[{"data":1,"prerenderedAt":2042},["ShallowReactive",2],{"blog-\u002Fblog\u002Fcomparison\u002Fshangyong-yu-kaiyuan-bianjie":3,"blog-related-\u002Fblog\u002Fcomparison\u002Fshangyong-yu-kaiyuan-bianjie":458},{"id":4,"title":5,"author":6,"body":7,"category":430,"cover":431,"date":432,"description":433,"draft":434,"extension":435,"faq":436,"featured":434,"image":431,"keywords":446,"meta":449,"navigation":450,"path":451,"seo":452,"sitemap":453,"stem":454,"tags":455,"updated":432,"__hash__":457},"blog\u002Fblog\u002Fcomparison\u002Fshangyong-yu-kaiyuan-bianjie.md","软件商用和开源的法律边界","HNREIS",{"type":8,"value":9,"toc":401},"minimark",[10,19,22,27,105,108,110,114,141,144,152,154,157,175,179,199,202,213,216,219,230,233,244,247,252,255,259,267,271,282,286,294,298,306,309,335,338,374,377,380,395],[11,12,13,14,18],"p",{},"企业用软件（商用）还是开源，",[15,16,17],"strong",{},"涉及法律边界，要合规。"," 这篇讲清区别。",[11,20,21],{},"很多企业在选型时只盯着\"开源免费\"这一条，忽略了背后的协议约束和隐性成本；或者反过来，觉得商用软件花钱就一定有保障，结果发现授权范围对不上业务规模。软件版权受法律保护，\"用了再说\"的侥幸迟早会以律师函形式找上门。开源和商用不是简单的\"免费 vs 付费\"对立，而是两种不同的授权模型，各有适用场景、合规要求和成本结构。下面把本质区别、协议陷阱、合规要点拆开讲清楚。",[23,24,26],"h2",{"id":25},"商用-vs-开源","商用 vs 开源",[28,29,30,46],"table",{},[31,32,33],"thead",{},[34,35,36,40,43],"tr",{},[37,38,39],"th",{},"维度",[37,41,42],{},"商用软件",[37,44,45],{},"开源软件",[47,48,49,61,72,83,94],"tbody",{},[34,50,51,55,58],{},[52,53,54],"td",{},"源码",[52,56,57],{},"不开放",[52,59,60],{},"开放",[34,62,63,66,69],{},[52,64,65],{},"费用",[52,67,68],{},"付费授权\u002F订阅",[52,70,71],{},"免费（要守协议）",[34,73,74,77,80],{},[52,75,76],{},"支持",[52,78,79],{},"厂商支持",[52,81,82],{},"社区\u002F自维护",[34,84,85,88,91],{},[52,86,87],{},"协议",[52,89,90],{},"商业授权",[52,92,93],{},"开源协议",[34,95,96,99,102],{},[52,97,98],{},"灵活",[52,100,101],{},"受限",[52,103,104],{},"可看可改",[11,106,107],{},"这张表背后有几个关键点。商用软件的\"不开放\"指的是拿不到源码，只能用厂商打包好的成品，遇到 bug 或想加功能只能等厂商排期；开源软件虽然源码开放、可以自己改，但前提是有相应技术能力，并且改完之后要遵守对应开源协议的再分发义务。\"支持\"这一栏的差别往往被低估：商用软件通常有 SLA、工单系统、专属客户经理，遇到生产故障能找到人；开源软件默认靠社区，能不能修、什么时候修，全看项目活跃度和运气。",[23,109,42],{"id":42},[111,112,113],"h3",{"id":113},"特点",[115,116,117,124,129,135],"ul",{},[118,119,120,123],"li",{},[15,121,122],{},"付费","：授权\u002F订阅。一次性买断或按年订阅，按用户数、CPU 核数、调用次数计费都有，商业模式清晰透明。",[118,125,126,128],{},[15,127,76],{},"：厂商服务。有专门的售后团队、技术支持热线、版本升级路线图，关键业务出问题有人兜底。",[118,130,131,134],{},[15,132,133],{},"省心","：成熟稳定。商用软件通常做了大量兼容性测试、安全审计、合规认证（ISO 27001、SOC 2 等），开箱可用程度高。",[118,136,137,140],{},[15,138,139],{},"版权","：归厂商。你买的是使用权而非所有权，不能反编译、不能二次分发、不能改造成自己的产品卖给别人。",[111,142,143],{"id":143},"注意",[115,145,146,149],{},[118,147,148],{},"买正版（不盗版）。盗版商用软件的法律风险非常实际，包括民事赔偿、商誉受损、甚至刑事责任，企业不应在这问题上省小钱。",[118,150,151],{},"授权范围（用户数\u002F功能）。授权协议里会写清楚允许的使用范围，比如\"100 用户专业版\"或\"5 服务器企业版\"，超范围使用同样是违约，厂商有权追责。",[23,153,45],{"id":45},[111,155,113],{"id":156},"特点-1",[115,158,159,165,170],{},[118,160,161,164],{},[15,162,163],{},"免费","：源码开放。绝大多数开源软件本身不收费，可自由下载、阅读、编译、运行，门槛很低。",[118,166,167,169],{},[15,168,104],{},"。源码在你手里，遇到 bug 可以自己定位、打补丁、扩展功能，不依赖厂商排期，灵活度高。",[118,171,172,174],{},[15,173,87],{},"：要遵守。开源不等于公共领域，每份开源软件都有对应的协议（License），规定可以做什么、必须做什么、不能做什么，违反协议会触发版权侵权。",[111,176,178],{"id":177},"协议重点","协议（重点）",[115,180,181,187,193],{},[118,182,183,186],{},[15,184,185],{},"MIT\u002FApache","：宽松，商用友好。基本只要求保留版权声明和协议文本，可以拿来改、拿来卖、闭源使用，几乎没有再分发义务，是企业闭源商业项目里最常引用的开源协议。",[118,188,189,192],{},[15,190,191],{},"GPL类","：传染性，商用谨慎。GPL、LGPL、AGPL 系列要求：如果你把 GPL 代码合并进自己的作品并分发，你的作品也必须以 GPL 协议开源。AGPL 更进一步，连通过网络提供服务都算\"分发\"，对 SaaS 业务杀伤力大。",[118,194,195,198],{},[15,196,197],{},"\"开源\"≠\"随便用\"","：要守协议。哪怕源码摆在那里，也不意味着可以无视协议条款随意使用，协议本身就是法律契约。",[111,200,143],{"id":201},"注意-1",[115,203,204,207,210],{},[118,205,206],{},"遵守协议。每一个开源依赖都要查清楚协议类型和具体条款，建立 SBOM（软件物料清单）做台账。",[118,208,209],{},"GPL类评估开源义务。引入 GPL 类依赖前要做传染性评估，避免无意中把核心代码置于必须开源的境地。",[118,211,212],{},"自己运维\u002F集成。开源软件默认没有厂商兜底，部署、监控、升级、安全补丁都要自己或外包承担。",[23,214,215],{"id":215},"怎么选",[111,217,218],{"id":218},"商用",[115,220,221,224,227],{},[118,222,223],{},"要省心支持。业务关键、团队运维能力有限、出问题必须有人兜底的场景，商用软件的厂商支持值得付费。",[118,225,226],{},"不想运维。把精力聚焦在业务而非基础设施上的团队，商用软件能把运维负担转移出去。",[118,228,229],{},"企业核心（要服务保障）。涉及财务、合规、客户数据的核心系统，需 SLA 和合规背书，商用软件更稳妥。",[111,231,232],{"id":232},"开源",[115,234,235,238,241],{},[118,236,237],{},"有运维能力。团队具备相应技术栈的运维和二次开发能力，能把开源软件跑稳、改好。",[118,239,240],{},"要灵活\u002F定制。业务需求特殊，商用软件标准功能覆盖不了，需深度定制。",[118,242,243],{},"成本敏感（但算总账）。初期投入敏感、不想被订阅费长期锁定，但要算清运维、人力、培训等隐性成本。",[111,245,246],{"id":246},"混合",[115,248,249],{},[118,250,251],{},"核心商用+非核心开源。这是大企业常见策略：核心业务系统用商用软件拿保障，边缘系统和工具链用开源控成本。",[23,253,254],{"id":254},"企业合规",[111,256,258],{"id":257},"_1-商用买正版","1. 