CN114385447A - A microservice bus technology architecture system - Google Patents

Abstract

The invention relates to the field of micro service buses, in particular to a micro service bus technical architecture system. The service exchange function module in the system is provided with a load balancing mechanism and is used for keeping high availability of various services, ensuring stable operation of the system and utilizing an interface to carry out service interaction on the premise of safety control; the control interface function module has a resending function of automatically resending messages which are not processed in time after a predefined time, a function of tracking the messages, and provides various activation modes for controlling whether a user can access the interface service or not through the control list by controlling the service state of the interface; the control operation log function module has access control, safety authentication and high-availability service functions and is used for providing an operation system log; the safety management system function module has the functions of identity authentication and authorization and is used for communication outside a safety domain. The technical problem that the existing micro service bus is single in function is solved.

Description

Translated fromChinese

一种微服务总线技术架构系统A microservice bus technology architecture system

技术领域technical field

本发明属于微服务总线领域，尤其涉及一种微服务总线技术架构系统。The invention belongs to the field of micro-service bus, and in particular relates to a micro-service bus technology architecture system.

背景技术Background technique

微服务总线建设目的是通过接管标准接口，形成服务目录、数据目录和安全目录，通过服务目录、数据目录及安全目录的协同使用，有效避免了服务交换过程中不可监督、不可视、不可追溯、不可控导致的数据滥用、冒用和复用，但现有的微服务总线功能单一。The purpose of the construction of the microservice bus is to form a service directory, data directory and security directory by taking over the standard interface. Uncontrollable data abuse, fraudulent use and reuse, but the existing microservice bus has a single function.

发明内容SUMMARY OF THE INVENTION

本发明实施例提供了一种微服务总线技术架构系统，以至少解决现有微服务总线功能单一的技术问题。The embodiment of the present invention provides a micro-service bus technology architecture system, so as to at least solve the technical problem of the single function of the existing micro-service bus.

根据本发明的实施例，提供了一种微服务总线技术架构系统，包括：服务交换功能模块、管控接口功能模块、管控操作日志功能模块、安全管理系统功能模块；其中：According to an embodiment of the present invention, a micro-service bus technology architecture system is provided, including: a service exchange function module, a management and control interface function module, a management and control operation log function module, and a security management system function module; wherein:

服务交换功能模块具备负载均衡机制，用于保持各类服务的高度可用性，保证系统平稳运行，在安全控制的前提下利用接口进行服务的交互；The service exchange function module has a load balancing mechanism, which is used to maintain the high availability of various services, ensure the smooth operation of the system, and use the interface for service interaction under the premise of security control;

管控接口功能模块具备在预定义时间后自动重新发送未及时处理消息的重新发送功能，对消息进行跟踪的功能，并且提供各种激活方式，用于通过对接口服务状态的控制，实现通过控制列表控制用户是否可以访问接口服务；The management and control interface function module has the function of automatically resending messages that are not processed in time after a predefined time, tracking the messages, and providing various activation methods for controlling the interface service status and implementing the control list. Control whether users can access interface services;

管控操作日志功能模块具备访问控制、安全认证以及高可用服务功能，用于提供操作系统日志；The management and control operation log function module has access control, security authentication and high-availability service functions, and is used to provide operating system logs;

安全管理系统功能模块具备身份验证及授权功能，用于在安全域之外进行通信。The security management system function module has the functions of authentication and authorization, and is used for communication outside the security domain.

进一步地，微服务总线技术架构系统内构建有微服务总线，用于实现服务交换功能。Further, a micro-service bus is built in the micro-service bus technical architecture system to realize the service exchange function.

进一步地，微服务总线在提供服务交换功能的同时，还提供安全作用，同时微服务总线将控制权限重的非业务逻辑内容迁移到服务路由层面，使得服务集群主体具备高可复用性和可测试性。Further, the microservice bus not only provides the service exchange function, but also provides security. At the same time, the microservice bus migrates the non-business logic content with heavy control authority to the service routing level, making the service cluster subject highly reusable and reusable. Testability.

