Bwererani ku microservices ndi Istio. Gawo 2

Zindikirani. transl.: Gawo loyamba Mndandandawu unaperekedwa poyambitsa luso la Istio ndikuwawonetsa akugwira ntchito. Tsopano tikambirana zinthu zovuta kwambiri za kasinthidwe ndi kugwiritsa ntchito mauna amtunduwu, makamaka, zamayendedwe owongolera bwino komanso kasamalidwe ka magalimoto pamaneti.

Timakukumbutsaninso kuti nkhaniyi imagwiritsa ntchito masinthidwe (mawonekedwe a Kubernetes ndi Istio) kuchokera kumalo osungirako. istio-mastery.

Kuwongolera Magalimoto

Ndi Istio, kuthekera kwatsopano kumawoneka mgululi kuti apereke:

• Kufunsira kwamphamvu: kutulutsa kwa canary, kuyesa kwa A / B;
• Katundu kusanja: yosavuta komanso yosasinthasintha, yozikidwa pa ma hashes;
• Kuchira pambuyo kugwa: kutha kwa nthawi, kuyesanso, zosokoneza madera;
• Kuyika zolakwika: kuchedwa, zopempha zomwe zasiya, ndi zina zotero.

Pamene nkhaniyi ikupitirira, mphamvuzi zidzawonetsedwa pogwiritsa ntchito ntchito yosankhidwa monga chitsanzo ndipo malingaliro atsopano adzafotokozedwa m'njira. Lingaliro loyamba loterolo lidzakhala DestinationRules (i.e. malamulo okhudza wolandira magalimoto/zopempha - pafupifupi transl.), mothandizidwa ndi zomwe timayambitsa kuyesa kwa A/B.

Kuyesa kwa A/B: DestinationRules pochita

Kuyesa kwa A/B kumagwiritsidwa ntchito ngati pali mitundu iwiri ya pulogalamu (nthawi zambiri imakhala yosiyana) ndipo sitikutsimikiza 100% kuti ndi iti yomwe ingathandizire ogwiritsa ntchito. Chifukwa chake, timayendetsa mitundu yonse iwiri nthawi imodzi ndikusonkhanitsa ma metric.

Kuti mugwiritse ntchito mtundu wachiwiri wakutsogolo, wofunikira kuwonetsa kuyesa kwa A / B, yendetsani lamulo ili:

$ kubectl apply -f resource-manifests/kube/ab-testing/sa-frontend-green-deployment.yaml
deployment.extensions/sa-frontend-green created

Mawonekedwe a kutumizidwa kwa mtundu wobiriwira amasiyana m'malo awiri:

1. Chithunzichi chazikidwa pa tag ina - istio-green,
2. Ma pod ali ndi chizindikiro version: green.

Popeza onse awiriwa ali ndi chizindikiro app: sa-frontend, zopempha zoyendetsedwa ndi ntchito zenizeni sa-external-services za utumiki sa-frontend, idzatumizidwa kuzochitika zake zonse ndipo katunduyo adzagawidwa algorithm yozungulira-robin, zomwe zingayambitse zotsatirazi:

Mafayilo omwe adafunsidwa sanapezeke

Mafayilowa sanapezeke chifukwa amatchulidwa mosiyana m'mawonekedwe osiyanasiyana a pulogalamuyi. Titsimikizire izi:

$ curl --silent http://$EXTERNAL_IP/ | tr '"' 'n' | grep main
/static/css/main.c7071b22.css
/static/js/main.059f8e9c.js
$ curl --silent http://$EXTERNAL_IP/ | tr '"' 'n' | grep main
/static/css/main.f87cd8c9.css
/static/js/main.f7659dbb.js

Zikutanthauza kuti index.html, kupempha mtundu umodzi wa mafayilo osasunthika, akhoza kutumizidwa ndi balancer yolemetsa ku ma pods omwe ali ndi mtundu wosiyana, kumene, pazifukwa zomveka, mafayilo oterowo palibe. Chifukwa chake, kuti pulogalamuyo igwire ntchito, tiyenera kukhazikitsa zoletsa: "mtundu womwewo wa pulogalamu yomwe idatumizidwa index.html iyenera kupereka zopempha zotsatila".

