Microservice access method, apparatus, device, and medium

By obtaining access requests from microservices, determining server access permissions, and obtaining the actual access address, the data isolation problem during microservice sharing is solved, thereby improving security and convenience.

CN115577342BActive Publication Date: 2026-07-03CHINA MOBILE COMM GRP CHONGQING CO LTD +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA MOBILE COMM GRP CHONGQING CO LTD
Filing Date
2021-06-21
Publication Date
2026-07-03

Smart Images

  • Figure CN115577342B_ABST
    Figure CN115577342B_ABST
Patent Text Reader

Abstract

This application provides a microservice access method, apparatus, device, and medium. The method includes: obtaining an access request sent by a first server, the access request requesting access to a microservice, the access request including the microservice's registration address, and the registration address including the microservice's access type; if, based on the access type, it is determined that the first server has permission to access the microservice, obtaining the actual access address of the microservice based on the registration address; and accessing the microservice based on the actual access address. According to this application embodiment, not only can the convenience of microservice sharing be improved, but the security of microservice access can also be guaranteed while improving the convenience of microservice sharing.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application belongs to the field of microservice technology, and in particular relates to a microservice access method, apparatus, device and medium. Background Technology

[0002] Microservices are a cloud-native architectural approach suitable for medium to large-scale systems or platforms, where a single application consists of many loosely coupled and deployable smaller components or services. The unique aspect of microservices is that a platform can consist of tens of thousands of microservices, which can share resources while remaining independent of each other.

[0003] For large-scale systems, which are often composed of multiple modules, the modules are enormous and require both microservice sharing and data isolation. However, current technologies achieve full sharing between microservices by accessing modules through users and roles.

[0004] Therefore, existing technologies cannot guarantee data isolation between microservices and submodules when implementing microservice sharing, and consequently, cannot guarantee the security of access between microservices and submodules. Thus, how to improve the security of access between microservices and submodules while implementing microservice sharing is an urgent problem to be solved. Summary of the Invention

[0005] This application provides a microservice access method, apparatus, device, and medium that can ensure security when accessing microservices while enabling microservice sharing.

[0006] In a first aspect, embodiments of this application provide a microservice access method, the method comprising: obtaining an access request sent by a first server, the access request being used to request access to a microservice, the access request including the registration address of the microservice, the registration address including the access type of the microservice; determining, based on the access type, that the first server has permission to access the microservice; if the first server has permission to access the microservice, obtaining the actual access address of the microservice based on the registration address; and accessing the microservice based on the actual access address.

[0007] In some embodiments of the first aspect, the access type includes an authorization type; determining that the first server has access permission to the microservice based on the access type includes: obtaining an access list of the microservice based on the authorization type, the access list including at least one server with access permission to the microservice; and determining that the first server has access permission to the microservice based on at least one server with access permission to the microservice.

[0008] In some embodiments of the first aspect, the registration address includes an initial service address; obtaining the actual access address of the microservice based on the registration address includes: obtaining the server address where the microservice is located based on the initial service address and a preset load balancing strategy; and concatenating the server address and the initial service address to obtain the actual access address of the microservice.

[0009] In some embodiments of the first aspect, before obtaining the access request sent by the first server, the method further includes: obtaining the initial service address, access type, and module name of the microservice; and determining the registration address of the microservice based on the initial service address, access type, and module name.

[0010] Secondly, embodiments of this application provide a microservice access device, comprising: an acquisition module, configured to acquire an access request sent by a first server, the access request requesting access to a microservice, the access request including the registration address of the microservice, the registration address including the access type of the microservice; a determination module, configured to determine, based on the access type, that the first server has permission to access the microservice; the acquisition module, further configured to, if the first server has permission to access the microservice, acquire the actual access address of the microservice based on the registration address; and an access module, configured to access the microservice based on the actual access address.

[0011] In some embodiments of the second aspect, the access type includes an authorization type; comprising: an acquisition module, configured to acquire an access list of the microservice based on the authorization type, the access list including at least one server with access permission to the microservice; and a determination module, configured to determine, based on at least one server with access permission to the microservice, that a first server has access permission to the microservice.