进一步地，服务交换功能模块功能具体包括：Further, the functions of the service exchange function module specifically include:

服务申请，利用接口服务的交互，在对外提供服务的时候，通过开放微服务总线的地址让服务调用方访问到申请的服务；Service application, using the interaction of interface services, when providing services to the outside world, the service caller can access the requested service by opening the address of the microservice bus;

安全控制，通过与安全服务进行交互，对内部的服务提供用户权限控制、加解密安全措施来确保服务调用方只能访问它应该访问到的接口服务；Security control, by interacting with security services, providing user permission control, encryption and decryption security measures for internal services to ensure that the service caller can only access the interface services it should access;

高可用性，保持各类服务的高度可用性，同时保证系统平稳运行；High availability, maintain high availability of various services, while ensuring the smooth operation of the system;

负载均衡，具备负载均衡机制。Load balancing, with a load balancing mechanism.

进一步地，管控接口功能模块具体用于统计信息与状态、消息跟踪，消息重新传递，提供警报机制以及故障切换功能。Further, the management and control interface function module is specifically used for statistical information and status, message tracking, message redelivery, providing an alarm mechanism and a failover function.

进一步地，管控接口功能模块功能具体包括：Further, the functions of the management and control interface function module specifically include:

实时控制，通过对接口服务状态的控制，实现通过控制列表控制用户是否访问接口服务，最终通过此功能实现对接口服务进行实时控制；Real-time control, through the control of the status of the interface service, it is possible to control whether the user accesses the interface service through the control list, and finally realize the real-time control of the interface service through this function;

报警功能，微服务总线提供一个发送警报消息的机制，通过各种通道进行发送，最终集成到现有监视环境中；Alarm function, the microservice bus provides a mechanism for sending alarm messages, which are sent through various channels, and finally integrated into the existing monitoring environment;

服务等级，支持统计信息与状态功能组件的信息基础上定义的规则，支持度量和监视SLA，通过使用警报组件通知任何SLA侵权；Service levels, support for statistics and rules defined on the basis of information from the Status functional component, support for measuring and monitoring SLAs, and notification of any SLA violations through the use of the Alerting component;

追踪工具，具备对消息进行跟踪的功能，并且提供各种激活方式；A tracking tool, which has the function of tracking messages and provides various activation methods;

自动重发，具备在预定义时间后自动重新发送未及时处理消息的重新发送功能；配置尝试次数以及它们之间的时间间隔；Automatic resend, with resend function to automatically resend unprocessed messages after a predefined time; configure the number of attempts and the time interval between them;

备用服务，支持指定一个备用服务提供者，在主服务提供者不可用时自动调用。Alternate service, supports specifying an alternate service provider, which is automatically invoked when the primary service provider is unavailable.

进一步地，微服务总线将管控操作日志功能模块推送至可视化平台。Further, the microservice bus pushes the management and control operation log function module to the visualization platform.

进一步地，管控操作日志功能模块功能具体包括：Further, the functions of the management and control operation log function module specifically include:

操作日志，微服务总线提供操作系统日志，包括但不限于统计信息；Operation logs, Microservice Bus provides operating system logs, including but not limited to statistical information;

故障定位，提供管控、服务消费与管理审计日志，服务调用状况统计、网络链路分析，以及系统巡检和报警能力；Fault location, providing management and control, service consumption and management audit logs, service invocation status statistics, network link analysis, and system inspection and alarm capabilities;

资源监控，提供日志监控以及实时报警功能，同时提供实例管理、用户管理、系统角色权限定制能力。Resource monitoring provides log monitoring and real-time alarm functions, as well as instance management, user management, and system role permission customization capabilities.

进一步地，微服务总线具备访问控制、安全认证以及高可用服务功能。Further, the microservice bus has access control, security authentication, and high-availability service functions.

