Nco tseg. txhais.: Cov koob no tau mob siab rau qhia txog Istio muaj peev xwm thiab ua kom pom lawv hauv kev nqis tes ua. Tam sim no peb yuav tham txog ntau txoj hauv kev ntawm kev teeb tsa thiab kev siv cov kev pabcuam mesh no, thiab tshwj xeeb, hais txog kev ua haujlwm zoo thiab kev tswj xyuas tsheb khiav hauv lub network.
Peb kuj tseem ceeb rau koj tias tsab xov xwm siv configurations (manifests rau Kubernetes thiab Istio) los ntawm repository .
tswj kev khiav tsheb
Nrog Istio, muaj peev xwm tshiab tshwm sim hauv pawg los muab:
- Dynamic thov routing: Canary rollouts, A/B kuaj;
- Load ntsuas: yooj yim thiab zoo ib yam, raws li hashes;
- Rov qab poob: lub sijhawm ua haujlwm, rov ua dua, Circuit Court breakers;
- Ntxig qhov yuam kev: ncua sij hawm, poob thov, thiab lwm yam.
Raws li tsab xov xwm txuas ntxiv mus, cov peev txheej no yuav raug piav qhia los ntawm kev siv cov ntawv thov xaiv ua piv txwv thiab cov tswv yim tshiab yuav raug qhia raws txoj kev. Thawj lub tswvyim yuav yog DestinationRules (piv txwv li txoj cai hais txog tus neeg tau txais kev khiav tsheb / thov - kwv yees li.), nrog kev pab los ntawm qhov peb qhib A / B kuaj.
Kev xeem A/B: Cov Cai Hauv Qhov Chaw Nyob hauv kev xyaum
Kev kuaj A / B yog siv nyob rau hauv cov ntaub ntawv uas muaj ob versions ntawm ib daim ntawv thov (feem ntau lawv yog visually txawv) thiab peb tsis 100% paub tseeb tias ib tug yuav txhim kho cov neeg siv. Yog li ntawd, peb khiav ob qho tib si ib txhij thiab sau metrics.
Txhawm rau xa qhov thib ob version ntawm frontend, yuav tsum tau ua kom pom qhov kev sim A / B, khiav cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/kube/ab-testing/sa-frontend-green-deployment.yaml
deployment.extensions/sa-frontend-green createdKev xa tawm manifest rau ntsuab version txawv nyob rau hauv ob qhov chaw:
- Daim duab yog raws li qhov sib txawv tag -
istio-green, - Pods muaj ib daim ntawv lo
version: green.
Vim tias ob qho kev xa tawm muaj daim ntawv lo app: sa-frontend, thov routed los ntawm kev pabcuam virtual sa-external-services rau kev pabcuam sa-frontend, yuav raug xa rov qab mus rau tag nrho nws cov xwm txheej thiab cov khoom thauj yuav raug faib los ntawm , uas yuav ua rau cov xwm txheej hauv qab no:
Cov ntaub ntawv thov tsis pom
Cov ntaub ntawv no tsis pom vim lawv muaj npe sib txawv hauv ntau hom ntawv thov. Cia peb nco ntsoov qhov no:
$ curl --silent http://$EXTERNAL_IP/ | tr '"' 'n' | grep main
/static/css/main.c7071b22.css
/static/js/main.059f8e9c.js
$ curl --silent http://$EXTERNAL_IP/ | tr '"' 'n' | grep main
/static/css/main.f87cd8c9.css
/static/js/main.f7659dbb.js
Qhov no txhais tau tias index.html, thov ib version ntawm cov ntaub ntawv zoo li qub, tuaj yeem xa los ntawm cov khoom sib npaug rau cov pods uas muaj qhov sib txawv, qhov twg, vim li cas, cov ntaub ntawv zoo li no tsis muaj nyob. Yog li ntawd, txhawm rau kom daim ntawv thov ua haujlwm, peb yuav tsum tau teeb tsa kev txwv: "tib lub version ntawm daim ntawv thov uas tau txais kev pabcuam index.html yuav tsum ua raws li kev thov tom ntej".