[0012] In some embodiments of the second aspect, the registration address includes an initial service address; it includes: an acquisition module, used to acquire the server address where the microservice is located based on the initial service address and a preset load balancing strategy; and a concatenation module, used to concatenate the server address and the initial service address to obtain the actual access address of the microservice.

[0013] In some embodiments of the second aspect, the apparatus further includes: an acquisition module, configured to acquire the initial service address, access type, and module name of the microservice; and a determination module, configured to determine the registration address of the microservice based on the initial service address, access type, and module name.

[0014] Thirdly, a microservice access device is provided, comprising: a memory for storing computer program instructions; and a processor for reading and running the computer program instructions stored in the memory to execute the microservice access method provided by any optional implementation of the first and second aspects.

[0015] Fourthly, a computer storage medium is provided, on which computer program instructions are stored, wherein when the computer program instructions are executed by a processor, the microservice access method provided by any optional implementation of the first and second aspects is implemented.

[0016] The technical solutions provided by the embodiments of this application bring at least the following beneficial effects:

[0017] In this embodiment, when a first server requests access to a microservice, the access type of the microservice is obtained based on the access request sent by the first server. In this way, if the first server has the permission to access the microservice, the actual access address of the microservice can be obtained, and then the microservice can be accessed. This not only improves the convenience of microservice sharing, but also ensures the security of microservice access. Attached Figure Description

[0018] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments of this application will be briefly introduced below. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0019] Figure 1 This is an architecture diagram of a microservice access method provided in an embodiment of this application;

[0020] Figure 2 This is a flowchart illustrating a microservice access method provided in an embodiment of this application;

[0021] Figure 3 This is a flowchart illustrating another microservice access method provided in an embodiment of this application;

[0022] Figure 4 This is a flowchart illustrating another microservice access method provided in an embodiment of this application;

[0023] Figure 5 This is a flowchart illustrating another microservice access method provided in an embodiment of this application.

[0024] Figure 6 This is a schematic diagram of the structure of a microservice access device provided in an embodiment of this application;

[0025] Figure 7 This is a schematic diagram of the structure of a microservice access device provided in an embodiment of this application. Detailed Implementation

[0026] The features and exemplary embodiments of various aspects of this application will be described in detail below. To make the objectives, technical solutions, and advantages of this application clearer, the application will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are only intended to explain this application and not to limit it. For those skilled in the art, this application can be implemented without some of these specific details. The following description of the embodiments is merely to provide a better understanding of this application by illustrating examples.

[0027] It should be noted that, in this document, relational terms such as "first" and "second" are used merely to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising..." does not exclude the presence of additional identical elements in the process, method, article, or apparatus that includes the element.

[0028] In this article, the term "and / or" is merely a description of the relationship between related objects, indicating that there can be three relationships. For example, A and / or B can represent three situations: A exists alone, A and B exist simultaneously, and B exists alone.

[0029] Since medium and large systems are often composed of multiple modules, and microservices need to be shared between modules, each module in the system is huge and relatively independent, with independent storage, independent user management, independent permission management, and independent business processing logic. Therefore, during system operation, it is required that modules can both achieve microservice sharing and data isolation to ensure the security of microservice access.

[0030] However, there are two main methods in the existing technology to address this requirement:

[0031] One approach is to control user roles and permissions, enabling access between microservices through pre-defined user roles and permissions. However, this method overlooks the unsuitability for scenarios with large module sizes and relatively independent users. Furthermore, in such scenarios, each module in a large system often has its own user role and permission control system, making it impossible to require every module to use the same system. Even if all modules share the same user role and permission control system, changes to a user's role or permissions require corresponding checks and modifications across all modules, increasing long-term operational costs. Moreover, retrieving user roles and permissions every time a microservice is accessed further burdens the system. This method only achieves free access between microservices but fails to provide data isolation, thus compromising security during microservice access.

