Nco tseg. txhais.: Cov kev pabcuam meshes tau dhau los ua lub ntsiab lus kub hauv cov txheej txheem niaj hnub no rau kev siv tom qab microservice architecture. Thaum Istio tuaj yeem nyob ntawm radar ntawm ntau DevOps engineers, nws yog ib yam khoom tshiab uas, thaum nyuaj ntawm cov yam ntxwv nws muab, tuaj yeem siv sijhawm ntau los paub. Tus kws tshaj lij German Rinor Maloku, uas yog tus saib xyuas huab cua rau cov neeg siv khoom loj ntawm lub tuam txhab kev sib txuas lus Orange Networks, tau sau cov ntaub ntawv zoo heev uas tso cai rau koj mus rau Istio sai thiab tob tob. Nws pib nws zaj dab neeg nrog Istio tuaj yeem ua li cas thiab koj tuaj yeem pom sai sai ntawm koj lub qhov muag.
Istio - Qhib Source-project, tsim los ntawm kev koom tes nrog pab pawg los ntawm Google, IBM thiab Lyft. Nws daws qhov nyuaj uas tshwm sim hauv daim ntawv thov raws li microservices, piv txwv li, xws li:
- tswj kev khiav tsheb: timeouts, retry, load balancing;
- Kev ruaj ntseg: end user authentication thiab tso cai;
- kev soj ntsuam: tracing, saib xyuas, kaw.
Tag nrho cov ntawm lawv tuaj yeem daws tau ntawm daim ntawv thov, tab sis tom qab ntawd koj cov kev pabcuam yuav tsis yog "micro". Txhua qhov kev siv zog ntxiv los daws cov teeb meem no yog pov tseg ntawm tuam txhab peev txheej uas tuaj yeem siv ncaj qha rau kev lag luam tus nqi. Xav txog ib qho piv txwv:
Tus Thawj Saib Xyuas Haujlwm: Nws siv sijhawm ntev npaum li cas txhawm rau ntxiv cov lus tawm tswv yim?
Tus tsim tawm: Ob sprints.MP: Dab tsi?.. Nws yog CRUD xwb!
R: Ua CRUD yog qhov yooj yim ntawm txoj haujlwm, tab sis peb tseem yuav tsum tau lees paub thiab tso cai rau cov neeg siv thiab cov kev pabcuam. Txij li thaum lub network tsis muaj kev ntseeg siab, koj yuav tsum tau ua raws li kev thov rov ua dua, nrog rau hauv cov neeg siv khoom. Tsis tas li ntawd, kom paub tseeb tias tag nrho cov system tsis tsoo, timeouts thiab (Saib tom qab hauv tsab xov xwm kom paub meej ntxiv ntawm ob tus qauv hais.), thiab txhawm rau txheeb xyuas cov teeb meem, saib xyuas, taug qab, [β¦]MP: Huag, cia li muab cov yeeb yam no tso rau hauv Cov Khoom Pabcuam tom qab ntawd.
Kuv xav tias lub tswv yim yog qhov tseeb: tus nqi ntawm cov kauj ruam thiab kev siv zog yuav tsum tau ntxiv rau ib qho kev pabcuam loj heev. Hauv tsab xov xwm no, peb yuav saib yuav ua li cas Istio tshem tawm tag nrho cov kev nyuaj uas tau hais los saum toj no (tsis yog tsom los ntawm kev lag luam logic) los ntawm cov kev pabcuam.
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: Kab lus xav tias koj muaj kev paub ua haujlwm ntawm Kubernetes. Txwv tsis pub, kuv xav kom nyeem thiab tsuas yog tom qab ntawd txuas ntxiv nyeem cov ntaub ntawv no.
Qhov kev xav
Hauv lub ntiaj teb uas tsis muaj Istio, ib qho kev pabcuam ua rau kev thov ncaj qha rau lwm tus, thiab yog tias tsis ua haujlwm, cov kev pabcuam yuav tsum tau ua nws tus kheej: ua ib qho kev sim tshiab, muab sijhawm rau lub sijhawm, qhib Circuit Court breaker, thiab lwm yam.
Network tsheb khiav hauv Kubernetes
Istio, ntawm qhov tod tes, muab cov kev daws teeb meem tshwj xeeb uas cais tawm ntawm cov kev pabcuam thiab kev ua haujlwm los ntawm kev cuam tshuam nrog kev sib tham hauv network. Thiab yog li nws siv:
- txhaum cai: raws li txoj cai raws li txoj cai hauv cov lus teb, nws nkag siab yog tias qhov kev thov ua tsis tiav thiab rov xa nws dua.
- Canary Rollouts: redirects tsuas yog ib feem pua ββββtaag ntawm kev thov mus rau qhov kev pabcuam tshiab.
- Saib xyuas thiab Metrics: Nws siv sijhawm ntev npaum li cas rau qhov kev pabcuam teb?
- Tracing thiab observability: Ntxiv cov headers tshwj xeeb rau txhua qhov kev thov thiab taug qab lawv hla cov pawg.
- Kev ruaj ntseg: Retrieves JWT token, authenticates thiab tso cai rau cov neeg siv.
Cov no tsuas yog qee qhov ua tau (tsuas yog ob peb yam!) kom txaus siab rau koj. Tam sim no cia peb dhia mus rau hauv cov ntsiab lus technical!
Kev tsim vaj tsev
Istio cuam tshuam tag nrho cov tsheb khiav hauv lub network thiab siv cov txheej txheem rau nws, ntxig lub npe ntse hauv daim ntawv ntawm lub thawv sab hauv rau hauv txhua lub pod. Proxies uas qhib txhua qhov muaj peev xwm tsim tau a Lub dav hlau Data, thiab lawv tuaj yeem hloov kho dynamically nrog Tswj lub dav hlau.
Lub dav hlau Data
Cov proxies tso rau hauv cov pods ua rau nws yooj yim rau Istio kom tau raws li peb xav tau. Piv txwv li, cia peb tshawb xyuas qhov kev rov ua dua thiab kev ua haujlwm ntawm Circuit Court breaker.
Yuav ua li cas retry thiab Circuit Court breaking yog siv nyob rau hauv Envoy
Mus saib lub ntsab lug:
- Envoy (peb tab tom tham txog ib lub npe nyob rau hauv lub thawv sidecar, uas yog muab faib thiab yuav ua li cas - kwv yees. txhais.) xa ib daim ntawv thov mus rau thawj qhov kev pabcuam B thiab ua tsis tiav.
- Envoy Sidecar tab tom sim dua (rov sim dua). (1)
- Qhov kev thov ua tsis tiav raug xa rov qab mus rau lub npe hu ua nws.
- Qhov no qhib Circuit Breaker thiab hu rau cov kev pabcuam tom ntej rau kev thov tom ntej. (2)
Qhov no txhais tau hais tias koj tsis tas yuav siv lub tsev qiv ntawv Retry tom ntej, koj tsis tas yuav ua koj tus kheej siv Circuit Breaking thiab Service Discovery hauv X, Y lossis Z programming lus. lub thawv hauv Istio thiab tsis xav tau tsis muaj code hloov.
Zoo heev! Tam sim no koj tuaj yeem xav mus ncig nrog Istio, tab sis tseem muaj qee qhov tsis ntseeg, qhib cov lus nug. Yog tias qhov no yog kev daws teeb meem thoob ntiaj teb rau txhua lub sijhawm hauv lub neej, tom qab ntawd koj muaj kev xav tsis thoob: tom qab tag nrho, tag nrho cov kev daws teeb meem no yog qhov tseeb tsis haum rau txhua qhov xwm txheej.
Thiab thaum kawg koj nug: "Puas yog customizable?"
Tam sim no koj npaj txhij rau kev caij nkoj hauv hiav txwv - thiab cia peb paub txog Kev Tswj Dav Hlau.
Tswj lub dav hlau
Nws muaj peb yam: tsav, Tov khoom ΠΈ Citadel, uas ua ke teeb tsa Envoys rau txoj kev khiav tsheb, siv cov cai, thiab sau cov ntaub ntawv telemetry. Schematically, txhua yam zoo li no:
Kev sib cuam tshuam ntawm Kev Tswj Dav Hlau nrog Cov Ntaub Ntawv Dav Hlau
Envoys (piv txwv li cov ntaub ntawv dav hlau) tau teeb tsa nrog (Cov Kev Pabcuam Kev Cai) txhais los ntawm Istio thiab tsim tshwj xeeb rau lub hom phiaj no. Qhov no txhais tau li cas rau koj yog tias lawv tsuas yog lwm cov peev txheej hauv Kubernetes nrog cov lus qhia paub. Thaum tsim, cov peev txheej no yuav raug khaws los ntawm lub dav hlau tswj thiab siv rau Envoys.