进一步地，安全管理系统功能模块功能具体包括：Further, the functions of the security management system functional modules specifically include:

数据安全，保持各个任务数据的安全性，对用户进行配置访问控制，访问控制应具备身份验证及授权功能，对接入的服务进行身份验证，验证成功后方可提供授权；Data security, maintain the security of each task data, configure access control for users, access control should have authentication and authorization functions, authenticate the access services, and provide authorization after successful authentication;

安全认证，将一个域的凭证转换成另一个域的相应凭证,在安全域之外进行通信，支持消息内容的加密和解密；Security authentication, which converts the credentials of one domain into the corresponding credentials of another domain, communicates outside the security domain, and supports encryption and decryption of message content;

高可用性，保持高度可用性，高可用服务列出一个逻辑服务提供者的几个服务端点，使用冗余服务实现，根据定义的策略交替调用每个请求，循环调用，或根据消息优先级和负载依赖关系进行调用。High Availability, Maintain High Availability, High Availability Services List several service endpoints of a logical service provider, implemented using redundant services, call each request alternately according to a defined policy, round-robin, or according to message priority and load dependency relationship to call.

本发明实施例中的微服务总线技术架构系统中，服务交换功能模块具备负载均衡机制，用于保持各类服务的高度可用性，保证系统平稳运行，在安全控制的前提下利用接口进行服务的交互；管控接口功能模块具备在预定义时间后自动重新发送未及时处理消息的重新发送功能，对消息进行跟踪的功能，并且提供各种激活方式，用于通过对接口服务状态的控制，实现通过控制列表控制用户是否可以访问接口服务；管控操作日志功能模块具备访问控制、安全认证以及高可用服务功能，用于提供操作系统日志；安全管理系统功能模块具备身份验证及授权功能，用于在安全域之外进行通信。解决了现有微服务总线功能单一的技术问题。In the micro-service bus technology architecture system in the embodiment of the present invention, the service exchange function module has a load balancing mechanism, which is used to maintain the high availability of various services, ensure the stable operation of the system, and use interfaces to interact with services under the premise of security control. ;The management and control interface function module has the function of automatically resending messages that are not processed in time after a predefined time, and has the function of tracking messages, and provides various activation methods for controlling the interface service status. The list controls whether users can access interface services; the management and control operation log function module has access control, security authentication and high-availability service functions, and is used to provide operating system logs; the security management system function module has authentication and authorization functions, which are used in the security domain. communicate outside. It solves the technical problem of the single function of the existing microservice bus.

附图说明Description of drawings

此处所说明的附图用来提供对本发明的进一步理解，构成本申请的一部分，本发明的示意性实施例及其说明用于解释本发明，并不构成对本发明的不当限定。在附图中：The accompanying drawings described herein are used to provide a further understanding of the present invention and constitute a part of the present application. The exemplary embodiments of the present invention and their descriptions are used to explain the present invention and do not constitute an improper limitation of the present invention. In the attached image:

图1为本发明微服务总线技术架构系统的示意图；Fig. 1 is the schematic diagram of the micro-service bus technology architecture system of the present invention;

图2为本发明微服务总线技术架构系统中服务交换功能模块的功能用例图；Fig. 2 is the functional use case diagram of the service switching functional module in the micro-service bus technology architecture system of the present invention;

图3为本发明微服务总线技术架构系统中管控接口功能模块的功能用例图；FIG. 3 is a functional use case diagram of the management and control interface functional module in the micro-service bus technology architecture system of the present invention;

图4为本发明微服务总线技术架构系统中管控操作日志功能模块的功能用例图；FIG. 4 is a functional use case diagram of the management and control operation log function module in the micro-service bus technology architecture system of the present invention;

图5为本发明微服务总线技术架构系统中安全管理系统功能模块的功能用例图。FIG. 5 is a functional use case diagram of the function module of the security management system in the micro-service bus technology architecture system of the present invention.

