirements. Furthermore, the embodiment of the present invention does not limit the IP address provided by the traffic entrance device to the target service network client. It can be the IP address of a certain working node or a virtual IP address. The virtual IP address can be mapped to any On a working node that is working normally, and when an exception occurs on the original mapped working node, it will automatically switch to another working node that is working normally. If the working node can work stably, the traffic inlet device can use the IP address of the working node as the IP address of the target client to access the container application; if the working node may be down, the traffic inlet device can also use the IP address of the target client to access the container application. Provide a virtual IP address. In the embodiment of the present invention, in order to avoid abnormal situations such as downtime of a certain working node, resulting in the client being unable to access the container application, a virtual IP address can be set in the traffic inlet device. Specifically, the Keepalived service can be set up in the traffic inlet device, where the Keepalived service is the next lightweight high-availability solution for Linux. This service can detect the working status of each working node in real time and map the virtual IP address to any normally working working node; if the working node originally mapped by the virtual IP address is abnormal, the Keepalived service can map the virtual IP address to On other working nodes that are working normally, ensure that the traffic inlet device is highly available. It should be noted that the above description only briefly describes the working mode of the Keepalived service. For its specific working process, please refer to the related technologies of the Keepalived service. Further, it can be understood that after the Keepalived service determines the mapping relationship between the virtual IP address and the working node, the traffic inlet device can save the mapping relationship to the control node, so that the control node forwards traffic through the mapping relationship.
在一种可能的情况中,流量入口装置包含多个工作节点,在控制节点接收客户端的业务数据之前,还可以包括:In a possible situation, the traffic entry device includes multiple working nodes. Before the control node receives the client's business data, it may also include:
步骤11:流量入口装置配置Keepalived服务及虚拟IP地址,以使Keepalived服务实时检测工作节点的工作状态,并将虚拟IP地址映射至任一正常工作的目标工作节点;Step 11: Configure the Keepalived service and virtual IP address on the traffic inlet device so that the Keepalived service detects the working status of the working node in real time and maps the virtual IP address to any normally working target working node;
步骤12:将虚拟IP地址与目标工作节点的映射关系保存至控制节点,并向对应的业务网的目标客户端提供虚拟IP地址,以使目标客户端利用虚拟IP地址发送业务数据;Step 12: Save the mapping relationship between the virtual IP address and the target working node to the control node, and provide the virtual IP address to the target client of the corresponding business network, so that the target client uses the virtual IP address to send service data;
相应的,确定业务数据所属的业务网,并将业务数据转发至业务网对应的流量入口装置,可以包括:Correspondingly, determining the service network to which the service data belongs and forwarding the service data to the traffic entrance device corresponding to the service network may include:
步骤21:控制节点提取业务数据的目标IP地址,并根据映射关系查找目标IP地址对应的目标工作节点;Step 21: The control node extracts the target IP address of the business data and finds the target working node corresponding to the target IP address according to the mapping relationship;
步骤22:将业务数据转发至目标工作节点。Step 22: Forward the business data to the target working node.
进一步,需要说明的是,本发明实施例并不限定具体的工作节点,该工作节点既可以是单独设置的、专用于业务数据转发的节点,也可以是负载节点。若需独立各节点,单一化各节点的工作,工作节点可以是单独设置的、专用于业务数据转发的节点;若需要节省集群资源,则工作节点也可以为负载节点。在本发明实施例中,为节省集群资源,避免流量入口装置占用大量服务器资源,可直接将负载节点作为工作节点。换而言之,负载节点既可以运行容器应用,也可以同时进行业务数据转发,可有效提升集群资源的利用率。Further, it should be noted that the embodiment of the present invention is not limited to a specific working node. The working node may be a node set up separately and dedicated to business data forwarding, or it may be a load node. If you need to make each node independent and simplify the work of each node, the working node can be a separately set node dedicated to business data forwarding; if you need to save cluster resources, the working node can also be a load node. In this embodiment of the present invention, in order to save cluster resources and prevent the traffic inlet device from occupying a large amount of server resources, the load node can be directly used as a working node. In other words, the load node can not only run container applications, but also forward business data at the same time, which can effectively improve the utilization of cluster resources.