[0032] Another approach is to treat each module in the system as an independent platform, encapsulate the microservices within each module into a capability layer, and then place them in a dedicated capability development platform. This approach builds modules as independent systems, achieving data isolation between systems and thus ensuring access security. However, it also creates siloed systems, which deviates from mainstream technical architectures. Furthermore, while microservice access could be implemented directly at the service layer, encapsulating microservices into the capability layer increases both workload and development and maintenance costs. In summary, to address the problem in existing technologies that fail to improve the convenience of microservice access while simultaneously achieving data isolation and ensuring access security, this application provides a microservice access method, apparatus, device, and medium.

[0033] The microservice access method provided in this application can be applied to, for example... Figure 1 In the architecture, specifically combined Figure 1 Please provide a detailed explanation.

[0034] Figure 1 This is an architecture diagram of a microservice access method provided in an embodiment of this application.

[0035] like Figure 1 As shown in the diagram, the architecture may include a first server 11, a microservice access device 12, and a second server 13. The first server 11 sends access requests to the second server 13 via the microservice access device 12 to access the microservices supported by the second server 13.

[0036] In this embodiment, when a microservice a supported by the first server is opened, and microservice a needs to call microservice b, the first server sends an access request to the second server. This access request is processed by the microservice access device and then forwarded to the second server to access the microservice supported by the second server. This improves the convenience of microservice sharing while ensuring the security of microservice access.

[0037] Based on the above architecture and application scenarios, the following will combine... Figures 2-7 The microservice access method provided in the embodiments of this application will be described in detail. The microservice method can be executed by a microservice access device or a functional module in the device for performing microservice access.

[0038] Figure 2 This is a flowchart illustrating a microservice access method provided in an embodiment of this application.

[0039] like Figure 2 As shown, the execution entity of this method is a microservice access device, and the microservice access method may specifically include the following steps:

[0040] S201, obtain the access request sent by the first server.

[0041] Specifically, in response to a user opening or triggering an operation that supports the operation of a microservice running on the first server, the microservice access device obtains an access request sent by the first server. This access request requests access to a microservice, which refers to a microservice supported by the second server. The access request includes at least the registration address of the microservice, and the registration address includes the access type of the microservice.

[0042] In one embodiment, the access type of a microservice may include public, inside, auth, and def types, and the access type of a microservice can be customized. The specific definition of the access type is not limited.

[0043] In a specific example, in a telecommunications operating system, when a user uses an electronic device to open microservice 'a' for recharging phone credit, microservice 'b' needs to be called to complete the recharge service. At this time, the microservice access device needs to respond to the user's opening operation and obtain the access request sent by the server that supports the operation of microservice 'a', in order to request access to microservice 'b' to complete the recharge operation.

[0044] S202, confirming that the first server has microservice permissions.

[0045] The microservice access device determines whether the first server has access permission to access the microservice based on the access type of the microservice, that is, whether the first server can access the microservice.

[0046] With the access type set to "Public," the microservice allows modules within the same system to make fully public calls. With the access type set to "Internal," the microservice allows modules within the same system to make fully public calls. With the access type set to "Authorized," the microservice can either allow calls from any module within the same system to make fully public calls, or allow calls only within the same module to make fully public calls; the specific calling method depends on the pre-configured access list. With the access type set to "Private," calls are allowed within a custom scope specified within the same module.

[0047] S203, obtain the actual access address of the microservice based on the registration address.

[0048] If the first server has permission to access the microservice, it can obtain the actual access address of the microservice based on its registration address, so as to access the microservice on the second server according to the actual access address of the microservice.

[0049] In one embodiment, the registration address of a microservice may include, in addition to the access type of the microservice, the initial service address of the microservice and the name of the module to which the microservice belongs, wherein the name of the module to which the microservice belongs is characterized as the name of the module in which the microservice exists in the system.

[0050] In a specific example, microservice 'a' has an initial service address of / server_a, and its module name is module_name. With a public access type, the microservice's registration address is / module_name / public / server_a. With an internal access type, the microservice's registration address is / module_name / inside / server_a. With an authorized access type, the microservice's registration address is / module_name / auth / server_a. With a private access type, the microservice's registration address is / module_name / auth / server_a.