具体实施方式Detailed ways

为了使本技术领域的人员更好地理解本发明方案，下面将结合本发明实施例中的附图，对本发明实施例中的技术方案进行清楚、完整地描述，显然，所描述的实施例仅仅是本发明一部分的实施例，而不是全部的实施例。基于本发明中的实施例，本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例，都应当属于本发明保护的范围。In order to make those skilled in the art better understand the solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only Embodiments are part of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

需要说明的是，本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象，而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换，以便这里描述的本发明的实施例能够以除了在这里图示或描述的那些以外的顺序实施。此外，术语“包括”和“具有”以及他们的任何变形，意图在于覆盖不排他的包含，例如，包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元，而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。It should be noted that the terms "first", "second" and the like in the description and claims of the present invention and the above drawings are used to distinguish similar objects, and are not necessarily used to describe a specific sequence or sequence. It is to be understood that the data so used may be interchanged under appropriate circumstances such that the embodiments of the invention described herein can be practiced in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having" and any variations thereof, are intended to cover non-exclusive inclusion, for example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to those expressly listed Rather, those steps or units may include other steps or units not expressly listed or inherent to these processes, methods, products or devices.

参见图1，本发明的服务交换系统需要建设微服务总线实现服务交换功能。微服务总线在提供服务交换功能的同时，还需要提供安全作用，这样才能满足块数据指挥调度中心的管理要求，同时微服务总线需要将控制权限这些较重的非业务逻辑内容迁移到服务路由层面，使得服务集群主体能够具备更高的可复用性和可测试性。Referring to FIG. 1 , the service exchange system of the present invention needs to construct a micro-service bus to realize the service exchange function. While providing the service exchange function, the microservice bus also needs to provide security, so as to meet the management requirements of the block data command and dispatch center. At the same time, the microservice bus needs to migrate the heavy non-business logic content such as control authority to the service routing level. , so that the main body of the service cluster can have higher reusability and testability.

服务交换功能的功能用例如图2所示，具体包括：The functional use example of the service exchange function is shown in Figure 2, which includes:

服务申请。利用接口服务的交互，在对外提供服务的时候，只需要通过开放微服务总线的地址就可以让服务调用方访问到申请的服务，而不需要提供具体提供服务的主机信息。service application. Using the interaction of interface services, when providing services to the outside world, the service caller only needs to open the address of the microservice bus to allow the service caller to access the requested service without providing the host information that provides the specific service.

安全控制。通过与安全服务进行交互，对内部的服务提供用户权限控制、加解密等等安全措施来确保服务调用方只能访问它应该访问到的接口服务。safely control. By interacting with security services, it provides security measures such as user permission control, encryption and decryption for internal services to ensure that the service caller can only access the interface services it should access.

高可用性。为了避免系统在长时间运行下会出现各类问题，包括单点故障、数据丢失、数据一致性问题等，故本发明的系统须保持各类服务的高度可用性，同时保证系统平稳运行，避免出现异常时的故障蔓延。High availability. In order to avoid various problems during long-term operation of the system, including single point of failure, data loss, data consistency problems, etc., the system of the present invention must maintain high availability of various services, and at the same time ensure the smooth operation of the system to avoid the occurrence of Failure propagation when abnormal.

负载均衡。随着业务量的不断增加，访问量的不断增加，设备以及各类服务的处理量也相应增大，从而出现高负荷运行的状态，为避免此状态的出现，系统须具备负载均衡机制。load balancing. With the continuous increase of business volume and access, the processing volume of equipment and various services also increases accordingly, resulting in a state of high-load operation. To avoid this state, the system must have a load balancing mechanism.

块数据指挥调度中心建设过程中，本发明充分考虑了管理员需要具备的对当前数据资源接口的管理和控制手段，最终实现建成一个服务管理中心，使其可以对所有接口进行管控，提高块数据调度中心系统的可控性，进而提升数据资源的安全性。管控接口需要实现以下几个方面的功能：包括但不限于统计信息与状态、消息跟踪，消息重新传递等功能，同时，为了保证系统的安全性以及可靠性，系统还须提供警报机制以及故障切换功能。During the construction of the block data command and dispatch center, the present invention fully considers the management and control means for the current data resource interface that the administrator needs to have, and finally realizes the establishment of a service management center, which can manage and control all interfaces and improve the block data. The controllability of the dispatch center system, thereby improving the security of data resources. The management and control interface needs to implement the following functions: including but not limited to statistical information and status, message tracking, message retransmission and other functions. At the same time, in order to ensure the security and reliability of the system, the system must also provide an alarm mechanism and failover. Function.