在一种可能的情况中,在流量入口装置配置Keepalived服务及虚拟IP地址之前,还可以包括:In a possible situation, before configuring the Keepalived service and virtual IP address on the traffic inlet device, it may also include:
步骤31:集群控制节点获取业务网的数量;Step 31: The cluster control node obtains the number of service networks;
步骤32:根据数量对负载节点进行分组,并将每组负载节点设置为流量入口装置,将每一流量入口装置中的负载节点设置为工作节点。Step 32: Group the load nodes according to the number, set each group of load nodes as a traffic inlet device, and set the load nodes in each traffic inlet device as a working node.
可以理解的是,每组负载节点的数量可以不同,可根据实际应用需求进行设定。当然,既可以对所有负载节点进行分组,也可以对负载节点中负载率较低的节点进行分组,可根据实际应用需求进行设置。It is understandable that the number of load nodes in each group can be different and can be set according to actual application requirements. Of course, all load nodes can be grouped, or nodes with lower load rates among the load nodes can be grouped, which can be set according to actual application requirements.
S102、流量入口装置确定业务数据对应的负载节点,并将业务数据转发至负载节点,以使负载节点中的容器应用处理业务数据。S102. The traffic inlet device determines the load node corresponding to the service data, and forwards the service data to the load node, so that the container application in the load node processes the service data.
在接收到业务数据后,流量入口装置便可根据预设的路由关系将业务数据发送至对应的负载节点。本发明实施例并不限定流量入口装置将业务数据转发至负载节点的具体方式,可参考集群的相关技术。进一步,为了提升负载节点的工作效率,避免的单个负载节点工作负荷过大的情况,也可以在流量入口装置中增设负载均衡服务,并通过负载均衡服务查询业务数据对应的空闲负载节点。本发明实施例并不限定负载均衡服务的具体工作过程,可参考负载均衡的相关技术;本发明实施例也不限定具体的复杂均衡服务,可参考Kubernetes适用的负载均衡服务。在一种可能的情况中,由于Haproxy为Kubernetes集群所常用的负载均衡服务,因此可将Haproxy作为流量入口装置中的负载均衡服务,其中Haproxy是一个可提供高可用性、负载均衡的应用程序代理。进一步,若流量入口装置中包含多个工作节点,也可以该装置中的一个或多个工作节点配置负载均衡服务,将这些工作节点设置为负载均衡器,以满足不同负荷场景下的负载均衡。当然,若接收业务流量的工作节点并不是负载均衡器,则需要将业务流量转发至负载均衡器进行负载均衡处理。After receiving the service data, the traffic inlet device can send the service data to the corresponding load node according to the preset routing relationship. The embodiments of the present invention do not limit the specific way in which the traffic inlet device forwards service data to the load node. Reference may be made to related technologies of the cluster. Furthermore, in order to improve the working efficiency of the load nodes and avoid the situation where the workload of a single load node is too large, a load balancing service can also be added to the traffic inlet device, and the idle load nodes corresponding to the business data can be queried through the load balancing service. The embodiments of the present invention do not limit the specific working process of the load balancing service, and reference can be made to related technologies of load balancing; the embodiments of the present invention do not limit the specific complex balancing services, and reference can be made to the load balancing services applicable to Kubernetes. In one possible scenario, since Haproxy is a load balancing service commonly used in Kubernetes clusters, Haproxy can be used as the load balancing service in the traffic inlet device, where Haproxy is an application proxy that can provide high availability and load balancing. Furthermore, if the traffic inlet device contains multiple working nodes, the load balancing service can also be configured on one or more working nodes in the device, and these working nodes are set as load balancers to meet load balancing in different load scenarios. Of course, if the working node receiving business traffic is not a load balancer, the business traffic needs to be forwarded to the load balancer for load balancing processing.
在一种可能的情况中,流量入口装置确定业务数据对应的负载节点,并将业务数据转发至负载节点,可以包括:In one possible case, the traffic entry device determines the load node corresponding to the service data and forwards the service data to the load node, which may include:
步骤41:流量入口装置利用负载均衡服务查找业务数据对应的空闲负载节点,并将业务数据转发至空闲负载节点。Step 41: The traffic entrance device uses the load balancing service to find the idle load node corresponding to the business data, and forwards the business data to the idle load node.