[0051] S104, Accessing microservices.

[0052] Specifically, the microservice access device forwards the access request sent by the first server to the second server based on the actual access address of the microservice, thereby enabling the first server to access the microservices supported by the second server, improving the convenience of microservice sharing, and ensuring the security of microservice access in the process.

[0053] Therefore, when the first server requests access to a microservice, the access type of the microservice is obtained based on the access request sent by the first server, thereby determining that the first server has the permission to access the microservice. If the first server has the permission to access the microservice, the actual access address of the microservice is obtained, and then the microservice is accessed. In this way, not only can the convenience of microservice sharing be improved, but the security of microservice access can also be guaranteed while improving the convenience of microservice sharing.

[0054] Based on this, in order to accurately determine whether the first server has permission to access the microservice when the access type of the microservice is authorized, in one possible embodiment, when the access type of the microservice is authorized, the aforementioned S202 may specifically include S301 and S302:

[0055] S301, Based on the authorization type, obtain the access list of the microservice, which includes at least one server with access permissions to the microservice;

[0056] When the access type of a microservice is authorized, the microservice access device can directly read the pre-configured access list of the microservice. This access list can be stored in the service authorization address in the microservice access device in the form of a blacklist or whitelist. The service authorization address is the address configured by the microservice access device before registering the microservice to store the access list and other execution logic. This access list can include at least one server with access permissions to the microservice. In addition, it can also include at least one server address or at least one module in the system that is allowed to access the microservice. Furthermore, the access list can also include which servers are prohibited from accessing itself. Specifically, it can be divided according to the server address or the module to which it belongs. The specific information included in the access list is not limited here.

[0057] S302, Based on at least one server with access to the microservice, determine that the first server has access to the microservice.

[0058] If the first server exists in at least one of the servers included in the access list that has access to the microservice, it can be determined that the first server has access to the microservice.

[0059] It is important to know that before accessing a microservice, if the access type of the microservice is pre-configured as authorized, the device accessing the microservice needs to pre-configure the access list for the corresponding microservice. This allows the device to determine whether the first server has permission to access the microservice based on the obtained access list.

[0060] In addition, in order to accurately obtain the actual access address of the microservice, in one possible embodiment, the above-mentioned S203 may further include S401 and S402:

[0061] S401: Obtain the server address where the microservice resides based on the initial service address and the preset load balancing policy.

[0062] The preset load balancing strategy is stored internally in the microservice access device and is used to determine the servers that support the operation of microservices. This preset load balancing strategy includes multiple servers providing the same microservice. Since the microservice's registration address includes its initial service address, the server supporting the microservice can be selected using random selection or round-robin selection based on the microservice's initial service address and the preset load balancing strategy, thus obtaining the server address where the microservice resides. The specific method of server determination is not limited here.

[0063] In a specific example, a microservice with an initial service address of / server_a is deployed on real servers A and B. When microservice b requests access to microservice a, this module will determine a server from server A and server B that supports the operation of microservice a according to a preset load balancing strategy. If the determined server is server B, the registration address of microservice a, / module_name / public / server_a, will be converted to IP_B:portal / server_a, where IP_B:portal is the server address of server B.

[0064] S402 concatenates the server address and the initial service address to obtain the actual access address of the microservice.

[0065] After obtaining the server address where the microservice is located, the obtained server address and the initial service address of the microservice can be concatenated to obtain the actual access address of the microservice.

[0066] For example, if the initial service address of a microservice is / server_a and the server address is IP_B:portal, then the actual access address of the microservice is IP_B:portal / server_a.

[0067] In addition, to prevent access confusion when using the initial service address of a microservice that may have the same name in different modules of the system, a possible embodiment of the microservice access method mentioned above further includes the following steps before obtaining the access request sent by the first server:

[0068] Obtain the initial service address, access type, and module name of the microservice;

[0069] The registration address of the microservice is determined based on the initial service address, access type, and module name.