Tifika kumeneko ndi kusanja kwapang'onopang'ono kwa hashi (Hash Loadbalancing yokhazikika). Pamenepa zopempha kuchokera kwa kasitomala yemweyo amatumizidwa ku chitsanzo chomwecho backend, yomwe katundu wokonzedweratu amagwiritsidwa ntchito - mwachitsanzo, mutu wa HTTP. Kukhazikitsidwa pogwiritsa ntchito DestinationRules.

DestinationRules

pambuyo VirtualService tatumiza pempho ku ntchito yomwe mukufuna, pogwiritsa ntchito DestinationRules titha kufotokozera mfundo zomwe zidzagwiritsidwe ntchito pamagalimoto omwe akupita kukakumana ndi ntchitoyi:

Kuwongolera magalimoto ndi zothandizira za Istio

ndemanga: Zotsatira za zida za Istio pamayendedwe apakompyuta zimaperekedwa apa m'njira yosavuta kumvetsetsa. Kunena zowona, lingaliro la nthawi yoti mutumize pempholi limapangidwa ndi nthumwi mu Ingress Gateway yokonzedwa mu CRD.

Ndi Malamulo Akopita, titha kukonza zolozera kuti tigwiritse ntchito ma hashi osasinthasintha ndikuwonetsetsa kuti zochitika zomwezo zimayankha kwa wogwiritsa yemweyo. Kukonzekera kotsatiraku kumakulolani kuti mukwaniritse izi (destinationrule-sa-frontend.yaml):

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: sa-frontend
spec:
  host: sa-frontend
  trafficPolicy:
    loadBalancer:
      consistentHash:
        httpHeaderName: version   # 1

1 - hash idzapangidwa kutengera zomwe zili pamutu wa HTTP version.

Ikani kasinthidwe ndi lamulo ili:

$ kubectl apply -f resource-manifests/istio/ab-testing/destinationrule-sa-frontend.yaml
destinationrule.networking.istio.io/sa-frontend created

Tsopano yendetsani lamulo ili m'munsimu ndikuwonetsetsa kuti mwapeza mafayilo oyenera mukatchula mutu version:

$ curl --silent -H "version: yogo" http://$EXTERNAL_IP/ | tr '"' 'n' | grep main

ndemanga: Kuti muwonjezere zikhalidwe zosiyanasiyana pamutu ndikuyesa zotsatira mwachindunji mu msakatuli, mutha kugwiritsa ntchito kuwonjezera izi ku Chrome (kapena ndi izi kwa Firefox - pafupifupi. transl.).

Nthawi zambiri, DestinationRules ili ndi kuthekera kochulukira pakuwongolera katundu - fufuzani zambiri mu zolemba zovomerezeka.

Tisanaphunzire VirtualService mopitilira, tiyeni tifufute "mtundu wobiriwira" wa pulogalamuyo ndi lamulo lofananira lamagalimoto potsatira malamulo awa:

$ kubectl delete -f resource-manifests/kube/ab-testing/sa-frontend-green-deployment.yaml
deployment.extensions “sa-frontend-green” deleted
$ kubectl delete -f resource-manifests/istio/ab-testing/destinationrule-sa-frontend.yaml
destinationrule.networking.istio.io “sa-frontend” deleted

Mirroring: Virtual Services in Practice

Kujambula ("kuteteza") kapena Mirroring ("kuwonera") amagwiritsidwa ntchito pazochitika zomwe tikufuna kuyesa kusintha kwa kupanga popanda kukhudza ogwiritsira ntchito mapeto: kuti tichite izi, timabwereza zopempha ("galasi") ku nthawi yachiwiri pamene kusintha kofunidwa kwapangidwa, ndikuyang'ana zotsatira zake. Mwachidule, apa ndi pamene mnzanuyo asankha nkhani yovuta kwambiri ndikupempha kukoka ngati dothi lalikulu kotero kuti palibe amene angawonenso.