Kev sib raug zoo ntawm kev pabcuam rau Istio
Peb tau piav qhia txog Istio txoj kev sib raug zoo rau cov kev pabcuam, tab sis tsis yog lwm txoj hauv kev: cov kev pabcuam cuam tshuam li cas rau Istio?
Yuav kom ncaj ncees, cov kev pabcuam paub txog qhov muaj Istio thiab cov ntses paub txog dej, thaum lawv nug lawv tus kheej: "Dab tsi yog dej?".
Piv txwv : Koj nyiam dej li cas? - Dab tsi yog dej?
Yog li, koj tuaj yeem nqa ib pawg ua haujlwm thiab tom qab siv Istio Cheebtsam, cov kev pabcuam hauv nws yuav ua haujlwm ntxiv, thiab tom qab tshem cov khoom no, txhua yam yuav zoo dua. Nws yog tseeb hais tias nyob rau hauv cov ntaub ntawv no koj yuav poob lub cib fim muab los ntawm Istio.
Txoj kev xav txaus - cia peb muab qhov kev paub no rau hauv kev xyaum!
Istio hauv kev xyaum
Istio xav kom Kubernetes pawg nrog tsawg kawg 4 vCPUs thiab 8 GB ntawm RAM muaj. Txhawm rau kom ceev cov pawg thiab ua raws li cov lus qhia los ntawm tsab xov xwm, Kuv pom zoo kom siv Google Cloud Platform, uas muaj cov neeg siv tshiab .
Tom qab tsim cov pawg thiab teeb tsa kev nkag mus rau Kubernetes los ntawm kev siv hluav taws xob console, koj tuaj yeem nruab Istio los ntawm tus thawj tswj hwm pob Helm.
Helm Installation
Nruab tus neeg siv Helm ntawm koj lub computer raws li tau piav qhia hauv . Peb yuav siv nws los tsim cov qauv rau kev txhim kho Istio hauv ntu tom ntej.
Kev teeb tsa
Download Istio cov peev txheej los ntawm (tus thawj tus kws sau ntawv txuas mus rau version 1.0.5 tau hloov mus rau qhov tam sim no, piv txwv li 1.0.6 - kwv yees transl.), rho tawm cov ntsiab lus rau ib daim ntawv teev npe, uas kuv yuav xa mus rau [istio-resources].
Txhawm rau txheeb xyuas yooj yim ntawm Istio cov peev txheej, tsim lub npe chaw hauv K8s pawg istio-system:
$ kubectl create namespace istio-systemUa kom tiav qhov kev teeb tsa los ntawm kev mus rau hauv phau ntawv teev npe [istio-resources] thiab khiav cov lus txib:
$ helm template install/kubernetes/helm/istio
--set global.mtls.enabled=false
--set tracing.enabled=true
--set kiali.enabled=true
--set grafana.enabled=true
--namespace istio-system > istio.yamlCov lus txib no yuav tso tawm cov khoom tseem ceeb ntawm Istio mus rau ib cov ntaub ntawv istio.yaml. Peb tau hloov kho tus qauv qauv rau peb tus kheej los ntawm kev qhia txog cov hauv qab no:
-
global.mtls.enabledntsia hauvfalse(i.e. mTLS authentication yog neeg xiam - kwv yees li.)kom yooj yim rau peb txoj kev sib tham; -
tracing.enabledenables thov tracing nrog Jaeger; -
kiali.enablednruab Kiali rau hauv ib pawg kom pom cov kev pabcuam thiab kev khiav tsheb; -
grafana.enablednruab Grafana kom pom cov metrics sau.
Siv cov peev txheej generated nrog cov lus txib:
$ kubectl apply -f istio.yamlKev teeb tsa Istio hauv pawg ua tiav! Tos kom txog thaum tag nrho cov pods nyob rau hauv lub namespace istio-system yuav muaj peev xwm Running los yog Completedlos ntawm kev khiav cov lus txib hauv qab no:
$ kubectl get pods -n istio-systemTam sim no peb npaj mus txuas ntxiv mus rau ntu tom ntej, qhov twg peb yuav tsa thiab khiav daim ntawv thov.
Sentiment Analysis Application Architecture
Cia peb siv tus piv txwv ntawm Sentiment Analysis microservice daim ntawv thov siv nyob rau hauv uas twb tau hais lawm . Nws yog qhov nyuaj txaus los qhia qhov ua tau ntawm Istio hauv kev xyaum.
Daim ntawv thov muaj plaub microservices:
- kev pab cuam SA-Front, uas ua haujlwm rau pem hauv ntej-kawg daim ntawv thov ntawm Reactjs;
- kev pab cuam SA Web App, uas ua haujlwm rau Sentiment Analysis queries;
- kev pab cuam SA Logicuas ua nws tus kheej ;
- kev pab cuam SA Cov Lus Qhia, uas tau txais kev tawm tswv yim los ntawm cov neeg siv ntawm qhov tseeb ntawm qhov kev tshuaj ntsuam tau ua.
Hauv daim duab no, ntxiv rau cov kev pabcuam, peb kuj pom Ingress Controller, uas nyob rau hauv Kubernetes cov kev thov nkag mus rau cov kev pabcuam sib raug. Istio siv lub tswv yim zoo ib yam li ib feem ntawm Ingress Gateway, cov ntsiab lus ntawm qhov yuav ua raws.
Tua tawm daim ntawv thov nrog lub npe los ntawm Istio
Rau kev ua haujlwm ntxiv uas tau hais hauv tsab xov xwm, clone koj lub chaw cia khoom . Nws muaj cov ntawv thov thiab tshwm sim rau Kubernetes thiab Istio.
Ntxig sidecars
Insertion tuaj yeem ua tau cia li tau los yog manually. Txhawm rau muab tso rau sab hauv lub thawv, koj yuav tsum teeb tsa daim ntawv lo rau lub namespace istio-injection=enabled, uas yog ua los ntawm cov lus txib hauv qab no:
$ kubectl label namespace default istio-injection=enabled
namespace/default labeledTam sim no txhua lub pod uas yuav muab tso rau hauv lub neej ntawd namespace (default) yuav tau txais nws lub thawv sidecar. Txhawm rau txheeb xyuas qhov no, cia peb xa daim ntawv thov xeem los ntawm kev mus rau hauv cov npe hauv paus ntawm qhov chaw khaws cia [istio-mastery] thiab khiav cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/kube
persistentvolumeclaim/sqlite-pvc created
deployment.extensions/sa-feedback created
service/sa-feedback created
deployment.extensions/sa-frontend created
service/sa-frontend created
deployment.extensions/sa-logic created
service/sa-logic created
deployment.extensions/sa-web-app created
service/sa-web-app createdTom qab xa cov kev pabcuam, xyuas tias cov pods muaj ob lub thawv (nrog rau kev pabcuam nws tus kheej thiab nws lub tsheb) los ntawm kev khiav cov lus txib kubectl get pods thiab xyuas kom meej tias nyob rau hauv kab READY tus nqi teev 2/2, symbolizing tias ob lub thawv tau khiav:
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
sa-feedback-55f5dc4d9c-c9wfv 2/2 Running 0 12m
sa-frontend-558f8986-hhkj9 2/2 Running 0 12m
sa-logic-568498cb4d-2sjwj 2/2 Running 0 12m
sa-logic-568498cb4d-p4f8c 2/2 Running 0 12m
sa-web-app-599cf47c7c-s7cvd 2/2 Running 0 12mVisually nws zoo li no:
Envoy proxy nyob rau hauv ib qho ntawm cov pods
Tam sim no hais tias daim ntawv thov tau nce thiab khiav, peb yuav tsum tso cai nkag mus nkag rau hauv daim ntawv thov.
Ingress Rooj vag
Qhov kev coj ua zoo tshaj plaws kom ua tiav qhov no (cia kev khiav tsheb hauv pawg) yog dhau los Ingress Rooj vag hauv Istio, uas nyob ntawm "ntug" ntawm pawg thiab tso cai rau koj los pab Istio cov yam ntxwv xws li kev taug kev, thauj khoom sib npaug, kev ruaj ntseg, thiab kev saib xyuas cov tsheb tuaj.
