• 欢迎访问速搜资源吧,如果在网站上找不到你需要的资源,可以在留言板上留言,管理员会尽量满足你!

【速搜问答】社群云是什么

问答 admin 3年前 (2020-08-05) 464次浏览 已收录 0个评论

汉英对照:
Chinese-English Translation:

社群云(Community cloud)也称社区云,是由几个组织共享的云端基础设施,支持特定的社群,有共同的关切事项,例如使命任务、安全需求、策略与法规遵循考量等。管理者可能是组织本身或第三方;管理位置可能在组织内部,也可能在组织外部。

Community cloud, also known as community cloud, is a cloud infrastructure shared by several organizations. It supports specific communities and has common concerns, such as mission tasks, security requirements, policy and regulatory compliance considerations. The manager may be the organization itself or a third party; the management position may be inside or outside the organization.

社群云(Community cloud),也称社区云,是由几个组织共享的云端基础设施,它们支持特定的社群,有共同的关切事项,例如使命任务、安全需求、策略与法规遵循考量等。管理者可能是组织本身,也能是第三方;管理位置可能在组织内部,也可能在组织外部。

Community cloud, also known as community cloud, is the cloud infrastructure shared by several organizations. They support specific communities and share common concerns, such as mission and mission, security requirements, policy and regulatory compliance considerations. The manager may be the organization itself or a third party; the management position may be inside or outside the organization.

简介

brief introduction

按照云计算的部署模式,云可以分为四种,分别是私有云、社区云、公有云和混合云。私有云由单一组织独占使用。社区云是由一个特定社区独占使用,该社区由具有共同关切 (如使命、安全要求、政策等) 的多个组织组成。公有云由公众开放使用。混合云则是前述的两种以上模式的混合。

According to the deployment mode of cloud computing, the cloud can be divided into four types, namely private cloud, community cloud, public cloud and hybrid cloud. The private cloud is used exclusively by a single organization. The community cloud is exclusively used by a specific community, which is composed of multiple organizations with common concerns (such as mission, security requirements, policies, etc.). The public cloud is open to the public. The hybrid cloud is a mixture of two or more modes mentioned above.

技术

technology

身份管理与授权

Identity management and authorization

在社区云的环境下,要跨机构的管理用户,要在统一身份认证和各个机构的自主性之间达成良好的平衡,做到既方便用户使用,又能在良好的授权控制前提下实现资源的高效利用。

In the environment of community cloud, it is necessary to manage users across institutions, to achieve a good balance between unified identity authentication and the autonomy of various institutions, so as to make it convenient for users to use and achieve efficient utilization of resources under the premise of good authorization control.

代理授权是身份管理方面需要引起注意的问题。社区云是多机构的联合,在使用 A 机构的资源时,对用户的授权则是在 B 机构的身份管理系统中实现,这其中的代理关系是社区云模式下的一类基本场景,需要得到很好的解决。代理授权的解决方案中涉及到一些开放标准,采用的是 OAuth2,它可以支持多类应用,包括 Web、桌面和无线客户端等,并且简单方便。

Proxy authorization is an important issue in identity management. Community cloud is a combination of multiple organizations. When using the resources of organization a, the authorization of users is implemented in the identity management system of organization B. the agent relationship is a basic scenario under the community cloud mode, which needs to be well solved. The solution of proxy authorization involves some open standards, which adopts oauth2. It can support many kinds of applications, including web, desktop and wireless client, and is simple and convenient.