Kuti tiyese zomwe zikuchitikazi, tiyeni tipange chitsanzo chachiwiri cha SA-Logic chokhala ndi nsikidzi (buggy) poyendetsa lamulo ili:

$ kubectl apply -f resource-manifests/kube/shadowing/sa-logic-service-buggy.yaml
deployment.extensions/sa-logic-buggy created

Ndipo tsopano tiyeni tiyendetse lamulo kuti tiwonetsetse kuti zochitika zonse ndi app=sa-logic Amakhalanso ndi zilembo zofananira:

$ kubectl get pods -l app=sa-logic --show-labels
NAME                              READY   LABELS
sa-logic-568498cb4d-2sjwj         2/2     app=sa-logic,version=v1
sa-logic-568498cb4d-p4f8c         2/2     app=sa-logic,version=v1
sa-logic-buggy-76dff55847-2fl66   2/2     app=sa-logic,version=v2
sa-logic-buggy-76dff55847-kx8zz   2/2     app=sa-logic,version=v2

utumiki sa-logic mikanda yomwe ili ndi chizindikiro app=sa-logic, kotero zopempha zonse zidzagawidwa muzochitika zonse:

...

Tidzakwaniritsa izi kudzera mu VirtualService kuphatikiza ndi DestinationRule, pomwe malamulowo adzatsimikizira magawo ndi njira za VirtualService kupita kugawo linalake.

Kufotokozera Magawo Ang'onoang'ono mu Malamulo a Kopita

Magawo ang'onoang'ono (kagawo) zimatsimikiziridwa ndi kasinthidwe kotsatirawa (sa-logic-subsets-destinationrule.yaml):

apiVersion: networking.istio.io/v1alpha3
kind: DestinationRule
metadata:
  name: sa-logic
spec:
  host: sa-logic    # 1
  subsets:
  - name: v1        # 2
    labels:
      version: v1   # 3
  - name: v2
    labels:
      version: v2

1. Host (host) limatanthawuza kuti lamuloli limagwira ntchito pokhapokha pamene njirayo ikupita ku utumiki sa-logic;
2. Mayina (name) magawo ang'onoang'ono amagwiritsidwa ntchito polowera ku zochitika zazing'ono;
3. Label (label) imatanthawuza maukwati amtengo wapatali omwe zitsanzo ziyenera kufanana kuti zikhale gawo laling'ono.

Ikani kasinthidwe ndi lamulo ili:

$ kubectl apply -f resource-manifests/istio/shadowing/sa-logic-subsets-destinationrule.yaml
destinationrule.networking.istio.io/sa-logic created

Tsopano popeza magawowa afotokozedwa, titha kusuntha ndikusintha VirtualService kuti tigwiritse ntchito malamulo pazofunsira ku sa-logic kuti:

1. Kupititsidwa ku kagawo kakang'ono v1,
2. Kuwonetsedwa ku kagawo kakang'ono v2.

Manifesto otsatirawa amakulolani kuti mukwaniritse zolinga zanu (sa-logic-subsets-shadowing-vs.yaml):

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: sa-logic
spec:
  hosts:
    - sa-logic          
  http:
  - route:
    - destination:
        host: sa-logic  
        subset: v1      
    mirror:             
      host: sa-logic     
      subset: v2

Palibe kufotokoza kofunikira apa, tiyeni tingowona zikugwira ntchito:

$ kubectl apply -f resource-manifests/istio/shadowing/sa-logic-subsets-shadowing-vs.yaml
virtualservice.networking.istio.io/sa-logic created

Tiyeni tiwonjezere katunduyo poyitana lamulo ili:

$ while true; do curl -v http://$EXTERNAL_IP/sentiment 
    -H "Content-type: application/json" 
    -d '{"sentence": "I love yogobella"}'; 
    sleep .8; done

Tiyeni tiwone zotsatira ku Grafana, pomwe mutha kuwona kuti mtunduwo uli ndi nsikidzi (buggy) kumabweretsa kulephera kwa ~ 60% ya zopempha, koma palibe zolephera zomwe zimakhudza ogwiritsa ntchito kumapeto pamene akuyankhidwa ndi ntchito yothamanga.

Mayankho opambana amitundu yosiyanasiyana ya sevisi ya sa-logic

Apa tidawona koyamba momwe VirtualService imagwiritsidwira ntchito kwa Nthumwi za mautumiki athu: liti sa-web-app amapempha kuti sa-logic, imadutsa pa sidecar Envoy, yomwe - kudzera pa VirtualService - imakonzedwa kuti ipereke pempho ku kagawo kakang'ono ka v1 ndikuwonetsa pempho la v2 la utumiki. sa-logic.