商用买正版",[115,260,261,264],{},[118,262,263],{},"不盗版。采购走正规渠道，保留授权凭证和发票，便于审计。",[118,265,266],{},"授权合规。定期盘点实际使用人数和授权范围，避免超范围使用。",[111,268,270],{"id":269},"_2-开源守协议","2. 开源守协议",[115,272,273,276,279],{},[118,274,275],{},"MIT\u002FApache宽松。这类依赖可放心引入，记得保留版权声明和协议文本即可。",[118,277,278],{},"GPL类谨慎。引入前做传染性评估，AGPL 尤其要小心，必要时联系法务给意见。",[118,280,281],{},"保留版权声明。再分发时要按协议要求保留原作者的版权声明和 license 文本，不能抹掉。",[111,283,285],{"id":284},"_3-自研注意","3. 自研注意",[115,287,288,291],{},[118,289,290],{},"用的开源协议。自研项目里引入的每个开源依赖都要查协议，特别是构建产物里静态\u002F动态链接的部分。",[118,292,293],{},"避免GPL传染。核心商业代码不要和 GPL 类依赖做静态链接，必要时用动态链接或进程隔离方式规避。",[111,295,297],{"id":296},"_4-软件资产管理","4. 软件资产管理",[115,299,300,303],{},[118,301,302],{},"建立软件资产清单。维护完整 SBOM，记录每个依赖的名称、版本、协议、用途。",[118,304,305],{},"合规使用。定期内部审计，发现超范围使用、协议违规、未授权软件及时整改。",[23,307,308],{"id":308},"别踩的坑",[115,310,311,317,323,329],{},[118,312,313,316],{},[15,314,315],{},"盗版商用软件","：法律风险。无论是财务、设计、办公还是开发工具，盗版被查到不仅要补缴授权费用，还可能面临数倍罚款。",[118,318,319,322],{},[15,320,321],{},"开源不守协议","：违规。即便宽松协议，漏掉版权声明、改 license 文本也算违规，被告了赔钱又丢人。",[118,324,325,328],{},[15,326,327],{},"闭源用GPL","：可能要开源。一旦被认定 GPL 传染，要么按协议开源核心代码，要么停止侵权下架产品，两条路都被动。",[118,330,331,334],{},[15,332,333],{},"只看免费不算总账","：开源有隐性成本。运维人力、培训、二次开发、故障自处理加起来未必比订阅费低。",[23,336,337],{"id":337},"成本参考",[28,339,340,353],{},[31,341,342],{},[34,343,344,347,350],{},[37,345,346],{},"方式",[37,348,349],{},"说明",[37,351,352],{},"成本特点",[47,354,355,365],{},[34,356,357,359,362],{},[52,358,218],{},[52,360,361],{},"授权\u002F订阅",[52,363,364],{},"付费+支持",[34,366,367,369,371],{},[52,368,232],{},[52,370,163],{},[52,372,373],{},"免费+运维\u002F集成",[11,375,376],{},"成本对比的关键不是\"哪种更便宜\"，而是\"哪种总账更适合团队能力和业务阶段\"。有运维能力的团队选开源能省下大量订阅费，没有这种能力的团队硬上开源反而会把成本转嫁到更高的隐性开销上。",[23,378,379],{"id":379},"怎么合规",[381,382,383,386,389,392],"ol",{},[118,384,385],{},"商用买正版。建立正规采购流程，所有商用软件都走授权合同和发票。",[118,387,388],{},"开源守协议。每一个开源依赖都登记协议类型，引入前做合规评估。",[118,390,391],{},"自研注意开源协议。定期扫描项目依赖树，重点关注 GPL 类和 AGPL 类。",[118,393,394],{},"建立软件资产管理。维护 SBOM 清单，定期内部审计，把合规做成常态而不是临时抱佛脚。",[396,397,398],"blockquote",{},[11,399,400],{},"广州市汉诺雷斯（HNREIS）帮企业选型和合规使用软件（商用\u002F开源），法律细节建议咨询专业。把你的需求告诉我们，我们给出建议。",{"title":402,"searchDepth":403,"depth":403,"links":404},"",2,[405,406,411,416,421,427,428,429],{"id":25,"depth":403,"text":26},{"id":42,"depth":403,"text":42,"children":407},[408,410],{"id":113,"depth":409,"text":113},3,{"id":143,"depth":409,"text":143},{"id":45,"depth":403,"text":45,"children":412},[413,414,415],{"id":156,"depth":409,"text":113},{"id":177,"depth":409,"text":178},{"id":201,"depth":409,"text":143},{"id":215,"depth":403,"text":215,"children":417},[418,419,420],{"id":218,"depth":409,"text":218},{"id":232,"depth":409,"text":232},{"id":246,"depth":409,"text":246},{"id":254,"depth":403,"text":254,"children":422},[423,424,425,426],{"id":257,"depth":409,"text":258},{"id":269,"depth":409,"text":270},{"id":284,"depth":409,"text":285},{"id":296,"depth":409,"text":297},{"id":308,"depth":403,"text":308},{"id":337,"depth":403,"text":337},{"id":379,"depth":403,"text":379},"comparison",null,"2025-08-18","企业用软件（商用授权）还是开源，涉及法律边界。本文讲清商用软件和开源的法律区别和企业怎么选。",false,"md",[437,440,443],{"q":438,"a":439},"商用软件和开源软件法律上什么区别？","商用软件要买授权\u002F订阅（付费使用，有服务和支持），版权归厂商；开源软件源码开放（可看可改），但要遵守开源协议（MIT\u002FApache宽松，GPL类有传染性）。两者都受法律约束，\"开源\"不等于\"随便用\"。",{"q":441,"a":442},"企业用开源软件省钱吗？","看情况。开源软件本身免费，但自己要运维\u002F集成\u002F支持（隐性成本），还可能要遵守协议（GPL类要开源你的代码）。商用软件付费但有服务支持、省心。算总账，开源适合有能力运维的，商用适合要省心支持的。",{"q":444,"a":445},"企业用软件怎么合规？","几点：商用软件买正版授权（不盗版）；开源软件遵守协议（MIT\u002FApache宽松，GPL类谨慎）；自研软件注意用的开源协议（避免GPL传染）。建议企业建立软件资产管理，合规使用。",[42,45,447,448],"软件授权","软件法律边界",{},true,"\u002Fblog\u002Fcomparison\u002Fshangyong-yu-kaiyuan-bianjie",{"title":5,"description":433},{"loc":451},"blog\u002Fcomparison\u002Fshangyong-yu-kaiyuan-bianjie",[232,218,456],"合规","s9u1vbQMx08A8VGeDQKOb3_d9DwlQ7IduRYq2CSPR2U",[459,864,1284,1649],{"id":460,"title":461,"author":6,"body":462,"category":430,"cover":431,"date":837,"description":838,"draft":434,"extension":435,"faq":839,"featured":434,"image":431,"keywords":849,"meta":854,"navigation":450,"path":855,"seo":856,"sitemap":857,"stem":858,"tags":859,"updated":837,"__hash__":863},"blog\u002Fblog\u002Fcomparison\u002Fapi-jiekou-shiye.md","API、接口、集成这些词到底是什么意思",{"type":8,"value":463,"toc":817},[464,470,474,480,483,494,499,502,505,511,514,519,521,532,537,540,543,557,560,574,579,582,586,600,603,614,617,622,625,632,649,654,657,660,682,687,690,728,734,737,763,766,769,795,798,812],[11,465,466,467],{},"老板常被 API、接口、集成这些技术词绕晕。",[15,468,469],{},"这篇用大白话讲清，帮老板听懂技术沟通。",[23,471,473],{"id":472},"api-是什么大白话","API 是什么（大白话）",[11,475,476,479],{},[15,477,478],{},"API 是两个软件\"对话\"的通道","。",[11,481,482],{},"例子：",[115,484,485,488,491],{},[118,486,487],{},"你的小程序要查物流 → 通过物流公司 API 问\"单号到哪了\" → 物流系统回\"已签收\"。",[118,489,490],{},"你的官网要收款 → 通过支付 API 让客户付款 → 支付系统回\"付款成功\"。",[118,492,493],{},"你的系统要发短信 → 通过短信 API 发 → 短信平台发出去。",[11,495,496,479],{},[15,497,498],{},"API 让不同软件自动互通数据，不用人工搬",[11,500,501],{},"打个比方：API 像餐厅的\"服务员\"——你（小程序）告诉服务员（API）要什么，服务员告诉厨房（另一个系统），厨房做好端回来。