November 2021
Beginner to intermediate
239 pages
4h 15m
Chinese
Content preview from Dapr学习手册
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
142
|
第
4
章
例如,以下用
HashiCorp
配置语言(
HCL
)编写的
Consul
服务规则允许对任
何不带前缀的服务进行读访问,并允许对“
app
”服务进行写访问。这些规则
还拒绝所有对“
admin
”服务的访问。这些规则由
Consul
执行,在这种情况下,
Dapr
(和应用程序)对此并无感知:
service_prefix "" {
policy = "read"
}
service "app" {
policy = "write"
}
service "admin" {
policy = "deny"
}
需要注意的是,
Dapr
提供了相互
TLS
,这是服务网格中常见的特性。因此,
当你将
Dapr
配置为使用服务网格时,你可能需要禁用其中一个
TLS
层。请
参考
Dapr
文档
(
https://oreil.ly/0ginb
)
以获取指导和建议。
即使制定了适当的服务访问控制策略,我们仍然需要更深入地保护这些服务
所运行的数据。接下来我们将讨论数据保护。
4.1.2
数据保护
说到保护数据,我们需要考虑三个方面:静态数据、传输中的数据和使用中
的数据。
4.1.2.1
保护静态数据
保护静态数据的一种常见方法是使用加密。在撰写本书时,
Dapr
并没有提供
开箱即用的数据加密,但将来可能会在其状态存储中添加自动加密
/
解密功能。
Dapr
还有一个管理密钥的内置特性,我们将在本章后面介绍。你可以使用此
功能管理用户数据的加密密钥。
安全
|
143
Dapr
本身并不关心数据备份和恢复
,
我们认为应该由底层数据存储或通过专
门的备份 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.