Ingress Gateway tivthaiv thiab cov kev pabcuam uas xa mus rau sab nraud tau teeb tsa ntawm pawg thaum lub sijhawm Istio installation. Txhawm rau kom paub qhov chaw nyob IP sab nraud ntawm qhov kev pabcuam, khiav:
$ kubectl get svc -n istio-system -l istio=ingressgateway
NAME TYPE CLUSTER-IP EXTERNAL-IP
istio-ingressgateway LoadBalancer 10.0.132.127 13.93.30.120Peb yuav txuas ntxiv nkag mus rau daim ntawv thov siv tus IP no (Kuv yuav xa mus rau nws li EXTERNAL-IP), yog li kom yooj yim, peb yuav sau tus nqi rau qhov sib txawv:
$ EXTERNAL_IP=$(kubectl get svc -n istio-system
-l app=istio-ingressgateway
-o jsonpath='{.items[0].status.loadBalancer.ingress[0].ip}')Yog tias koj sim nkag mus rau IP no los ntawm qhov browser tam sim no, koj yuav tau txais Kev Pabcuam Tsis Muaj Kev Ua Haujlwm, vim los ntawm lub neej ntawd Istio thaiv tag nrho cov tsheb khiavkom txog thaum lub rooj vag yog txhais.
Gateway kev pab
Gateway yog CRD (Kev Cai Kev Cai Txhais Lus) hauv Kubernetes, txhais tau tias tom qab txhim kho Istio hauv pawg thiab ua kom muaj peev xwm txheeb xyuas cov chaw nres nkoj, raws tu qauv, thiab cov tswv tsev uas peb xav tso cai nkag mus.
Hauv peb qhov xwm txheej, peb xav tso cai HTTP tsheb khiav ntawm chaw nres nkoj 80 rau txhua tus tswv. Qhov teeb meem yog pom tau los ntawm cov ntsiab lus hauv qab no ():
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: http-gateway
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"Qhov kev teeb tsa no yuav tsum tsis muaj kev piav qhia tshwj tsis yog rau tus xaiv istio: ingressgateway. Nrog tus xaiv no, peb tuaj yeem qhia meej qhov twg Ingress Gateway los siv qhov kev teeb tsa rau. Hauv peb cov ntaub ntawv, qhov no yog Ingress Gateway maub los, uas tau teeb tsa los ntawm lub neej ntawd hauv Istio.
Lub configuration yog siv los ntawm kev hu rau cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/istio/http-gateway.yaml gateway.networking.istio.io/http-gateway createdLub rooj vag tam sim no tso cai nkag mus rau qhov chaw nres nkoj 80 tab sis tsis muaj lub tswv yim tias yuav taug txoj kev thov mus rau qhov twg. Rau qhov no koj yuav xav tau Kev Pabcuam Virtual.
Kev pabcuam Virtual
Lub VirtualService qhia rau Ingress Gateway yuav ua li cas rau txoj kev thov uas tau tso cai nyob rau hauv pawg.
Kev thov rau peb daim ntawv thov los ntawm http-gateway yuav tsum raug xa mus rau sa-frontend, sa-web-app thiab sa-feedback cov kev pabcuam:
Cov kev mus rau configured nrog VirtualServices
Xav txog cov lus thov uas yuav tsum tau xa mus rau SA-Frontend:
- Muaj kev sib tw ntawm txoj kev
/yuav tsum xa mus rau SA-Frontend kom tau index.html; - Paths nrog prefix
/static/*yuav tsum tau xa mus rau SA-Frontend kom tau txais cov ntaub ntawv zoo li qub siv nyob rau hauv pem hauv ntej, xws li CSS thiab JavaScript; - Txoj kev sib piv cov lus tsis tu ncua
'^.*.(ico|png|jpg)$', yuav tsum xa mus rau SA-Frontend, vim Cov no yog cov duab tso rau ntawm nplooj ntawv.
Kev siv yog ua tiav los ntawm kev teeb tsa hauv qab no ():
kind: VirtualService metadata: name: sa-external-services spec: hosts: - "*" gateways: - http-gateway # 1 http: - match: - uri: exact: / - uri: exact: /callback - uri: prefix: /static - uri: regex: '^.*.(ico|png|jpg) ΠΠ°ΠΆΠ½ΡΠ΅ ΠΌΠΎΠΌΠ΅Π½ΡΡ:ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: ΠΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ Π²ΡΡΠ΅ Ρ ΡΠ°Π½ΠΈΡΡΡ Π² ΡΠ°ΠΉΠ»Π΅
- ΠΡΠΎΡ VirtualService ΠΎΡΠ½ΠΎΡΠΈΡΡΡ ΠΊ Π·Π°ΠΏΡΠΎΡΠ°ΠΌ, ΠΏΡΠΈΡ ΠΎΠ΄ΡΡΠΈΠΌ ΡΠ΅ΡΠ΅Π· http-gateway;
- Π
destinationΠΎΠΏΡΠ΅Π΄Π΅Π»ΡΠ΅ΡΡΡ ΡΠ΅ΡΠ²ΠΈΡ, ΠΊΡΠ΄Π° ΠΎΡΠΏΡΠ°Π²Π»ΡΡΡΡΡ Π·Π°ΠΏΡΠΎΡΡ.sa-virtualservice-external.yaml, ΠΊΠΎΡΠΎΡΡΠΉ ΡΠ°ΠΊΠΆΠ΅ ΡΠΎΠ΄Π΅ΡΠΆΠΈΡ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ Π΄Π»Ρ ΠΌΠ°ΡΡΡΡΡΠΈΠ·Π°ΡΠΈΠΈ Π² SA-WebApp ΠΈ SA-Feedback, Π½ΠΎ Π±ΡΠ» ΡΠΎΠΊΡΠ°ΡΡΠ½ Π·Π΄Π΅ΡΡ Π² ΡΡΠ°ΡΡΠ΅ Π΄Π»Ρ Π»Π°ΠΊΠΎΠ½ΠΈΡΠ½ΠΎΡΡΠΈ. ΠΡΠΈΠΌΠ΅Π½ΠΈΠΌ VirtualService Π²ΡΠ·ΠΎΠ²ΠΎΠΌ:$ kubectl apply -f resource-manifests/istio/sa-virtualservice-external.yaml virtualservice.networking.istio.io/sa-external-services createdΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: ΠΠΎΠ³Π΄Π° ΠΌΡ ΠΏΡΠΈΠΌΠ΅Π½ΡΠ΅ΠΌ ΡΠ΅ΡΡΡΡΡ Istio, Kubernetes API Server ΡΠΎΠ·Π΄Π°ΡΡ ΡΠΎΠ±ΡΡΠΈΠ΅, ΠΊΠΎΡΠΎΡΠΎΠ΅ ΠΏΠΎΠ»ΡΡΠ°Π΅Ρ Istio Control Plane, ΠΈ ΡΠΆΠ΅ ΠΏΠΎΡΠ»Π΅ ΡΡΠΎΠ³ΠΎ Π½ΠΎΠ²Π°Ρ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ ΠΏΡΠΈΠΌΠ΅Π½ΡΠ΅ΡΡΡ ΠΊ ΠΏΡΠΎΠΊΡΠΈ-ΡΠ΅ΡΠ²Π΅ΡΠ°ΠΌ Envoy ΠΊΠ°ΠΆΠ΄ΠΎΠ³ΠΎ pod'Π°. Π ΠΊΠΎΠ½ΡΡΠΎΠ»Π»Π΅Ρ Ingress Gateway ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»ΡΠ΅ΡΡΡ ΠΎΡΠ΅ΡΠ΅Π΄Π½ΡΠΌ Envoy, ΡΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠΈΡΠΎΠ²Π°Π½Π½ΡΠΌ Π² Control Plane. ΠΡΡ ΡΡΠΎ Π½Π° ΡΡ Π΅ΠΌΠ΅ Π²ΡΠ³Π»ΡΠ΄ΠΈΡ ΡΠ°ΠΊ:
ΠΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ Istio-IngressGateway Π΄Π»Ρ ΠΌΠ°ΡΡΡΡΡΠΈΠ·Π°ΡΠΈΠΈ Π·Π°ΠΏΡΠΎΡΠΎΠ²ΠΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ Sentiment Analysis ΡΡΠ°Π»ΠΎ Π΄ΠΎΡΡΡΠΏΠ½ΡΠΌ ΠΏΠΎ
http://{EXTERNAL-IP}/. ΠΠ΅ ΠΏΠ΅ΡΠ΅ΠΆΠΈΠ²Π°ΠΉΡΠ΅, Π΅ΡΠ»ΠΈ Π²Ρ ΠΏΠΎΠ»ΡΡΠ°Π΅ΡΠ΅ ΡΡΠ°ΡΡΡ Not Found: ΠΈΠ½ΠΎΠ³Π΄Π° ΡΡΠ΅Π±ΡΠ΅ΡΡΡ ΡΡΡΡ Π±ΠΎΠ»ΡΡΠ΅ Π²ΡΠ΅ΠΌΠ΅Π½ΠΈ Π΄Π»Ρ ΡΠΎΠ³ΠΎ, ΡΡΠΎΠ±Ρ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΡ Π²ΡΡΡΠΏΠΈΠ»Π° Π² ΡΠΈΠ»Ρ ΠΈ ΠΊΡΡΠΈ Envoy ΠΎΠ±Π½ΠΎΠ²ΠΈΠ»ΠΈΡΡ.ΠΠ΅ΡΠ΅Π΄ ΡΠ΅ΠΌ, ΠΊΠ°ΠΊ ΠΏΡΠΎΠ΄ΠΎΠ»ΠΆΠΈΡΡ, ΠΏΠΎΡΠ°Π±ΠΎΡΠ°ΠΉΡΠ΅ Π½Π΅ΠΌΠ½ΠΎΠ³ΠΎ Ρ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ΠΌ, ΡΡΠΎΠ±Ρ ΡΠ³Π΅Π½Π΅ΡΠΈΡΠΎΠ²Π°ΡΡ ΡΡΠ°ΡΠΈΠΊ (Π΅Π³ΠΎ Π½Π°Π»ΠΈΡΠΈΠ΅ Π½Π΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΠΎ Π΄Π»Ρ Π½Π°Π³Π»ΡΠ΄Π½ΠΎΡΡΠΈ Π² ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠΈΡ Π΄Π΅ΠΉΡΡΠ²ΠΈΡΡ β ΠΏΡΠΈΠΌ. ΠΏΠ΅ΡΠ΅Π².).
