Kukula kwa netiweki ya Amazon Web Services ndi madera 69 padziko lonse lapansi m'magawo 22: USA, Europe, Asia, Africa ndi Australia. Dera lililonse lili ndi malo ofikira 8 - Data Processing Centers. Deta iliyonse ili ndi ma seva masauzande kapena mazana masauzande. Netiweki idapangidwa m'njira yoti zochitika zonse zomwe sizingachitike kuzimitsidwa zimaganiziridwa. Mwachitsanzo, madera onse ndi otalikirana, ndipo madera ofikirako amapatulidwa mtunda wa makilomita angapo. Ngakhale mutadula chingwe, makinawo amasinthira kumayendedwe osunga zosunga zobwezeretsera, ndipo kutayika kwa chidziwitso kudzakhala mapaketi angapo a data. Vasily Pantyukhin adzalankhula za mfundo zina zomwe maukonde amapangidwira komanso momwe amapangidwira.
Vasily Pantyukhin adayamba ngati woyang'anira Unix m'makampani a .ru, adagwira ntchito pazida zazikulu za Sun Microsystem kwa zaka 6, ndikulalikira dziko la data-centric kwa zaka 11 ku EMC. Mwachilengedwe idasintha kukhala mitambo yachinsinsi, kenako idasamukira kugulu la anthu. Tsopano, monga womanga wa Amazon Web Services, amapereka upangiri waukadaulo kuti athandizire kukhala ndi moyo mumtambo wa AWS.
M'gawo lapitalo la trilogy ya AWS, Vasily adafufuza momwe ma seva akuthupi amapangidwira komanso makulitsidwe a database. Makhadi a Nitro, hypervisor yochokera ku KVM, database ya Amazon Aurora - zonse zomwe zili m'nkhaniyi "" Werengani nkhani kapena penyani zolankhula.
Gawoli lidzayang'ana kwambiri pakukweza maukonde, imodzi mwazinthu zovuta kwambiri mu AWS. Chisinthiko kuchokera pa netiweki yathyathyathya kupita ku Virtual Private Cloud ndi kapangidwe kake, ntchito zamkati za Blackfoot ndi HyperPlane, vuto la mnansi waphokoso, ndipo pamapeto - kukula kwa netiweki, msana ndi zingwe zakuthupi. Za zonsezi pansi pa odulidwa.
Chodzikanira: Zonse zomwe zili pansipa ndi malingaliro a Vasily ndipo mwina sizingafanane ndi momwe Amazon Web Services ilili.
Kuchulukitsa kwa netiweki
Mtambo wa AWS unakhazikitsidwa mu 2006. Network yake inali yachikale - yokhala ndi nyumba yosalala. Kusiyanasiyana kwa maadiresi achinsinsi kunali kofala kwa onse ogwira ntchito pamtambo. Mukayamba makina atsopano, mwangozi mwalandira adilesi ya IP kuchokera pagululi.
Njirayi inali yosavuta kugwiritsa ntchito, koma makamaka idachepetsa kugwiritsa ntchito mtambo. Makamaka, zinali zovuta kupanga mayankho osakanizidwa omwe amaphatikiza maukonde achinsinsi pansi komanso mu AWS. Vuto lomwe linali lodziwika kwambiri linali kuchulukana kwa ma adilesi a IP.
Mtambo Wabwinobwino
Mtambo unapezeka kuti ukufunika. Yafika nthawi yoti muganizire za scalability ndi kuthekera kwa kugwiritsidwa ntchito kwake ndi mamiliyoni ambiri a lendi. Network yosalala yakhala chopinga chachikulu. Chifukwa chake, tidaganiza za momwe tingapatule ogwiritsa ntchito pa intaneti kuti athe kusankha okha ma IP.
Kodi chinthu choyamba chomwe chimabwera m'maganizo ndi chiyani mukaganizira za kudzipatula pa intaneti? Ndithudi Zithunzi za VLAN ΠΈ VRF - Virtual Routing ndi Forwarding.
