Yayin da muke matsawa daga aikace-aikacen monolithic zuwa ƙirar microservices, muna fuskantar sabbin ƙalubale.
A cikin aikace-aikacen monolithic, yawanci yana da sauƙi a tantance wane ɓangaren tsarin kuskuren ya faru. Mafi mahimmanci, matsalar tana cikin lambar monolith kanta, ko a cikin bayanan bayanai. Amma lokacin da muka fara neman matsala a cikin gine-ginen microservice, komai ba a bayyane yake ba. Muna buƙatar nemo duk hanyar da buƙatar ta ɗauka daga farko zuwa ƙarshe kuma mu zaɓi ta daga ɗaruruwan microservices. Bugu da ƙari, da yawa daga cikinsu kuma suna da nasu wuraren ajiya, wanda kuma zai iya haifar da kurakurai masu ma'ana, da kuma matsalolin aiki da rashin haƙuri.
Na daɗe ina neman kayan aiki wanda zai taimaka wajen magance irin waɗannan matsalolin (Na rubuta game da wannan akan Habré: , ), amma a ƙarshe na yi kaina buɗaɗɗen mafita. A cikin wannan labarin na yi magana game da fa'idodin tsarin haɗin gwiwar sabis da raba sabon kayan aiki don aiwatarwa.
Binciken da aka rarraba shine maganin gama gari ga matsalar gano kurakurai a cikin tsarin da aka rarraba. Amma idan har yanzu ba a aiwatar da wannan hanyar tattara bayanai game da hulɗar sadarwar ba a cikin tsarin, ko kuma, mafi muni, a wani ɓangare na tsarin ya riga ya yi aiki yadda ya kamata, amma a wani ɓangare bai yi ba, tunda ba a ƙara shi cikin tsoffin ayyuka ba. ? Don sanin ainihin tushen matsalar, ya zama dole a sami cikakken hoto na abin da ke faruwa a cikin tsarin. Yana da mahimmanci musamman a fahimci waɗanne ƙananan sabis ne ke da hannu a mahimman hanyoyin kasuwanci-masu mahimmanci.
Anan tsarin layin sabis zai iya zuwa ga taimakonmu, wanda zai magance duk injina don tattara bayanan cibiyar sadarwa a matakin ƙasa da ayyukan da kansu ke aiki. Wannan hanya tana ba mu damar tsangwama duk zirga-zirgar zirga-zirgar zirga-zirga kuma mu bincika ta kan tashi. Bugu da ƙari, aikace-aikace ba su ma san wani abu game da shi ba.
Hanyar layin sabis
Babban ra'ayin tsarin layin sabis shine ƙara wani kayan aikin kayan aiki akan hanyar sadarwar, wanda zai ba mu damar yin kowane abu tare da hulɗar tsakanin sabis. Yawancin aiwatarwa suna aiki kamar haka: an ƙara ƙarin akwati na gefen gefe tare da wakili na gaskiya ga kowane microservice, ta inda duk zirga-zirgar zirga-zirgar sabis da masu fita ke wucewa. Kuma wannan shine ainihin wurin da za mu iya yin daidaitawar abokin ciniki, amfani da manufofin tsaro, sanya ƙuntatawa akan adadin buƙatun da tattara mahimman bayanai game da hulɗar ayyuka a cikin samarwa.
Magani
Akwai dama aiwatar da wannan hanyar: и . Suna samar da fasali da yawa daga cikin akwatin. Amma a lokaci guda, ana samun babban ci gaba a kan albarkatun. Bugu da ƙari, girman gungu wanda irin wannan tsarin ke aiki, za a buƙaci ƙarin albarkatun don kula da sababbin abubuwan more rayuwa. A Avito, muna aiki da gungu na kubernetes waɗanda suka ƙunshi dubban lokuta sabis (kuma adadinsu yana ci gaba da girma cikin sauri). A cikin aiwatar da shi na yanzu, Istio yana cinye ~ 300Mb na RAM ta misali sabis. Saboda ɗimbin damammaki, daidaiton gaskiya shima yana shafar lokacin amsa gabaɗayan sabis (har zuwa 10ms).