在一种可能的情况中,负载均衡服务为Haproxy。In one possible scenario, the load balancing service is Haproxy.
基于上述实施例,本发明中的控制节点在接收到客户端的业务数据时,首先会确定该业务数据所来自的业务网以及该业务网所对应的流量入口装置,并将业务数据转发至该流量入口装置,由于每一业务网均有对应的流量入口装置,因此本发明可通过为业务网增设对应流量入口装置的方式,实现多业务网访问同一Kubernetes集群的效果;此外,流量入口装置在接收到业务数据后,便会将业务数据转发至对应的负载节点,以使负载节点中的容器应用处理业务数据,换句话说,本发明可通过多流量入口装置的转发,实现多业务网对同一Kubernetes集群中的容器应用进行访问,无需在新增业务网时重新部署Kubernetes集群,可有效提升集群资源的利用率。Based on the above embodiments, when receiving the client's service data, the control node in the present invention will first determine the service network from which the service data comes and the traffic entrance device corresponding to the service network, and forward the service data to the traffic entry device. Inlet device, since each business network has a corresponding traffic inlet device, the present invention can achieve the effect of multiple service networks accessing the same Kubernetes cluster by adding a corresponding traffic inlet device to the business network; in addition, the traffic inlet device receives After receiving the service data, the service data will be forwarded to the corresponding load node, so that the container application in the load node processes the service data. In other words, the present invention can realize the forwarding of multiple traffic entrance devices to the same service network by multiple service networks. To access container applications in the Kubernetes cluster, there is no need to redeploy the Kubernetes cluster when a new business network is added, which can effectively improve the utilization of cluster resources.
下面基于具体的结构框图介绍上述业务数据处理方法。请参考图2,图2为本发明实施例所提供的一种Kubernetes集群的结构框图,该方法的具体实施过程如下:The following describes the above business data processing method based on a specific structural block diagram. Please refer to Figure 2, which is a structural block diagram of a Kubernetes cluster provided by an embodiment of the present invention. The specific implementation process of this method is as follows:
1、建立多网段的负载均衡。1. Establish load balancing for multiple network segments.
如果业务网扩展N个或业务网进行了N个网络隔离,则需要对工作节点分成N组,在每组节点中选择1个或多个节点部署负载均衡器(Haproxy1至HaproxyN),当业务流量进来后每个负载均器负责对应网段的流量转发,然后将流量转发到对应的工作负载上。If the business network is expanded to N or the business network is isolated by N networks, the working nodes need to be divided into N groups, and one or more nodes in each group of nodes are selected to deploy load balancers (Haproxy1 to HaproxyN). When business traffic After coming in, each load balancer is responsible for forwarding traffic on the corresponding network segment, and then forwards the traffic to the corresponding workload.
2、流量统一入口实现2. Implementation of unified traffic entrance
访问业务应用的IP应该是固定的且尽量不能是工作节点的业务IP,需要在工作节点中建立虚拟业务IP地址。这样可以实现通过固定IP地址+端口的方式对应用进行访问。如果业务网扩展N个或对业务网进行了N个网络隔离,需要对N个业务网选择N个不同的且固定的IP地址作为各个网段的业务虚拟IP地址(虚拟IP地址1至虚拟IP地址N),通过在N组工作节点中部署N个Keepalived(Keepalived1至KeepalivedN)实现业务虚拟IP地址的故障漂移。The IP used to access business applications should be fixed and should not be the business IP of the working node. A virtual business IP address needs to be established in the working node. This allows applications to be accessed through a fixed IP address + port. If the business network is expanded to N or the business network is isolated by N networks, N different and fixed IP addresses need to be selected for the N business networks as the business virtual IP addresses of each network segment (virtual IP address 1 to virtual IP Address N), realize fault drift of the business virtual IP address by deploying N Keepalived (Keepalived1 to KeepalivedN) in N groups of working nodes.