Ndikudziwa, mutha kuganiza kale kuti Virtual Services ndiyosavuta. M’chigawo chotsatira, tiwonjezera pa zimenezo ponena kuti nawonso ndi aakuludi.

Kutulutsa kwa Canary

Canary Deployment ndi njira yotulutsira pulogalamu yatsopano kwa ogwiritsa ntchito ochepa. Amagwiritsidwa ntchito kuti atsimikizire kuti palibe mavuto pakumasulidwa ndipo pokhapokha, pokhala ndi chidaliro mu khalidwe lake (kumasulidwa), kugawira kwa ogwiritsa ntchito ena.оomvera ambiri.

Kuti tiwonetse kutulutsidwa kwa canary, tipitiliza kugwira ntchito ndi kagawo kakang'ono buggy у sa-logic.

Tisataye nthawi pazinthu zazing'ono ndipo nthawi yomweyo tumizani 20% ya ogwiritsa ntchito ku mtunduwo ndi nsikidzi (izi zidzayimira kutulutsidwa kwathu kwa canary), ndi 80% yotsala ku ntchito yabwinobwino. Kuti muchite izi, gwiritsani ntchito VirtualService zotsatirazi (sa-logic-subsets-canary-vs.yaml):

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: sa-logic
spec:
  hosts:
    - sa-logic    
  http:
  - route: 
    - destination: 
        host: sa-logic
        subset: v1
      weight: 80         # 1
    - destination: 
        host: sa-logic
        subset: v2
      weight: 20 # 1

1 ndi kulemera (weight), yomwe imatchula kuchuluka kwa zopempha zomwe zidzatumizidwe kwa wolandira kapena gulu laling'ono la wolandira.

Tiyeni tisinthire kasinthidwe ka VirtualService akale sa-logic ndi lamulo ili:

$ kubectl apply -f resource-manifests/istio/canary/sa-logic-subsets-canary-vs.yaml
virtualservice.networking.istio.io/sa-logic configured

... ndipo tiwona nthawi yomweyo kuti zopempha zina zimabweretsa zolephera:

$ while true; do 
   curl -i http://$EXTERNAL_IP/sentiment 
   -H "Content-type: application/json" 
   -d '{"sentence": "I love yogobella"}' 
   --silent -w "Time: %{time_total}s t Status: %{http_code}n" 
   -o /dev/null; sleep .1; done
Time: 0.153075s Status: 200
Time: 0.137581s Status: 200
Time: 0.139345s Status: 200
Time: 30.291806s Status: 500

VirtualServices imathandizira kutulutsa kwa canary: Pamenepa, tachepetsa zovuta zomwe zingachitike ku 20% ya ogwiritsa ntchito. Zodabwitsa! Tsopano, muzochitika zonse pamene sitili otsimikiza za code yathu (mwa kuyankhula kwina - nthawizonse ...), tikhoza kugwiritsa ntchito galasi ndi canary rollouts.

Kutha ndi kuyesanso

Koma nsikidzi sizimathera mu code nthawi zonse. Pa mndandanda wa "8 Zolakwika Zokhudza Distributed Computing"Poyamba ndi chikhulupiriro cholakwika chakuti" maukonde ndi odalirika. Kwenikweni network osati odalirika, ndipo pachifukwa ichi timafunikira nthawi (nthawi zakutha) ndikuyesanso (yesanso).

Kuti tiwonetsere tipitiliza kugwiritsa ntchito mtundu womwewo wamavuto sa-logic (buggy), ndipo tidzafanizira kusadalirika kwa maukonde ndi zolephera mwachisawawa.

Lolani kuti ntchito yathu yokhala ndi nsikidzi ikhale ndi mwayi 1/3 wotenga nthawi yayitali kuti iyankhe, mwayi umodzi womaliza ndi Vuto la Internal Server, ndi mwayi 1/3 wobwezeretsanso tsambalo.

Kuchepetsa zovuta zamavutowa ndikupangitsa moyo kukhala wabwino kwa ogwiritsa ntchito, titha:

1. onjezani nthawi ngati ntchitoyo itenga nthawi yayitali kuposa masekondi 8 kuti muyankhe,
2. yesaninso ngati pempho lalephera.