Peb yuav mus txog qhov ntawd nrog kev sib npaug hash-raws li load ntsuas (Kev sib xyaw Hash Loadbalancing)... Hauv qhov no kev thov los ntawm tib tus neeg siv khoom raug xa mus rau tib lub backend piv txwv, uas yog siv cov cuab yeej ua ntej - piv txwv li HTTP header. Ua tiav siv DestinationRules.
Txoj Cai Destination
Tom qab VirtualService xa ib daim ntawv thov mus rau qhov kev pabcuam uas xav tau, siv DestinationRules peb tuaj yeem txhais cov cai uas yuav raug siv rau cov tsheb thauj mus los rau qhov kev pabcuam no:
Kev tswj hwm tsheb nrog Istio cov peev txheej
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: Qhov cuam tshuam ntawm Istio cov peev txheej ntawm kev khiav tsheb hauv network tau nthuav tawm ntawm no hauv txoj hauv kev uas yooj yim to taub. Kom meej meej, qhov kev txiav txim siab uas yuav xa qhov kev thov mus rau yog ua los ntawm Tus Neeg Sawv Cev hauv Ingress Gateway tau teeb tsa hauv CRD.
Nrog rau Txoj Cai Destination, peb tuaj yeem teeb tsa cov khoom sib npaug kom siv cov hashes zoo ib yam thiab xyuas kom meej tias cov kev pabcuam tib yam teb rau tib tus neeg siv. Cov kev teeb tsa hauv qab no tso cai rau koj ua tiav qhov no ():
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: sa-frontend
spec:
host: sa-frontend
trafficPolicy:
loadBalancer:
consistentHash:
httpHeaderName: version # 1
1 - hash yuav raug tsim tawm raws li cov ntsiab lus ntawm HTTP header version.
Siv cov configuration nrog cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/istio/ab-testing/destinationrule-sa-frontend.yaml
destinationrule.networking.istio.io/sa-frontend created
Tam sim no khiav cov lus txib hauv qab no thiab xyuas kom tseeb tias koj tau txais cov ntaub ntawv raug thaum koj teev cov header version:
$ curl --silent -H "version: yogo" http://$EXTERNAL_IP/ | tr '"' 'n' | grep mainΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅: Txhawm rau ntxiv cov txiaj ntsig sib txawv hauv header thiab kuaj cov txiaj ntsig ncaj qha hauv browser, koj tuaj yeem siv rau Chrome (los yog rau Firefox - approx. txhais.).
Nyob rau hauv dav dav, DestinationRules muaj peev xwm ntau dua nyob rau hauv cheeb tsam ntawm load balancing - xyuas kom paub meej nyob rau hauv .
Ua ntej kawm VirtualService ntxiv, cia peb tshem tawm "ntsuab version" ntawm daim ntawv thov thiab cov kev coj ua ntawm kev coj mus los los ntawm kev khiav cov lus txib hauv qab no:
$ kubectl delete -f resource-manifests/kube/ab-testing/sa-frontend-green-deployment.yaml
deployment.extensions βsa-frontend-greenβ deleted
$ kubectl delete -f resource-manifests/istio/ab-testing/destinationrule-sa-frontend.yaml
destinationrule.networking.istio.io βsa-frontendβ deletedMirroring: Kev Pabcuam Virtual hauv Kev Xyaum
Ntsig ("shielding") los yog Mirroring (βmirrringβ) siv nyob rau hauv cov ntaub ntawv uas peb xav sim ib tug hloov nyob rau hauv ntau lawm yam tsis muaj kev cuam tshuam rau cov neeg siv kawg: ua qhov no, peb duplicate ("daim iav") thov mus rau ib tug thib ob piv txwv uas xav tau kev hloov pauv, thiab saib qhov tshwm sim. Cias muab, qhov no yog thaum koj cov npoj yaig xaiv qhov teeb meem tseem ceeb tshaj plaws thiab ua rau rub daim ntawv thov hauv daim ntawv ntawm cov av loj uas tsis muaj leej twg tuaj yeem tshuaj xyuas nws.