管控接口功能的功能用例如图3所示，具体包括：The functional example of the control interface function is shown in Figure 3, which includes:

实时控制。通过对接口服务状态的控制，可以实现通过控制列表控制用户是否可以访问接口服务，最终通过此功能可以实现对接口服务进行实时控制，提高系统的安全性。Real-time control. By controlling the status of the interface service, it is possible to control whether the user can access the interface service through the control list. Finally, this function can realize the real-time control of the interface service and improve the security of the system.

报警功能。微服务总线提供一个发送警报消息的机制，需通过各种通道进行发送，最终可以集成到现有监视环境中。Alarm function. The microservice bus provides a mechanism for sending alert messages, which need to be sent through various channels, and can eventually be integrated into existing monitoring environments.

服务等级。系统须支持统计信息与状态功能组件的信息基础上定义的规则，支持度量和监视SLA。通过使用警报组件通知任何SLA侵权，以保证实现各类用户需求。service level. The system shall support rules defined on the basis of information from the statistics and status functional components, support metrics and monitor SLAs. Various user requirements are guaranteed to be fulfilled by notifying any SLA violations using an alerting component.

追踪工具。系统必须具备对消息进行跟踪的功能，并且提供各种激活方式，比如按需激活方式，以便将相关开销降至最低。tracking tool. The system must have the ability to track messages and provide various activation methods, such as on-demand activation, to minimize the associated overhead.

自动重发。系统应具备在预定义时间后自动重新发送未及时处理消息的重新发送功能。可以配置尝试次数以及它们之间的时间间隔。该组件可应对仅持续一段时间的技术错误，如临时网络中断。Automatically resend. The system should have a resend feature that automatically resends out-of-time messages after a predefined time. The number of attempts and the time interval between them can be configured. This component can handle technical errors that last only a short time, such as temporary network outages.

备用服务。系统须支持指定一个备用服务提供者，在主服务提供者不可用时自动调用，以确保系统的稳定运行。Backup service. The system must support the designation of an alternate service provider, which is automatically invoked when the primary service provider is unavailable to ensure the stable operation of the system.

为了推动数据“聚通用”，方便更好的管理块数据指挥调度中心，块数据指挥调度中心的可视化平台需要及时的、正确的、详细的、多方位展现出块数据指挥调度中心的运行状态，因此，微服务总线需要将管控操作日志推送至可视化平台。In order to promote the "combination" of data and facilitate better management of the block data command and dispatch center, the visualization platform of the block data command and dispatch center needs to display the operation status of the block data command and dispatch center in a timely, accurate, detailed and multi-directional manner. Therefore, the microservice bus needs to push the management and control operation logs to the visualization platform.

管控操作日志功能的功能用例如图4所示，具体包括：The functional use example of the management and control operation log function is shown in Figure 4, which includes:

操作日志。微服务总线应提供操作系统日志，包括但不限于统计信息，如数量错误、最小和最大响应时间以及处理的消息数量。Operation log. A microservice bus should provide operating system logs, including but not limited to statistics such as number errors, minimum and maximum response times, and number of messages processed.

故障定位。系统须提供管控、服务消费与管理审计日志，详尽的服务调用状况统计、网络链路分析，以及系统巡检和报警能力。Fault location. The system must provide management and control, service consumption and management audit logs, detailed service call status statistics, network link analysis, and system inspection and alarm capabilities.

资源监控。系统提供日志监控以及实时报警功能，同时支持提供实例管理、用户管理、灵活的系统角色权限定制能力。Resource monitoring. The system provides log monitoring and real-time alarm functions, as well as instance management, user management, and flexible customization of system role permissions.

微服务总线须具备访问控制、安全认证以及高可用服务功能。A microservice bus must have access control, security authentication, and high-availability service functions.