Kialiβ: Π½Π°Π±Π»ΡΠ΄Π°Π΅ΠΌΠΎΡΡΡ
Π§ΡΠΎΠ±Ρ ΠΏΠΎΠΏΠ°ΡΡΡ Π² Π°Π΄ΠΌΠΈΠ½ΠΈΡΡΡΠ°ΡΠΈΠ²Π½ΡΠΉ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡ Kiali, Π²ΡΠΏΠΎΠ»Π½ΠΈΡΠ΅ ΡΠ»Π΅Π΄ΡΡΡΡΡ ΠΊΠΎΠΌΠ°Π½Π΄Ρ:
$ kubectl port-forward $(kubectl get pod -n istio-system -l app=kiali -o jsonpath='{.items[0].metadata.name}') -n istio-system 20001β¦ ΠΈ ΠΎΡΠΊΡΠΎΠΉΡΠ΅ , Π·Π°Π»ΠΎΠ³ΠΈΠ½ΠΈΠ²ΡΠΈΡΡ ΠΏΠΎΠ΄ admin/admin. ΠΠ΄Π΅ΡΡ Π²Ρ Π½Π°ΠΉΠ΄Π΅ΡΠ΅ ΠΌΠ½ΠΎΠΆΠ΅ΡΡΠ²ΠΎ ΠΏΠΎΠ»Π΅Π·Π½ΡΡ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠ΅ΠΉ, Π½Π°ΠΏΡΠΈΠΌΠ΅Ρ, Π΄Π»Ρ ΠΏΡΠΎΠ²Π΅ΡΠΊΠΈ ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½ΡΠΎΠ² Istio, Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ² ΠΏΠΎ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ, ΡΠΎΠ±ΡΠ°Π½Π½ΠΎΠΉ ΠΏΡΠΈ ΠΏΠ΅ΡΠ΅Ρ Π²Π°ΡΠ΅ ΡΠ΅ΡΠ΅Π²ΡΡ Π·Π°ΠΏΡΠΎΡΠΎΠ², ΠΏΠΎΠ»ΡΡΠ΅Π½ΠΈΡ ΠΎΡΠ²Π΅ΡΠΎΠ² Π½Π° Π²ΠΎΠΏΡΠΎΡΡ Β«ΠΡΠΎ ΠΊ ΠΊΠΎΠΌΡ ΠΎΠ±ΡΠ°ΡΠ°Π΅ΡΡΡ?Β», Β«Π£ ΠΊΠ°ΠΊΠΎΠΉ Π²Π΅ΡΡΠΈΠΈ ΡΠ΅ΡΠ²ΠΈΡΠ° Π²ΠΎΠ·Π½ΠΈΠΊΠ°ΡΡ ΡΠ±ΠΎΠΈ?Β» ΠΈ Ρ.ΠΏ. Π ΠΎΠ±ΡΠ΅ΠΌ, ΠΈΠ·ΡΡΠΈΡΠ΅ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠΈ Kiali ΠΏΠ΅ΡΠ΅Π΄ ΡΠ΅ΠΌ, ΠΊΠ°ΠΊ Π΄Π²ΠΈΠ³Π°ΡΡΡΡ Π΄Π°Π»ΡΡΠ΅ β ΠΊ Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΠΌΠ΅ΡΡΠΈΠΊ Ρ Grafana.
Grafana: Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΡ ΠΌΠ΅ΡΡΠΈΠΊ
Π‘ΠΎΠ±ΡΠ°Π½Π½ΡΠ΅ Π² Istio ΠΌΠ΅ΡΡΠΈΠΊΠΈ ΠΏΠΎΠΏΠ°Π΄Π°ΡΡ Π² Prometheus ΠΈ Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·ΠΈΡΡΡΡΡΡ Ρ Grafana. Π§ΡΠΎΠ±Ρ ΠΏΠΎΠΏΠ°ΡΡΡ Π² Π°Π΄ΠΌΠΈΠ½ΠΈΡΡΡΠ°ΡΠΈΠ²Π½ΡΠΉ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡ Grafana, Π²ΡΠΏΠΎΠ»Π½ΠΈΡΠ΅ ΠΊΠΎΠΌΠ°Π½Π΄Ρ Π½ΠΈΠΆΠ΅, ΠΏΠΎΡΠ»Π΅ ΡΠ΅Π³ΠΎ ΠΎΡΠΊΡΠΎΠΉΡΠ΅ :
$ kubectl -n istio-system port-forward $(kubectl -n istio-system get pod -l app=grafana -o jsonpath={.items[0].metadata.name}) 3000ΠΠ»ΠΈΠΊΠ½ΡΠ² Π½Π° ΠΌΠ΅Π½Ρ Home ΡΠ»Π΅Π²Π° ΡΠ²Π΅ΡΡ Ρ ΠΈ Π²ΡΠ±ΡΠ°Π² Istio Service Dashboard Π² Π»Π΅Π²ΠΎΠΌ Π²Π΅ΡΡ Π½Π΅ΠΌ ΡΠ³Π»Ρ, Π½Π°ΡΠ½ΠΈΡΠ΅ Ρ ΡΠ΅ΡΠ²ΠΈΡΠ° sa-web-app, ΡΡΠΎΠ±Ρ ΠΏΠΎΡΠΌΠΎΡΡΠ΅ΡΡ Π½Π° ΡΠΎΠ±ΡΠ°Π½Π½ΡΠ΅ ΠΌΠ΅ΡΡΠΈΠΊΠΈ:
ΠΠ΄Π΅ΡΡ Π½Π°Ρ ΠΆΠ΄ΡΡ ΠΏΡΡΡΠΎΠ΅ ΠΈ ΡΠΎΠ²Π΅ΡΡΠ΅Π½Π½ΠΎ ΡΠΊΡΡΠ½ΠΎΠ΅ ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½ΠΈΠ΅ β ΡΡΠΊΠΎΠ²ΠΎΠ΄ΡΡΠ²ΠΎ Π½ΠΈΠΊΠΎΠ³Π΄Π° ΡΠ°ΠΊΠΎΠ΅ Π½Π΅ ΠΎΠ΄ΠΎΠ±ΡΠΈΡ. ΠΠ°Π²Π°ΠΉΡΠ΅ ΠΆΠ΅ ΡΠΎΠ·Π΄Π°Π΄ΠΈΠΌ Π½Π΅Π±ΠΎΠ»ΡΡΡΡ Π½Π°Π³ΡΡΠ·ΠΊΡ ΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΠΊΠΎΠΌΠ°Π½Π΄ΠΎΠΉ:
$ while true; do curl -i http://$EXTERNAL_IP/sentiment -H "Content-type: application/json" -d '{"sentence": "I love yogobella"}'; sleep .8; doneΠΠΎΡ ΡΠ΅ΠΏΠ΅ΡΡ Ρ Π½Π°Ρ Π³ΠΎΡΠ°Π·Π΄ΠΎ Π±ΠΎΠ»Π΅Π΅ ΡΠΈΠΌΠΏΠ°ΡΠΈΡΠ½ΡΠ΅ Π³ΡΠ°ΡΠΈΠΊΠΈ, Π° Π² Π΄ΠΎΠΏΠΎΠ»Π½Π΅Π½ΠΈΠ΅ ΠΊ Π½ΠΈΠΌ β Π·Π°ΠΌΠ΅ΡΠ°ΡΠ΅Π»ΡΠ½ΡΠ΅ ΠΈΠ½ΡΡΡΡΠΌΠ΅Π½ΡΡ Prometheus Π΄Π»Ρ ΠΌΠΎΠ½ΠΈΡΠΎΡΠΈΠ½Π³Π° ΠΈ Grafana Π΄Π»Ρ Π²ΠΈΠ·ΡΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΠΌΠ΅ΡΡΠΈΠΊ, ΡΡΠΎ ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡ Π½Π°ΠΌ ΡΠ·Π½Π°ΡΡ ΠΎ ΠΏΡΠΎΠΈΠ·Π²ΠΎΠ΄ΠΈΡΠ΅Π»ΡΠ½ΠΎΡΡΠΈ, ΡΠΎΡΡΠΎΡΠ½ΠΈΠΈ Π·Π΄ΠΎΡΠΎΠ²ΡΡ, ΡΠ»ΡΡΡΠ΅Π½ΠΈΡΡ /Π΄Π΅Π³ΡΠ°Π΄Π°ΡΠΈΠΈ Π² ΡΠ°Π±ΠΎΡΠ΅ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ² Π½Π° ΠΏΡΠΎΡΡΠΆΠ΅Π½ΠΈΠΈ Π²ΡΠ΅ΠΌΠ΅Π½ΠΈ.