Txhawm rau ntsuas qhov xwm txheej no hauv kev nqis tes ua, cia peb tsim qhov piv txwv thib ob ntawm SA-Logic nrog cov kab (buggy) los ntawm kev khiav cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/kube/shadowing/sa-logic-service-buggy.yaml
deployment.extensions/sa-logic-buggy created
Thiab tam sim no cia peb khiav cov lus txib kom paub tseeb tias txhua yam nrog app=sa-logic Lawv kuj muaj cov ntawv sau nrog cov ntawv sib xws:
$ kubectl get pods -l app=sa-logic --show-labels
NAME READY LABELS
sa-logic-568498cb4d-2sjwj 2/2 app=sa-logic,version=v1
sa-logic-568498cb4d-p4f8c 2/2 app=sa-logic,version=v1
sa-logic-buggy-76dff55847-2fl66 2/2 app=sa-logic,version=v2
sa-logic-buggy-76dff55847-kx8zz 2/2 app=sa-logic,version=v2
kev pab cuam sa-logic hom phiaj pods nrog ib daim ntawv lo app=sa-logic, yog li txhua qhov kev thov yuav muab faib rau txhua qhov piv txwv:
... tab sis peb xav thov kom xa mus rau v1 piv txwv thiab mirrored rau v2 piv txwv:
Peb yuav ua tiav qhov no los ntawm VirtualService ua ke nrog DestinationRule, qhov twg cov cai yuav txiav txim siab cov subsets thiab txoj hauv kev ntawm VirtualService mus rau ib qho tshwj xeeb.
Defining Subsets nyob rau hauv Destination Rules
Subsets (subsets) yog txiav txim los ntawm cov nram qab no configuration ():
apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
name: sa-logic
spec:
host: sa-logic # 1
subsets:
- name: v1 # 2
labels:
version: v1 # 3
- name: v2
labels:
version: v2- Tus tswv tsev (
host) txhais tau tias txoj cai no tsuas yog siv rau cov xwm txheej thaum txoj kev mus rau qhov kev pabcuamsa-logic; - Cov npe (
name) subsets yog siv thaum routing rau subset piv txwv; - Daim ntawv lo (
label) txhais cov key-value khub uas piv txwv yuav tsum sib phim los ua ib feem ntawm cov subset.
Siv cov configuration nrog cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/istio/shadowing/sa-logic-subsets-destinationrule.yaml
destinationrule.networking.istio.io/sa-logic createdTam sim no hais tias cov subsets tau txhais, peb tuaj yeem txav mus rau thiab teeb tsa VirtualService los siv cov cai rau kev thov rau sa-logic kom lawv:
- Routed mus rau ib tug subset
v1, - Mirrored rau ib tug subset
v2.
Cov manifesto hauv qab no tso cai rau koj ua tiav koj cov phiaj xwm ():
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: sa-logic
spec:
hosts:
- sa-logic
http:
- route:
- destination:
host: sa-logic
subset: v1
mirror:
host: sa-logic
subset: v2Tsis xav tau kev piav qhia ntawm no, yog li cia peb pom nws hauv kev nqis tes ua:
$ kubectl apply -f resource-manifests/istio/shadowing/sa-logic-subsets-shadowing-vs.yaml
virtualservice.networking.istio.io/sa-logic createdCia peb ntxiv cov load los ntawm kev hu rau cov lus txib hauv qab no:
$ while true; do curl -v http://$EXTERNAL_IP/sentiment
-H "Content-type: application/json"
-d '{"sentence": "I love yogobella"}';
sleep .8; done
Cia peb saib cov txiaj ntsig hauv Grafana, qhov twg koj tuaj yeem pom tias cov version nrog kab (buggy) ua rau tsis ua tiav rau ~ 60% ntawm kev thov, tab sis tsis muaj qhov tsis ua tiav no cuam tshuam rau cov neeg siv kawg vim lawv tau teb los ntawm kev pabcuam khiav haujlwm.
Cov lus teb ua tiav ntawm ntau qhov sib txawv ntawm qhov kev pabcuam sa-logic
Ntawm no peb thawj zaug pom yuav ua li cas VirtualService tau siv rau Envoys ntawm peb cov kev pabcuam: thaum twg sa-web-app ua kev thov rau sa-logic, nws mus dhau lub sidecar Envoy, uas - ntawm VirtualService - yog configured rau txoj kev thov mus rau v1 subset thiab tsom iav qhov kev thov mus rau v2 subset ntawm cov kev pab cuam. sa-logic.