Tsoka ilo, sizinagwire ntchito. ID ya VLAN ndi ma bits 12 okha, omwe amatipatsa magawo 4096 okha. Ngakhale masiwichi akuluakulu amatha kugwiritsa ntchito ma VRF opitilira 1-2. Kugwiritsa ntchito VRF ndi VLAN palimodzi kumatipatsa ma subnets mamiliyoni ochepa okha. Izi sizokwanira kwa mamiliyoni ambiri a lendi, omwe aliyense ayenera kugwiritsa ntchito ma subnet angapo.
Sitingathenso kugula nambala yofunikira yamabokosi akulu, mwachitsanzo, kuchokera ku Cisco kapena Juniper. Pali zifukwa ziwiri: ndizokwera mtengo kwambiri, ndipo sitikufuna kumvera mfundo zachitukuko ndi zigamba.
Pali mfundo imodzi yokha - pangani yankho lanu.
Mu 2009 tinalengeza Zamgululi - Mtambo Wabwinobwino. Dzinali lidakhazikika ndipo tsopano ambiri opereka mtambo amaligwiritsanso ntchito.
VPC ndi netiweki yeniyeni SDN (Software Defined Network). Tidaganiza kuti tisapange ma protocol apadera pamlingo wa L2 ndi L3. Netiweki imayenda pa Ethernet yokhazikika ndi IP. Pakufalikira pa netiweki, kuchuluka kwa magalimoto pamakina kumayikidwa mu protocol wrapper yathu. Imawonetsa ID yomwe ili ya VPC ya lendi.
Zikumveka zosavuta. Komabe, pali zovuta zingapo zaukadaulo zomwe zikufunika kuthana nazo. Mwachitsanzo, malo ndi momwe mungasungire deta pamapu a maadiresi a MAC/IP, ID ya VPC ndi mawonekedwe a MAC/IP. Pamlingo wa AWS, ili ndi tebulo lalikulu lomwe liyenera kugwira ntchito ndikuchedwa pang'ono. Udindo pa izi utumiki wa mapu, yomwe imafalikira mochepa kwambiri pa intaneti.
M'makina a m'badwo watsopano, encapsulation imachitidwa ndi makhadi a Nitro pamlingo wa hardware. M'zaka zakale, encapsulation ndi decapsulation ndizokhazikitsidwa ndi mapulogalamu.
Tiyeni tiwone momwe zimagwirira ntchito mwatsatanetsatane. Tiyeni tiyambe ndi mlingo wa L2. Tiyeni tiyerekeze kuti tili ndi makina enieni okhala ndi IP 10.0.0.2 pa seva yakuthupi 192.168.0.3. Imatumiza deta ku makina pafupifupi 10.0.0.3, omwe amakhala pa 192.168.1.4. Pempho la ARP limapangidwa ndikutumizidwa ku netiweki ya Nitro khadi. Kuti zikhale zosavuta, timaganiza kuti makina onsewa amakhala mu VPC "yabuluu" yofanana.
Mapuwa alowa m'malo mwa adilesi yakeyake ndikutumiza chimango cha ARP ku ntchito yojambula.
Ntchito yamapu imabweretsanso chidziwitso chomwe chili chofunikira pakufalitsa pa L2 network.
Khadi ya Nitro mu mayankho a ARP imalowa m'malo mwa MAC pa intaneti yokhala ndi adilesi mu VPC.
Posamutsa deta, timakulunga MAC ndi IP zomveka bwino mu VPC wrapper. Timafalitsa zonsezi pamanetiweki pogwiritsa ntchito makadi oyenerera a IP Nitro ndi komwe tikupita.
Makina akuthupi omwe phukusili likupita likuchita cheke. Izi ndi zofunika kupewa kuthekera kwa adilesi spoofing. Makinawa amatumiza pempho lapadera ku ntchito yojambula mapu ndikufunsa kuti: "Kuchokera ku makina akuthupi 192.168.0.3 ndinalandira paketi yomwe imapangidwira 10.0.0.3 mu VPC yabuluu. Kodi iye ndi wovomerezeka?
Ntchito yojambula mapu imayang'ana tebulo lake logawira zida ndikulola kapena kukana paketi kuti idutse. Muzochitika zonse zatsopano, kutsimikizira kowonjezera kumayikidwa mumakhadi a Nitro. Ndikosatheka kuzilambalala ngakhale mongoyerekeza. Chifukwa chake, kuwononga zinthu mu VPC ina sikungagwire ntchito.