如图2所示,基于Kubernetes的容器集群分为控制节点(master,此图中包含控制节点1~3)及工作节点(worknode,此图中包含工作节点1~N),如果对集群进行业务网扩展,首先将集群所有节点添加要扩展的物理网卡并配置扩展网络IP地址。然后将已有配置业务网负载均衡节点进行隔离,在剩余节点中选择1个或多个,对其部署负载均衡器和Keepalived服务,并配置扩展网络的虚拟IP地址。As shown in Figure 2, the container cluster based on Kubernetes is divided into a control node (master, this figure includes control nodes 1 to 3) and a worknode (worknode, this figure contains work nodes 1 to N). If you perform business on the cluster To expand the network, first add the physical network card to be expanded to all nodes in the cluster and configure the extended network IP address. Then isolate the existing load balancing nodes of the business network, select one or more of the remaining nodes, deploy the load balancer and Keepalived service to them, and configure the virtual IP address of the extended network.
下面对本发明实施例提供的一种Kubernetes集群及计算机可读存储介质进行介绍,下文描述的Kubernetes集群及计算机可读存储介质与上文描述的业务数据处理方法,可相互对应参照。The following is an introduction to a Kubernetes cluster and a computer-readable storage medium provided by embodiments of the present invention. The Kubernetes cluster and computer-readable storage medium described below and the business data processing method described above can be mutually referenced.
请参考图3,图3为本发明实施例所提供的另一种Kubernetes集群的结构框图,该集群可以包括:控制节点301、流量入口装置302及负载节点303,其中,Please refer to Figure 3. Figure 3 is a structural block diagram of another Kubernetes cluster provided by an embodiment of the present invention. The cluster may include: a control node 301, a traffic inlet device 302 and a load node 303, where,
控制节点301,用于在接收到客户端的业务数据时,确定业务数据所属的业务网,并将业务数据转发至业务网对应的流量入口装置302;The control node 301 is configured to determine the service network to which the service data belongs when receiving the client's service data, and forward the service data to the traffic entrance device 302 corresponding to the service network;
流量入口装置302,用于确定业务数据对应的负载节点303,并将业务数据转发至负载节点303;The traffic entrance device 302 is used to determine the load node 303 corresponding to the business data, and forward the business data to the load node 303;
负载节点303,用于利用容器应用处理业务数据。Load node 303 is used to process business data using container applications.
可选地,流量入口装置302,还用于利用负载均衡服务查找业务数据对应的空闲负载节点303,并将业务数据转发至空闲负载节点303。Optionally, the traffic entry device 302 is also used to use the load balancing service to find the idle load node 303 corresponding to the business data, and forward the business data to the idle load node 303.
可选地,负载均衡服务为Haproxy。Optionally, the load balancing service is Haproxy.
可选地,流量入口装置302包含多个工作节点,其中,Optionally, the traffic inlet device 302 includes multiple working nodes, where,
流量入口装置302,还用于配置Keepalived服务及虚拟IP地址,以使Keepalived服务实时检测工作节点的工作状态,并将虚拟IP地址映射至任一正常工作的目标工作节点;将虚拟IP地址与目标工作节点的映射关系保存至控制节点301,并向对应的业务网的目标客户端提供虚拟IP地址,以使目标客户端利用虚拟IP地址发送业务数据;The traffic entrance device 302 is also used to configure the Keepalived service and the virtual IP address, so that the Keepalived service detects the working status of the working node in real time and maps the virtual IP address to any normally working target working node; connect the virtual IP address with the target The mapping relationship of the working node is saved to the control node 301, and the virtual IP address is provided to the target client of the corresponding business network, so that the target client uses the virtual IP address to send service data;
相应的,控制节点301,还用于提取业务数据的目标IP地址,并根据映射关系查找目标IP地址对应的目标工作节点;将业务数据转发至目标工作节点。Correspondingly, the control node 301 is also used to extract the target IP address of the business data, find the target working node corresponding to the target IP address according to the mapping relationship, and forward the business data to the target working node.
可选地,集群控制节点301,还可以用于获取业务网的数量;根据数量对负载节点303进行分组,并将每组负载节点303设置为流量入口装置302,将每一流量入口装置302中的负载节点303设置为工作节点。Optionally, the cluster control node 301 can also be used to obtain the number of service networks; group the load nodes 303 according to the number, and set each group of load nodes 303 as a traffic inlet device 302, and configure each group of load nodes 303 in the traffic inlet device 302. The load node 303 is set as a working node.