ΠΠ°ΠΊΠΎΠ½Π΅Ρ, ΠΏΠΎΡΠΌΠΎΡΡΠΈΠΌ Π½Π° ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΡ Π·Π°ΠΏΡΠΎΡΠΎΠ² Π² ΡΠ΅ΡΠ²ΠΈΡΠ°Ρ .
Jaegerβ: ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠ°
Π’ΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠ° Π½Π°ΠΌ ΠΏΠΎΡΡΠ΅Π±ΡΠ΅ΡΡΡ, ΠΏΠΎΡΠΎΠΌΡ ΡΡΠΎ ΡΠ΅ΠΌ Π±ΠΎΠ»ΡΡΠ΅ Ρ Π½Π°Ρ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ², ΡΠ΅ΠΌ ΡΠ»ΠΎΠΆΠ½Π΅Π΅ Π΄ΠΎΠ±ΡΠ°ΡΡΡΡ Π΄ΠΎ ΠΏΡΠΈΡΠΈΠ½Ρ ΡΠ±ΠΎΡ. ΠΠΎΡΠΌΠΎΡΡΠΈΠΌ Π½Π° ΠΏΡΠΎΡΡΠΎΠΉ ΡΠ»ΡΡΠ°ΠΉ ΠΈΠ· ΠΊΠ°ΡΡΠΈΠ½ΠΊΠΈ Π½ΠΈΠΆΠ΅:
Π’ΠΈΠΏΠΎΠ²ΠΎΠΉ ΠΏΡΠΈΠΌΠ΅Ρ ΡΠ»ΡΡΠ°ΠΉΠ½ΠΎΠ³ΠΎ Π½Π΅ΡΠ΄Π°ΡΠ½ΠΎΠ³ΠΎ Π·Π°ΠΏΡΠΎΡΠ°ΠΠ°ΠΏΡΠΎΡ ΠΏΡΠΈΡ ΠΎΠ΄ΠΈΡ, ΠΏΠ°Π΄Π°Π΅Ρ β Π² ΡΡΠΌ ΠΆΠ΅ ΠΏΡΠΈΡΠΈΠ½Π°? ΠΠ΅ΡΠ²ΡΠΉ ΡΠ΅ΡΠ²ΠΈΡ? ΠΠ»ΠΈ Π²ΡΠΎΡΠΎΠΉ? ΠΡΠΊΠ»ΡΡΠ΅Π½ΠΈΡ Π΅ΡΡΡ Π² ΠΎΠ±ΠΎΠΈΡ β Π΄Π°Π²Π°ΠΉΡΠ΅ ΠΏΠΎΡΠΌΠΎΡΡΠΈΠΌ Π½Π° Π»ΠΎΠ³ΠΈ ΠΊΠ°ΠΆΠ΄ΠΎΠ³ΠΎ. ΠΠ°ΠΊ ΡΠ°ΡΡΠΎ Π²Ρ Π»ΠΎΠ²ΠΈΠ»ΠΈ ΡΠ΅Π±Ρ Π·Π° ΡΠ°ΠΊΠΈΠΌ Π·Π°Π½ΡΡΠΈΠ΅ΠΌ? ΠΠ°ΡΠ° ΡΠ°Π±ΠΎΡΠ° Π±ΠΎΠ»ΡΡΠ΅ ΠΏΠΎΡ ΠΎΠΆΠ° Π½Π° Π΄Π΅ΡΠ΅ΠΊΡΠΈΠ²ΠΎΠ² ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ½ΠΎΠ³ΠΎ ΠΎΠ±Π΅ΡΠΏΠ΅ΡΠ΅Π½ΠΈΡ, Π° Π½Π΅ ΡΠ°Π·ΡΠ°Π±ΠΎΡΡΠΈΠΊΠΎΠ²β¦
ΠΡΠΎ ΡΠΈΡΠΎΠΊΠΎ ΡΠ°ΡΠΏΡΠΎΡΡΡΠ°Π½ΡΠ½Π½Π°Ρ ΠΏΡΠΎΠ±Π»Π΅ΠΌΠ° Π² ΠΌΠΈΠΊΡΠΎΡΠ΅ΡΠ²ΠΈΡΠ°Ρ ΠΈ ΡΠ΅ΡΠ°Π΅ΡΡΡ ΠΎΠ½Π° ΡΠ°ΡΠΏΡΠ΅Π΄Π΅Π»ΡΠ½Π½ΡΠΌΠΈ ΡΠΈΡΡΠ΅ΠΌΠ°ΠΌΠΈ ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠΈ, Π² ΠΊΠΎΡΠΎΡΡΡ ΡΠ΅ΡΠ²ΠΈΡΡ ΠΏΠ΅ΡΠ΅Π΄Π°ΡΡ Π΄ΡΡΠ³ Π΄ΡΡΠ³Ρ ΡΠ½ΠΈΠΊΠ°Π»ΡΠ½ΡΠΉ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΎΠΊ, ΠΏΠΎΡΠ»Π΅ ΡΠ΅Π³ΠΎ ΡΡΠ° ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ ΠΏΠ΅ΡΠ΅Π½Π°ΠΏΡΠ°Π²Π»ΡΠ΅ΡΡΡ Π² ΡΠΈΡΡΠ΅ΠΌΡ ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠΈ, Π³Π΄Π΅ ΠΎΠ½Π° ΡΠΎΠΏΠΎΡΡΠ°Π²Π»ΡΠ΅ΡΡΡ Ρ Π΄Π°Π½Π½ΡΠΌΠΈ Π·Π°ΠΏΡΠΎΡΠ°. ΠΠΎΡ ΠΈΠ»Π»ΡΡΡΡΠ°ΡΠΈΡ:
ΠΠ»Ρ ΠΈΠ΄Π΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ Π·Π°ΠΏΡΠΎΡΠ° ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ TraceIdΠ Istio ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ Jaeger Tracer, ΠΊΠΎΡΠΎΡΡΠΉ ΡΠ΅Π°Π»ΠΈΠ·ΡΠ΅Ρ Π½Π΅Π·Π°Π²ΠΈΡΠΈΠΌΡΠΉ ΠΎΡ Π²Π΅Π½Π΄ΠΎΡΠΎΠ² ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊ OpenTracing API. ΠΠΎΠ»ΡΡΠΈΡΡ Π΄ΠΎΡΡΡΠΏ ΠΊ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»ΡΡΠΊΠΎΠ³ΠΎ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡΡ Jaeger ΠΌΠΎΠΆΠ½ΠΎ ΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΠΊΠΎΠΌΠ°Π½Π΄ΠΎΠΉ:
