Information Center

Container enabling AI AI practice on 360 private cloud container service

  

The 360 private cloud container service team and the AI Research Institute team worked together to conduct in-depth research and practice in improving the efficiency of machine learning in the cloud, and provided a variety of in-depth learning services such as "face detection", "flower screen detection", "pornography detection", "pet detection", "picture stylization", "character recognition", "intelligent cutting", etc. for the business.

The following mainly introduces the "microservice gateway and container service" technology involved in practice.

1、 What is microservice architecture

Microservice is an architecture and method for building software. In microservice, the previous single application is divided into several small components, which are independent of each other. Different from the traditional single application construction method of building all components into one architecture, in the microservice architecture, all parts are independent of each other (different languages and different teams can be used to develop different service modules). Complete the same task through cooperation. Each of these components or processes is a microservice. Summarize the characteristics of microservices: smaller, faster, stronger.

Perhaps the above description of microservices is not particularly intuitive. It is more intuitive to compare the traditional single application architecture with the microservice architecture.

1. Single application architecture

For the development of web programs (such as JAVA), the whole program is usually packaged into a WAR file, and then directly deployed to the server.

The single application architecture is easy to test and deploy, but it is not as convenient as microservices in terms of service scalability, reliability, system iteration, cross language programs, team collaboration, etc.

2. Microservice architecture

In order to solve these disadvantages of the single application architecture (not to say that the single application architecture is not good, ECS Different service architectures need to be selected according to different business scenarios. In this way, each team can use its own technology stack to implement its own components and iterate independently during system iteration without affecting the overall use of the entire application.

2、 Why we need a microservice gateway

First, we will introduce what is API gateway. API gateway can provide a separate and unified API portal for accessing one or more internal API services. API gateways often provide load balancing, access frequency limitation, authentication and authorization, monitoring, caching and other functions.

Through the API gateway, you can hide internal services from external users and expose them to the APIs that external users really need, limit the access frequency of external access, and set authentication authorization for external users. To ensure the overall stability and security of the application. The services inside the gateway can communicate through the relevant protocol (REST API, GRPC) according to their own needs.

3、 Introduction to microservice gateway (kong)

Kong is a highly available and extensible API gateway written based on nginx lua module. Because Kong is based on nginx, it can horizontally expand multiple instances of Kong service, and evenly distribute requests to each server through the front-end load balancing configuration to deal with a large number of network requests.

Kong gateway composition:

Kong server: a server based on nginx that receives external api requests. PostgreSQL: used to store operation data.

In addition, Kong uses the plug-in mechanism to customize functions, and the plug-in set is executed in the life cycle of the API request response cycle. Plug ins are written using lua.

4、 Micro service gateway and container service are used together

A specific example is given to describe how the services deployed on the container are used together with the microservice gateway. For example, we now have face detection, pet detection, and porn detection services to form a complete application entity to provide multi-functional services.

First, deploy my three service instances (face detection, pet detection, and yellow identification service) on the container service platform. And apply for vips for these service instances.

After the service registration is completed, the management end registers the three services to the microservice gateway (kong), and kong will persist the registered information to the PostgreSQL database. And it can register authentication authorization, access frequency restriction, CORS and other plug-ins for each service in the form of plug-ins according to different businesses.

After the service registration is completed, the client can access the service they want to use based on the authorized user token.

This article simply introduces the overall process. But each part needs to be understood by the user himself~~