Search

CN-121984916-A - Container-based HongMong atomic service operation method based on distributed collaboration

CN121984916ACN 121984916 ACN121984916 ACN 121984916ACN-121984916-A

Abstract

The invention discloses a container-based method for operating a hong Mongolian atomic service based on distributed collaboration, which comprises the steps of generating a virtual equipment identity of a container when the container is started, establishing a mapping between the container and a host interface to construct a multilink resource pool, generating a cross-domain detection packet by the container when an atomic service initiates an equipment detection request, sending the cross-domain detection packet to the host, broadcasting after the host conversion, forming an equipment list according to a response packet, synchronizing the equipment list to the atomic service, generating a trusted equipment list, establishing the equipment resource pool, selecting two links from the multilink resource pool according to the trusted equipment list, simultaneously sending handshake data packets by the atomic service, determining a main link and a standby link, dynamically adjusting fragments by a main connection adjustment port, loading preset transmission parameters by the container to determine adjustment factors, mapping the atomic service to a host flow control queue, inquiring a target resource by the container when the atomic service initiates the resource request, establishing a resource forwarding channel, and realizing the use of the target resource by the atomic service, thereby realizing the stable operation of the hong Mongolian atomic service.

Inventors

  • WEN YAN

Assignees

  • 北京麟卓信息科技有限公司

Dates

Publication Date
20260505
Application Date
20260403

Claims (10)

  1. 1. A containerized Hongmon atomic service operation method based on distributed collaboration is characterized by comprising the following steps: When the container is started, the control group directory name is used as a container instance identifier, the host bridging network card physical address and the UUID of the container hong Mongolian system are spliced into a character string, the hash value of the character string is used as the virtual equipment identity of the container, and the virtual equipment identity is sent to the atomic service in the container; After receiving the broadcast, the target device sends a response packet containing the IP address to the host, and the host converts the IP address into a virtual address accessible by the container to form a device list and sends the device list to the atomic service; The atomic service extracts the device ID of the target device from the trusted device list to construct a handshake data packet, selects a first link with highest priority and a second link with second highest priority from the multilink resource pool, and simultaneously sends the handshake data packet to the target device by the first link and the second link; The container identification atomic service loading preset transmission parameters comprise basic fragment size and bandwidth limitation, the fragment size is set according to a container resource utilization rate determination adjustment factor, the atomic service is mapped to a priority queue for flow control in a host according to a transmission quality grade, a container analyzes a resource request sent by the atomic service, inquires a device resource pool to determine a target resource, and locks the resource to establish a resource forwarding channel of the container and the target device.
  2. 2. The method for operating the container-based HongMonte atomic service according to claim 1, wherein the host establishes the device resource pool by periodically collecting the CPU quota, CPU usage, memory quota, memory usage and resources occupying hardware of the resources in the container, loading and idle state of the host resources, and resource state of the device resources in the trusted device list, wherein the resource state comprises the resource type and idle state, the device resource pool is established according to the collected data, and the device ID, the resource type, the availability, the usage, the call delay, the resource capacity and the update timestamp are recorded in the device resource pool.
  3. 3. The method for operating a container-based hong-Monte-Card atomic service according to claim 1, wherein if any one of the physical address of the host bridge network card, the UUID of the device of the container-based hong-Monte System, or the directory name of the container control group fails to be acquired, a temporary virtual device identity of the container is created, the data is periodically acquired again until the acquisition is successful, and the acquired data is used to update the virtual device identity of the container.
  4. 4. The method for operating the containerized hong-Monte-Surveillance service according to claim 1, wherein after receiving the device search request, the hong-Monte-Surveillance device extracts the host bridge network card physical address and the device UUID in the virtual device identity of the container and sends a verification request to the host, the host inquires the container and the host binding table to verify after receiving the verification request and sends a verification result signed by the private key of the host device certificate to the hong-Monte-Surveillance device, and the hong-Monte-Surveillance device adopts a preset hong-Monte certificate to verify the verification result, and if the verification is passed, the container is judged to be legal; after receiving the data bus signal containing the device list, the container extracts the device certificate verification certificate chain, after the verification is passed, the response packet signature in the data bus signal is verified by using the device public key, if the signature is invalid, the device is removed, otherwise, the device is confirmed to be legal.
  5. 5. The method for operating a containerized HongMonte atomic service according to claim 1, wherein after the primary connection is established, the container periodically transmits a micro-heartbeat packet including a session ID and a timestamp to the target device, records a heartbeat response time, takes an average value of the heartbeat response times of a set number of times as a base line time, determines that the primary connection is abnormal when no heartbeat response packet is received continuously, the heartbeat response time is greater than the base line time or the packet loss rate of a set number of data packets is greater than a threshold value, transmits a session migration request including a session context in the primary connection to the target device, activates a standby link, replies a migration confirmation response packet after receiving the session migration request, resumes a data receiving state by adopting the session context in the primary connection, and updates the primary connection identifier by the container.
  6. 6. A method of operating a containerized simmons atomic service as defined in claim 1 wherein, when both the primary and backup links are connected abnormally, the container selects the highest and second highest priority links other than the primary and backup links from the pool of multilink resources as new primary and backup links.
  7. 7. The method for operating a containerized HongMonte atomic service according to claim 1, wherein a sliding window is used to record a trend of memory usage and CPU usage, the memory usage and the CPU usage within a set time in the future are predicted based on the trend, and when the predicted value is greater than a threshold, an adjustment factor is set, and the size of the fragment is modified by the adjustment factor.
  8. 8. The method for running a containerized simon atomic service according to claim 1, wherein when the atomic service initiates a distributed operation, the host creates a globally unique distributed transaction, records the virtual device identity, the atomic service ID, the list of participant device IDs, the status and the time stamp of the associated container, and periodically generates a status snapshot of the container and all participant devices, wherein the status snapshot includes a data version number, an operation progress and context parameters; The method comprises the steps of monitoring a container process state file in a container and monitoring a container control signal, sending an event message containing an event type, a virtual equipment identity of the container, a time stamp and a main process ID in the container to a host, inquiring active transactions associated with the container when the container is suspended, sending a transaction freezing request to a participating device, suspending business operation and saving the frozen state snapshot, locking the progress of the transaction, simultaneously interlocking with freezing network connection and temporarily releasing resources, sending a transaction thawing request to the participating device when the container is restored, obtaining the latest state snapshot of the device, synchronizing the snapshot of the highest version to atomic service after comparing the version number, recovering business from a breakpoint by the atomic service, returning the transaction to an active state, sending a transaction termination request to the participating device when the container is suspended, notifying to release the locked cross-equipment resources, clearing the temporary file, marking the final state of the transaction, and clearing out expired business data when the container is stopped.
  9. 9. The method of claim 1, wherein the cross-domain probe packet includes a virtual device identity, a service type, a resource capability, a signature, and a timestamp of the container.
  10. 10. The method for operating a containerized simon atomic service according to claim 1, wherein the way to calculate the priority of the link is to periodically collect bandwidth, communication delay and packet loss rate of the host interface, and calculate the priority score by using the following formula: priority score = (bandwidth 0.4) + (100-communication delay) 0.3) + (100-packet loss rate) 0.3, The priority of the link is determined based on the priority score.

