Systems and methods of stateless processing in a fault-tolerant microservice environment
First Claim
1. A method comprising:
- transmitting, by a first microservice, packet data and a context, wherein the context is associated with the packet data;
receiving, by a second microservice, the packet data and the context, the second microservice to;
send a request for a service state to one of a plurality of redundant message services, use the context and the requested service state to determine what security processing to perform, to perform the security processing over the packet data, and to transmit resulting data and the context to a third microservice; and
receiving, by the third microservice, the resulting data and the context, the third microservice to;
use the context to determine what security processing to perform, and to perform the security processing over the resulting data;
wherein the second microservice to extract data from the packet data, and perform the security processing over the data extracted from the packet data, and wherein the third microservice to extract data from the resulting data, and to perform the security processing over the data extracted from the resulting data;
wherein the second microservice and the third microservice to extract higher-level data from the received data;
wherein the second microservice does not maintain a copy of the service state, such that, in case of its failure, a different microservice accesses and uses the service state; and
wherein the method is performed by a security service comprising a hierarchy of microservices, including, at the lowest level, an interface microservice to generate the context.
4 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and non-transitory computer-readable relating to network security are disclosed. In particular, embodiments described generally relate to systems and methods of stateless processing in a fault-tolerant microservice environment. In one example, a method is disclosed, which includes transmitting, by a first microservice, packet data and a context associated therewith; receiving the packet data and the context by a second microservice, the second microservice to: use the context to determine what security processing to perform, perform the security processing over the packet data, and transmit resulting data and the context to a third microservice; and receiving the resulting data and the context by the third microservice, the third microservice to: use the context to determine what security processing to perform, and perform the security processing over the resulting data.
-
Citations
17 Claims
-
1. A method comprising:
-
transmitting, by a first microservice, packet data and a context, wherein the context is associated with the packet data; receiving, by a second microservice, the packet data and the context, the second microservice to;
send a request for a service state to one of a plurality of redundant message services, use the context and the requested service state to determine what security processing to perform, to perform the security processing over the packet data, and to transmit resulting data and the context to a third microservice; andreceiving, by the third microservice, the resulting data and the context, the third microservice to;
use the context to determine what security processing to perform, and to perform the security processing over the resulting data;wherein the second microservice to extract data from the packet data, and perform the security processing over the data extracted from the packet data, and wherein the third microservice to extract data from the resulting data, and to perform the security processing over the data extracted from the resulting data; wherein the second microservice and the third microservice to extract higher-level data from the received data; wherein the second microservice does not maintain a copy of the service state, such that, in case of its failure, a different microservice accesses and uses the service state; and wherein the method is performed by a security service comprising a hierarchy of microservices, including, at the lowest level, an interface microservice to generate the context. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
-
a memory; a processor to use the memory and to execute instructions to implement a first security microservice, the first security microservice to perform a process comprising; transmitting, by a first microservice, packet data and a context associated therewith; receiving the packet data and the context by a second microservice, the second microservice to;
send a request for a service state to one of a plurality of redundant message services, use the context and the requested service state to determine what security processing is requested of the second microservice, to perform the requested security processing over the packet data, and to transmit resulting data and the context to a third microservice; andreceiving the resulting data and the context by the third microservice, the third microservice to;
use the context to determine what security processing is requested of the third microservice, and to perform the requested security processing over the resulting data;wherein the second microservice to extract data from the packet data and perform the requested security processing over the data extracted from the packet data, and wherein the third microservice to extract data from the resulting data and perform the requested security processing over the data extracted from the resulting data;
wherein the second microservice and the third microservice to extract higher-level data from the received data;wherein the second microservice does not maintain a copy of the service state, such that, in case of its failure, a different microservice accesses and uses the service state; and wherein the processor comprise a hierarchy of microservices, including, at the lowest level, an interface microservice to generate the context. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable medium containing computer-executable instructions that, when executed by a processor, cause the processor to:
-
transmit, by a first microservice, packet data and a context associated therewith; receive the packet data and the context by a second microservice, the second microservice to;
send a request for a service state to one of a plurality of redundant message services, use the context and the requested service state to determine what security processing is requested of the second microservice, perform the requested security processing over the packet data, and transmit resulting data and the context to a third microservice; andreceive the resulting data and the context by the third microservice, the third microservice to;
use the context to determine what security processing is requested of the third microservice, and perform the requested security processing over the resulting data;wherein the second microservice to extract data from the packet data and perform security processing over the data extracted from the packet data, and wherein the third microservice to extract data from the resulting data and perform security processing over the data extracted from the resulting data; wherein the second microservice does not maintain a copy of the service state, such that, in case of its failure, a different microservice accesses and uses the service state; and wherein the computer-executable instructions are to be executed by a security service comprising a hierarchy of microservices, including, at the lowest level, an interface microservice to generate the context. - View Dependent Claims (14, 15, 16, 17)
-
Specification