A sakamakon haka, mun duba ainihin irin ƙarfin da muke buƙata a yanzu, kuma mun yanke shawarar cewa babban dalilin da ya sa muka fara aiwatar da irin waɗannan hanyoyin shine ikon tattara bayanan ganowa daga dukkan tsarin a bayyane. Mun kuma so mu sami iko kan hulɗar ayyuka da yin magudi daban-daban tare da kanun labarai waɗanda ake canjawa wuri tsakanin sabis.
A sakamakon haka, mun zo ga shawararmu: .
Netramesh
mafita ce mai sauƙi na sabis ɗin sabis mai nauyi tare da ikon iya ƙima mara iyaka, ba tare da la'akari da adadin sabis ɗin da ke cikin tsarin ba.
Babban makasudin sabon mafita shine ƙarancin albarkatun ƙasa da babban aiki. Daga cikin manyan fasalulluka, nan da nan muna son samun damar aika tazara a bayyane zuwa tsarin Jaeger ɗin mu.
A yau, yawancin mafitacin girgije ana aiwatar da su a Golang. Kuma, ba shakka, akwai dalilai na wannan. Rubutun aikace-aikacen cibiyar sadarwa a cikin Golang waɗanda ke aiki tare tare da I/O da sikelin ma'auni kamar yadda ake buƙata ya dace kuma mai sauƙi. Kuma, abin da yake da mahimmanci, aikin ya isa ya magance wannan matsala. Shi ya sa ma muka zabi Golang.
Yawan aiki
Mun mayar da hankali kan ƙoƙarinmu don cimma iyakar yawan aiki. Don mafita da aka tura kusa da kowane misali na sabis, ana buƙatar ƙaramin amfani na RAM da lokacin CPU. Kuma, ba shakka, jinkirin amsa ya kamata kuma ya zama kaɗan.
Bari mu ga sakamakon da muka samu.
RAM
Netramesh yana cinye ~ 10Mb ba tare da zirga-zirga ba kuma mafi girman 50Mb tare da nauyin har zuwa 10000 RPS a kowane misali.
Wakilin wakilin Istio koyaushe yana cinye ~ 300Mb a cikin rukunin mu tare da dubban lokuta. Wannan baya ƙyale a miƙe shi zuwa ga duka tari.
Tare da Netramesh mun sami raguwa ~ 10x a cikin amfani da ƙwaƙwalwa.
CPU
Amfanin CPU yayi daidai a ƙarƙashin kaya. Ya dogara da adadin buƙatun kowane raka'a na lokaci zuwa motar gefe. Ƙimar a buƙatun 3000 a sakan daya a kololuwa:
Akwai wani muhimmin batu: Netramesh - bayani ba tare da jirgin sama mai sarrafawa ba kuma ba tare da kaya ba ya cinye lokacin CPU. Tare da Istio, motocin gefe koyaushe suna sabunta wuraren ƙarshen sabis. A sakamakon haka, muna iya ganin wannan hoton ba tare da kaya ba:
Muna amfani da HTTP/1 don sadarwa tsakanin ayyuka. Haɓaka lokacin amsawa na Istio lokacin da wakili ta hanyar wakili ya kai 5-10ms, wanda yayi yawa ga ayyukan da ke shirye su amsa a cikin millisecond. Tare da Netramesh wannan lokacin ya ragu zuwa 0.5-2ms.
Ƙimar ƙarfi
Ƙananan adadin albarkatun da kowane wakili ke cinyewa yana ba da damar sanya shi kusa da kowane sabis. Netramesh an ƙirƙira shi da gangan ba tare da sashin sarrafa jirgin ba don kawai kiyaye kowane motar gefe mara nauyi. Sau da yawa a cikin hanyoyin samar da ragamar sabis, jirgin sarrafawa yana rarraba bayanan gano sabis ga kowane motar gefe. Tare da shi ya zo da bayani game da ficewar lokaci da daidaita saitunan. Duk wannan yana ba ku damar yin abubuwa masu amfani da yawa, amma, da rashin alheri, yana lalata sidecars a girman.