Kenako, deta imatumizidwa ku makina enieni omwe amapangidwira.
Ntchito yojambula mapu imagwiranso ntchito ngati rauta yomveka yosamutsa deta pakati pa makina enieni m'magawo osiyanasiyana. Chilichonse ndi chosavuta, sindifotokoza mwatsatanetsatane.
Zikuoneka kuti potumiza paketi iliyonse, ma seva amatembenukira ku ntchito ya mapu. Kodi mungathane bwanji ndi kuchedwa kosapeweka? Kusunga, kumene.
Kukongola kwake ndikuti simuyenera kubisa tebulo lonse lalikulu. Seva yakuthupi imakhala ndi makina enieni kuchokera ku ma VPC ochepa. Muyenera kungosunga zambiri za ma VPC awa. Kusamutsa deta ku ma VPC ena mu "default" kasinthidwe sikuli kovomerezeka. Ngati magwiridwe antchito monga VPC-peering amagwiritsidwa ntchito, ndiye kuti chidziwitso chokhudzana ndi ma VPC ofananira chimayikidwanso mu posungira.
Tinakonza kusamutsa deta ku VPC.
Blackfoot
Zoyenera kuchita ngati magalimoto akuyenera kutumizidwa kunja, mwachitsanzo pa intaneti kapena kudzera pa VPN mpaka pansi? Zimatithandiza pano Blackfoot - Ntchito yamkati ya AWS. Imapangidwa ndi timu yathu yaku South Africa. Ndicho chifukwa chake msonkhanowu unatchedwa penguin yemwe amakhala ku South Africa.
Blackfoot imachotsa magalimoto ndikuchita zomwe zikufunika nawo. Deta imatumizidwa pa intaneti momwe zilili.
Deta imachotsedwa ndikukutidwanso mu IPsec mukamagwiritsa ntchito VPN.
Mukamagwiritsa ntchito Direct Connect, traffic imayikidwa ndikutumizidwa ku VLAN yoyenera.
HyperPlane
Iyi ndi ntchito yowongolera kuyenda kwamkati. Ma network ambiri amafunikira kuyang'aniridwa data flow limati. Mwachitsanzo, mukamagwiritsa ntchito NAT, control control ikuyenera kuwonetsetsa kuti IP:pawiri iliyonse yolowera ili ndi doko lotuluka lapadera. Pankhani ya balancer NLB - Network Load Balancer, kayendedwe ka deta nthawi zonse kuyenera kutumizidwa ku makina omwewo omwe akufuna. Magulu a Chitetezo ndi chowotcha moto. Imayang'anira kuchuluka kwa magalimoto omwe akubwera ndipo imatsegula madoko a paketi yotuluka.
Mumtambo wa AWS, zofunikira zotumizirana nthawi yayitali ndizokwera kwambiri. Ndichifukwa chake HyperPlane zofunika kwambiri pakuchita kwa netiweki yonse.
Hyperplane imapangidwa pamakina enieni a EC2. Palibe zamatsenga pano, koma zamatsenga. Chinyengo ndichakuti awa ndi makina enieni okhala ndi RAM yayikulu. Zochita zimangochitika zokha ndipo zimangokumbukira. Izi zimakupatsani mwayi wofikira kuchedwa kwa ma microseconds khumi okha. Kugwira ntchito ndi disk kungawononge zokolola zonse.
Hyperplane ndi dongosolo logawidwa la chiwerengero chachikulu cha makina a EC2. Makina aliwonse ali ndi bandwidth ya 5 GB / s. Kudera lonse lachigawo, izi zimapereka ma terabits odabwitsa a bandwidth ndikulola kukonza mamiliyoni olumikizana pamphindikati.
HyperPlane imangogwira ntchito ndi mitsinje. VPC paketi encapsulation ndi yowonekera kwathunthu kwa izo. Chiwopsezo chomwe chingachitike muutumiki wamkatiwu chingalepheretsebe kudzipatula kwa VPC kuti zisasweka. Magawo omwe ali pansipa ali ndi udindo wachitetezo.