$ kubectl port-forward -n istio-system $(kubectl get pod -n istio-system -l app=jaeger -o jsonpath='{.items[0].metadata.name}') 16686Π’Π΅ΠΏΠ΅ΡΡ Π·Π°ΠΉΠ΄ΠΈΡΠ΅ Π½Π° ΠΈ Π²ΡΠ±Π΅ΡΠΈΡΠ΅ ΡΠ΅ΡΠ²ΠΈΡ sa-web-app. ΠΡΠ»ΠΈ ΡΠ΅ΡΠ²ΠΈΡ Π½Π΅ ΠΏΠΎΠΊΠ°Π·Π°Π½ Π² Π²ΡΠΏΠ°Π΄Π°ΡΡΠ΅ΠΌ ΠΌΠ΅Π½Ρ β ΠΏΡΠΎΡΠ²ΠΈΡΠ΅/ΡΠ³Π΅Π½Π΅ΡΠΈΡΡΠΉΡΠ΅ Π°ΠΊΡΠΈΠ²Π½ΠΎΡΡΡ Π½Π° ΡΡΡΠ°Π½ΠΈΡΠ΅ ΠΈ ΠΎΠ±Π½ΠΎΠ²ΠΈΡΠ΅ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡ. ΠΠΎΡΠ»Π΅ ΡΡΠΎΠ³ΠΎ Π½Π°ΠΆΠΌΠΈΡΠ΅ Π½Π° ΠΊΠ½ΠΎΠΏΠΊΡ Find Traces, ΠΊΠΎΡΠΎΡΠ°Ρ ΠΏΠΎΠΊΠ°ΠΆΠ΅Ρ ΡΠ°ΠΌΡΠ΅ ΠΏΠΎΡΠ»Π΅Π΄Π½ΠΈΠ΅ ΡΡΠ΅ΠΉΡΡ β Π²ΡΠ±Π΅ΡΠΈΡΠ΅ Π»ΡΠ±ΠΎΠΉ β ΠΏΠΎΠΊΠ°ΠΆΠ΅ΡΡΡ Π΄Π΅ΡΠ°Π»ΠΈΠ·ΠΈΡΠΎΠ²Π°Π½Π½Π°Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ ΠΏΠΎ Π²ΡΠ΅ΠΌ ΡΡΠ΅ΠΉΡΠ°ΠΌ:
ΠΡΠΎΡ ΡΡΠ΅ΠΉΡ ΠΏΠΎΠΊΠ°Π·ΡΠ²Π°Π΅Ρ:
- ΠΠ°ΠΏΡΠΎΡ ΠΏΡΠΈΡ ΠΎΠ΄ΠΈΡ Π² istio-ingressgateway (ΡΡΠΎ ΠΏΠ΅ΡΠ²ΠΎΠ΅ Π²Π·Π°ΠΈΠΌΠΎΠ΄Π΅ΠΉΡΡΠ²ΠΈΠ΅ Ρ ΠΎΠ΄Π½ΠΈΠΌ ΠΈΠ· ΡΠ΅ΡΠ²ΠΈΡΠΎΠ², ΠΈ Π΄Π»Ρ Π·Π°ΠΏΡΠΎΡΠ° Π³Π΅Π½Π΅ΡΠΈΡΡΠ΅ΡΡΡ Trace ID), ΠΏΠΎΡΠ»Π΅ ΡΠ΅Π³ΠΎ ΡΠ»ΡΠ· Π½Π°ΠΏΡΠ°Π²Π»ΡΠ΅Ρ Π·Π°ΠΏΡΠΎΡ Π² ΡΠ΅ΡΠ²ΠΈΡ sa-web-app.
- Π ΡΠ΅ΡΠ²ΠΈΡΠ΅ sa-web-app Π·Π°ΠΏΡΠΎΡ ΠΏΠΎΠ΄Ρ Π²Π°ΡΡΠ²Π°Π΅ΡΡΡ Envoy sidecar'ΠΎΠΌ, ΡΠΎΠ·Π΄Π°ΡΡΡΡ Β«ΡΠ΅Π±ΡΠ½ΠΎΠΊΒ» Π² span'Π΅ (ΠΏΠΎΡΡΠΎΠΌΡ ΠΌΡ Π²ΠΈΠ΄ΠΈΠΌ Π΅Π³ΠΎ Π² ΡΡΠ΅ΠΉΡΠ°Ρ ) ΠΈ ΠΏΠ΅ΡΠ΅Π½Π°ΠΏΡΠ°Π²Π»ΡΠ΅ΡΡΡ Π² ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅Ρ sa-web-app. ( β Π»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠ°Ρ Π΅Π΄ΠΈΠ½ΠΈΡΠ° ΡΠ°Π±ΠΎΡΡ Π² Jaeger, ΠΈΠΌΠ΅ΡΡΠ°Ρ Π½Π°Π·Π²Π°Π½ΠΈΠ΅, Π²ΡΠ΅ΠΌΡ Π½Π°ΡΠ°Π»ΠΎ ΠΎΠΏΠ΅ΡΠ°ΡΠΈΠΈ ΠΈ Π΅Ρ ΠΏΡΠΎΠ΄ΠΎΠ»ΠΆΠΈΡΠ΅Π»ΡΠ½ΠΎΡΡΡ. Span'Ρ ΠΌΠΎΠ³ΡΡ Π±ΡΡΡ Π²Π»ΠΎΠΆΠ΅Π½Π½ΡΠΌΠΈ ΠΈ ΡΠΏΠΎΡΡΠ΄ΠΎΡΠ΅Π½Π½ΡΠΌΠΈ. ΠΡΠΈΠ΅Π½ΡΠΈΡΠΎΠ²Π°Π½Π½ΡΠΉ Π°ΡΠΈΠΊΠ»ΠΈΡΠ΅ΡΠΊΠΈΠΉ Π³ΡΠ°Ρ ΠΈΠ· span'ΠΎΠ² ΠΎΠ±ΡΠ°Π·ΡΠ΅Ρ trace. β ΠΏΡΠΈΠΌ. ΠΏΠ΅ΡΠ΅Π².)
- ΠΠ΄Π΅ΡΡ Π·Π°ΠΏΡΠΎΡ ΠΎΠ±ΡΠ°Π±Π°ΡΡΠ²Π°Π΅ΡΡΡ ΠΌΠ΅ΡΠΎΠ΄ΠΎΠΌ sentimentAnalysis. ΠΡΠΈ ΡΡΠ΅ΠΉΡΡ ΡΠΆΠ΅ ΡΠ³Π΅Π½Π΅ΡΠΈΡΠΎΠ²Π°Π½Ρ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ΠΌ, Ρ.Π΅. Π΄Π»Ρ Π½ΠΈΡ ΠΏΠΎΡΡΠ΅Π±ΠΎΠ²Π°Π»ΠΈΡΡ ΠΈΠ·ΠΌΠ΅Π½Π΅Π½ΠΈΡ Π² ΠΊΠΎΠ΄Π΅.
- Π‘ ΡΡΠΎΠ³ΠΎ ΠΌΠΎΠΌΠ΅Π½ΡΠ° ΠΈΠ½ΠΈΡΠΈΠΈΡΡΠ΅ΡΡΡ POST-Π·Π°ΠΏΡΠΎΡ Π² sa-logic. Trace ID Π΄ΠΎΠ»ΠΆΠ΅Π½ Π±ΡΡΡ ΠΏΡΠΎΠ±ΡΠΎΡΠ΅Π½ ΠΈΠ· sa-web-app.