Gano sabis
Netramesh baya ƙara wasu ƙarin hanyoyin gano sabis. Dukkan zirga-zirgar ababen hawa ana yin su ne a bayyane ta hanyar motar sidecar netra.
Netramesh yana goyan bayan ka'idar aikace-aikacen HTTP/1. Don ayyana shi, ana amfani da jerin mashigai masu daidaitawa. Yawanci, tsarin yana da tashoshin jiragen ruwa da yawa waɗanda ta hanyar sadarwar HTTP ke faruwa. Misali, muna amfani da 80, 8890, 8080 don hulɗa tsakanin sabis da buƙatun waje. A wannan yanayin, ana iya saita su ta amfani da canjin yanayi. NETRA_HTTP_PORTS.
Idan kun yi amfani da Kubernetes azaman mawaƙa da tsarin mahallin Sabis ɗin don sadarwa tsakanin sabis, to tsarin ya kasance daidai ɗaya. Da farko, microservice yana samun adireshin IP na sabis ta amfani da kube-dns kuma yana buɗe sabon haɗi zuwa gare shi. An fara kafa wannan haɗin tare da motar netra-sidecar na gida kuma duk fakitin TCP da farko sun isa netra. Na gaba, netra-sidecar yana kafa haɗi tare da ainihin inda ake nufi. NAT akan kwasfa IP akan kumburi ya kasance daidai da ba tare da netra ba.
Rarraba ganowa da tura mahallin mahallin
Netramesh yana ba da ayyukan da ake buƙata don aika tazarar bincike game da hulɗar HTTP. Netra-sidecar yana fayyace ka'idar HTTP, matakan buƙatar jinkiri, da kuma fitar da mahimman bayanai daga masu kai HTTP. Daga qarshe, muna samun dukkan alamu a cikin tsarin Jaeger guda ɗaya. Don ingantaccen tsari, Hakanan zaka iya amfani da masu canjin yanayi wanda ɗakin karatu na hukuma ya bayar .
Amma akwai matsala. Har sai sabis ɗin ya haifar da aika babban kan uber na musamman, ba za mu ga tazarar gano abubuwan da aka haɗa a cikin tsarin ba. Kuma wannan shine abin da muke buƙatar gaggawa don gano dalilin matsalolin. Anan kuma Netramesh yana da mafita. Proxies suna karanta rubutun HTTP kuma, idan basu ƙunshi uber trace id ba, suna samar da ɗaya. Netramesh kuma yana adana bayanai game da buƙatun masu shigowa da masu fita a cikin motar gefe kuma yana daidaita su ta hanyar wadatar da su da mahimman kan buƙatun masu fita. Duk abin da kuke buƙatar yi a cikin ayyukan shine aika da rubutu guda ɗaya kawai X-Request-Id, wanda za'a iya daidaita shi ta amfani da canjin yanayi NETRA_HTTP_REQUEST_ID_HEADER_NAME. Don sarrafa girman mahallin a cikin Netramesh, zaku iya saita masu canjin yanayi masu zuwa: NETRA_TRACING_CONTEXT_EXPIRATION_MILLISECONDS (lokacin da za a adana mahallin) da NETRA_TRACING_CONTEXT_CLEANUP_INTERVAL (yawan tsaftace mahallin).
Hakanan yana yiwuwa a haɗa hanyoyi da yawa akan tsarin ku ta hanyar yiwa su alama tare da alamar zama na musamman. Netra yana ba ku damar shigarwa HTTP_HEADER_TAG_MAP don juyar da kanun HTTP zuwa alamar tazara mai dacewa. Wannan na iya zama da amfani musamman don gwaji. Bayan ƙetare gwajin aikin, zaku iya ganin wane ɓangaren tsarin ya shafa ta hanyar tacewa ta maɓalli mai dacewa.