Woyandikana nawo waphokoso
Pali vuto mnansi waphokoso - mnansi waphokoso. Tiyerekeze kuti tili ndi mfundo 8. Ma node awa amayendetsa kayendedwe ka onse ogwiritsa ntchito mtambo. Chilichonse chikuwoneka bwino ndipo katundu ayenera kugawidwa mofanana pamagulu onse. Ma Node ndi amphamvu kwambiri ndipo ndizovuta kuwadzaza.
Koma timapanga zomanga zathu kutengera zomwe sizikanachitika.
Kuthekera kochepa sikutanthauza zosatheka.
Titha kuganiza momwe ogwiritsa ntchito amodzi kapena angapo angapangire katundu wambiri. Ma node onse a HyperPlane akutenga nawo gawo pakukonza izi ndipo ogwiritsa ntchito ena atha kukhala ndi vuto linalake. Izi zimaphwanya lingaliro la mtambo, momwe obwereka alibe mphamvu zokopana wina ndi mnzake.
Momwe mungathetsere vuto la mnansi waphokoso? Chinthu choyamba chimene chimabwera m'maganizo ndi sharding. Node zathu 8 zimagawidwa momveka kukhala 4 shards ya 2 node iliyonse. Tsopano woyandikana nawo waphokoso adzasokoneza gawo limodzi mwa magawo anayi a ogwiritsa ntchito onse, koma izi zidzawasokoneza kwambiri.
Tiyeni tichite zinthu mosiyana. Tidzapereka ma node atatu okha kwa aliyense wogwiritsa ntchito.
Chinyengo ndikugawira ma node mwachisawawa kwa ogwiritsa ntchito osiyanasiyana. Mu chithunzi chomwe chili pansipa, wogwiritsa ntchito buluu akudutsa node ndi mmodzi wa ogwiritsa ntchito awiri - wobiriwira ndi lalanje.
Ndi ma node 8 ndi ogwiritsa ntchito 3, kuthekera kwa mnansi waphokoso kumadutsana ndi m'modzi wa ogwiritsa ntchito ndi 54%. Ndi mwayi uwu kuti wogwiritsa ntchito buluu angakhudze ma lendi ena. Pa nthawi yomweyo, gawo chabe la katundu wake. M'chitsanzo chathu, chikokachi chidzawoneka mwanjira ina osati kwa aliyense, koma kwa gawo limodzi mwa magawo atatu a ogwiritsa ntchito onse. Izi ndi zotsatira zabwino kale.
Chiwerengero cha ogwiritsa ntchito omwe adutsana
Kuthekera kwa maperesenti
0
18%
1
54%
2
26%
3
2%
Tiyeni tibweretse zinthu pafupi ndi zenizeni - tiyeni titenge ma node 100 ndi ogwiritsa ntchito 5 pa mfundo zisanu. Pankhaniyi, palibe node iliyonse yomwe ingadutse ndi kuthekera kwa 5%.
Chiwerengero cha ogwiritsa ntchito omwe adutsana
Kuthekera kwa maperesenti
0
77%
1
21%
2
1,8%
3
0,06%
4
0,0006%
5
0,00000013%
Muzochitika zenizeni, ndi chiwerengero chachikulu cha ma HyperPlane node ndi ogwiritsa ntchito, zomwe zingakhudze mnzako waphokoso kwa ogwiritsa ntchito ena ndizochepa. Njirayi imatchedwa kusakaniza sharding - kusintha kwa kutentha. Amachepetsa zotsatira zoyipa za kulephera kwa node.
Ntchito zambiri zimamangidwa pamaziko a HyperPlane: Network Load Balancer, NAT Gateway, Amazon EFS, AWS PrivateLink, AWS Transit Gateway.
Network scale
Tsopano tiyeni tikambirane za kukula kwa netiweki palokha. Kwa Okutobala 2019 AWS imapereka ntchito zake mu 22 zigawo, ndipo ena 9 akukonzekera.
- Dera lililonse lili ndi Magawo angapo Opezeka. Pali 69 aiwo padziko lonse lapansi.
- AZ iliyonse imakhala ndi Data Processing Centers. Palibe oposa 8 mwa iwo onse.
- Malo opangira data amakhala ndi ma seva ambiri, ena okhala ndi 300.
Tsopano tiyeni tiyese izi zonse, chulukitsani ndikupeza chithunzi chochititsa chidwi chomwe chikuwonetsa Amazon cloud scale.