认证联盟的建立是为了实现跨系统、跨机构以及多个云应用之间的协作,从身份管理角度涉及两个核心概念:身份标识的提供者 (IdP) 和服务提供者(SP)。此二者可以是完全独立的。比如中国科技网通行证,这是一个身份标识的服务,已经积累了 40 多万的用户,其中科学院的科研人员和学生占比一半左右。一些研究所自己建设和运行的用户系统也提供身份标识服务。科技云的应用服务如团队文档库、学术会议平台、科研主页,以及很多研究所的信息化服务等,都是服务提供者。当多个身份标识服务达成一致的约定,可以同时支持应用服务,就构成了认证联盟。这方面的技术也已经有基本成熟的技术标准。通过认证联盟建立统一的身份管理服务,对于推进社区云、推进不同机构之间的合作具有关键性的作用。

The establishment of authentication alliance is to realize the cooperation between cross system, cross organization and multiple cloud applications. From the perspective of identity management, it involves two core concepts: identity provider (IDP) and service provider (SP). The two can be completely independent. For example, the China Science and technology network pass, which is an identity service, has accumulated more than 400000 users, of which about half of the scientific research personnel and students in the Academy of Sciences. Some user systems built and operated by some research institutes also provide identity services. The application services of science and technology cloud, such as team document library, academic conference platform, research homepage, and information services of many research institutes, are service providers. When multiple identity services reach an agreement and can support application services at the same time, it constitutes an authentication Federation. There are also mature technical standards for this technology. Establishing a unified identity management service through authentication alliance plays a key role in promoting community cloud and promoting cooperation between different institutions.

服务集成

Service integration

在云的环境下,网络、计算、存储和数据等资源都可以包装成服务的方式,进而进行资源和服务的集成,在一些简单、基础的服务上构建出复杂、高级的服务。在社区云中,这样的服务集成更加具有普遍性,当然,这样的集成也通常是不容易的。社区云的用户特点是不仅包括一般的最终用户,还包括具有应用开发或二次开发能力的开发者用户。云平台为科研人员结合自身科研特色需求的二次开发提供基础资源,这就要求社区云提供这样的技术和支撑环境。服务集成的重要工作是面向开发者提供接口 (API)。面向服务的架构 (SOA) 已经是成熟的技术,但在服务的交互和集成方面还有一些较深层的问题。我们认为无状态化、动态迁移、服务的伸缩性这是三个关键点。面向服务集成的接口设计要尽可能地实现服务的无状化。无状态化可以大大简化后续多个服务的集成问题,同时在无状态化的基础上更容易实现动态迁移,从而实现服务的伸缩性。这些对于服务的可靠性也会大有帮助。

In the cloud environment, resources such as network, computing, storage and data can be packaged as services, and then integrated resources and services to build complex and advanced services based on some simple and basic services. In the community cloud, such service integration is more universal, of course, such integration is usually not easy. The characteristics of community cloud users include not only general end users, but also developers and users with application development or secondary development capabilities. The cloud platform provides basic resources for the secondary development of researchers combined with their own research characteristics, which requires community cloud to provide such technology and support environment. The important work of service integration is to provide interface (API) for developers. Service Oriented Architecture (SOA) is a mature technology, but there are some deep problems in service interaction and integration. We think stateless, dynamic migration and service scalability are the three key points. The interface design of service-oriented integration should realize the stateless service as much as possible. Stateless can greatly simplify the integration of subsequent multiple services. At the same time, it is easier to realize dynamic migration on the basis of stateless, so as to realize the scalability of services. These will also be of great help to the reliability of the service.

测量与运行管理

Measurement and operation management

从云的运行来说,基于日志的一些技术和手段是非常有用的。社区云的资源提供者不是单一的管理域,服务的测量和基于日志的运行管理更为重要。社区云应有专门的日志服务为各种应用提供日志的收集、存储和分析显示等服务,并可以基于日志进行测量,进行服务的监控和管理,再通过门户进行适当的展示。测量数据及统计分析对于社区范围内用户、服务提供者群体的沟通和协调非常有帮助,也是指导我们做好运行管理的一个重要基础。

From the perspective of cloud operation, some technologies and means based on log are very useful. The resource provider of community cloud is not a single management domain, service measurement and log based operation management are more important. Community cloud should have a special log service to provide log collection, storage, analysis and display services for various applications. It can be measured based on the log, monitor and manage the service, and then display it properly through the portal. Measurement data and statistical analysis are very helpful for the communication and coordination of users and service providers within the community, and also an important basis for guiding us to do a good job in operation and management.