Description

Container-based HongMong atomic service operation method based on distributed collaboration Technical Field The invention belongs to the technical field of computer software development, and particularly relates to a containerized hong Monte atom service running method based on distributed collaboration. Background The distributed capability of OpenHarmony atomic services depends on the full-link support of device discovery, connection establishment, data transmission, resource coordination and state synchronization, and the bottom framework (including distributed soft bus, task scheduling, data management and the like) needs to be deeply coupled with the hardware interface (such as network card, bluetooth chip) and network protocol (such as mDNS, BLE) of the physical device. When OpenHarmony runs in a Linux system in a container mode, strong isolation (network naming space isolation, device access authority limit and control group cgroup resource quota solidification) and dynamic (container start-stop and migration and host system resource fluctuation) of a container can cause multiple impacts on a distributed link, and the method is characterized in that firstly, a device discovers failure, the container network isolation causes that an atomic service cannot receive a broadcast packet (such as an mDNS or BLE beacon) of an external device, and a container virtual IP and a physical device IP are not in the same network segment, and a mapping mechanism of a device ID and a network address of a distributed soft bus fails; the method includes the steps of establishing connection in an unstable way, enabling a container to have NAT conversion delay and port mapping conflict with links of a host system and external equipment to cause distributed session handshake timeout, enabling a container network to be fluctuated (such as Wi-Fi signals of the host system to cause frequent disconnection of connection, enabling a container CPU and memory quota to be limited to possibly cause atomic service data processing delay, enabling a traditional fixed fragmentation strategy to not adapt to resource fluctuation to cause data packet loss or retransmission storm, enabling an atomic service to call cross-equipment resources (such as intelligent screen cameras and vehicle-to-vehicle positioning modules) in a resource cooperative conflict, enabling resource requests in the container to be asynchronous with host system scheduling and external equipment resource states to cause call failure, enabling the container to be synchronous to break, enabling a container to be suspended or restored, enabling a conventional mechanism to not sense the container state and enabling the cross-equipment service states (such as circulation progress and data version) to be inconsistent. However, in the prior art, only basic compatibility of a container and a Linux kernel is solved, an adaptation mechanism is not designed aiming at a distributed full link, so that the success rate of the distributed operation of the atomic service is less than 50%, and the practicability of containerized deployment is severely restricted. Disclosure of Invention In view of this, the present invention provides a method for operating a containerized hong Monte atomic service based on distributed collaboration, which realizes the stable operation of the containerized hong Monte atomic service by the distributed collaboration among the host system, the container and the hong Monte atomic service. The invention provides a containerized Hongmon atomic service running method based on distributed collaboration, which specifically comprises the following steps: When the container is started, the control group directory name is used as a container instance identifier, the host bridging network card physical address and the UUID of the container hong Mongolian system are spliced into a character string, the hash value of the character string is used as the virtual equipment identity of the container, and the virtual equipment identity is sent to the atomic service in the container; After receiving the broadcast, the target device sends a response packet containing the IP address to the host, and the host converts the IP address into a virtual address accessible by the container to form a device list and sends the device list to the atomic service; The atomic service extracts the device ID of the target device from the trusted device list to construct a handshake data packet, selects a first link with highest priority and a second link with second highest priority from the multilink resource pool, and simultaneously sends the handshake data packet to the target device by the first link and the second link; The container identification atomic service loading preset transmission parameters comprise basic fragment size and bandwidth limitation, the fragment size is set according to a container resource utilization rate determination adjustment factor, the atomic service is mapp