你不用自己进厨房。",[23,503,504],{"id":504},"接口是什么",[11,506,507,510],{},[15,508,509],{},"接口就是 API","（同义词）。技术人员说\"做个接口\"\"对接接口\"，就是做 API 让系统互通。",[23,512,513],{"id":513},"集成是什么",[11,515,516,479],{},[15,517,518],{},"集成 = 把多个系统通过 API 连起来，数据自动流通",[11,520,482],{},[115,522,523,526,529],{},[118,524,525],{},"独立站 + ERP 集成：独立站订单自动进 ERP，ERP 库存自动同步独立站。",[118,527,528],{},"小程序 + CRM 集成：小程序客户数据自动进 CRM。",[118,530,531],{},"系统 + 支付集成：系统通过支付 API 收款。",[11,533,534,479],{},[15,535,536],{},"集成让数据自动流，替代人工搬数据",[23,538,539],{"id":539},"企业为什么要做接口集成",[111,541,542],{"id":542},"不集成的问题",[115,544,545,548,551,554],{},[118,546,547],{},"多个系统（独立站\u002FERP\u002FCRM\u002F物流），数据不通。",[118,549,550],{},"人工把数据从一个系统搬到另一个（累、易错）。",[118,552,553],{},"数据不同步（独立站卖了 ERP 库存没减，超卖）。",[118,555,556],{},"效率低。",[111,558,559],{"id":559},"集成的好处",[115,561,562,565,568,571],{},[118,563,564],{},"数据自动流通（订单\u002F库存\u002F客户自动同步）。",[118,566,567],{},"替代人工（省人力、避错）。",[118,569,570],{},"实时同步（不超卖、不漏单）。",[118,572,573],{},"数据统一（可分析）。",[11,575,576,479],{},[15,577,578],{},"系统越多，集成价值越大",[23,580,581],{"id":581},"常见的集成场景",[111,583,585],{"id":584},"电商独立站","电商\u002F独立站",[115,587,588,591,594,597],{},[118,589,590],{},"独立站 ↔ ERP（订单\u002F库存同步）。",[118,592,593],{},"独立站 ↔ 物流（发货\u002F追踪）。",[118,595,596],{},"独立站 ↔ 支付（收款）。",[118,598,599],{},"独立站 ↔ CRM（客户管理）。",[111,601,602],{"id":602},"企业内部",[115,604,605,608,611],{},[118,606,607],{},"系统 ↔ OA（审批\u002F通知）。",[118,609,610],{},"系统 ↔ 财务（对账\u002F开票）。",[118,612,613],{},"系统 ↔ 企微\u002F钉钉（消息\u002F工作流）。",[111,615,616],{"id":616},"数据",[115,618,619],{},[118,620,621],{},"系统 ↔ 数据分析（数据汇总\u002F报表）。",[23,623,624],{"id":624},"集成怎么实现",[11,626,627,628,631],{},"通过 ",[15,629,630],{},"API 对接","：",[381,633,634,637,640,643,646],{},[118,635,636],{},"确认要对接的系统（ERP\u002F物流\u002F支付）。",[118,638,639],{},"看各系统是否提供 API（文档）。",[118,641,642],{},"开发对接（系统间调 API 传数据）。",[118,644,645],{},"测试（数据准确、异常处理）。",[118,647,648],{},"上线 + 监控。",[11,650,651,479],{},[15,652,653],{},"自建系统（Nuxt\u002FVue）能灵活对接任意系统，这是它比 SaaS 的优势",[23,655,656],{"id":656},"老板该懂什么",[11,658,659],{},"老板不用懂代码，懂这些：",[115,661,662,667,672,677],{},[118,663,664,479],{},[15,665,666],{},"API = 软件之间自动传数据的通道",[118,668,669,479],{},[15,670,671],{},"集成 = 多系统数据自动流通",[118,673,674,479],{},[15,675,676],{},"集成能替代人工、提效避错",[118,678,679,479],{},[15,680,681],{},"集成成本看系统数量和复杂度",[11,683,684,479],{},[15,685,686],{},"懂这些，就能和技术\u002F服务商沟通集成需求",[23,688,689],{"id":689},"集成的成本",[28,691,692,702],{},[31,693,694],{},[34,695,696,699],{},[37,697,698],{},"集成类型",[37,700,701],{},"成本",[47,703,704,712,720],{},[34,705,706,709],{},[52,707,708],{},"对接一个系统（如 ERP）",[52,710,711],{},"1-3 万",[34,713,714,717],{},[52,715,716],{},"多系统集成",[52,718,719],{},"3-8 万",[34,721,722,725],{},[52,723,724],{},"复杂（双向同步\u002F多系统\u002F定制）",[52,726,727],{},"8 万+",[11,729,730,733],{},[15,731,732],{},"ROI 明确","（替代人工、提效、避错）。",[23,735,736],{"id":736},"常见误区",[115,738,739,745,751,757],{},[118,740,741,744],{},[15,742,743],{},"\"接口很复杂不用懂\"","：老板懂概念就行（API = 数据通道）。",[118,746,747,750],{},[15,748,749],{},"\"不集成也能用\"","：人工搬数据累易错，不可持续。",[118,752,753,756],{},[15,754,755],{},"\"集成是一次性的\"","：系统升级\u002F业务变化，集成要维护。",[118,758,759,762],{},[15,760,761],{},"\"SaaS 不用集成\"","：SaaS 也要和其他系统打通。",[23,764,765],{"id":765},"怎么判断要不要集成",[11,767,768],{},"问自己：",[381,770,771,777,783,789],{},[118,772,773,776],{},[15,774,775],{},"有多个系统吗？"," 有 → 可能要集成。",[118,778,779,782],{},[15,780,781],{},"人工搬数据吗？"," 搬 → 该集成。",[118,784,785,788],{},[15,786,787],{},"数据需要同步吗？"," 需要 → 集成。",[118,790,791,794],{},[15,792,793],{},"集成 ROI 划算吗？","（省的人力 > 投入）划算 → 做。",[23,796,797],{"id":797},"怎么做",[381,799,800,803,806,809],{},[118,801,802],{},"梳理要对接的系统 + 数据流。",[118,804,805],{},"确认各系统 API。",[118,807,808],{},"开发对接。",[118,810,811],{},"测试 + 监控。",[396,813,814],{},[11,815,816],{},"广州市汉诺雷斯（HNREIS）提供系统集成（API 对接 ERP\u002F物流\u002F支付\u002FCRM），帮企业打通数据。