[0070] Therefore, by obtaining the initial service address, access type, and module name of a microservice, a registration address can be generated for that microservice. This effectively prevents access confusion caused by microservices with the same name existing in different modules within a unified system. Furthermore, the registration address includes the access type, allowing for effective filtering during access and reducing system load.

[0071] Furthermore, to facilitate the storage of the subsequently obtained server addresses and access lists, in another possible embodiment, before determining the microservice registration address, the aforementioned microservice access address may further include:

[0072] Read the service registration address and service authorization address. The service registration address is used to determine the storage of the server address of the microservice, and the service authorization address is used to store the access list of the microservice in the authorization module.

[0073] Therefore, by storing the subsequently obtained server addresses and access lists, it is convenient to find the relevant server type and access list later.

[0074] The microservice access device mentioned above can specifically include five functional modules: a configuration module, a registration module, a gateway module, an authorization module, and a routing module. These five modules work together to complete microservice access. The specific functions of these five modules are described below:

[0075] The configuration module is primarily used to configure the service registration address and service authorization address. The service registration address mainly stores the server address, while the service authorization address mainly stores the access list for the microservice. It's important to note that before registering, a microservice needs to retrieve basic initialization data such as the service registration address and service authorization address from the configuration module.

[0076] The registration module is primarily used to configure the registration address of microservices. When configuring the registration address of a microservice, the initial service address of the microservice needs to be converted to a different registration address based on the access type. This conversion aims to avoid microservices with the same name existing in different modules. Furthermore, displaying the access type of the microservice on the registration address facilitates microservice tracing and analysis.

[0077] Gateway module: As a unified entry point for inter-microservice calls, it can perform security control of microservice calls based on different microservice access types.

[0078] Specifically, taking accessing ` / module_name / public / server_a` as an example, where `module_name` is the name of the module to which the microservice belongs, `public` indicates that the microservice is accessed publicly, and `server_a` is the actual name of the microservice. When calling the microservice, the system first finds the first address ` / module_name`, then the second address ` / public`, and finally the third address ` / server_a`.

[0079] The authorization module primarily manages the authorization types for microservice access. Specifically, when the access type is authorized, it configures the access list for the microservice. This access list can be customized by the platform administrator, mainly including which servers can access the microservice, or which microservices can be accessed by servers running the microservice itself. The specific definition of the list is not limited here. The configured access list is stored in the service authorization address configured in the configuration module, which exists within the authorization module. Furthermore, when a microservice with an authorized access type registers, its registration information is saved. If a microservice is registered as an authorized service but no related access list is configured in the authorization module, then no server can access that microservice.

[0080] Routing module: This module is mainly used to convert the registration address of a microservice into its initial service address. Specifically, taking the example that microservice / module_name / public / server_b needs to access microservice / module_name / public / server_a, when the gateway module has passed security control, it needs to convert / module_name / public / server_a into the actual service address / server_a.

[0081] In addition, since a microservice is deployed on only one server, it is prone to single point of failure, meaning that when that server fails, the related microservice will not run. Therefore, the routing module also provides a routing load balancing function. When multiple servers are replicated to support a microservice, the module can determine the server that will support the microservice in real time based on the load balancing policies of the multiple servers.

[0082] Based on this, this application also provides a microservice access method, the execution entity of which can be the aforementioned module included in the microservice access device. Taking the access of a first server to a microservice as an example, as follows... Figure 5As shown, the specific process may include: the gateway module in the microservice access device receives an access request sent by the first server. Based on the access request, the gateway module obtains the access type of the microservice to be accessed, determines whether the first server has permission to access the microservice based on the access type, and if the access type of the microservice is authorized, the gateway module needs to obtain the access list of the microservice from the authorization module. If it is determined that the first server has permission to access the microservice, the routing module obtains the initial service address of the microservice, and based on this, determines the address of the server supporting the operation of the microservice according to a preset load balancing strategy. Based on the initial address of the microservice and the server address of the microservice, the actual access address of the microservice is generated, and then the microservice supported by the second server is accessed. (Except for...) Figure 5 In addition to the illustrated process, before the gateway module receives the access request sent by the first server, it needs to read the service registration address and service authorization address from the configuration module. This not only improves the convenience of microservice sharing but also ensures the security of microservice access while enhancing convenience.