Kuti tigwiritse ntchito, tidzagwiritsa ntchito tanthauzo lazinthu zotsatirazi (sa-logic-retries-timeouts-vs.yaml):

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: sa-logic
spec:
  hosts:
    - sa-logic
  http:
  - route: 
    - destination: 
        host: sa-logic
        subset: v1
      weight: 50
    - destination: 
        host: sa-logic
        subset: v2
      weight: 50
    timeout: 8s           # 1
    retries:
      attempts: 3         # 2
      perTryTimeout: 3s # 3

1. Nthawi yomaliza ya pempho yakhazikitsidwa kukhala masekondi 8;
2. Zopempha zimayesedwanso katatu;
3. Ndipo kuyesa kulikonse kumaonedwa kuti sikunapambane ngati nthawi yoyankha idutsa masekondi a 3.

Uku ndikukhathamiritsa chifukwa wogwiritsa ntchito sayenera kudikirira kupitilira masekondi a 8 ndipo tidzayesa zatsopano zitatu kuti tipeze yankho pakalephera, ndikuwonjezera mwayi woyankha bwino.

Ikani masinthidwe osinthidwa ndi lamulo ili:

$ kubectl apply -f resource-manifests/istio/retries/sa-logic-retries-timeouts-vs.yaml
virtualservice.networking.istio.io/sa-logic configured

Ndipo yang'anani pazithunzi za Grafana kuti chiwerengero cha mayankho opambana chawonjezeka pamwambapa:

Kusintha kwa ziwerengero zamayankhidwe opambana mutawonjezera nthawi yomaliza ndikuyesanso

Musanapitirire ku gawo lotsatira (kapena m'malo, ku gawo lotsatira la nkhaniyi, chifukwa mu izi sipadzakhalanso zoyesera zothandiza - pafupifupi transl.), kufufuta sa-logic-buggy ndi VirtualService poyendetsa malamulo awa:

$ kubectl delete deployment sa-logic-buggy
deployment.extensions “sa-logic-buggy” deleted
$ kubectl delete virtualservice sa-logic
virtualservice.networking.istio.io “sa-logic” deleted

Circuit Breaker and Bulkhead Patterns

Tikukamba za njira ziwiri zofunika muzomangamanga za microservice zomwe zimakulolani kuti muzitha kudzipulumutsa nokha (kudzichiritsa) ntchito.

Deter Breaker ("chiwombankhanga") Amagwiritsidwa ntchito kuletsa zopempha zomwe zikubwera ku ntchito yomwe ikuwoneka kuti ndi yosayenera ndikuyibwezeretsa pomwe zopempha zamakasitomala zimatumizidwa kuzochitika zabwino zantchitoyo (zomwe zimachulukitsa kuchuluka kwa mayankho opambana). (Zindikirani: Kufotokozera mwatsatanetsatane za ndondomekoyi kungapezeke, mwachitsanzo, apa.)

Bulkhead ("gawo") imalekanitsa kulephera kwautumiki kuti kusakhudze dongosolo lonse. Mwachitsanzo, Service B yasweka ndipo ntchito ina (makasitomala a Service B) ipempha ku Service B, kupangitsa kuti ithe dziwe lake ndikulephera kupereka zopempha zina (ngakhale sizichokera ku Service B). (Zindikirani: Kufotokozera mwatsatanetsatane za ndondomekoyi kungapezeke, mwachitsanzo, apa.)

Ndidzasiya tsatanetsatane wa machitidwewa chifukwa ndi osavuta kuwapeza zolemba zovomerezeka, ndipo ndikufunanso kusonyeza kutsimikizika ndi kuvomereza, zomwe zidzakambidwe mu gawo lotsatira la nkhaniyi.

PS kuchokera kwa womasulira

Werenganinso pa blog yathu:

• "Kubwerera ku microservices ndi Istio": Gawo 1 (chiyambi cha zinthu zazikulu), Gawo 3 (kutsimikizika ndi chilolezo);
• «Conduit - ma mesh opepuka a Kubernetes";
• «Kodi mesh service ndi chiyani ndipo ndichifukwa chiyani ndikufunika [yogwiritsa ntchito pamtambo yokhala ndi ma microservices]?".

Source: www.habr.com