把你的系统情况告诉我们，我们设计集成方案。",{"title":402,"searchDepth":403,"depth":403,"links":818},[819,820,821,822,826,831,832,833,834,835,836],{"id":472,"depth":403,"text":473},{"id":504,"depth":403,"text":504},{"id":513,"depth":403,"text":513},{"id":539,"depth":403,"text":539,"children":823},[824,825],{"id":542,"depth":409,"text":542},{"id":559,"depth":409,"text":559},{"id":581,"depth":403,"text":581,"children":827},[828,829,830],{"id":584,"depth":409,"text":585},{"id":602,"depth":409,"text":602},{"id":616,"depth":409,"text":616},{"id":624,"depth":403,"text":624},{"id":656,"depth":403,"text":656},{"id":689,"depth":403,"text":689},{"id":736,"depth":403,"text":736},{"id":765,"depth":403,"text":765},{"id":797,"depth":403,"text":797},"2024-05-15","老板常被 API、接口、集成这些技术词绕晕。本文用大白话讲清这些概念和企业集成场景，帮老板听懂技术沟通。",[840,843,846],{"q":841,"a":842},"API 到底是什么，大白话说？","API 是两个软件\"对话\"的通道。比如你的小程序要查物流，就通过物流公司的 API 问\"这个单号到哪了\"，物流系统通过 API 回\"已签收\"。API 让不同软件能互通数据，不用人工搬。你不用懂代码，只要知道\"API = 软件之间自动传数据的通道\"。",{"q":844,"a":845},"我们为什么要做接口集成？","因为你的多个系统要互通。比如独立站订单要进 ERP、库存要同步、物流要追踪，不集成就要人工把数据从一个系统搬到另一个（累、易错）。集成后数据自动流通，提效准确。系统越多，集成价值越大。",{"q":847,"a":848},"接口集成要多少钱？","看对接的系统数量和复杂度。对接一个系统（如 ERP）通常 1-3 万；多系统集成（ERP+物流+支付+CRM）3-8 万。集成能替代人工、提效避错，ROI 明确。",[850,851,852,853],"API接口通俗解释","什么是API","接口集成","系统对接",{},"\u002Fblog\u002Fcomparison\u002Fapi-jiekou-shiye",{"title":461,"description":838},{"loc":855},"blog\u002Fcomparison\u002Fapi-jiekou-shiye",[860,861,862],"API","概念","通俗","A7Jdt6jv4eTPYhdWviHOSLSzOR5pN0xxO_6QT9M2ODg",{"id":865,"title":866,"author":6,"body":867,"category":430,"cover":431,"date":1258,"description":1259,"draft":434,"extension":435,"faq":1260,"featured":434,"image":431,"keywords":1270,"meta":1275,"navigation":450,"path":1276,"seo":1277,"sitemap":1278,"stem":1279,"tags":1280,"updated":1258,"__hash__":1283},"blog\u002Fblog\u002Fcomparison\u002Fapi-wangguan-shi-shenme.md","API网关是什么",{"type":8,"value":868,"toc":1242},[869,876,879,882,885,895,898,901,907,911,925,929,943,947,961,965,979,983,997,1001,1009,1012,1058,1061,1065,1068,1113,1138,1140,1166,1168,1206,1209,1211,1237],[11,870,871,872,875],{},"API 网关是系统架构里常见的组件，",[15,873,874],{},"通俗说就是系统的\"统一前台\"。"," 这篇讲清是什么、解决什么、要不要用。",[23,877,866],{"id":878},"api网关是什么",[11,880,881],{},"在微服务架构里，后端可能拆分成几十个甚至上百个服务。如果每个服务都直接对外提供接口，客户端要记住每个服务的地址、每个服务都要自己处理鉴权限流——这会非常混乱。API 网关就是解决这个问题的。",[11,883,884],{},"所有外部请求先到网关，网关统一处理后转发到后端：",[886,887,892],"pre",{"className":888,"code":890,"language":891},[889],"language-text","客户端 → API网关（鉴权\u002F限流\u002F监控）→ 后端服务\n","text",[893,894,890],"code",{"__ignoreMap":402},[11,896,897],{},"类比公司前台：访客（客户端请求）先到前台登记（鉴权\u002F限流），前台再引导到对应部门（转发到后端服务）。访客不用记每个部门在哪，部门也不用自己设前台。",[23,899,900],{"id":900},"网关做什么",[11,902,903,904,479],{},"API 网关的核心职责是",[15,905,906],{},"把各服务都要做的\"公共事\"统一收口",[111,908,910],{"id":909},"_1-统一入口","1. 统一入口",[115,912,913,919],{},[118,914,915,918],{},[15,916,917],{},"所有请求统一入口","：客户端只需要知道网关地址，不用记每个服务的地址。",[118,920,921,924],{},[15,922,923],{},"后端服务不直接暴露","：后端服务可以部署在内网，只把网关暴露在外网，安全风险降低。",[111,926,928],{"id":927},"_2-鉴权","2. 鉴权",[115,930,931,937],{},[118,932,933,936],{},[15,934,935],{},"统一身份验证","：所有请求的鉴权在网关统一做，比如验证 token、校验权限。",[118,938,939,942],{},[15,940,941],{},"后端不用各自鉴权","：后端服务可以信任网关已通过的请求，专注业务逻辑，不用重复写鉴权代码。",[111,944,946],{"id":945},"_3-限流","3. 限流",[115,948,949,955],{},[118,950,951,954],{},[15,952,953],{},"防止过载和恶意请求","：网关按规则限制每个客户端、每个接口的调用频率，防止恶意刷接口或突发流量压垮后端。",[118,956,957,960],{},[15,958,959],{},"保护后端","：流量超出后端承受能力时，网关可以拒绝或排队，保护后端不被打挂。",[111,962,964],{"id":963},"_4-路由转发","4. 路由转发",[115,966,967,973],{},[118,968,969,972],{},[15,970,971],{},"请求转发到对应服务","：网关根据请求路径、头部等信息，把请求转发到正确的后端服务。",[118,974,975,978],{},[15,976,977],{},"负载均衡","：一个服务有多个实例时，网关把请求分发到不同实例，提升整体处理能力。",[111,980,982],{"id":981},"_5-监控日志","5. 监控日志",[115,984,985,991],{},[118,986,987,990],{},[15,988,989],{},"统一监控和日志","：所有请求的调用量、响应时间、错误率在网关统一采集，不用每个服务各自做。",[118,992,993,996],{},[15,994,995],{},"可观测性","：网关的监控数据是排查问题、优化性能的重要依据。",[111,998,1000],{"id":999},"_6-协议转换","6. 协议转换",[115,1002,1003],{},[118,1004,1005,1008],{},[15,1006,1007],{},"不同协议转换","：客户端用 HTTP，后端用 gRPC 或 Dubbo，网关可以做协议转换，让前后端用各自适合的协议。",[23,1010,1011],{"id":1011},"为什么用网关",[28,1013,1014,1024],{},[31,1015,1016],{},[34,1017,1018,1021],{},[37,1019,1020],{},"问题",[37,1022,1023],{},"网关解决",[47,1025,1026,1034,1042,1050],{},[34,1027,1028,1031],{},[52,1029,1030],{},"鉴权散在各服务",[52,1032,1033],{},"统一鉴权",[34,1035,1036,1039],{},[52,1037,1038],{},"服务直接暴露",[52,1040,1041],{},"统一入口保护",[34,1043,1044,1047],{},[52,1045,1046],{},"流量过载",[52,1048,1049],{},"限流",[34,1051,1052,1055],{},[52,1053,1054],{},"监控散",[52,1056,1057],{},"统一监控",[11,1059,1060],{},"不用网关的情况下，每个服务都要自己实现鉴权、限流、监控、日志，代码重复、维护成本高，还容易出不一致的问题。