Ƙayyade tushen Buƙatun
Don tantance inda buƙatun ya fito, zaku iya amfani da aikin ƙara rubutun kai tsaye tare da tushen. Amfani da canjin yanayi NETRA_HTTP_X_SOURCE_HEADER_NAME Za ka iya saka sunan taken da za a shigar ta atomatik. Ta amfani NETRA_HTTP_X_SOURCE_VALUE za ka iya saita ƙimar da za a saita taken X-Source don duk buƙatun masu fita.
Wannan yana ba da damar rarraba wannan rubutun mai amfani don rarraba daidai gwargwado a cikin hanyar sadarwa. Sa'an nan kuma za ku iya amfani da shi a cikin ayyuka kuma ku ƙara shi zuwa ma'auni da ma'auni.
Hanyar zirga-zirgar ababen hawa da na cikin gida na Netramesh
Netramesh ya ƙunshi manyan abubuwa guda biyu. Na farko, netra-init, yana tsara dokokin hanyar sadarwa don katse zirga-zirga. Yana amfani don katse duk ko ɓangaren zirga-zirgar ababen hawa a gefen mota, wanda shine babban sashi na biyu na Netramesh. Kuna iya saita waɗanne tashoshin jiragen ruwa ne ake buƙatar katsewa don zaman TCP masu shigowa da masu fita: INBOUND_INTERCEPT_PORTS, OUTBOUND_INTERCEPT_PORTS.
Har ila yau, kayan aiki yana da fasali mai ban sha'awa - mai yuwuwar kwatance. Idan kuna amfani da Netramesh na musamman don tattara abubuwan ganowa, to, a cikin yanayin samarwa zaku iya adana albarkatu kuma ku ba da damar yin amfani da hanyoyin ta hanyar amfani da masu canji. NETRA_INBOUND_PROBABILITY и NETRA_OUTBOUND_PROBABILITY (daga 0 zuwa 1). Tsohuwar ƙimar ita ce 1 (dukkan zirga-zirga an katse shi).
Bayan nasarar tsangwama, netra sidecar yana karɓar sabon haɗin da amfani SO_ORIGINAL_DST zaɓin soket don samun asalin inda ake nufi. Netra ya buɗe sabon haɗi zuwa adireshin IP na asali kuma ya kafa hanyar sadarwa ta TCP tsakanin bangarorin, sauraron duk zirga-zirgar da ke wucewa. Idan an ayyana tashar jiragen ruwa a matsayin HTTP, Netra yana ƙoƙarin tantancewa da gano ta. Idan fassarar HTTP ta gaza, Netra ya koma TCP kuma yana ba da izini a bayyane.
Gina jadawalin dogaro
Bayan samun babban adadin bayanan ganowa a cikin Jaeger, Ina so in sami cikakken jadawali na hulɗar a cikin tsarin. Amma idan tsarin ku yana da nauyi sosai kuma biliyoyin bincike suna taruwa kowace rana, haɗa su ba abu mai sauƙi bane. Akwai wata hanya ta hukuma don yin hakan: . Koyaya, zai ɗauki sa'o'i don gina cikakken hoto kuma zai tilasta muku zazzage duk bayanan daga Jaeger tsawon awanni XNUMX da suka gabata.
Idan kana amfani da Elasticsearch don adana tazarar bincike, zaka iya amfani , wanda zai gina jadawali ɗaya a cikin mintuna ta amfani da fasali da iyawar Elasticsearch.
Yadda ake amfani da Netramesh
Ana iya ƙara Netra cikin sauƙi ga kowane sabis da ke tafiyar da kowane mawaƙa. Kuna iya ganin misali .
A halin yanzu, Netra ba shi da ikon aiwatar da motocin gefe zuwa sabis, amma akwai shirye-shiryen aiwatarwa.
Makomar Netramesh
babban burin shine don cimma ƙarancin farashi na albarkatu da babban aiki, samar da damar asali don lura da sarrafa sadarwa tsakanin sabis.
A nan gaba, Netramesh zai goyi bayan wasu ka'idojin Layer na aikace-aikacen ban da HTTP. Za a sami hanyar layin L7 nan gaba.
Yi amfani da Netramesh idan kuna fuskantar matsaloli iri ɗaya kuma ku rubuto mana tambayoyi da shawarwari.
source: www.habr.com