安全管理系统功能的功能用例如图5所示，具体包括：The functional use example of the safety management system function is shown in Figure 5, which includes:

数据安全。系统需保持各个任务数据的安全性，故用户需要配置访问控制，访问控制应具备身份验证及授权功能，系统对接入的服务进行身份验证，验证成功后方可提供授权，保证整个系统的安全可靠。Data Security. The system needs to maintain the security of each task data, so users need to configure access control. The access control should have the functions of identity verification and authorization. The system verifies the identity of the accessed services. After the verification is successful, it can provide authorization to ensure the safety and reliability of the entire system. .

安全认证。将一个域的凭证转换成另一个域的相应凭证,在安全域之外进行通信，支持消息内容的加密和解密提高安全性。safety certificate. Convert the credentials of one domain to the corresponding credentials of another domain, communicate outside the security domain, and support the encryption and decryption of message content to improve security.

高可用性。系统需保持高度可用性，高可用服务保证在系统发生故障时，依然可以安全、稳定的运行，服务与硬件无关。同时，高可用服务可以列出一个逻辑服务提供者的几个服务端点。使用冗余服务实现，根据定义的策略交替调用每个请求，可以循环调用，也可根据消息优先级和负载依赖关系进行调用。High availability. The system needs to maintain high availability, and the high availability service ensures that in the event of a system failure, it can still run safely and stably, and the service has nothing to do with hardware. At the same time, a highly available service can list several service endpoints of a logical service provider. Implemented using redundant services, each request is invoked alternately according to a defined policy, either cyclically or based on message priority and load dependencies.

上述本发明实施例序号仅仅为了描述，不代表实施例的优劣。The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.

在本发明的上述实施例中，对各个实施例的描述都各有侧重，某个实施例中没有详述的部分，可以参见其他实施例的相关描述。In the above-mentioned embodiments of the present invention, the description of each embodiment has its own emphasis. For parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

在本申请所提供的几个实施例中，应该理解到，所揭露的技术内容，可通过其它的方式实现。其中，以上所描述的系统实施例仅仅是示意性的，例如单元的划分，可以为一种逻辑功能划分，实际实现时可以有另外的划分方式，例如多个单元或组件可以结合或者可以集成到另一个系统，或一些特征可以忽略，或不执行。另一点，所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口，单元或模块的间接耦合或通信连接，可以是电性或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed technical content can be implemented in other ways. The system embodiments described above are only illustrative, for example, the division of units may be a logical function division, and there may be other division methods in actual implementation, for example, multiple units or components may be combined or integrated into Another system, or some features can be ignored, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of units or modules, and may be in electrical or other forms.

作为分离部件说明的单元可以是或者也可以不是物理上分开的，作为单元显示的部件可以是或者也可以不是物理单元，即可以位于一个地方，或者也可以分布到多个单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。Units described as separate components may or may not be physically separated, and components shown as units may or may not be physical units, that is, may be located in one place, or may be distributed over multiple units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

另外，在本发明各个实施例中的各功能单元可以集成在一个处理单元中，也可以是各个单元单独物理存在，也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现，也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The above-mentioned integrated units may be implemented in the form of hardware, or may be implemented in the form of software functional units.

集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时，可以存储在一个计算机可读取存储介质中。基于这样的理解，本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来，该计算机软件产品存储在一个存储介质中，包括若干指令用以使得一台计算机设备(可为个人计算机、服务器或者网络设备等)执行本发明各个实施例方法的全部或部分步骤。而前述的存储介质包括：U盘、只读存储器(ROM，Read-Only Memory)、随机存取存储器(RAM，Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented as a software functional unit and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention is essentially or the part that contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , which includes several instructions for causing a computer device (which can be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods of the various embodiments of the present invention. The aforementioned storage medium includes: U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disk and other media that can store program codes .

以上所述仅是本发明的优选实施方式，应当指出，对于本技术领域的普通技术人员来说，在不脱离本发明原理的前提下，还可以做出若干改进和润饰，这些改进和润饰也应视为本发明的保护范围。The above are only the preferred embodiments of the present invention. It should be pointed out that for those skilled in the art, without departing from the principles of the present invention, several improvements and modifications can be made. It should be regarded as the protection scope of the present invention.