网关把这些公共能力收口，后端服务可以更专注业务。",[23,1062,1064],{"id":1063},"用-vs-不用","用 vs 不用",[11,1066,1067],{},"网关不是所有系统都需要，要看规模和复杂度。",[28,1069,1070,1080],{},[31,1071,1072],{},[34,1073,1074,1077],{},[37,1075,1076],{},"情况",[37,1078,1079],{},"建议",[47,1081,1082,1090,1098,1106],{},[34,1083,1084,1087],{},[52,1085,1086],{},"服务少\u002F简单",[52,1088,1089],{},"不一定需要",[34,1091,1092,1095],{},[52,1093,1094],{},"微服务\u002F服务多",[52,1096,1097],{},"价值大",[34,1099,1100,1103],{},[52,1101,1102],{},"开放API",[52,1104,1105],{},"需要",[34,1107,1108,1111],{},[52,1109,1110],{},"多端接入",[52,1112,1105],{},[115,1114,1115,1121,1127,1133],{},[118,1116,1117,1120],{},[15,1118,1119],{},"服务少、简单","：比如一个单体应用就两三个接口，上不上网关差别不大，反而增加复杂度。",[118,1122,1123,1126],{},[15,1124,1125],{},"微服务、服务多","：服务一多，没有网关统一管理会很痛苦，网关价值就体现出来了。",[118,1128,1129,1132],{},[15,1130,1131],{},"开放 API","：对外提供 API 的场景，网关几乎是必需品——鉴权、限流、文档、监控都要在网关层做。",[118,1134,1135,1137],{},[15,1136,1110],{},"：APP、小程序、Web、第三方多端接入，网关统一入口能简化接入复杂度。",[23,1139,308],{"id":308},[115,1141,1142,1148,1154,1160],{},[118,1143,1144,1147],{},[15,1145,1146],{},"简单系统上重网关","：就两三个服务的简单系统，非要上 Kong 或 APISIX 这种重网关，属于过度设计，增加运维负担。",[118,1149,1150,1153],{},[15,1151,1152],{},"自己从头开发","：网关是成熟领域，有很多开源和商业产品（Kong、APISIX、云厂商网关），自己从头开发既慢又容易出问题。",[118,1155,1156,1159],{},[15,1157,1158],{},"网关成单点","：网关挂了整个系统就访问不了，必须做高可用部署（多实例、负载均衡）。",[118,1161,1162,1165],{},[15,1163,1164],{},"鉴权还散在各服务","：上了网关但鉴权还在各服务自己做，等于没用上网关的核心价值。",[23,1167,337],{"id":337},[28,1169,1170,1182],{},[31,1171,1172],{},[34,1173,1174,1177,1179],{},[37,1175,1176],{},"方案",[37,1178,349],{},[37,1180,1181],{},"成本量级",[47,1183,1184,1195],{},[34,1185,1186,1189,1192],{},[52,1187,1188],{},"开源\u002F云网关",[52,1190,1191],{},"Kong\u002FAPISIX\u002F云厂商",[52,1193,1194],{},"低到中",[34,1196,1197,1200,1203],{},[52,1198,1199],{},"定制集成",[52,1201,1202],{},"和业务深度集成",[52,1204,1205],{},"中",[11,1207,1208],{},"主流网关产品（Kong、APISIX）开源免费，主要成本是部署运维。云厂商的网关服务（阿里云、腾讯云、AWS）按量计费，用量不大的话成本不高。自己定制集成成本中等，适合有特殊需求的场景。",[23,1210,215],{"id":215},[381,1212,1213,1219,1225,1231],{},[118,1214,1215,1218],{},[15,1216,1217],{},"评估服务数量和复杂度","：服务多、架构复杂才考虑网关。",[118,1220,1221,1224],{},[15,1222,1223],{},"简单系统不一定需要","：两三个服务的单体应用不用上网关。",[118,1226,1227,1230],{},[15,1228,1229],{},"微服务\u002F开放API用网关","：服务多、对外开放的场景，网关价值大。",[118,1232,1233,1236],{},[15,1234,1235],{},"优先成熟产品","：用 Kong、APISIX、云厂商网关，不要自己从头开发。",[396,1238,1239],{},[11,1240,1241],{},"广州市汉诺雷斯（HNREIS）帮企业做系统架构设计，含API网关选型和集成。把你的系统需求告诉我们，我们给出架构建议。",{"title":402,"searchDepth":403,"depth":403,"links":1243},[1244,1245,1253,1254,1255,1256,1257],{"id":878,"depth":403,"text":866},{"id":900,"depth":403,"text":900,"children":1246},[1247,1248,1249,1250,1251,1252],{"id":909,"depth":409,"text":910},{"id":927,"depth":409,"text":928},{"id":945,"depth":409,"text":946},{"id":963,"depth":409,"text":964},{"id":981,"depth":409,"text":982},{"id":999,"depth":409,"text":1000},{"id":1011,"depth":403,"text":1011},{"id":1063,"depth":403,"text":1064},{"id":308,"depth":403,"text":308},{"id":337,"depth":403,"text":337},{"id":215,"depth":403,"text":215},"2024-05-28","API网关是系统的统一入口，负责转发、鉴权、限流和监控。本文用通俗方式讲清API网关是什么、解决什么问题、企业要不要用。",[1261,1264,1267],{"q":1262,"a":1263},"API网关是什么，简单说？","API网关是系统的\"统一前台\"——所有外部请求先到网关，网关再转发到后端服务。它统一处理鉴权、限流、监控、日志这些公共事，后端服务专注业务。类比公司前台，访客先到前台登记再进去。",{"q":1265,"a":1266},"企业一定要用API网关吗？","不一定。系统简单、服务少，不一定需要网关。服务多（微服务）、要统一鉴权限流监控、对外开放API、多端接入时，网关价值大。建议按规模和复杂度选，不要为用而用。",{"q":1268,"a":1269},"API网关要花多少钱？","看方式。用开源\u002F云网关产品（如Kong\u002FAPISIX\u002F云厂商网关）成本较低，按量或自建运维；定制集成成本中等。建议优先用成熟网关产品，而不是自己从头开发。",[1271,1272,1273,1274],"API网关","网关是什么","API管理","微服务网关",{},"\u002Fblog\u002Fcomparison\u002Fapi-wangguan-shi-shenme",{"title":866,"description":1259},{"loc":1276},"blog\u002Fcomparison\u002Fapi-wangguan-shi-shenme",[860,1281,1282],"网关","架构","CInYK4Or6VhknVKica8mjtvcuqr1CPVLRxjpJ0II3Fc",{"id":1285,"title":1286,"author":6,"body":1287,"category":430,"cover":431,"date":1625,"description":1626,"draft":434,"extension":435,"faq":1627,"featured":434,"image":431,"keywords":1637,"meta":1641,"navigation":450,"path":1642,"seo":1643,"sitemap":1644,"stem":1645,"tags":1646,"updated":1625,"__hash__":1648},"blog\u002Fblog\u002Fcomparison\u002Fbanben-kongzhi-git.md","代码版本控制（Git）是什么",{"type":8,"value":1288,"toc":1611},[1289,1296,1299,1303,1306,1312,1318,1324,1328,1332,1335,1345,1349,1352,1362,1366,1369,1383,1387,1397,1401,1469,1472,1475,1481,1487,1493,1499,1501,1519,1521,1524,1571,1574,1577,1603,1606],[11,1290,1291,1292,1295],{},"Git 是开发团队的必备工具，",[15,1293,1294],{},"通俗说是代码的\"时光机\"和\"协作台\"。"," 这篇讲清老板需要了解的。",[11,1297,1298],{},"软件开发是个高度协作的工作——几个甚至几十个开发同时改同一份代码，如果没有版本控制工具，光是\"谁改了什么\"\"怎么合并\"\"改坏了怎么回退\"这些问题就能让团队崩溃。Git 就是为了解决这些问题而生的工具，它已经成为软件开发行业的标准配置。这篇用通俗方式讲清 Git 是什么、为什么开发要用、老板需要关心什么。",[23,1300,1302],{"id":1301},"git是什么","Git是什么",[11,1304,1305],{},"Git 是代码版本控制工具，核心做三件事：",[11,1307,1308,1311],{},[15,1309,1310],{},"记录历史","——代码的每次改动都有记录（谁、什么时候、改了什么），能回到任何历史版本。相当于代码的\"时光机\"，改坏了随时回退。",[11,1313,1314,1317],{},[15,1315,1316],{},"多人协作","——多个开发同时改代码，Git 能自动合并、识别冲突。相当于代码的\"协作台\"，让团队并行开发而不互相踩踏。",[11,1319,1320,1323],{},[15,1321,1322],{},"分支","——从主线分出独立分支，在分支上做新功能，做完再合并回主线。相当于代码的\"平行宇宙\"，多个功能同时开发互不影响。",[23,1325,1327],{"id":1326},"为什么用git","为什么用Git",[111,1329,1331],{"id":1330},"_1-记录历史","1. 记录历史",[11,1333,1334],{},"代码的每一次改动（commit）都有完整记录——谁改的、什么时候改的、改了哪些文件、改了什么内容。这条记录链形成代码的完整历史。",[11,1336,1337,1340,1341,1344],{},[15,1338,1339],{},"改坏了能回退","——新功能改崩了，一条命令就能回到之前的稳定版本，不用从头再来。",[15,1342,1343],{},"知道谁改了什么","——出问题时能追溯到具体是哪次改动引入的 bug、谁改的，便于排查和复盘。历史记录还让代码审计、合规追溯成为可能——金融、医疗等强监管行业对代码变更有审计要求，Git 历史是天然的审计日志。",[111,1346,1348],{"id":1347},"_2-多人协作","2. 多人协作",[11,1350,1351],{},"没有版本控制时，多人改同一份代码要靠\"文件传来传去\"或\"共享文件夹\"，冲突频发、改动丢失、版本混乱。Git 让多人协作规范化——每个人在本地改，改完提交，Git 自动合并或识别冲突。",[11,1353,1354,1357,1358,1361],{},[15,1355,1356],{},"多人同时开发不冲突","——Git 的合并机制能自动合并不同部分的改动，相同部分的冲突会明确标出，让开发者手动解决。",[15,1359,1360],{},"合并代码规范","——通过 pull request（PR）或 merge request（MR）流程，代码合并前要经过 review（代码审查），保证质量。",[111,1363,1365],{"id":1364},"_3-分支","3. 分支",[11,1367,1368],{},"分支是 Git 的杀手级特性。从主线（main\u002Fmaster）分出独立分支，在分支上开发新功能，开发完成、测试通过后再合并回主线。",[11,1370,1371,1374,1375,1378,1379,1382],{},[15,1372,1373],{},"同时做多个功能","——开发 A 做支付功能、开发 B 做用户中心，两人各自在自己的分支上开发，互不影响。",[15,1376,1377],{},"互不影响","——某个功能开发中出了问题，不会污染主线，主线始终保持稳定。",[15,1380,1381],{},"测试稳定再合并","——功能在分支上开发测试，稳定后才合并到主线，主线始终是可发布的状态。",[111,1384,1386],{"id":1385},"_4-备份","4. 备份",[11,1388,1389,1392,1393,1396],{},[15,1390,1391],{},"代码在远程仓库备份","——本地代码 push 到远程仓库（GitHub、GitLab、Gitee），相当于异地备份。本地电脑坏了、丢了，代码还在远程仓库。",[15,1394,1395],{},"不怕丢","——多人协作时每个人都有一份完整副本，任何一份丢失都能从其他人恢复。",[23,1398,1400],{"id":1399},"git-vs-不用版本控制","Git vs 不用版本控制",[28,1402,1403,1415],{},[31,1404,1405],{},[34,1406,1407,1409,1412],{},[37,1408,39],{},[37,1410,1411],{},"Git",[37,1413,1414],{},"不用",[47,1416,1417,1428,1439,1450,1458],{},[34,1418,1419,1422,1425],{},[52,1420,1421],{},"历史",[52,1423,1424],{},"完整记录",[52,1426,1427],{},"没有",[34,1429,1430,1433,1436],{},[52,1431,1432],{},"协作",[52,1434,1435],{},"规范",[52,1437,1438],{},"手动易冲突",[34,1440,1441,1444,1447],{},[52,1442,1443],{},"回退",[52,1445,1446],{},"能",[52,1448,1449],{},"不能",[34,1451,1452,1454,1456],{},[52,1453,1322],{},[52,1455,76],{},[52,1457,1427],{},[34,1459,1460,1463,1466],{},[52,1461,1462],{},"专业性",[52,1464,1465],{},"行业标准",[52,1467,1468],{},"不规范",[11,1470,1471],{},"不用版本控制的开发方式现在已经很少见——连个人开发者都用 Git 管理代码。如果一个开发团队不用 Git，基本可以判断为不规范。",[23,1473,1474],{"id":1474},"老板要了解的",[11,1476,1477,1480],{},[15,1478,1479],{},"规范团队都用 Git","——这是判断开发团队专业性的基本标准。用 Git 意味着团队有规范的开发流程（分支管理、代码审查、持续集成），而不是各自为政。反映专业性。",[11,1482,1483,1486],{},[15,1484,1485],{},"代码资产","——Git 仓库是企业的重要数字资产。仓库里不只是当前代码，还有完整的开发历史、设计决策、问题修复过程。这些是企业知识资产的重要组成部分。",[11,1488,1489,1492],{},[15,1490,1491],{},"源码交付","——服务商交付源码时，Git 仓库（含完整版本记录）是重要资产。只有当前代码没有历史记录，等于丢了开发过程的上下文。规范的源码交付应该包含 Git 仓库。源码含完整版本记录。",[11,1494,1495,1498],{},[15,1496,1497],{},"协作规范","——多人开发有据可查——谁做了什么、什么时候做的、为什么这么做，都有记录。出问题能追溯，避免推诿。",[23,1500,308],{"id":308},[11,1502,1503,1506,1507,1510,1511,1514,1515,1518],{},[15,1504,1505],{},"不用版本控制","——不规范、易丢代码。现在几乎没团队这么做了，但仍有个别服务商交付\"散落的代码文件\"而不是 Git 仓库，要注意。",[15,1508,1509],{},"不提交远程","——只在本地用 Git，不 push 到远程仓库，电脑坏了代码全丢。规范的团队都有远程仓库。",[15,1512,1513],{},"不分分支","——所有改动直接在主线做，功能混在一起乱、出问题难回退。规范团队都有分支策略（如 Git Flow、GitHub Flow）。",[15,1516,1517],{},"不写提交说明","——每次提交不写说明或写\"update\"\"fix\"这种无意义内容，不知道改了什么。规范团队要求写有意义的提交说明。",[23,1520,337],{"id":337},[11,1522,1523],{},"Git 本身免费（开源），成本在团队规范使用：",[28,1525,1526,1537],{},[31,1527,1528],{},[34,1529,1530,1533,1535],{},[37,1531,1532],{},"方面",[37,1534,349],{},[37,1536,701],{},[47,1538,1539,1549,1560],{},[34,1540,1541,1544,1547],{},[52,1542,1543],{},"Git工具",[52,1545,1546],{},"开源免费",[52,1548,163],{},[34,1550,1551,1554,1557],{},[52,1552,1553],{},"托管平台",[52,1555,1556],{},"GitHub\u002FGitLab等",[52,1558,1559],{},"免费\u002F订阅",[34,1561,1562,1565,1568],{},[52,1563,1564],{},"团队规范",[52,1566,1567],{},"培训使用",[52,1569,1570],{},"低",[11,1572,1573],{},"Git 工具完全免费。托管平台有免费档（GitHub 公开仓库免费、GitLab 免费版）和付费档（私有仓库、企业版），按团队规模每月几美元到几十美元。团队规范使用要培训，但 Git 已经是开发行业基础技能，招聘时默认会，培训成本很低。",[23,1575,1576],{"id":1576},"怎么确认团队规范",[381,1578,1579,1585,1591,1597],{},[118,1580,1581,1584],{},[15,1582,1583],{},"确认团队用 Git 管理代码","——这是基本标准。问\"代码在哪个仓库\"\"分支策略是什么\"能快速判断。",[118,1586,1587,1590],{},[15,1588,1589],{},"代码在远程仓库（备份）","——有远程托管（GitHub、GitLab、Gitee 或自建），不只本地。",[118,1592,1593,1596],{},[15,1594,1595],{},"有分支和提交记录","——查看仓库历史，有没有规范的分支、有意义的提交说明、代码审查记录。",[118,1598,1599,1602],{},[15,1600,1601],{},"源码交付含 Git 仓库","——服务商交付时应该交付 Git 仓库（含完整历史），不只是当前代码文件。",[11,1604,1605],{},"按这几点核对，能快速判断开发团队是否规范。规范的 Git 使用是专业开发的基本标志，也是代码资产安全的基本保障。",[396,1607,1608],{},[11,1609,1610],{},"广州市汉诺雷斯（HNREIS）用Git规范管理代码，源码完整交付（含版本记录）。把你的项目需求告诉我们，我们规范交付。",{"title":402,"searchDepth":403,"depth":403,"links":1612},[1613,1614,1620,1621,1622,1623,1624],{"id":1301,"depth":403,"text":1302},{"id":1326,"depth":403,"text":1327,"children":1615},[1616,1617,1618,1619],{"id":1330,"depth":409,"text":1331},{"id":1347,"depth":409,"text":1348},{"id":1364,"depth":409,"text":1365},{"id":1385,"depth":409,"text":1386},{"id":1399,"depth":403,"text":1400},{"id":1474,"depth":403,"text":1474},{"id":308,"depth":403,"text":308},{"id":337,"depth":403,"text":337},{"id":1576,"depth":403,"text":1576},"2024-06-06","Git是代码版本控制工具，记录历史、支持协作和分支。本文用通俗方式讲清Git是什么、为什么开发要用、老板要了解什么。",[1628,1631,1634],{"q":1629,"a":1630},"Git是什么，简单说？","Git是代码版本控制工具，通俗说是代码的\"时光机\"和\"协作台\"——记录每次改动的历史（能回到任何版本）、多人同时改不冲突、支持分支（同时做多个功能）。开发团队用Git管理代码是行业标准。",{"q":1632,"a":1633},"老板为什么要了解Git？","Git关系到代码资产管理和交付。用Git意味着代码有完整历史、多人协作规范、源码可交付（有完整版本记录）。规范的开发团队都用Git，这反映团队专业性。源码交付时Git仓库是重要资产。",{"q":1635,"a":1636},"不用Git会怎样？","不用版本控制，代码改动没记录（改坏了回不去）、多人协作靠手动合并（易冲突丢代码）、没有分支（难同时做多功能）。现在专业开发都用Git，不用版本控制是不规范的表现。",[1411,1638,1639,1640],"版本控制","代码管理","代码版本",{},"\u002Fblog\u002Fcomparison\u002Fbanben-kongzhi-git",{"title":1286,"description":1626},{"loc":1642},"blog\u002Fcomparison\u002Fbanben-kongzhi-git",[1411,1638,1647],"开发","DDOY-P0lE1QLrLUQlE8ZQ8GpIAjcQnAG0lviW8QNo_I",{"id":1650,"title":1651,"author":6,"body":1652,"category":430,"cover":431,"date":2018,"description":2019,"draft":434,"extension":435,"faq":2020,"featured":434,"image":431,"keywords":2030,"meta":2033,"navigation":450,"path":2034,"seo":2035,"sitemap":2036,"stem":2037,"tags":2038,"updated":2018,"__hash__":2041},"blog\u002Fblog\u002Fcomparison\u002Fbendibu-vs-yunduan.md","本地部署和云部署的区别",{"type":8,"value":1653,"toc":1999},[1654,1661,1664,1668,1750,1752,1755,1758,1778,1781,1801,1803,1806,1809,1835,1838,1858,1860,1864,1875,1878,1889,1891,1899,1901,1927,1929,1974,1977,1994],[11,1655,1656,1657,1660],{},"软件部署在自己机房（本地）还是云上？",[15,1658,1659],{},"两者数据位置、成本、运维、弹性不同。"," 这篇讲清区别和选择。",[11,1662,1663],{},"很多企业在做信息化决策时，第一道选择题就是\"上云还是私有化部署\"。这件事看起来只是技术选型，实际上牵涉到数据归属、合规边界、运维投入、长期成本以及未来扩展性。如果一开始选错方向，后期再迁移会付出很大代价——数据迁移、接口改造、业务中断、人员重新培训。所以我们建议在动手之前，把两种方式的本质差异理清楚，再结合自身的数据敏感度、规模和运维能力做选择。",[23,1665,1667],{"id":1666},"本地部署-vs-云部署","本地部署 vs 云部署",[28,1669,1670,1682],{},[31,1671,1672],{},[34,1673,1674,1676,1679],{},[37,1675,39],{},[37,1677,1678],{},"本地部署",[37,1680,1681],{},"云部署",[47,1683,1684,1695,1706,1717,1728,1739],{},[34,1685,1686,1689,1692],{},[52,1687,1688],{},"数据位置",[52,1690,1691],{},"自己机房",[52,1693,1694],{},"云厂商",[34,1696,1697,1700,1703],{},[52,1698,1699],{},"可控性",[52,1701,1702],{},"高",[52,1704,1705],{},"依赖云厂商",[34,1707,1708,1711,1714],{},[52,1709,1710],{},"初期成本",[52,1712,1713],{},"高（买服务器）",[52,1715,1716],{},"低（按需付费）",[34,1718,1719,1722,1725],{},[52,1720,1721],{},"运维",[52,1723,1724],{},"自己负责",[52,1726,1727],{},"云厂商负责部分",[34,1729,1730,1733,1736],{},[52,1731,1732],{},"弹性",[52,1734,1735],{},"难（要买硬件）",[52,1737,1738],{},"强（随时扩容）",[34,1740,1741,1744,1747],{},[52,1742,1743],{},"上线速度",[52,1745,1746],{},"慢",[52,1748,1749],{},"快",[23,1751,1678],{"id":1678},[11,1753,1754],{},"本地部署也叫私有化部署，是把软件连同数据库完整安装在客户自己机房的服务器上，所有数据从产生、存储到流转都在客户自己的硬件和网络环境里。云厂商或其他第三方无法直接访问到这些数据。",[111,1756,1757],{"id":1757},"优势",[115,1759,1760,1766,1772],{},[118,1761,1762,1765],{},[15,1763,1764],{},"数据自主","：数据完全在自己机房，物理上和网络上都可控，敏感行业（金融、政务、医疗、能源、核心商业数据）的合规要求通常通过本地部署满足。",[118,1767,1768,1771],{},[15,1769,1770],{},"完全可控","：不依赖云厂商，不会因为云厂商故障、停服、政策调整影响业务；网络策略、访问权限、加密方式都可以按自己的标准来制定。",[118,1773,1774,1777],{},[15,1775,1776],{},"长期固定成本","：初期一次性投入后，主要成本是电费、机房和运维人员工资，规模上来之后单位成本会被摊薄，长期运营相对划算。",[111,1779,1780],{"id":1780},"劣势",[115,1782,1783,1789,1795],{},[118,1784,1785,1788],{},[15,1786,1787],{},"初期贵","：要买服务器、存储、网络设备，还要准备机房或机柜、UPS、空调、带宽等配套，光硬件投入就是几万到几十万，再加上软件授权和实施，初期门槛较高。",[118,1790,1791,1794],{},[15,1792,1793],{},"要运维","：硬件会坏、系统要打补丁、网络要排查、备份要做、安全要防护，需要专门的运维人员，小企业养一支运维团队成本不低。",[118,1796,1797,1800],{},[15,1798,1799],{},"弹性差","：业务量突然上涨，本地机房很难快速扩容——采购周期、上架、配置都要时间；业务量下降，已买的硬件也退不掉，资源闲置。",[23,1802,1681],{"id":1681},[11,1804,1805],{},"云部署是把软件部署在云厂商提供的服务器上（阿里云、腾讯云、华为云、AWS 等），按使用量付费。