本发明实施例还提供一种计算机可读存储介质,计算机可读存储介质上存储有计算机程序,计算机程序被处理器执行时实现上述任意实施例的业务数据处理方法的步骤。Embodiments of the present invention also provide a computer-readable storage medium. A computer program is stored on the computer-readable storage medium. When the computer program is executed by a processor, the steps of the business data processing method of any of the above embodiments are implemented.
由于计算机可读存储介质部分的实施例与业务数据处理方法部分的实施例相互对应,因此计算机可读存储介质部分的实施例请参见业务数据处理方法部分的实施例的描述,这里暂不赘述。Since the embodiments of the computer-readable storage medium part correspond to the embodiments of the business data processing method part, for the embodiments of the computer-readable storage medium part, please refer to the description of the embodiments of the business data processing method part and will not be described again here.
说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似部分互相参见即可。对于实施例公开的装置而言,由于其与实施例公开的方法相对应,所以描述的比较简单,相关之处参见方法部分说明即可。Each embodiment in the specification is described in a progressive manner. Each embodiment focuses on its differences from other embodiments. The same and similar parts between the various embodiments can be referred to each other. As for the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple. For relevant details, please refer to the description in the method section.
专业人员还可以进一步意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。Those skilled in the art may further realize that the units and algorithm steps of each example described in connection with the embodiments disclosed herein can be implemented by electronic hardware, computer software, or a combination of both. In order to clearly illustrate the possible functions of hardware and software, Interchangeability, in the above description, the composition and steps of each example have been generally described according to functions. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each specific application, but such implementations should not be considered to be beyond the scope of the present invention.
结合本文中所公开的实施例描述的方法或算法的步骤可以直接用硬件、处理器执行的软件模块,或者二者的结合来实施。软件模块可以置于随机存储器(RAM)、内存、只读存储器(ROM)、电可编程ROM、电可擦除可编程ROM、寄存器、硬盘、可移动磁盘、CD-ROM、或技术领域内所公知的任意其它形式的存储介质中。The steps of the methods or algorithms described in conjunction with the embodiments disclosed herein may be implemented directly in hardware, in software modules executed by a processor, or in a combination of both. Software modules may be located in random access memory (RAM), memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disks, removable disks, CD-ROMs, or anywhere in the field of technology. any other known form of storage media.
以上对本发明所提供的一种业务数据处理方法、Kubernetes集群及计算机可读存储介质进行了详细介绍。本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想。应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可以对本发明进行若干改进和修饰,这些改进和修饰也落入本发明权利要求的保护范围内。The above has introduced in detail a business data processing method, a Kubernetes cluster and a computer-readable storage medium provided by the present invention. This article uses specific examples to illustrate the principles and implementation methods of the present invention. The description of the above embodiments is only used to help understand the method and the core idea of the present invention. It should be noted that those skilled in the art can make several improvements and modifications to the present invention without departing from the principles of the present invention, and these improvements and modifications also fall within the scope of the claims of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111226347.4ACN114024971B (en) | 2021-10-21 | 2021-10-21 | Service data processing method, kubernetes cluster and medium |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111226347.4ACN114024971B (en) | 2021-10-21 | 2021-10-21 | Service data processing method, kubernetes cluster and medium |
| Publication Number | Publication Date |
|---|---|
| CN114024971A CN114024971A (en) | 2022-02-08 |
| CN114024971Btrue CN114024971B (en) | 2024-02-13 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111226347.4AActiveCN114024971B (en) | 2021-10-21 | 2021-10-21 | Service data processing method, kubernetes cluster and medium |
| Country | Link |
|---|---|
| CN (1) | CN114024971B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114745185B (en)* | 2022-04-18 | 2024-08-13 | 阿里巴巴(中国)有限公司 | Cluster access method and device |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9444744B1 (en)* | 2015-04-04 | 2016-09-13 | Cisco Technology, Inc. | Line-rate selective load balancing of permitted network traffic |