Claims (10)

Translated fromChinese

1.一种微服务总线技术架构系统，其特征在于，包括：服务交换功能模块、管控接口功能模块、管控操作日志功能模块、安全管理系统功能模块；其中：1. a micro-service bus technology architecture system, is characterized in that, comprises: service exchange function module, management and control interface function module, management and control operation log function module, safety management system function module; Wherein:服务交换功能模块具备负载均衡机制，用于保持各类服务的高度可用性，保证系统平稳运行，在安全控制的前提下利用接口进行服务的交互；The service exchange function module has a load balancing mechanism, which is used to maintain the high availability of various services, ensure the smooth operation of the system, and use the interface for service interaction under the premise of security control;管控接口功能模块具备在预定义时间后自动重新发送未及时处理消息的重新发送功能，对消息进行跟踪的功能，并且提供各种激活方式，用于通过对接口服务状态的控制，实现通过控制列表控制用户是否可以访问接口服务；The management and control interface function module has the function of automatically resending messages that are not processed in time after a predefined time, tracking the messages, and providing various activation methods for controlling the interface service status and implementing the control list. Control whether users can access interface services;管控操作日志功能模块具备访问控制、安全认证以及高可用服务功能，用于提供操作系统日志；The management and control operation log function module has access control, security authentication and high-availability service functions, and is used to provide operating system logs;安全管理系统功能模块具备身份验证及授权功能，用于在安全域之外进行通信。The security management system function module has the functions of authentication and authorization, and is used for communication outside the security domain.2.根据权利要求1所述的微服务总线技术架构系统，其特征在于，微服务总线技术架构系统内构建有微服务总线，用于实现服务交换功能。2 . The micro-service bus technology architecture system according to claim 1 , wherein a micro-service bus is built in the micro-service bus technology architecture system for realizing a service exchange function. 3 .3.根据权利要求2所述的微服务总线技术架构系统，其特征在于，微服务总线在提供服务交换功能的同时，还提供安全作用，同时微服务总线将控制权限重的非业务逻辑内容迁移到服务路由层面，使得服务集群主体具备高可复用性和可测试性。3. The micro-service bus technology architecture system according to claim 2, wherein the micro-service bus also provides a security function while providing a service exchange function, and the micro-service bus migrates the non-business logic content with heavy control authority at the same time. At the service routing level, the main body of the service cluster has high reusability and testability.4.根据权利要求1所述的微服务总线技术架构系统，其特征在于，服务交换功能模块功能具体包括：4. The micro-service bus technology architecture system according to claim 1, wherein the service exchange function module function specifically comprises:服务申请，利用接口服务的交互，在对外提供服务的时候，通过开放微服务总线的地址让服务调用方访问到申请的服务；Service application, using the interaction of interface services, when providing services to the outside world, the service caller can access the requested service by opening the address of the microservice bus;安全控制，通过与安全服务进行交互，对内部的服务提供用户权限控制、加解密安全措施来确保服务调用方只能访问它应该访问到的接口服务；Security control, by interacting with security services, providing user permission control, encryption and decryption security measures for internal services to ensure that the service caller can only access the interface services it should access;高可用性，保持各类服务的高度可用性，同时保证系统平稳运行；High availability, maintain high availability of various services, while ensuring the smooth operation of the system;负载均衡，具备负载均衡机制。Load balancing, with a load balancing mechanism.5.根据权利要求1所述的微服务总线技术架构系统，其特征在于，管控接口功能模块具体用于统计信息与状态、消息跟踪，消息重新传递，提供警报机制以及故障切换功能。5 . The micro-service bus technology architecture system according to claim 1 , wherein the management and control interface function module is specifically used for statistical information and status, message tracking, message retransmission, providing an alarm mechanism and a failover function. 6 .6.