Kuv paub, tej zaum koj twb xav tias Virtual Services yog qhov yooj yim. Hauv seem tom ntej, peb yuav nthuav dav qhov ntawd los ntawm kev hais tias lawv kuj zoo heev.
Canary Rollouts
Canary Deployment yog tus txheej txheem ntawm dov tawm ib tug tshiab version ntawm ib daim ntawv thov rau ib tug tsawg tus neeg siv. Nws yog siv los xyuas kom meej tias tsis muaj teeb meem hauv kev tso tawm thiab tsuas yog tom qab ntawd, twb tau muaj kev ntseeg siab rau nws (tso tawm) zoo, faib rau lwm tus neeg siv.ΠΎcov neeg tuaj saib loj dua.
Txhawm rau ua kom pom cov canary rollouts, peb yuav txuas ntxiv ua haujlwm nrog cov khoom sib txuas buggy Ρ sa-logic.
Cia peb tsis txhob nkim sij hawm nyob rau hauv trifles thiab tam sim ntawd xa 20% ntawm cov neeg siv mus rau lub version nrog kab (qhov no yuav sawv cev rau peb canary rollout), thiab qhov seem 80% rau cov kev pab cuam ib txwm. Txhawm rau ua qhov no, siv VirtualService hauv qab no ():
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: sa-logic
spec:
hosts:
- sa-logic
http:
- route:
- destination:
host: sa-logic
subset: v1
weight: 80 # 1
- destination:
host: sa-logic
subset: v2
weight: 20 # 1
1 yog qhov hnyav (weight), uas qhia txog qhov feem pua ββββntawm cov kev thov uas yuav raug xa mus rau tus neeg txais lossis ib pawg ntawm tus neeg txais.
Cia peb hloov kho yav dhau los VirtualService configuration rau sa-logic nrog cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/istio/canary/sa-logic-subsets-canary-vs.yaml
virtualservice.networking.istio.io/sa-logic configured... thiab peb yuav pom tam sim ntawd tias qee qhov kev thov ua rau ua tsis tiav:
$ while true; do
curl -i http://$EXTERNAL_IP/sentiment
-H "Content-type: application/json"
-d '{"sentence": "I love yogobella"}'
--silent -w "Time: %{time_total}s t Status: %{http_code}n"
-o /dev/null; sleep .1; done
Time: 0.153075s Status: 200
Time: 0.137581s Status: 200
Time: 0.139345s Status: 200
Time: 30.291806s Status: 500VirtualServices pab kom canary rollouts: Hauv qhov no, peb tau txo qis qhov cuam tshuam ntawm cov teeb meem rau 20% ntawm cov neeg siv hauv paus. Zoo kawg! Tam sim no, nyob rau hauv txhua rooj plaub thaum peb tsis paub meej ntawm peb cov cai (nyob rau hauv lwm yam lus - ib txwm ...), peb yuav siv mirroring thiab canary rollouts.
Timeouts thiab rov sim dua
Tab sis kab laum tsis tas yuav xaus rau hauv cov cai. Hauv daim ntawv teev npe ""Hauv thawj qhov chaw yog qhov kev ntseeg yuam kev tias "lub network yog kev ntseeg siab." Hauv kev muaj tiag lub network tsis ntseeg tau, thiab vim li no peb xav tau sijhawm (lub sijhawm) thiab rov sim dua (retry).
Rau kev ua qauv qhia peb yuav txuas ntxiv siv tib qhov teeb meem version sa-logic (buggy), thiab peb yuav simulate lub unreliability ntawm lub network nrog random tsis ua hauj lwm.
Cia peb cov kev pabcuam nrog cov kab laum muaj 1/3 lub sijhawm ntawm kev siv sijhawm ntev los teb, 1/3 txoj hauv kev xaus nrog Internal Server yuam kev, thiab 1/3 txoj hauv kev ua tiav rov qab nplooj ntawv.
Txhawm rau txo qhov cuam tshuam ntawm cov teeb meem no thiab ua kom lub neej zoo dua rau cov neeg siv, peb tuaj yeem:
- ntxiv ib lub sijhawm yog tias qhov kev pabcuam siv sijhawm ntev dua 8 vib nas this los teb,
- rov sim dua yog qhov kev thov ua tsis tiav.