| CN110209492A (en)* | 2019-03-21 | 2019-09-06 | 腾讯科技(深圳)有限公司 | A kind of data processing method and device |
| CN111638957A (en)* | 2020-06-01 | 2020-09-08 | 山东汇贸电子口岸有限公司 | Method for realizing cluster sharing type public cloud load balance |
| CN111935312A (en)* | 2020-09-21 | 2020-11-13 | 深圳蜂巢互联(南京)科技研究院有限公司 | Industrial Internet container cloud platform and flow access control method thereof |
| CN112445623A (en)* | 2020-12-14 | 2021-03-05 | 招商局金融科技有限公司 | Multi-cluster management method and device, electronic equipment and storage medium |
| CN112492022A (en)* | 2020-11-25 | 2021-03-12 | 上海中通吉网络技术有限公司 | Cluster, method, system and storage medium for improving database availability |
| CN112905305A (en)* | 2021-03-03 | 2021-06-04 | 国网电力科学研究院有限公司 | VPP-based cluster type virtualized data forwarding method, device and system |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9444744B1 (en)* | 2015-04-04 | 2016-09-13 | Cisco Technology, Inc. | Line-rate selective load balancing of permitted network traffic |
| CN110209492A (en)* | 2019-03-21 | 2019-09-06 | 腾讯科技(深圳)有限公司 | A kind of data processing method and device |
| CN111638957A (en)* | 2020-06-01 | 2020-09-08 | 山东汇贸电子口岸有限公司 | Method for realizing cluster sharing type public cloud load balance |
| CN111935312A (en)* | 2020-09-21 | 2020-11-13 | 深圳蜂巢互联(南京)科技研究院有限公司 | Industrial Internet container cloud platform and flow access control method thereof |
| CN112492022A (en)* | 2020-11-25 | 2021-03-12 | 上海中通吉网络技术有限公司 | Cluster, method, system and storage medium for improving database availability |
| CN112445623A (en)* | 2020-12-14 | 2021-03-05 | 招商局金融科技有限公司 | Multi-cluster management method and device, electronic equipment and storage medium |
| CN112905305A (en)* | 2021-03-03 | 2021-06-04 | 国网电力科学研究院有限公司 | VPP-based cluster type virtualized data forwarding method, device and system |
| Publication number | Publication date |
|---|---|
| CN114024971A (en) | 2022-02-08 |
| Publication | Publication Date | Title |
|---|---|---|
| CN111464592B (en) | Load balancing method, device, equipment and storage medium based on micro-service | |
| US10171567B2 (en) | Load balancing computer device, system, and method | |
| EP3367638B1 (en) | Load balancing method, device and system | |
| JP6169251B2 (en) | Asymmetric packet flow in distributed load balancers | |
| US12095855B2 (en) | Distributed resilient load-balancing for multipath transport protocols | |
| WO2015058626A1 (en) | Virtual network function network elements management method, device and system | |
| CN106790059B (en) | Service calling method and system for cloud system of smart television L aunch | |
| US20140056121A1 (en) | System and method for supporting high available (ha) network communication in a middleware machine environment | |
| US10237235B1 (en) | System for network address translation | |
| US10827042B2 (en) | Traffic optimization for multi-node applications | |
| CN105704042A (en) | Message processing method, BNG and BNG cluster system | |
| US10530634B1 (en) | Two-channel-based high-availability | |
| CN111641730A (en) | Scalable address resolution | |
| US20240250918A1 (en) | Node for running container group, and container group management system and method | |
| CN113839862A (en) | Method, system, terminal and storage medium for synchronizing ARP information between MCLAG neighbors | |
| CN110830574A (en) | Method for realizing intranet load balance based on docker container | |
| CN112243036B (en) | Data processing method and device for PaaS service, equipment and storage medium | |
| CN114024971B (en) | Service data processing method, kubernetes cluster and medium | |
| CN106254095B (en) | The backup processing method and equipment of tunnel traffic | |
| CN109120556B (en) | Method and system for cloud host to access object storage server | |
| WO2020181733A1 (en) | Vpc-based multi-data center intercommunication method and related device | |
| CN117792982A (en) | Message forwarding method, information publishing method, device, equipment and storage medium | |
| US9118581B2 (en) | Routing network traffic | |
| WO2022161501A1 (en) | Method for processing multiple data flows, and related system | |
| JP7755045B2 (en) | Node for running container groups, and container group management system and method |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |