A karshe Mun kalli ainihin abubuwan da ke cikin Sabis Mesh Istio, mun saba da tsarin kuma mun amsa manyan tambayoyin da galibi ke tashi yayin fara aiki tare da Istio. A wannan bangare za mu duba yadda ake tsara tarin bayanan ganowa ta hanyar sadarwa.
Abu na farko da ke zuwa hankali ga yawancin masu haɓakawa da masu gudanar da tsarin lokacin da suka ji kalmomin Sabis ɗin Sabis yana ganowa. Lallai, muna ƙara sabar wakili na musamman zuwa kowace kumburin hanyar sadarwa wanda duk zirga-zirgar TCP ke wucewa. Da alama yanzu yana yiwuwa a sauƙaƙe aikawa da bayanai game da duk hulɗar cibiyar sadarwa akan hanyar sadarwar. Abin takaici, a gaskiya akwai nuances da yawa waɗanda ke buƙatar la'akari da su. Mu duba su.
Lambar kuskure ta ɗaya: za mu iya samun bayanan tafiya ta kan layi kyauta.
A zahiri, don in mun gwada da kyauta, kawai za mu iya samun nodes na tsarin mu da aka haɗa ta kibau da ƙimar bayanan da ke wucewa tsakanin sabis (a zahiri, adadin bytes ne kawai a cikin raka'a na lokaci). Koyaya, a mafi yawan lokuta, sabis ɗinmu suna sadarwa akan wasu nau'ikan ƙa'idar Layer na aikace-aikacen, kamar HTTP, gRPC, Redis, da sauransu. Kuma, ba shakka, muna son ganin gano bayanan musamman don waɗannan ka'idoji; muna son ganin ƙimar buƙatun, ba ƙimar bayanai ba. Muna son fahimtar latency na buƙatun ta amfani da ka'idar mu. A ƙarshe, muna son ganin cikakken hanyar da buƙatun ke ɗauka daga shiga cikin tsarin mu zuwa karɓar amsa daga mai amfani. Wannan matsalar ba ta da sauƙin warwarewa.
Da farko, bari mu kalli yadda aika tazara ya yi kama daga mahangar gine-gine a Istio. Kamar yadda muke tunawa daga kashi na farko, Istio yana da wani sashi daban da ake kira Mixer don tattara telemetry. Koyaya, a cikin nau'in 1.0.* na yanzu, ana aika aikawa kai tsaye daga sabar wakili, wato daga wakili. Wakili wakili yana goyan bayan aika tazarar bincike ta amfani da ka'idar zipkin daga cikin akwatin. Yana yiwuwa a haɗa wasu ladabi, amma ta hanyar plugin. Tare da Istio nan da nan muna samun haɗe-haɗe kuma daidaitacce wakili, wanda kawai ke goyan bayan ka'idar zipkin. Idan muna so mu yi amfani da, alal misali, ka'idar Jaeger da aika tazara ta hanyar UDP, to za mu buƙaci gina namu hoton istio-proxy. Akwai goyan baya ga plugins na al'ada don istio-proxy, amma har yanzu yana cikin sigar alpha. Sabili da haka, idan muna so mu yi ba tare da adadi mai yawa na saitunan al'ada ba, an rage kewayon fasahar da ake amfani da su don adanawa da karɓar abubuwan ganowa. Daga cikin manyan tsarin, a gaskiya, yanzu zaka iya amfani da Zipkin kanta, ko Jaeger, amma aika duk abin da ke wurin ta amfani da ka'idar zipkin da ta dace (wanda ba shi da inganci). Ka'idar zipkin kanta ta ƙunshi aika duk bayanan ganowa ga masu tarawa ta hanyar ka'idar HTTP, wanda ke da tsada sosai.
Kamar yadda na fada a baya, muna son gano ka'idojin matakin aikace-aikace. Wannan yana nufin cewa uwar garken wakili da ke tsaye kusa da kowane sabis dole ne su fahimci irin hulɗar da ke faruwa a yanzu. Ta hanyar tsoho, Istio yana saita duk tashoshin jiragen ruwa don zama TCP a sarari, wanda ke nufin ba za a aika da alamar ba. Domin a aika da alamun, dole ne, da farko, kunna wannan zaɓi a cikin babban saitin raga kuma, abin da ke da mahimmanci, suna duk tashar jiragen ruwa na ƙungiyoyin sabis na kubernetes daidai da ka'idar da aka yi amfani da ita a cikin sabis ɗin. Wato, alal misali, kamar haka:
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
ports:
- port: 80
targetPort: 80
name: http
selector:
app: nginxHakanan zaka iya amfani da sunaye masu yawa kamar http-magic (Istio zai ga http kuma ya gane tashar tashar a matsayin ƙarshen http). Tsarin shine: proto-extra.
