Search

CN-122001617-A - Mixed cloud data processing method and related device based on private network

CN122001617ACN 122001617 ACN122001617 ACN 122001617ACN-122001617-A

Abstract

The application discloses a hybrid cloud data processing method and a related device based on a private network, which are used for improving the safety of data transmission. The method comprises the steps of configuring a routing strategy on a private network based on a private network established between a local network and a cloud virtual private cloud, wherein the routing strategy is a strategy that the local network accesses an object storage service in the virtual private cloud and a database related service through an intranet address, configuring a preset distribution rule in a proxy gateway deployed by the local network, receiving an access request from a local application program through the proxy gateway, extracting content characteristics in the access request, determining a target service which is required to be accessed by the access request according to the preset distribution rule and the content characteristics, wherein the target service is the object storage service or the database related service, and routing the access request to the intranet address of the target service through the private network with the configured routing strategy.

Inventors

  • HUANG PING
  • ZHANG KAIXUAN
  • Li Zuorui
  • LI XIAOWANG
  • WANG YUN

Assignees

  • 嘉联支付有限公司

Dates

Publication Date
20260508
Application Date
20251225

Claims (10)

  1. 1. The mixed cloud data processing method based on the private line network is characterized by comprising the following steps of: Based on a private network established between a local network and a cloud virtual private cloud, configuring a routing strategy on the private network, wherein the routing strategy is a strategy that the local network accesses an object storage service and a database related service in the virtual private cloud through an intranet address; Configuring a preset distribution rule in a proxy gateway deployed by the local network; Receiving an access request from a local application program through the proxy gateway, and extracting content characteristics in the access request; Determining a target service to be accessed by the access request according to the preset distribution rule and the content characteristics, wherein the target service is the object storage service or the database related service; And routing the access request to the intranet address of the target service through the private line network configured with the routing policy.
  2. 2. The hybrid cloud data processing method according to claim 1, wherein the content feature is a URL path of the access request, and the determining, according to the preset offload rule and the content feature, a target service that the access request needs to access includes: Identifying a path prefix in the URL path; If the path prefix is the prefix for identifying file operation, determining that the target service to be accessed by the access request is the object storage service according to the preset distribution rule; And if the path prefix is the prefix for identifying the database operation, determining that the target service to be accessed by the access request is the application programming interface service in the related service of the database according to the preset distribution rule.
  3. 3. The hybrid cloud data processing method of claim 2, wherein after determining that the target service to be accessed by the access request is an application programming interface service in the database-related service according to the preset offload rule, the method further comprises: Determining a plurality of upstream servers corresponding to the application programming interface service; selecting a target upstream server from the plurality of upstream servers according to a load balancing algorithm; The routing the access request to the intranet address of the target service through the private line network configured with the routing policy includes: And routing the access request to the intranet address of the target upstream server through the private line network configured with the routing strategy.
  4. 4. The hybrid cloud data processing method according to claim 1, wherein the preset diversion rule includes: And splitting according to the content type or the file extension of the content requested by the access request, wherein if the content type or the file extension belongs to a predefined static resource type, the access request is split to the object storage service, and otherwise, the access request is split to the database related service.
  5. 5. The hybrid cloud data processing method of any of claims 1 to 4, wherein after said routing of said access request to an intranet address of said target service through said private network configured with routing policies, said method further comprises: Receiving response data returned by the target service through the private line network; and if the response data is the static resource in the object storage service, caching the response data in the local storage of the proxy gateway.
  6. 6. The hybrid cloud data processing method of claim 5, wherein after said extracting content features in said access request, before said determining that said access request requires a target service to be accessed, said method further comprising: Generating an index identifier according to the content characteristics; and querying the index identifier in the local storage, and if valid data associated with the index identifier is queried in the local storage, returning the valid data to the local application program.
  7. 7. The hybrid cloud data processing method of any of claims 1 to 4, wherein after the receiving of an access request from a local application through the proxy gateway, before the extracting of content features in the access request, the method further comprises: identity authentication is carried out on the access request; and if the authentication is not passed, stopping extracting the content characteristics, and feeding back an authentication failing reminder to the local application program.
  8. 8. A hybrid cloud data processing device based on a private line network, comprising: The first configuration unit is used for configuring a routing strategy on a private network based on the private network established between a local network and a cloud virtual private cloud, wherein the routing strategy is a strategy that the local network accesses an object storage service and a database related service in the virtual private cloud through an intranet address; A second configuration unit, configured to configure a preset offload rule in a proxy gateway deployed in the local network; The extraction unit is used for receiving an access request from a local application program through the proxy gateway and extracting content characteristics in the access request; the determining unit is used for determining a target service which is required to be accessed by the access request according to the preset distribution rule and the content characteristics, wherein the target service is the object storage service or the database related service; And the routing unit is used for routing the access request to the intranet address of the target service through the private line network configured with the routing policy.
  9. 9. A hybrid cloud data processing device based on a private line network, comprising: a processor, a memory, an input-output unit, and a bus; The processor is connected with the memory, the input/output unit and the bus; The memory holds a program that the processor invokes to execute the hybrid cloud data processing method according to any one of claims 1 to 7.
  10. 10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a program which, when executed on a computer, performs the hybrid cloud data processing method according to any one of claims 1 to 7.