- β¦
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: ΠΠ° 4 ΡΠ°Π³Π΅ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ Π΄ΠΎΠ»ΠΆΠ½ΠΎ ΡΠ²ΠΈΠ΄Π΅ΡΡ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ, ΡΠ³Π΅Π½Π΅ΡΠΈΡΠΎΠ²Π°Π½Π½ΡΠ΅ Istio, ΠΈ ΠΏΠ΅ΡΠ΅Π΄Π°ΡΡ ΠΈΡ Π² ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡΠΈΠ΅ Π·Π°ΠΏΡΠΎΡΡ, ΠΊΠ°ΠΊ ΠΏΠΎΠΊΠ°Π·Π°Π½ΠΎ Π½Π° ΠΈΠ·ΠΎΠ±ΡΠ°ΠΆΠ΅Π½ΠΈΠΈ Π½ΠΈΠΆΠ΅:
(A) ΠΠ° ΠΏΡΠΎΠ±ΡΠΎΡ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΎΠ² ΠΎΡΠ²Π΅ΡΠ°Π΅Ρ Istio; (B) ΠΠ° Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ ΠΎΡΠ²Π΅ΡΠ°ΡΡ ΡΠ΅ΡΠ²ΠΈΡΡIstio Π΄Π΅Π»Π°Π΅Ρ ΠΎΡΠ½ΠΎΠ²Π½ΡΡ ΡΠ°Π±ΠΎΡΡ, Ρ.ΠΊ. Π³Π΅Π½Π΅ΡΠΈΡΡΠ΅Ρ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ Π΄Π»Ρ Π²Ρ ΠΎΠ΄ΡΡΠΈΡ Π·Π°ΠΏΡΠΎΡΠΎΠ², ΡΠΎΠ·Π΄Π°ΡΡ Π½ΠΎΠ²ΡΠ΅ span'Ρ Π² ΠΊΠ°ΠΆΠ΄ΠΎΠΌ sidecare'Π΅ ΠΈ ΠΏΡΠΎΠ±ΡΠ°ΡΡΠ²Π°Π΅Ρ ΠΈΡ . ΠΠ΄Π½Π°ΠΊΠΎ Π±Π΅Π· ΡΠ°Π±ΠΎΡΡ Ρ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠ°ΠΌΠΈ Π²Π½ΡΡΡΠΈ ΡΠ΅ΡΠ²ΠΈΡΠΎΠ² ΠΏΠΎΠ»Π½ΡΠΉ ΠΏΡΡΡ ΡΡΠ°ΡΡΠΈΡΠΎΠ²ΠΊΠΈ Π·Π°ΠΏΡΠΎΡΠ° Π±ΡΠ΄Π΅Ρ ΡΡΠ΅ΡΡΠ½.
ΠΠ΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΠΎ ΡΡΠΈΡΡΠ²Π°ΡΡ (ΠΏΡΠΎΠ±ΡΠ°ΡΡΠ²Π°ΡΡ) ΡΠ»Π΅Π΄ΡΡΡΠΈΠ΅ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ:
x-request-id x-b3-traceid x-b3-spanid x-b3-parentspanid x-b3-sampled x-b3-flags x-ot-span-contextΠΡΠΎ Π½Π΅ΡΠ»ΠΎΠΆΠ½Π°Ρ Π·Π°Π΄Π°ΡΠ°, ΠΎΠ΄Π½Π°ΠΊΠΎ Π΄Π»Ρ ΡΠΏΡΠΎΡΠ΅Π½ΠΈΡ Π΅Ρ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ ΡΠΆΠ΅ ΡΡΡΠ΅ΡΡΠ²ΡΠ΅Ρ β Π½Π°ΠΏΡΠΈΠΌΠ΅Ρ, Π² ΡΠ΅ΡΠ²ΠΈΡΠ΅ sa-web-app ΠΊΠ»ΠΈΠ΅Π½Ρ RestTemplate ΠΏΡΠΎΠ±ΡΠ°ΡΡΠ²Π°Π΅Ρ ΡΡΠΈ Π·Π°Π³ΠΎΠ»ΠΎΠ²ΠΊΠΈ, Π΅ΡΠ»ΠΈ ΠΏΡΠΎΡΡΠΎ Π΄ΠΎΠ±Π°Π²ΠΈΡΡ Π±ΠΈΠ±Π»ΠΈΠΎΡΠ΅ΠΊΠΈ Jaeger ΠΈ OpenTracing Π² .
ΠΠ°ΠΌΠ΅ΡΡΡΠ΅, ΡΡΠΎ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠ΅ Sentiment Analysis Π΄Π΅ΠΌΠΎΠ½ΡΡΡΠΈΡΡΠ΅Ρ ΡΠ΅Π°Π»ΠΈΠ·Π°ΡΠΈΠΈ Π½Π° Flask, Spring ΠΈ ASP.NET Core.
Π’Π΅ΠΏΠ΅ΡΡ, ΠΊΠΎΠ³Π΄Π° ΡΡΠ°Π»ΠΎ ΡΡΠ½ΠΎ, ΡΡΠΎ ΠΌΡ ΠΏΠΎΠ»ΡΡΠ°Π΅ΠΌ ΠΈΠ· ΠΊΠΎΡΠΎΠ±ΠΊΠΈ (ΠΈΠ»ΠΈ ΠΏΠΎΡΡΠΈ Β«ΠΈΠ· ΠΊΠΎΡΠΎΠ±ΠΊΠΈΒ»), ΡΠ°ΡΡΠΌΠΎΡΡΠΈΠΌ Π²ΠΎΠΏΡΠΎΡΡ ΡΠΎΠ½ΠΊΠΎ Π½Π°ΡΡΡΠ°ΠΈΠ²Π°Π΅ΠΌΠΎΠΉ ΠΌΠ°ΡΡΡΡΡΠΈΠ·Π°ΡΠΈΠΈ, ΡΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ ΡΠ΅ΡΠ΅Π²ΡΠΌ ΡΡΠ°ΡΠΈΠΊΠΎΠΌ, Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ ΠΈ Ρ.ΠΏ.!
ΠΡΠΈΠΌ. ΠΏΠ΅ΡΠ΅Π².: ΠΎΠ± ΡΡΠΎΠΌ ΡΠΈΡΠ°ΠΉΡΠ΅ Π² ΡΠ»Π΅Π΄ΡΡΡΠ΅ΠΉ ΡΠ°ΡΡΠΈ ΠΌΠ°ΡΠ΅ΡΠΈΠ°Π»ΠΎΠ² ΠΏΠΎ Istio ΠΎΡ Rinor Maloku, ΠΏΠ΅ΡΠ΅Π²ΠΎΠ΄Ρ ΠΊΠΎΡΠΎΡΡΡ ΠΏΠΎΡΠ»Π΅Π΄ΡΡΡ Π² Π½Π°ΡΠ΅ΠΌ Π±Π»ΠΎΠ³Π΅ Π² Π±Π»ΠΈΠΆΠ°ΠΉΡΠ΅Π΅ Π²ΡΠ΅ΠΌΡ. UPDATE (14 ΠΌΠ°ΡΡΠ°): ΡΠΆΠ΅ ΠΎΠΏΡΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½Π°.
P.S. ΠΎΡ ΠΏΠ΅ΡΠ΅Π²ΠΎΠ΄ΡΠΈΠΊΠ°
Π§ΠΈΡΠ°ΠΉΡΠ΅ ΡΠ°ΠΊΠΆΠ΅ Π² Π½Π°ΡΠ΅ΠΌ Π±Π»ΠΎΠ³Π΅:
- Β«ΠΠ°Π·Π°Π΄ ΠΊ ΠΌΠΈΠΊΡΠΎΡΠ΅ΡΠ²ΠΈΡΠ°ΠΌ Π²ΠΌΠ΅ΡΡΠ΅ Ρ IstioΒ»: , ;
- «»;
- «»;
- «»;
- «».
ΠΡΡΠΎΡΠ½ΠΈΠΊ: habr.com
route:
- destination:
host: sa-frontend # 2
port:
number: 80
Cov ntsiab lus tseem ceeb:
- Qhov VirtualService no hais txog kev thov los ntawm http-gateway;
- Π
destinationtxhais cov kev pabcuam uas cov lus thov raug xa mus.ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: Cov kev teeb tsa saum toj no yog khaws cia hauv cov ntaub ntawv
sa-virtualservice-external.yaml, uas tseem muaj cov chaw rau routing rau SA-WebApp thiab SA-Feedback, tab sis tau luv luv ntawm no nyob rau hauv tsab xov xwm rau brevity.Thov VirtualService los ntawm kev hu rau:
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: Thaum peb siv Istio cov peev txheej, Kubernetes API Server hluav taws xob ib qho xwm txheej uas Istio Control Plane tau txais, thiab tom qab ntawd, qhov kev teeb tsa tshiab tau siv rau txhua lub pod's Envoy proxy. Thiab Ingress Gateway maub los zoo li yog lwm tus Envoy teeb tsa hauv Kev Tswj Dav Hlau. Tag nrho cov no zoo li qhov no hauv daim duab:
Istio-IngressGateway configuration rau kev thov routingSentiment Analysis yog tam sim no muaj nyob rau
http://{EXTERNAL-IP}/. Tsis txhob txhawj yog tias koj tsis pom qhov xwm txheej: qee zaum nws yuav siv sij hawm ntev me ntsis rau kev teeb tsa kom muaj txiaj ntsig thiab rau Envoy caches hloov tshiab.Ua ntej pib, ua si nrog daim ntawv thov rau me ntsis los tsim kev khiav tsheb. (nws lub xub ntiag yog tsim nyog rau kev pom tseeb hauv kev ua tom ntej - kwv yees li.).