Rau kev siv, peb yuav siv cov ntsiab lus hauv qab no ():
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: sa-logic
spec:
hosts:
- sa-logic
http:
- route:
- destination:
host: sa-logic
subset: v1
weight: 50
- destination:
host: sa-logic
subset: v2
weight: 50
timeout: 8s # 1
retries:
attempts: 3 # 2
perTryTimeout: 3s # 3- Lub sijhawm rau kev thov yog teem rau 8 vib nas this;
- Kev thov rov ua dua 3 zaug;
- Thiab txhua qhov kev sim raug suav tias ua tsis tiav yog tias lub sijhawm teb dhau 3 vib nas this.
Qhov no yog qhov kev ua kom zoo dua vim tias tus neeg siv yuav tsis tas tos ntau dua 8 vib nas this thiab peb yuav ua peb qhov kev sim tshiab kom tau txais cov lus teb thaum tsis ua tiav, ua rau kom muaj kev vam meej.
Siv cov kev hloov kho tshiab nrog cov lus txib hauv qab no:
$ kubectl apply -f resource-manifests/istio/retries/sa-logic-retries-timeouts-vs.yaml
virtualservice.networking.istio.io/sa-logic configuredThiab xyuas hauv Grafana graphs tias cov lus teb tau zoo tau nce siab saum toj no:
Kev txhim kho hauv kev ua tiav cov ntaub ntawv txheeb xyuas tom qab ntxiv cov sij hawm thiab rov ua dua
Ua ntej txav mus rau ntu tom ntej (los yog theej, mus rau ntu tom ntej ntawm tsab xov xwm, vim hais tias hauv qhov no yuav tsis muaj kev sim siab ntxiv - kwv yees li.), rho tawm sa-logic-buggy thiab VirtualService los ntawm kev khiav cov lus txib hauv qab no:
$ kubectl delete deployment sa-logic-buggy
deployment.extensions βsa-logic-buggyβ deleted
$ kubectl delete virtualservice sa-logic
virtualservice.networking.istio.io βsa-logicβ deletedCircuit Breaker thiab Bulkhead Patterns
Peb tab tom tham txog ob tus qauv tseem ceeb hauv microservice architecture uas tso cai rau koj kom ua tiav tus kheej rov qab (kev kho tus kheej) cov kev pab cuam.
Circuit Court Breaker ("circuit breaker") siv los txiav cov lus thov tuaj rau qhov piv txwv ntawm qhov kev pabcuam uas suav tias tsis zoo thiab rov qab los thaum cov neeg thov kev thov raug xa rov qab mus rau qhov kev noj qab haus huv ntawm cov kev pabcuam ntawd (uas ua rau feem pua ββββntawm cov lus teb ua tiav). (Ceeb Toom: Cov lus piav qhia ntxaws ntxiv ntawm tus qauv tuaj yeem pom, piv txwv li, .)
Bulkhead ("kev faib") cais cov kev pabcuam tsis ua haujlwm los ntawm kev cuam tshuam rau tag nrho cov system. Piv txwv li, Kev Pabcuam B tau tawg thiab lwm qhov kev pabcuam (Kev Pabcuam B tus neeg siv khoom) ua rau kev thov rau Service B, ua rau nws tso nws lub pas dej thiab tsis tuaj yeem pabcuam lwm yam kev thov (txawm tias lawv tsis yog los ntawm Service B). (Ceeb Toom: Cov lus piav qhia ntxaws ntxiv ntawm tus qauv tuaj yeem pom, piv txwv li, .)
Kuv yuav tshem tawm cov ntsiab lus ntawm kev siv cov qauv no vim tias lawv yooj yim nrhiav hauv , thiab kuv kuj xav qhia txog kev lees paub thiab kev tso cai, uas yuav tau tham hauv tshooj tom ntej ntawm tsab xov xwm.
PS los ntawm tus txhais lus
Nyeem kuj ntawm peb blog:
- "Rov qab mus rau microservices nrog Istio": , ;
- «»;
- Β«".
Tau qhov twg los: www.hab.com