Don kar a daidaita adadi mai yawa na jeri don tantance ƙa'idar, zaku iya amfani da ƙazantaccen aikin aiki: facin ɓangaren Pilot a lokacin da yake kawai. . A ƙarshe, ba shakka, zai zama dole don canza wannan dabarar zuwa daidaitattun kuma canza zuwa yarjejeniyar suna ga duk tashar jiragen ruwa.
Don fahimtar ko da gaske an ayyana ƙa'idar daidai, kuna buƙatar shiga cikin kowane kwantena na gefe tare da wakili na wakili kuma ku yi buƙatu zuwa tashar tashar tashar tashar jigilar manzo tare da wurin /config_dump. A cikin saitunan da aka samo, kuna buƙatar duba filin aiki na sabis ɗin da ake so. Ana amfani da shi a cikin Istio azaman mai ganowa ga inda aka yi buƙatar. Don keɓance ƙimar wannan siga a cikin Istio (za mu gan ta a cikin tsarin gano mu), dole ne a ƙirƙiri tutar gungu na sabis a matakin ƙaddamar da akwati na gefe. Misali, ana iya ƙididdige shi kamar haka daga masu canji da aka samu daga kubernetes API na ƙasa:
--serviceCluster ${POD_NAMESPACE}.$(echo ${POD_NAME} | sed -e 's/-[a-z0-9]*-[a-z0-9]*$//g')
Kyakkyawan misali don fahimtar yadda bincike ke aiki a cikin manzo shine .
Dole ne kuma a keɓance wurin ƙarshe da kanta don aika tazara a cikin tutocin ƙaddamar da wakili, misali: --zipkinAddress tracing-collector.tracing:9411
Kuskuren lamba na biyu: za mu iya samun cikakkiyar buƙatu cikin araha ta hanyar tsarin daga cikin akwatin
Abin takaici, ba haka ba ne. Matsalolin aiwatarwa ya dogara da yadda kuka riga kuka aiwatar da hulɗar ayyuka. Me yasa haka?
Gaskiyar ita ce don istio-proxy ya sami damar fahimtar wasiƙun buƙatun masu shigowa zuwa sabis tare da waɗanda ke barin sabis ɗaya, bai isa kawai kutse duk zirga-zirgar ababen hawa ba. Kuna buƙatar samun wani nau'in ganowar sadarwa. Wakilin wakili na HTTP yana amfani da kanun labarai na musamman, ta inda manzo ya fahimci wane takamaiman buƙatar sabis ɗin ke haifar da takamaiman buƙatun ga wasu ayyuka. Jerin irin waɗannan kanun labarai:
- x-request-id
- x-b3-saba,
- x-b3-spaniya,
- x-b3-iyaye,
- x-b3-samfur,
- x-b3 - tutoci,
- x-ot-span-yanayin.
Idan kana da batu guda ɗaya, alal misali, abokin ciniki na asali, wanda zaka iya ƙara irin wannan ma'ana, to duk abin yana da kyau, kawai kuna buƙatar jira don sabunta wannan ɗakin karatu ga duk abokan ciniki. Amma idan kuna da tsarin daban-daban kuma babu haɗin kai a cikin ƙaura daga sabis zuwa sabis akan hanyar sadarwar, to wannan zai iya zama babbar matsala. Ba tare da ƙara irin wannan dabaru ba, duk bayanan ganowa za su kasance “mataki ɗaya ne kawai”. Wato, za mu karɓi duk hulɗar tsakanin sabis, amma ba za a manne su cikin sarƙoƙi guda ɗaya ta hanyar hanyar sadarwa ba.
ƙarshe
Istio yana ba da kayan aiki mai dacewa don tattara bayanan ganowa akan hanyar sadarwa, amma dole ne ku fahimci cewa don aiwatarwa kuna buƙatar daidaita tsarin ku kuma kuyi la'akari da fasalulluka na aiwatar da Istio. A sakamakon haka, ana buƙatar warware manyan batutuwa guda biyu: ayyana ƙa'idar matakin aikace-aikacen (wanda dole ne a sami goyan bayan wakili) da kuma saita isar da bayanai game da haɗin buƙatun zuwa sabis daga buƙatun sabis ɗin (ta amfani da kanun labarai). , a cikin yanayin ka'idar HTTP). Lokacin da aka warware waɗannan batutuwa, muna da kayan aiki mai ƙarfi wanda ke ba mu damar tattara bayanai a bayyane daga hanyar sadarwar, har ma a cikin nau'ikan tsarin da aka rubuta a cikin harsuna da tsarin daban-daban.
A cikin labarin na gaba game da Sabis ɗin Sabis, za mu kalli ɗayan manyan matsaloli tare da Istio - yawan amfani da RAM ta kowane akwati wakili na gefe kuma ku tattauna yadda zaku iya magance shi.
source: www.habr.com