根据权利要求1所述的微服务总线技术架构系统，其特征在于，管控接口功能模块功能具体包括：6. The micro-service bus technology architecture system according to claim 1, wherein the function of the control interface function module specifically includes:实时控制，通过对接口服务状态的控制，实现通过控制列表控制用户是否访问接口服务，最终通过此功能实现对接口服务进行实时控制；Real-time control, through the control of the status of the interface service, it is possible to control whether the user accesses the interface service through the control list, and finally realize the real-time control of the interface service through this function;报警功能，微服务总线提供一个发送警报消息的机制，通过各种通道进行发送，最终集成到现有监视环境中；Alarm function, the microservice bus provides a mechanism for sending alarm messages, which are sent through various channels, and finally integrated into the existing monitoring environment;服务等级，支持统计信息与状态功能组件的信息基础上定义的规则，支持度量和监视SLA，通过使用警报组件通知任何SLA侵权；Service levels, support for statistics and rules defined on the basis of information from the Status functional component, support for measuring and monitoring SLAs, and notification of any SLA violations through the use of the Alerting component;追踪工具，具备对消息进行跟踪的功能，并且提供各种激活方式；A tracking tool, which has the function of tracking messages and provides various activation methods;自动重发，具备在预定义时间后自动重新发送未及时处理消息的重新发送功能；配置尝试次数以及它们之间的时间间隔；Automatic resend, with resend function to automatically resend unprocessed messages after a predefined time; configure the number of attempts and the time interval between them;备用服务，支持指定一个备用服务提供者，在主服务提供者不可用时自动调用。Alternate service, supports specifying an alternate service provider, which is automatically invoked when the primary service provider is unavailable.7.根据权利要求1所述的微服务总线技术架构系统，其特征在于，微服务总线将管控操作日志功能模块推送至可视化平台。7 . The micro-service bus technology architecture system according to claim 1 , wherein the micro-service bus pushes the management and control operation log function module to the visualization platform. 8 .8.根据权利要求1所述的微服务总线技术架构系统，其特征在于，管控操作日志功能模块功能具体包括：8. The micro-service bus technology architecture system according to claim 1, wherein the function of the management and control operation log function module specifically includes:操作日志，微服务总线提供操作系统日志，包括但不限于统计信息；Operation logs, Microservice Bus provides operating system logs, including but not limited to statistical information;故障定位，提供管控、服务消费与管理审计日志，服务调用状况统计、网络链路分析，以及系统巡检和报警能力；Fault location, providing management and control, service consumption and management audit logs, service invocation status statistics, network link analysis, and system inspection and alarm capabilities;资源监控，提供日志监控以及实时报警功能，同时提供实例管理、用户管理、系统角色权限定制能力。Resource monitoring provides log monitoring and real-time alarm functions, as well as instance management, user management, and system role permission customization capabilities.9.根据权利要求1所述的微服务总线技术架构系统，其特征在于，微服务总线具备访问控制、安全认证以及高可用服务功能。9 . The micro-service bus technology architecture system according to claim 1 , wherein the micro-service bus has functions of access control, security authentication, and high-availability services. 10 .10.根据权利要求1所述的微服务总线技术架构系统，其特征在于，安全管理系统功能模块功能具体包括：10. The micro-service bus technology architecture system according to claim 1, wherein the security management system function module function specifically includes:数据安全，保持各个任务数据的安全性，对用户进行配置访问控制，访问控制应具备身份验证及授权功能，对接入的服务进行身份验证，验证成功后方可提供授权；Data security, maintain the security of each task data, configure access control for users, access control should have authentication and authorization functions, authenticate the access services, and provide authorization after successful authentication;安全认证，将一个域的凭证转换成另一个域的相应凭证,在安全域之外进行通信，支持消息内容的加密和解密；Security authentication, which converts the credentials of one domain into the corresponding credentials of another domain, communicates outside the security domain, and supports encryption and decryption of message content;高可用性，保持高度可用性，高可用服务列出一个逻辑服务提供者的几个服务端点，使用冗余服务实现，根据定义的策略交替调用每个请求，循环调用，或根据消息优先级和负载依赖关系进行调用。High Availability, Maintain High Availability, High Availability Services List several service endpoints of a logical service provider, implemented using redundant services, call each request alternately according to a defined policy, round-robin, or according to message priority and load dependency relationship to call.

Images