硬件、机房、网络、基础安全都由云厂商负责，客户只关注应用本身。",[111,1807,1757],{"id":1808},"优势-1",[115,1810,1811,1817,1823,1829],{},[118,1812,1813,1816],{},[15,1814,1815],{},"初期便宜","：按需付费，不用一次性买服务器，一台云主机从几十元到几百元每月起步，小企业或初创项目几乎零门槛。",[118,1818,1819,1822],{},[15,1820,1821],{},"省运维","：云厂商负责硬件、网络、机房、基础安全，客户只需要关注应用配置和数据，运维压力大幅下降，小团队也能跑稳生产环境。",[118,1824,1825,1828],{},[15,1826,1827],{},"弹性强","：业务高峰可以临时扩容（加机器、加带宽、加存储），低谷再缩容，按实际用量结算，特别适合季节性、活动型、流量波动大的业务。",[118,1830,1831,1834],{},[15,1832,1833],{},"上线快","：开通云主机几分钟，配合容器化部署可以做到当天开服、当天上线，对快速验证、敏捷迭代非常友好。",[111,1836,1780],{"id":1837},"劣势-1",[115,1839,1840,1846,1852],{},[118,1841,1842,1845],{},[15,1843,1844],{},"数据在云","：数据物理上存在云厂商机房，依赖云厂商的安全能力和商业稳定性，敏感行业和强合规场景需要谨慎评估。",[118,1847,1848,1851],{},[15,1849,1850],{},"持续付费","：云资源按月或按年计费，长期累积下来可能比一次性买硬件更贵，规模越大、运行越久越明显。",[118,1853,1854,1857],{},[15,1855,1856],{},"合规限制","：部分行业（金融、政务、医疗、关键信息基础设施）的数据不允许上公有云，或只能上指定云、政务云、行业云。",[23,1859,215],{"id":215},[111,1861,1863],{"id":1862},"选本地私有化","选本地（私有化）",[115,1865,1866,1869,1872],{},[118,1867,1868],{},"数据高度敏感，比如金融交易、政务数据、医疗档案、核心商业数据、客户隐私。",[118,1870,1871],{},"要完全自主可控，对外部依赖、对供应商锁定特别敏感。",[118,1873,1874],{},"规模大、长期固定负载，本地部署的总账算下来比持续上云更划算。",[111,1876,1877],{"id":1877},"选云",[115,1879,1880,1883,1886],{},[118,1881,1882],{},"数据不敏感，或合规允许上云，希望轻装上阵。",[118,1884,1885],{},"业务有明显弹性，需要快速扩容、缩容，或处于快速验证阶段。",[118,1887,1888],{},"中小规模，没有专业的运维团队，希望把硬件和网络都外包出去。",[111,1890,246],{"id":246},[115,1892,1893,1896],{},[118,1894,1895],{},"敏感数据放本地（如核心交易、客户隐私），一般业务上云（如官网、营销、内部办公）。",[118,1897,1898],{},"通过专线、VPN、API 网关打通，做到\"敏感在内、弹性在外\"，是很多中大型企业的主流选择。",[23,1900,308],{"id":308},[115,1902,1903,1909,1915,1921],{},[118,1904,1905,1908],{},[15,1906,1907],{},"敏感数据上云","：忽视合规要求把不该上云的数据放公有云，可能面临监管处罚、整改甚至停业。",[118,1910,1911,1914],{},[15,1912,1913],{},"小规模本地部署","：业务量不大却硬上私有化，硬件折旧和运维成本根本摊不开，反而比上云贵。",[118,1916,1917,1920],{},[15,1918,1919],{},"只比单价不算总账","：云单价便宜不等于长期便宜，本地初期贵不等于长期贵，要按 3 年、5 年总成本（TCO）来算。",[118,1922,1923,1926],{},[15,1924,1925],{},"忽视云持续费用","：带宽、存储、CDN、增值服务都会按月累计，业务量起来后账单会快速上涨。",[23,1928,337],{"id":337},[28,1930,1931,1941],{},[31,1932,1933],{},[34,1934,1935,1937,1939],{},[37,1936,346],{},[37,1938,349],{},[37,1940,352],{},[47,1942,1943,1954,1965],{},[34,1944,1945,1948,1951],{},[52,1946,1947],{},"本地",[52,1949,1950],{},"服务器+机房+运维",[52,1952,1953],{},"初期高，长期固定",[34,1955,1956,1959,1962],{},[52,1957,1958],{},"云",[52,1960,1961],{},"按需付费",[52,1963,1964],{},"初期低，持续",[34,1966,1967,1969,1972],{},[52,1968,246],{},[52,1970,1971],{},"敏感本地+一般云",[52,1973,1205],{},[23,1975,215],{"id":1976},"怎么选-1",[381,1978,1979,1982,1985,1988,1991],{},[118,1980,1981],{},"评估数据敏感度——是否涉及个人信息、重要数据、行业强合规。",[118,1983,1984],{},"评估规模和弹性需求——是稳定负载还是波动剧烈。",[118,1986,1987],{},"算总账（初期 + 长期 3-5 年），不只看月费。",[118,1989,1990],{},"评估运维能力——有没有专门的运维团队。",[118,1992,1993],{},"按需求选本地 \u002F 云 \u002F 混合，必要时分数据域分别部署。",[396,1995,1996],{},[11,1997,1998],{},"广州市汉诺雷斯（HNREIS）帮企业做部署方案，从云部署到本地私有化，按数据合规和成本需求选。把你的部署需求告诉我们，我们给出建议。",{"title":402,"searchDepth":403,"depth":403,"links":2000},[2001,2002,2006,2010,2015,2016,2017],{"id":1666,"depth":403,"text":1667},{"id":1678,"depth":403,"text":1678,"children":2003},[2004,2005],{"id":1757,"depth":409,"text":1757},{"id":1780,"depth":409,"text":1780},{"id":1681,"depth":403,"text":1681,"children":2007},[2008,2009],{"id":1808,"depth":409,"text":1757},{"id":1837,"depth":409,"text":1780},{"id":215,"depth":403,"text":215,"children":2011},[2012,2013,2014],{"id":1862,"depth":409,"text":1863},{"id":1877,"depth":409,"text":1877},{"id":246,"depth":409,"text":246},{"id":308,"depth":403,"text":308},{"id":337,"depth":403,"text":337},{"id":1976,"depth":403,"text":215},"2024-06-18","软件可以部署在自己机房（本地）或云上，两者数据、成本、运维和弹性不同。本文讲清本地部署和云部署的区别和选择。",[2021,2024,2027],{"q":2022,"a":2023},"本地部署和云部署什么区别？","本地部署是软件装在自己机房的服务器上，数据在自己手里，可控但要自己买服务器和维护；云部署是装在云服务器上（阿里云\u002F腾讯云等），不用买服务器、弹性扩容、按需付费，但数据在云厂商。核心区别在数据位置和运维责任。",{"q":2025,"a":2026},"企业该选本地还是云？","看数据敏感度和需求。数据高度敏感、要完全自主（金融\u002F政务\u002F核心商业数据），选本地（私有化）；要弹性、省运维、快速上线，选云。很多企业混合——敏感本地、一般云。建议按数据合规和成本需求选。",{"q":2028,"a":2029},"本地部署比云贵吗？","看规模。本地部署要一次性买服务器（几万到几十万）+持续电费机房运维，初期贵但量大后固定；云部署按需付费，初期便宜但长期持续付费，量大可能累积贵。要算总账，不是简单比单价。",[1678,1681,2031,2032],"部署方式","私有化部署",{},"\u002Fblog\u002Fcomparison\u002Fbendibu-vs-yunduan",{"title":1651,"description":2019},{"loc":2034},"blog\u002Fcomparison\u002Fbendibu-vs-yunduan",[2039,1958,2040],"部署","选型","2aw6C_2og_Eq04KLDnHPhU-NwU6cTqAJMhy_gQJj7tc",1781688909408]