Description

Mixed cloud data processing method and related device based on private network Technical Field The application relates to the technical field of data transmission, in particular to a hybrid cloud data processing method based on a private network and a related device. Background With the deep digital transformation of enterprises, hybrid cloud architecture is widely adopted due to flexibility, and a common mode is to deploy application programs in a local machine room and store data in cloud services (such as object storage and cloud database). Under this architecture, the prior art generally relies on public network endpoints that directly access cloud services over the public internet. However, under the architecture, since all data transmission is performed on the public internet, even if encryption measures are adopted, the communication link and the control plane are still completely exposed in the public network, and the remarkable threat of data interception, tampering and malicious attack is faced, so that the severe requirements of enterprise-level applications on data security are difficult to meet. And because of the inherent instability, high delay and limited bandwidth of the public network connection, the efficiency of operations such as high-capacity file transmission, high-frequency database access and the like is severely restricted, so that an application program responds slowly, and the user experience and service continuity are directly affected. Based on the above, the present application provides a hybrid cloud data processing method based on a private network, which is used for solving the above technical problems. Disclosure of Invention In order to solve the technical problems, the application provides a hybrid cloud data processing method and a related device based on a private network, which can improve the safety of data transmission. The following describes the technical scheme provided in the present application: the first aspect of the application provides a hybrid cloud data processing method based on a private network, which comprises the following steps: Based on a private network established between a local network and a cloud virtual private cloud, configuring a routing strategy on the private network, wherein the routing strategy is a strategy that the local network accesses an object storage service and a database related service in the virtual private cloud through an intranet address; Configuring a preset distribution rule in a proxy gateway deployed by the local network; Receiving an access request from a local application program through the proxy gateway, and extracting content characteristics in the access request; Determining a target service to be accessed by the access request according to the preset distribution rule and the content characteristics, wherein the target service is the object storage service or the database related service; and routing the access request to the intranet address of the target service through the private line network with the configured routing strategy. Optionally, the content feature is a URL path of the access request, and the determining, according to the preset offloading rule and the content feature, a target service that the access request needs to access includes: Identifying a path prefix in the URL path; If the path prefix is the prefix for identifying file operation, determining that the target service to be accessed by the access request is the object storage service according to the preset distribution rule; And if the path prefix is the prefix for identifying the database operation, determining that the target service to be accessed by the access request is the application programming interface service in the related service of the database according to the preset distribution rule. Optionally, after determining, according to the preset offloading rule, that the target service to be accessed by the access request is an application programming interface service in the database-related service, the method further includes: Determining a plurality of upstream servers corresponding to the application programming interface service; selecting a target upstream server from the plurality of upstream servers according to a load balancing algorithm; The routing the access request to the intranet address of the target service through the private line network configured with the routing policy includes: And routing the access request to the intranet address of the target upstream server through the private line network configured with the routing strategy. Optionally, the preset diversion rule includes: And splitting according to the content type or the file extension of the content requested by the access request, wherein if the content type or the file extension belongs to a predefined static resource type, the access request is split to the object storage service, and otherwise, the access request is split to the database relat