Pali maulalo ambiri owoneka bwino pakati pa Availability Zones ndi data center. M'dera lathu lalikulu kwambiri, njira za 388 zakhazikitsidwa kuti azilankhulana ndi AZ pakati pawo ndi malo olumikizirana ndi madera ena (Transit Centers). Pazonse izi zimapereka misala 5000 Tbit.
Backbone AWS idapangidwira komanso kukhathamiritsa mtambo. Timamanga pamakanema 100GB / s. Timawalamulira kwathunthu, kupatula madera aku China. Magalimoto sagawidwa ndi katundu wamakampani ena.
Zoonadi, si ife tokha omwe amapereka mtambo wokhala ndi intaneti yachinsinsi. Makampani ochulukirachulukira akutsatira njira iyi. Izi zimatsimikiziridwa ndi ofufuza odziimira okha, mwachitsanzo kuchokera .
Grafu ikuwonetsa kuti gawo la opereka zinthu ndi opereka mtambo akukula. Chifukwa cha izi, kuchuluka kwa magalimoto pa intaneti kwa omwe amapereka msana kukucheperachepera.
Ndifotokoza chifukwa chake izi zimachitika. M'mbuyomu, ntchito zambiri zapaintaneti zinali kupezeka komanso kugwiritsidwa ntchito mwachindunji pa intaneti. Masiku ano, ma seva ochulukirachulukira amapezeka mumtambo ndipo amapezeka kudzera CDN - Content Distribution Network. Kuti mupeze chithandizo, wogwiritsa ntchito amangodutsa pa intaneti kupita ku CDN PoP yapafupi - Mfundo ya Kukhalapo. Nthawi zambiri zimakhala penapake pafupi. Kenako imachoka pa intaneti ya anthu onse ndikuwuluka pamsana pawokha kudutsa Atlantic, mwachitsanzo, ndikukafika kuzinthuzo.
Ndikudabwa kuti intaneti idzasintha bwanji zaka 10 ngati izi zikupitirizabe?
Njira zakuthupi
Asayansi sanapezebe mmene angawonjezere liwiro la kuwala mβChilengedwe, koma apita patsogolo kwambiri mβnjira zopatsira kuwalako kudzera mβmawu opangidwa ndi kuwala. Panopa timagwiritsa ntchito zingwe za fiber 6912. Izi zimathandiza kwambiri kukhathamiritsa mtengo wa unsembe wawo.
M'madera ena tiyenera kugwiritsa ntchito zingwe zapadera. Mwachitsanzo, m'chigawo cha Sydney timagwiritsa ntchito zingwe zokhala ndi zokutira zapadera motsutsana ndi chiswe.
Palibe amene sakumana ndi zovuta ndipo nthawi zina njira zathu zimawonongeka. Chithunzi chakumanja chikuwonetsa zingwe zowonera m'chigawo chimodzi cha ku America zomwe zidang'ambika ndi ogwira ntchito yomanga. Chifukwa cha ngoziyi, mapaketi a data 13 okha adatayika, zomwe ndizodabwitsa. Apanso - 13 okha! Dongosolo limasinthidwa nthawi yomweyo kumayendedwe osunga zosunga zobwezeretsera - sikelo ikugwira ntchito.
Tidadumphadumpha mu ntchito zina zamtambo za Amazon ndi matekinoloje. Ndikukhulupirira kuti muli ndi lingaliro la kuchuluka kwa ntchito zomwe mainjiniya athu akuyenera kuthana nazo. Ineyo pandekha, ndimaona kuti zimenezi nβzosangalatsa kwambiri.
Ichi ndi gawo lomaliza la trilogy ya Vasily Pantyukhin pa chipangizo cha AWS. MU magawo amafotokoza kukhathamiritsa kwa seva ndi makulitsidwe a database, ndi in - ntchito zopanda seva ndi Firecracker.
pa mu Novembala Vasily Pantyukhin adzagawana zatsopano za chipangizo cha Amazon. Iye za zomwe zimayambitsa zolephera komanso mapangidwe a machitidwe ogawidwa ku Amazon. October 24 akadali otheka tikiti pamtengo wabwino, ndi kulipira pambuyo pake. Tikukudikirirani ku HighLoad++, bwerani ticheze!
Source: www.habr.com