[0083] Based on the same inventive concept, embodiments of this application also provide a microservice access device. (Specifically combined with...) Figure 6 Please provide an explanation.

[0084] Figure 6 This is a schematic diagram of the structure of a microservice access device provided in an embodiment of this application.

[0085] like Figure 6 As shown, the microservice access device may include: an acquisition module 610, a determination module 620, and an access module 630.

[0086] The acquisition module 610 is used to acquire the access request sent by the first server. The access request is used to request access to the microservice. The access request includes the registration address of the microservice, and the registration address includes the access type of the microservice.

[0087] The determination module 620 is used to determine whether the first server has the permission to access the microservice based on the access type.

[0088] The acquisition module 610 is also used to obtain the actual access address of the microservice based on the registration address, provided that the first server has the permission to access the microservice.

[0089] Access module 630 is used to access microservices based on the actual access address.

[0090] In some embodiments, the access type includes an authorization type; including:

[0091] The acquisition module is used to obtain the access list of the microservice based on the authorization type. The access list includes at least one server with access permissions to the microservice.

[0092] The determination module is used to determine whether a first server has the permission to access the microservice, based on at least one server with the permission to access the microservice.

[0093] In some embodiments, the registration address includes the initial service address; including:

[0094] The acquisition module is used to obtain the server address where the microservice is located based on the initial service address and the preset load balancing strategy.

[0095] The concatenation module is used to concatenate the server address and the initial service address to obtain the actual access address of the microservice.

[0096] In some embodiments, the device may further include:

[0097] The acquisition module is used to obtain the initial service address, access type, and module name of the microservice.

[0098] The module is used to determine the registration address of a microservice based on its initial service address, access type, and module name.

[0099] In this embodiment, when a first server requests access to a microservice, the access type of the microservice is obtained based on the access request sent by the first server, thereby determining that the first server has the permission to access the microservice. If the first server has the permission to access the microservice, the actual access address of the microservice is obtained, and then the microservice is accessed. In this way, not only can the convenience of microservice sharing be improved, but the security of microservice access can also be guaranteed while improving the convenience of microservice sharing.

[0100] The various modules in the microservice access device provided in this application embodiment can achieve... Figure 2 , Figure 3 and Figure 4 The method steps of the illustrated embodiment, and the corresponding technical effects they achieve, will not be described in detail here for the sake of brevity.

[0101] Figure 7 This is a schematic diagram of the structure of a microservice access device provided in an embodiment of this application.

[0102] like Figure 7As shown, the microservice access device 700 in this embodiment includes an input device 701, an input interface 702, a central processing unit 703, a memory 704, an output interface 705, and an output device 706. The input interface 702, central processing unit 703, memory 704, and output interface 705 are interconnected via a bus 710. The input device 701 and output device 706 are connected to the bus 710 via the input interface 702 and output interface 705, respectively, and are subsequently connected to other components of the information acquisition device 700.

[0103] Specifically, input device 701 receives input information from the outside and transmits the input information to central processing unit 703 through input interface 702; central processing unit 703 processes the input information based on computer-executable instructions stored in memory 704 to generate output information, temporarily or permanently stores the output information in memory 704, and then transmits the output information to output device 706 through output interface 705; output device 706 outputs the output information to the outside of information acquisition device 700 for user use.

[0104] In one embodiment, Figure 7 The microservice access device 700 shown includes: a memory 704 for storing programs; and a processor 703 for running the programs stored in the memory to execute the functions provided in the embodiments of this application. Figures 2 to 5 The method of any of the illustrated embodiments.

[0105] This application also provides a computer-readable storage medium storing computer program instructions; when executed by a processor, the computer program instructions implement the features provided in this application. Figures 2 to 5 The method of any of the illustrated embodiments.