Kiali: Observability
Txhawm rau nkag mus rau Kiali admin interface, khiav cov lus txib hauv qab no:
β¦thiab qhib los ntawm kev nkag mus rau hauv raws li admin/admin. Ntawm no koj yuav pom ntau yam muaj txiaj ntsig zoo, piv txwv li, txhawm rau txheeb xyuas qhov teeb tsa ntawm Istio cov khoom siv, pom cov kev pabcuam los ntawm cov ntaub ntawv sau los ntawm kev cuam tshuam cov kev thov hauv lub network, tau txais cov lus teb rau cov lus nug "Leej twg yog tus hu rau leej twg?", "Qhov kev pabcuam twg tau ntsib. ua tsis tiav?β thiab lwm yam. Feem ntau, tshawb txog qhov muaj peev xwm ntawm Kiali ua ntej mus rau qhov pom kev ntsuas nrog Grafana.
Grafana: visualization ntawm metrics
Cov kev ntsuas tau sau hauv Istio xaus rau hauv Prometheus thiab pom nrog Grafana. Txhawm rau nkag mus rau Grafana admin interface, khiav cov lus txib hauv qab no, tom qab ntawd qhib :
Los ntawm txhaj rau ntawm daim ntawv qhia zaub mov Tsev sab laug thiab xaiv Istio Service Dashboard nyob rau sab laug ces kaum, pib nrog kev pab sa-web-appmus saib cov metrics sau:
Ntawm no peb tab tom tos qhov kev ua haujlwm khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob khoob. Cia peb tsim ib qho me me load nrog cov lus txib hauv qab no:
Tam sim no peb muaj ntau cov duab zoo nkauj, thiab ntxiv rau lawv, cov cuab yeej zoo Prometheus rau kev saib xyuas thiab Grafana rau kev pom kev ntsuas, uas yuav ua rau peb kawm txog kev ua tau zoo, kev noj qab haus huv, kev txhim kho / kev puas tsuaj hauv cov kev pabcuam raws sijhawm.
Thaum kawg, cia peb saib ntawm kev thov tracing hauv cov kev pabcuam.
Jaeger: taug kev
Peb yuav xav tau kev taug qab, vim tias peb muaj kev pabcuam ntau dua, nws nyuaj rau kev nkag mus rau qhov ua rau tsis ua haujlwm. Cia peb saib ib rooj plaub yooj yim ntawm daim duab hauv qab no:
Ib qho piv txwv ntawm qhov kev thov ua tsis tiav randomThov tuaj, ntog - yog vim li cas? Thawj qhov kev pabcuam? Los yog thib ob? Muaj kev zam nyob rau hauv ob qho tib si - cia saib cov cav ntawm txhua tus. Ntev npaum li cas koj tau ntes koj tus kheej ua qhov no? Peb txoj hauj lwm yog zoo li software detective tshaj developersβ¦
Qhov no yog ib qho teeb meem thoob plaws hauv microservices thiab tau daws los ntawm kev faib cov tracing systems, uas cov kev pab cuam kis tau tus cim header rau ib leeg, tom qab uas cov ntaub ntawv no yog redirected rau lub tracing system, qhov twg nws yog muab piv nrog cov ntaub ntawv thov. Nov yog ib qho piv txwv:
TraceId yog siv los txheeb xyuas qhov kev thovIstio siv Jaeger Tracer, uas siv cov neeg muag khoom ywj pheej OpenTracing API lub hauv paus. Koj tuaj yeem nkag mus rau Jaeger tus neeg siv interface nrog cov lus txib hauv qab no:
Tam sim no mus rau thiab xaiv ib qho kev pabcuam sa-web-app. Yog tias qhov kev pabcuam tsis pom nyob rau hauv cov ntawv qhia zaub mov, qhia / tsim cov haujlwm ntawm nplooj ntawv thiab hloov kho lub interface. Tom qab ntawd nyem rau ntawm lub pob Nrhiav cov kab, uas yuav qhia cov kab dhau los tsis ntev los no - xaiv ib qho - cov ncauj lus kom ntxaws ntawm txhua kab yuav tshwm sim:
Cov kab no qhia tau tias:
- Qhov kev thov tuaj rau hauv istio-ingressgateway (qhov no yog thawj zaug kev cuam tshuam nrog ib qho ntawm cov kev pabcuam, thiab Trace ID yog tsim rau qhov kev thov), tom qab ntawd lub rooj vag xa cov lus thov mus rau qhov kev pabcuam sa-web-app.
- Hauv kev pabcuam sa-web-app qhov kev thov raug khaws los ntawm Envoy sidecar, ib tug "me nyuam" yog tsim nyob rau hauv lub ncua (yog vim li cas peb pom nws nyob rau hauv ib tug kab) thiab redirected rau lub thawv sa-web-app. ( - ib chav tsev ntawm kev ua haujlwm hauv Jaeger, muaj lub npe, lub sijhawm pib ntawm kev ua haujlwm thiab nws lub sijhawm. Spans tuaj yeem ua zes thiab xaj. Ib daim duab qhia acyclic ntawm spans ua ib txoj kab. - kwv yees. txhais.)
- Ntawm no qhov kev thov raug ua tiav los ntawm txoj kev kev xav Analysis. Cov kab no twb tsim los ntawm daim ntawv thov, i.e. lawv yuav tsum tau hloov code.
- Txij lub sijhawm no, qhov kev thov POST tau pib hauv sa-logic. Tus ID nkag mus yuav tsum tau xa los ntawm sa-web-app.
- ...
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: Hauv kauj ruam 4, daim ntawv thov yuav tsum pom cov headers tsim los ntawm Istio thiab dhau lawv mus rau kev thov tom ntej, raws li qhia hauv daim duab hauv qab no:
(A) Header forwarding yog lub luag haujlwm ntawm Istio; (B) Cov kev pab cuam yog lub luag haujlwm rau cov headersIstio ua haujlwm ntau vim tsim cov headers rau cov lus thov tuaj, tsim cov spans tshiab hauv txhua qhov kev saib xyuas thiab xa mus rau lawv. Txawm li cas los xij, yog tias tsis ua haujlwm nrog cov headers hauv cov kev pabcuam, tag nrho cov kev thov taug qab yuav ploj mus.
Cov headers hauv qab no yuav tsum tau txiav txim siab (xa mus):
Qhov no yog ib txoj hauj lwm yooj yim, tab sis kom yooj yim rau nws qhov kev siv, muaj lawm - Piv txwv li, hauv sa-web-app kev pabcuam, RestTemplate tus neeg siv khoom xa mus rau cov headers yog tias koj tsuas ntxiv cov tsev qiv ntawv Jaeger thiab OpenTracing rau .
Nco ntsoov tias daim ntawv thov Kev Ntsuas Kev Ntsuas pom pom kev siv hauv Flask, Spring, thiab ASP.NET Core.
Tam sim no nws yog qhov tseeb tias peb tab tom tawm ntawm lub thawv (lossis yuav luag tawm ntawm lub thawv), cia peb saib cov kev hloov kho kom zoo, kev tswj xyuas tsheb khiav hauv network, kev ruaj ntseg, thiab ntau ntxiv!
Nco tseg. txhais.: nyeem txog qhov no hauv ntu txuas ntxiv ntawm cov ntaub ntawv ntawm Istio los ntawm Rinor Maloku, cov kev txhais lus uas yuav ua raws li peb cov blog yav tom ntej. Hloov tshiab (Lub Peb Hlis 14): twb luam tawm lawm.
PS los ntawm tus txhais lus
Nyeem kuj ntawm peb blog:
- "Rov qab mus rau microservices nrog Istio": , ;
- «»;
- «»;
- «»;
- Β«".
Tau qhov twg los: www.hab.com