联盟

union

联盟 (Federation) 即服务的联盟,联盟架构里核心的角色是服务提供者。联盟意味着其中的各个实体是平等的,在此基础上建立相应的机制和系统。从国际上看,联盟的方式在学术界很流行。像科技云这样的社区云,可以将联盟的框架设定为大学、科研机构及一些科技企业,还有为科研提供服务的企业,等等。具体而言,联盟的架构有两种主要的模式:Mesh 和 Hub-and-spoke,前者是所有实体完全对等,后者是有一个 Hub 作为沟通和协调的枢纽,可以提高联盟中服务和运行的效率。

Federation is the alliance of services. The core role of alliance architecture is service provider. Alliance means that all entities are equal, and corresponding mechanisms and systems are established on this basis. Internationally, alliances are very popular in academia. For community clouds like technology cloud, the framework of alliance can be set as universities, scientific research institutions and some technology enterprises, as well as enterprises providing services for scientific research, etc. Specifically, there are two main modes of alliance architecture: mesh and hub and spoke. The former is the complete equivalence of all entities, and the latter has a hub as a communication and coordination hub, which can improve the efficiency of service and operation in the alliance.

微服务

Microservices

微服务架构(Microservices Architecture) 是在面向服务的基础上近年来的一个新发展。对于社区云来说,微服务具有更突出的价值。微服务强调比过去更细粒度的服务,支持大量的交互和频繁的更新。要做到微服务,对于基础设施自动化和持续集成有着高要求,并且尽量采取轻量级的通讯协议。微服务的理念是松耦合,高内聚,这也涉及到容错性设计、复杂性控制和开发运维一体化 (DevOps) 等方面的内容。

Microservices architecture is a new development based on service-oriented in recent years. For community cloud, micro service has more prominent value. Microservices emphasize more fine-grained services than in the past, supporting a large number of interactions and frequent updates. To achieve microservices, there are high requirements for infrastructure automation and continuous integration, and lightweight communication protocols should be adopted as far as possible. The concept of microservice is loose coupling and high cohesion, which also involves fault tolerant design, complexity control and Devops.

松耦合、高内聚的实现要求接口尽可能简化,并采用单独的业务逻辑。Unix 经典的管道的设计是一个范例,当前的服务则普遍采用简单的 REST 风格,而不是复杂的协议。在通信方面,尽量采用轻量级消息通信,这有利于使用不同技术所开发出来的服务进行交互。在微服务架构中,通过高效率的模块化设计,能够方便地支持多团队协作和并行开发。而且,服务之间是相互依赖的,需要进行相互的迭代,因此软件开发必须要高度的自动化,能够自动地构建软件、测试、部署、发布等。这就要求整个开发环境也是云化的,即从下层的硬件资源到上层的软件管理,都可以通过云的方式向整个社区内的成员提供。此外,微服务应该是容错的。在一个分布式的系统里面,复杂性会更高,依赖和动态更新又会带来一些问题。

The implementation of loose coupling and high cohesion requires that the interface should be simplified as much as possible, and separate business logic should be adopted. The design of UNIX’s classic pipeline is an example. The current services generally adopt simple rest style rather than complex protocol. In terms of communication, lightweight message communication should be adopted as far as possible, which is conducive to the interaction of services developed by different technologies. In the microservice architecture, it is convenient to support multi team cooperation and parallel development through efficient modular design. Moreover, services are interdependent and need to be iterated with each other. Therefore, software development must be highly automated, which can automatically build software, test, deploy, release, etc. This requires that the entire development environment is also cloud, that is, from the lower level of hardware resources to the upper level of software management, can be provided to members of the entire community in the form of cloud. In addition, microservices should be fault-tolerant. In a distributed system, the complexity will be higher, and dependency and dynamic update will bring some problems.


速搜资源网 , 版权所有丨如未注明 , 均为原创丨转载请注明原文链接:【速搜问答】社群云是什么
喜欢 (0)
[361009623@qq.com]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址