[0106] It should be clarified that this application is not limited to the specific configurations and processes described above and shown in the figures. For the sake of brevity, detailed descriptions of known methods are omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method process of this application is not limited to the specific steps described and shown. Those skilled in the art can make various changes, modifications, and additions, or change the order of steps, after understanding the spirit of this application.

[0107] The functional blocks shown in the above block diagram can be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, they can be, for example, electronic circuits, application-specific integrated circuits (ASICs), appropriate firmware, plug-ins, function cards, etc. When implemented in software, the elements of this application are programs or code segments used to perform the required tasks. Programs or code segments can be stored on a machine-readable medium or transmitted over a transmission medium or communication link via data signals carried on a carrier wave. "Machine-readable medium" can include any medium capable of storing or transmitting information. Examples of machine-readable media include electronic circuits, semiconductor memory devices, read-only memory (ROM), flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio frequency (RF) links, etc. Code segments can be downloaded via computer networks such as the Internet, intranets, etc.

[0108] It should also be noted that the exemplary embodiments mentioned in this application describe methods or systems based on a series of steps or apparatus. However, this application is not limited to the order of the above steps; that is, the steps can be performed in the order mentioned in the embodiments, or in a different order, or several steps can be performed simultaneously.

[0109] The above are merely specific embodiments of this application. Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems, modules, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here. It should be understood that the protection scope of this application is not limited thereto. Any person skilled in the art can easily conceive of various equivalent modifications or substitutions within the technical scope disclosed in this application, and these modifications or substitutions should all be covered within the protection scope of this application.

Claims

1. A microservice access method, characterized in that, include: Obtain an access request sent by the first server. The access request is used to request access to the microservice. The access request includes the registration address of the microservice. The registration address includes the module name to which the microservice belongs, the access type, and the initial service address. The module name to which the microservice belongs represents the name of the module in which the microservice exists in the system. The access type includes the authorization type. Based on the authorization type, obtain the access list of the microservice, the access list includes at least one server with access permission to the microservice, and the access list is divided according to the module to which the microservice belongs; Based on the at least one server with access to the microservice, it is determined that the first server has access to the microservice; If the first server has permission to access the microservice, the server address where the microservice is located is obtained according to the initial service address and the preset load balancing policy; the server address and the initial service address are concatenated to obtain the actual access address of the microservice. Access the microservice based on the actual access address.

2. The method according to claim 1, characterized in that, Before obtaining the access request sent by the first server, the method further includes: Obtain the initial service address, access type, and module name of the microservice; The registration address of the microservice is determined based on the initial service address, the access type, and the name of the module to which it belongs.

3. A microservice access device, characterized in that, The device includes: The acquisition module is used to acquire an access request sent by the first server. The access request is used to request access to the microservice. The access request includes the registration address of the microservice. The registration address includes the module name to which the microservice belongs, the access type, and the initial service address. The module name to which the microservice belongs represents the name of the module in which the microservice exists in the system. The access type includes the authorization type. The determination module is used to obtain the access list of the microservice according to the authorization type. The access list includes at least one server with access permission to the microservice. The access list is divided according to the module to which the microservice belongs. Based on the at least one server with access permission to the microservice, the first server is determined to have access permission to the microservice. The acquisition module is further configured to, when the first server has permission to access the microservice, acquire the server address where the microservice is located based on the initial service address and the preset load balancing strategy. The concatenation module is used to concatenate the server address and the initial service address to obtain the actual access address of the microservice. The access module is used to access the microservice based on the actual access address.

4. The apparatus according to claim 3, characterized in that, The device also includes The acquisition module is used to acquire the initial service address, access type, and module name of the microservice; The determining module is used to determine the registration address of the microservice based on the initial service address, the access type, and the name of the module to which it belongs.

5. A microservice access device, characterized in that, The device includes: a processor and a memory storing computer program instructions; The processor reads and executes the computer program instructions to implement the microservice access method as described in any one of claims 1-2.

6. A computer storage medium, characterized in that, The computer storage medium stores computer program instructions, which, when executed by a processor, implement the microservice access method as described in any one of claims 1-2.